File Info
| Exam | EC-Council Certified CISO |
| Number | 712-50 |
| File Name | EC-Council Certified CISO.pass4sureexam.712-50.2019-12-16.1e.211q.vcex |
| Size | 165 Kb |
| Posted | December 16, 2019 |
| Downloads | 57 |
| Download | EC-Council Certified CISO.pass4sureexam.712-50.2019-12-16.1e.211q.vcex |
How to open VCEX & EXAM Files?
Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.
Coupon: MASTEREXAM
With discount: 20%
Demo Questions
When briefing senior management on the creation of a governance process, the MOST important aspect should be:
- A: knowledge required to analyze each issue
- B: information security metrics
- C: linkage to business area objectives
- D: baseline against which metrics are evaluated
Correct Answer: C
Which of the following should be determined while defining risk management strategies?
- A: Organizational objectives and risk tolerance
- B: Enterprise disaster recovery plans
- C: Risk assessment criteria
- D: IT architecture complexity
Correct Answer: A
A security manager regularly checks work areas after business hours for security violations; such as unsecured files or unattended computers with active sessions.
This activity BEST demonstrates what part of a security program?
- A: Compliance management
- B: Audit validation
- C: Physical control testing
- D: Security awareness training
Correct Answer: A
Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?
- A: Need to comply with breach disclosure laws
- B: Fiduciary responsibility to safeguard credit information
- C: Need to transfer the risk associated with hosting PII data
- D: Need to better understand the risk associated with using PII data
Correct Answer: D
A method to transfer risk is to______________.
- A: Implement redundancy
- B: Move operations to another region
- C: Alignment with business operations
- D: Purchase breach insurance
Correct Answer: D
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised.
What kind of law would require notifying the owner or licensee of this incident?
- A: Consumer right disclosure
- B: Data breach disclosure
- C: Special circumstance disclosure
- D: Security incident disclosure
Correct Answer: B
The PRIMARY objective of security awareness is to:
- A: Encourage security-conscious behavior
- B: Put employees on notice in case follow-up action for noncompliance is necessary
- C: Ensure that security policies are read.
Correct Answer: A
Which of the following is MOST likely to be discretionary?
- A: Policies
- B: Procedures
- C: Guidelines
- D: Standards
Correct Answer: C
When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?
- A: Eradication
- B: Escalation
- C: Containment
- D: Recovery
Correct Answer: C
What is the relationship between information protection and regulatory compliance?
- A: That all information in an organization must be protected equally.
- B: The information required to be protected by regulatory mandate does not have to be identified in the organizations data classification policy.
- C: There is no relationship between the two.
- D: That the protection of some information such as National ID information is mandated by regulation and other information such as trade secrets are protected based on business need.
Correct Answer: D
