[Free] 2019(Nov) EnsurePass ECCouncil 712-50 Dumps with VCE and PDF 131-140

Get Full Version of the Exam

Question No.131

Which of the following activities results in change requests?

  1. Preventive actions

  2. Inspection

  3. Defect repair

  4. Corrective actions

Correct Answer: A

Question No.132

The patching and monitoring of systems on a consistent schedule is required by?

  1. Local privacy laws

  2. Industry best practices

  3. Risk Management frameworks

  4. Audit best practices

Correct Answer: C

Question No.133

The effectiveness of social engineering penetration testing using phishing can be used as a Key Performance Indicator (KPI) for the effectiveness of an organization#39;s

  1. Risk Management Program.

  2. Anti-Spam controls.

  3. Security Awareness Program.

  4. Identity and Access Management Program.

Correct Answer: C

Question No.134

An employee successfully avoids becoming a victim of a sophisticated spear phishing attack due to knowledge gained through the corporate information security awareness program. What type of control has been effectively utilized?

  1. Management Control

  2. Technical Control

  3. Training Control

  4. Operational Control

Correct Answer: D

Question No.135

When a CISO considers delaying or not remediating system vulnerabilities which of the following are MOST important to take into account?

  1. Threat Level, Risk of Compromise, and Consequences of Compromise

  2. Risk Avoidance, Threat Level, and Consequences of Compromise

  3. Risk Transfer, Reputational Impact, and Consequences of Compromise

  4. Reputational Impact, Financial Impact, and Risk of Compromise

Correct Answer: A

Question No.136

Which of the following is the MOST effective way to measure the effectiveness of security controls on a perimeter network?

  1. Perform a vulnerability scan of the network

  2. External penetration testing by a qualified third party

  3. Internal Firewall ruleset reviews

  4. Implement network intrusion prevention systems

Correct Answer: B

Question No.137

When a critical vulnerability has been discovered on production systems and needs to be fixed immediately, what is the BEST approach for a CISO to mitigate the vulnerability under tight budget constraints?

  1. Transfer financial resources from other critical programs

  2. Take the system off line until the budget is available

  3. Deploy countermeasures and compensating controls until the budget is available

  4. Schedule an emergency meeting and request the funding to fix the issue

Correct Answer: C

Question No.138

An organization has implemented a change management process for all changes to the IT production environment. This change management process follows best practices and is expected to help stabilize the availability and integrity of the organization#39;s IT environment. Which of the following can be used to measure the effectiveness of this newly implemented process:

  1. Number of change orders rejected

  2. Number and length of planned outages

  3. Number of unplanned outages

  4. Number of change orders processed

Correct Answer: C

Question No.139

You work as a project manager for TYU project. You are planning for risk mitigation. You need to quickly identify high-level risks that will need a more in-depth analysis. Which of the following activities will help you in this?

  1. Qualitative analysis

  2. Quantitative analysis

  3. Risk mitigation

  4. Estimate activity duration

Correct Answer: A

Question No.140

Which represents PROPER separation of duties in the corporate environment?

  1. Information Security and Identity Access Management teams perform two distinct functions

  2. Developers and Network teams both have admin rights on servers

  3. Finance has access to Human Resources data

  4. Information Security and Network teams perform two distinct functions

Correct Answer: D

Get Full Version of the Exam
712-50 Dumps
712-50 VCE and PDF