[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil 712-50 Dumps with VCE and PDF 91-100

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 712-50
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified CISO (CCISO)

Question No: 91 – (Topic 1)

The single most important consideration to make when developing your security program, policies, and processes is:

  1. Budgeting for unforeseen data compromises

  2. Streamlining for efficiency

  3. Alignment with the business

  4. Establishing your authority as the Security Executive

Answer: C

Question No: 92 – (Topic 1)

Which of the following is used to establish and maintain a framework to provide assurance that information security strategies are aligned with organizational objectives?

  1. Awareness

  2. Compliance

  3. Governance

  4. Management

Answer: C

Question No: 93 – (Topic 1)

What role should the CISO play in properly scoping a PCI environment?

  1. Validate the business units’ suggestions as to what should be included in the scoping process

  2. Work with a Qualified Security Assessor (QSA) to determine the scope of the PCI environment

  3. Ensure internal scope validation is completed and that an assessment has been done to

    discover all credit card data

  4. Complete the self-assessment questionnaire and work with an Approved Scanning Vendor (ASV) to determine scope

Answer: C

Question No: 94 – (Topic 1)

According to the National Institute of Standards and Technology (NIST) SP 800-40, which of the following considerations are MOST important when creating a vulnerability management program?

  1. Susceptibility to attack, mitigation response time, and cost

  2. Attack vectors, controls cost, and investigation staffing needs

  3. Vulnerability exploitation, attack recovery, and mean time to repair

  4. Susceptibility to attack, expected duration of attack, and mitigation availability

Answer: A

Question No: 95 – (Topic 1)

Which of the following is the MOST important for a CISO to understand when identifying threats?

  1. How vulnerabilities can potentially be exploited in systems that impact the organization

  2. How the security operations team will behave to reported incidents

  3. How the firewall and other security devices are configured to prevent attacks

  4. How the incident management team prepares to handle an attack

Answer: A

Question No: 96 – (Topic 1)

Which of the following represents the HIGHEST negative impact resulting from an ineffective security governance program?

  1. Reduction of budget

  2. Decreased security awareness

  3. Improper use of information resources

  4. Fines for regulatory non-compliance

Answer: D

Question No: 97 – (Topic 1)

You have implemented a new security control. Which of the following risk strategy options have you engaged in?

  1. Risk Avoidance

  2. Risk Acceptance

  3. Risk Transfer

  4. Risk Mitigation

Answer: D

Topic 2, IS Management Controls and Auditing Management

Question No: 98 – (Topic 2)

Dataflow diagrams are used by IT auditors to:

  1. Order data hierarchically.

  2. Highlight high-level data definitions.

  3. Graphically summarize data paths and storage processes.

  4. Portray step-by-step details of data generation.

Answer: C

Question No: 99 – (Topic 2)

Which of the following represents the BEST reason for an organization to use the Control Objectives for Information and Related Technology (COBIT) as an Information Technology (IT) framework?

  1. It allows executives to more effectively monitor IT implementation costs

  2. Implementation of it eases an organization’s auditing and compliance burden

  3. Information Security (IS) procedures often require augmentation with other standards

  4. It provides for a consistent and repeatable staffing model for technology organizations

Answer: B

Question No: 100 – (Topic 2)

Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same?

  1. A substantive test of program library controls

  2. A compliance test of program library controls

  3. A compliance test of the program compiler controls

  4. A substantive test of the program compiler controls

Answer: B

100% Ensurepass Free Download!
Download Free Demo:712-50 Demo PDF
100% Ensurepass Free Guaranteed!
712-50 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.