File Info
| Exam | EC-Council Certified CISO |
| Number | 712-50 |
| File Name | EC-Council Certified CISO.prep4sure.712-50.2020-03-24.1e.210q.vcex |
| Size | 161 Kb |
| Posted | March 24, 2020 |
| Downloads | 76 |
| Download | EC-Council Certified CISO.prep4sure.712-50.2020-03-24.1e.210q.vcex |
How to open VCEX & EXAM Files?
Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.
Coupon: MASTEREXAM
With discount: 20%
Demo Questions
Which of the following should be determined while defining risk management strategies?
- A: Organizational objectives and risk tolerance
- B: Enterprise disaster recovery plans
- C: Risk assessment criteria
- D: IT architecture complexity
Correct Answer: A
Which of the following is the MOST important benefit of an effective security governance process?
- A: Senior management participation in the incident response process
- B: Better vendor management
- C: Reduction of security breaches
- D: Reduction of liability and overall risk to the organization
Correct Answer: D
A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units.
Which of the following standards and guidelines can BEST address this organization’s need?
- A: International Organization for Standardizations – 22301 (ISO-22301)
- B: Information Technology Infrastructure Library (ITIL)
- C: Payment Card Industry Data Security Standards (PCI-DSS)
- D: International Organization for Standardizations – 27005 (ISO-27005)
Correct Answer: A
A security manager regularly checks work areas after business hours for security violations; such as unsecured files or unattended computers with active sessions.
This activity BEST demonstrates what part of a security program?
- A: Compliance management
- B: Audit validation
- C: Physical control testing
- D: Security awareness training
Correct Answer: A
Why is it vitally important that senior management endorse a security policy?
- A: So that employees will follow the policy directives.
- B: So that they can be held legally accountable.
- C: So that external bodies will recognize the organizations commitment to security.
- D: So that they will accept ownership for security within the organization.
Correct Answer: D
Which of the following is MOST likely to be discretionary?
- A: Policies
- B: Procedures
- C: Guidelines
- D: Standards
Correct Answer: C
Which of the following has the GREATEST impact on the implementation of an information security governance model?
- A: Complexity of organizational structure
- B: Distance between physical locations
- C: Organizational budget
- D: Number of employees
Correct Answer: A
When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?
- A: Eradication
- B: Escalation
- C: Containment
- D: Recovery
Correct Answer: C
What is the relationship between information protection and regulatory compliance?
- A: That all information in an organization must be protected equally.
- B: The information required to be protected by regulatory mandate does not have to be identified in the organizations data classification policy.
- C: There is no relationship between the two.
- D: That the protection of some information such as National ID information is mandated by regulation and other information such as trade secrets are protected based on business need.
Correct Answer: D
When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?
- A: Compliance with local privacy regulations
- B: An independent Governance, Risk and Compliance organization
- C: Support Legal and HR teams
- D: Alignment of security goals with business goals
Correct Answer: D
