Download EC-Council Certified CISO.PracticeTest.712-50.2019-03-21.2e.120q.vcex

Download Exam

File Info

Exam EC-Council Certified CISO
Number 712-50
File Name EC-Council Certified CISO.PracticeTest.712-50.2019-03-21.2e.120q.vcex
Size 83 Kb
Posted March 21, 2019
Downloads 57
Download EC-Council Certified CISO.PracticeTest.712-50.2019-03-21.2e.120q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%


Demo Questions

Question 1

Your company has a “no right to privacy” notice on all logon screens for your information systems and users sign an Acceptable Use Policy informing them of this condition. A peer group member and friend comes to you and requests access to one of her employee’s email account. What should you do? (choose the BEST answer):

  • A: Grant her access, the employee has been adequately warned through the AUP.
  • B: Assist her with the request, but only after her supervisor signs off on the action.
  • C: Reset the employee’s password and give it to the supervisor.
  • D: Deny the request citing national privacy laws.

Correct Answer: B

Question 2

Acme Inc. has engaged a third party vendor to provide 99.999% up-time for their online web presence and had them contractually agree to this service level agreement. What type of risk tolerance is Acme exhibiting? (choose the BEST answer):

  • A: low risk-tolerance
  • B: high risk-tolerance
  • C: moderate risk-tolerance
  • D: medium-high risk-tolerance

Correct Answer: A

Question 3

The security team has investigated the theft/loss of several unencrypted laptop computers containing sensitive corporate information. To prevent the loss of any additional corporate data it is unilaterally decided by the CISO that all existing and future laptop computers will be encrypted. Soon, the help desk is flooded with complaints about the slow performance of the laptops and users are upset. What did the CISO do wrong? (choose the BEST answer):

  • A: Failed to identify all stakeholders and their needs
  • B: Deployed the encryption solution in an inadequate manner
  • C: Used 1024 bit encryption when 256 bit would have sufficed
  • D: Used hardware encryption instead of software encryption

Correct Answer: A

Question 4

When gathering security requirements for an automated business process improvement program, which of the following is MOST important?

  • A: Type of data contained in the process/system
  • B: Type of connection/protocol used to transfer the data
  • C: Type of encryption required for the data once it is at rest
  • D: Type of computer the data is processed on

Correct Answer: A

Question 5

When selecting a security solution with reoccurring maintenance costs after the first year (choose the BEST answer):

  • A: The CISO should cut other essential programs to ensure the new solution’s continued use
  • B: Communicate future operating costs to the CIO/CFO and seek commitment from them to ensure the new solution’s continued use
  • C: Defer selection until the market improves and cash flow is positive
  • D: Implement the solution and ask for the increased operating cost budget when it is time

Correct Answer: B

Question 6

Which of the following information may be found in table top exercises for incident response?

  • A: Security budget augmentation
  • B: Process improvements
  • C: Real-time to remediate
  • D: Security control selection

Correct Answer: B

Question 7

Your incident response plan should include which of the following?

  • A: Procedures for litigation
  • B: Procedures for reclamation
  • C: Procedures for classification
  • D: Procedures for charge-back

Correct Answer: C

Question 8

You currently cannot provide for 24/7 coverage of your security monitoring and incident response duties and your company is resistant to the idea of adding more full-time employees to the payroll. Which combination of solutions would help to provide the coverage needed without the addition of more dedicated staff? (choose the best answer):

  • A: Deploy a SEIM solution and have current staff review incidents first thing in the morning
  • B: Contract with a managed security provider and have current staff on recall for incident response
  • C: Configure your syslog to send SMS messages to current staff when target events are triggered
  • D: Employ an assumption of breach protocol and defend only essential information resources

Correct Answer: B

Question 9

To get an Information Security project back on schedule, which of the following will provide the MOST help?

  • A: Upper management support
  • B: More frequent project milestone meetings
  • C: Stakeholder support
  • D: Extend work hours

Correct Answer: A

Question 10

How often should the Statements of Standards for Attestation Engagements-16 (SSAE16)/International Standard on Assurance Engagements 3402 (ISAE3402) report of your vendors be reviewed?

  • A: Quarterly
  • B: Semi-annually
  • C: Bi-annually
  • D: Annually

Correct Answer: D





You can buy ProfExam with a 20% discount!


Use ProfExam Simulator to open VCEX and EXAM files