[Free] 2019(Nov) EnsurePass ECCouncil 712-50 Dumps with VCE and PDF 111-120

Get Full Version of the Exam

Question No.111

Which of the following activities is the MAIN purpose of the risk assessment process?

  1. Creating an inventory of information assets

  2. Classifying and organizing information assets into meaningful groups

  3. Assigning value to each information asset

  4. Calculating the risks to which assets are exposed in their current setting

Correct Answer: D

Question No.112

Which of the following is the PRIMARY purpose of International Organization for Standardization (ISO) 27001?

  1. Use within an organization to formulate security requirements and objectives

  2. Implementation of business-enabling information security

  3. Use within an organization to ensure compliance with laws and regulations

  4. To enable organizations that adopt it to obtain certifications

Correct Answer: B

Question No.113

An organization is required to implement background checks on all employees with access to databases containing credit card information. This is considered a security

  1. Procedural control

  2. Management control

  3. Technical control

  4. Administrative control

Correct Answer: B

Question No.114

Many times a CISO may have to speak to the Board of Directors (BOD) about their cyber security posture. What would be the BEST choice of security metrics to present to the BOD?

  1. All vulnerabilities found on servers and desktops

  2. Only critical and high vulnerabilities on servers and desktops

  3. Only critical and high vulnerabilities that impact important production servers

  4. All vulnerabilities that impact important production servers

Correct Answer: C

Question No.115

IT control objectives are useful to IT auditors as they provide the basis for understanding the:

  1. Desired results or purpose of implementing specific control procedures.

  2. The audit control checklist.

  3. Techniques for securing information.

  4. Security policy

Correct Answer: A

Question No.116

Which is the BEST solution to monitor, measure, and report changes to critical data in a system?

  1. Application logs

  2. File integrity monitoring

  3. SNMP traps

  4. Syslog

Correct Answer: B

Question No.117

The regular review of a firewall ruleset is considered a

  1. Procedural control

  2. Organization control

  3. Technical control

  4. Management control

Correct Answer: A

Question No.118

As the new CISO at the company you are reviewing the audit reporting process and notice that it includes only detailed technical diagrams. What else should be in the reporting process?

  1. Executive summary

  2. Penetration test agreement

  3. Names and phone numbers of those who conducted the audit

  4. Business charter

Correct Answer: A

Question No.119

Which of the following reports should you as an IT auditor use to check on compliance with a service level agreement#39;s requirement for uptime?

  1. Systems logs

  2. Hardware error reports

  3. Utilization reports

  4. Availability reports

Correct Answer: D

Question No.120

The BEST organization to provide a comprehensive, independent and certifiable perspective on established security controls in an environment is

  1. Penetration testers

  2. External Audit

  3. Internal Audit

  4. Forensic experts

Correct Answer: B

Get Full Version of the Exam
712-50 Dumps
712-50 VCE and PDF