Download EC-Council Certified CISO.712-50.Pass4Sure.2019-12-16.211q.vcex

Vendor: ECCouncil
Exam Code: 712-50
Exam Name: EC-Council Certified CISO
Date: Dec 16, 2019
File Size: 165 KB
Downloads: 2

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Demo Questions

Question 1
When briefing senior management on the creation of a governance process, the MOST important aspect should be:
  1. knowledge required to analyze each issue
  2. information security metrics
  3. linkage to business area objectives
  4. baseline against which metrics are evaluated
Correct answer: C
Question 2
Which of the following should be determined while defining risk management strategies?
  1. Organizational objectives and risk tolerance
  2. Enterprise disaster recovery plans
  3. Risk assessment criteria
  4. IT architecture complexity
Correct answer: A
Question 3
A security manager regularly checks work areas after business hours for security violations; such as unsecured files or unattended computers with active sessions.  
This activity BEST demonstrates what part of a security program?
  1. Compliance management
  2. Audit validation
  3. Physical control testing
  4. Security awareness training
Correct answer: A
Question 4
Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?
  1. Need to comply with breach disclosure laws
  2. Fiduciary responsibility to safeguard credit information
  3. Need to transfer the risk associated with hosting PII data
  4. Need to better understand the risk associated with using PII data
Correct answer: D
Question 5
A method to transfer risk is to______________.
  1. Implement redundancy
  2. Move operations to another region
  3. Alignment with business operations
  4. Purchase breach insurance
Correct answer: D
Question 6
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised.  
What kind of law would require notifying the owner or licensee of this incident?
  1. Consumer right disclosure
  2. Data breach disclosure
  3. Special circumstance disclosure
  4. Security incident disclosure
Correct answer: B
Question 7
The PRIMARY objective of security awareness is to:
  1. Encourage security-conscious behavior
  2. Put employees on notice in case follow-up action for noncompliance is necessary
  3. Ensure that security policies are read.
Correct answer: A
Question 8
Which of the following is MOST likely to be discretionary?
  1. Policies
  2. Procedures
  3. Guidelines
  4. Standards
Correct answer: C
Question 9
When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?
  1. Eradication
  2. Escalation
  3. Containment
  4. Recovery
Correct answer: C
Question 10
What is the relationship between information protection and regulatory compliance?
  1. That all information in an organization must be protected equally.
  2. The information required to be protected by regulatory mandate does not have to be identified in the organizations data classification policy.
  3. There is no relationship between the two.
  4. That the protection of some information such as National ID information is mandated by regulation and other information such as trade secrets are protected based on business need.
Correct answer: D

Use VCE Exam Simulator to open VCE files


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!