[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil 712-50 Dumps with VCE and PDF 81-90

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 712-50
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified CISO (CCISO)

Question No: 81 – (Topic 1)

When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?

  1. An independent Governance, Risk and Compliance organization

  2. Alignment of security goals with business goals

  3. Compliance with local privacy regulations

  4. Support from Legal and HR teams

Answer: B

Question No: 82 – (Topic 1)

Which of the following most commonly falls within the scope of an information security governance steering committee?

  1. Approving access to critical financial systems

  2. Developing content for security awareness programs

  3. Interviewing candidates for information security specialist positions

  4. Vetting information security policies

Answer: D

Question No: 83 – (Topic 1)

Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?

  1. Need to comply with breach disclosure laws

  2. Need to transfer the risk associated with hosting PII data

  3. Need to better understand the risk associated with using PII data

  4. Fiduciary responsibility to safeguard credit card information

Answer: C

Question No: 84 – (Topic 1)

When dealing with a risk management process, asset classification is important because it will impact the overall:

  1. Threat identification

  2. Risk monitoring

  3. Risk treatment

  4. Risk tolerance

Answer: C

Question No: 85 – (Topic 1)

The establishment of a formal risk management framework and system authorization program is essential. The LAST step of the system authorization process is:

  1. Contacting the Internet Service Provider for an IP scope

  2. Getting authority to operate the system from executive management

  3. Changing the default passwords

  4. Conducting a final scan of the live system and mitigating all high and medium level vulnerabilities

Answer: B

Question No: 86 – (Topic 1)

Risk is defined as:

  1. Threat times vulnerability divided by control

  2. Advisory plus capability plus vulnerability

  3. Asset loss times likelihood of event

  4. Quantitative plus qualitative impact

Answer: A

Question No: 87 – (Topic 1)

What is the BEST way to achieve on-going compliance monitoring in an organization?

  1. Only check compliance right before the auditors are scheduled to arrive onsite.

  2. Outsource compliance to a 3rd party vendor and let them manage the program.

  3. Have Compliance and Information Security partner to correct issues as they arise.

  4. Have Compliance direct Information Security to fix issues after the auditors report.

Answer: C

Question No: 88 – (Topic 1)

When creating a vulnerability scan schedule, who is the MOST critical person to communicate with in order to ensure impact of the scan is minimized?

  1. The asset owner

  2. The asset manager

  3. The data custodian

  4. The project manager

Answer: A

Question No: 89 – (Topic 1)

A Security Operations Centre (SOC) manager is informed that a database containing highly sensitive corporate strategy information is under attack. Information has been stolen and the database server was disconnected. Who must be informed of this incident?

  1. Internal audit

  2. The data owner

  3. All executive staff

  4. Government regulators

Answer: B

Question No: 90 – (Topic 1)

The exposure factor of a threat to your organization is defined by?

  1. Asset value times exposure factor

  2. Annual rate of occurrence

  3. Annual loss expectancy minus current cost of controls

  4. Percentage of loss experienced due to a realized threat event

Answer: D

100% Ensurepass Free Download!
Download Free Demo:712-50 Demo PDF
100% Ensurepass Free Guaranteed!
712-50 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.