[Free] 2019(Nov) EnsurePass ECCouncil 712-50 Dumps with VCE and PDF 11-20

Get Full Version of the Exam

Question No.11

A global retail company is creating a new compliance management process. Which of the following regulations is of MOST importance to be tracked and managed by this process?

  1. Information Technology Infrastructure Library (ITIL)

  2. International Organization for Standardization (ISO) standards

  3. Payment Card Industry Data Security Standards (PCI-DSS)

  4. National Institute for Standards and Technology (NIST) standard

Correct Answer: C

Question No.12

Which of the following is a weakness of an asset or group of assets that can be exploited by one or more threats?

  1. Threat

  2. Vulnerability

  3. Attack vector

  4. Exploitation

Correct Answer: B

Question No.13

In accordance with best practices and international standards, how often is security awareness training provided to employees of an organization?

  1. High risk environments 6 months, low risk environments 12 months

  2. Every 12 months

  3. Every 18 months

  4. Every six months

Correct Answer: B

Question No.14

What is the SECOND step to creating a risk management methodology according to the National Institute of Standards and Technology (NIST) SP 800-30 standard?

  1. Determine appetite

  2. Evaluate risk avoidance criteria

  3. Perform a risk assessment

  4. Mitigate risk

Correct Answer: D

Question No.15

What is a difference from the list below between quantitative and qualitative Risk Assessment?

  1. Quantitative risk assessments result in an exact number (in monetary terms)

  2. Qualitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)

  3. Qualitative risk assessments map to business objectives

  4. Quantitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)

Correct Answer: A

Question No.16

The FIRST step in establishing a security governance program is to?

  1. Conduct a risk assessment.

  2. Obtain senior level sponsorship.

  3. Conduct a workshop for all end users.

  4. Prepare a security budget.

Correct Answer: B

Question No.17

A company wants to fill a Chief Information Security Officer position in the organization. They need to define and implement a more holistic security program. Which of the following qualifications and experience would be MOST desirable to find in a candidate?

  1. Multiple certifications, strong technical capabilities and lengthy resume

  2. Industry certifications, technical knowledge and program management skills

  3. College degree, audit capabilities and complex project management

  4. Multiple references, strong background check and industry certifications

Correct Answer: B

Question No.18

Why is it vitally important that senior management endorse a security policy?

  1. So that they will accept ownership for security within the organization.

  2. So that employees will follow the policy directives.

  3. So that external bodies will recognize the organizations commitment to security.

  4. So that they can be held legally accountable.

Correct Answer: A

Question No.19

The Information Security Management program MUST protect:

  1. all organizational assets

  2. critical business processes and /or revenue streams

  3. intellectual property released into the public domain

  4. against distributed denial of service attacks

Correct Answer: B

Question No.20

A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units. Which of the following standards and guidelines can BEST address this organization#39;s need?

  1. International Organization for Standardizations – 22301 (ISO-22301)

  2. Information Technology Infrastructure Library (ITIL)

  3. Payment Card Industry Data Security Standards (PCI-DSS)

  4. International Organization for Standardizations – 27005 (ISO-27005)

Correct Answer: A

Get Full Version of the Exam
712-50 Dumps
712-50 VCE and PDF