[Free] 2019(Nov) EnsurePass ECCouncil 712-50 Dumps with VCE and PDF 281-290

Get Full Version of the Exam
http://www.EnsurePass.com/712-50.html

Question No.281

When analyzing and forecasting a capital expense budget what are not included?

  1. Network connectivity costs

  2. New datacenter to operate from

  3. Upgrade of mainframe

  4. Purchase of new mobile devices to improve operations

Correct Answer: A

Question No.282

Scenario: Most industries require compliance with multiple government regulations and/or industry standards to meet data protection and privacy mandates. What is one proven method to account for common elements found within separate regulations and/or standards?

  1. Hire a GRC expert

  2. Use the Find function of your word processor

  3. Design your program to meet the strictest government standards

  4. Develop a crosswalk

Correct Answer: D

Question No.283

Scenario: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization#39;s needs. What is the MOST logical course of action the CISO should take?

  1. Review the original solution set to determine if another system would fit the organization#39;s risk appetite and budget regulatory compliance requirements

  2. Continue with the implementation and submit change requests to the vendor in order to ensure required functionality will be provided when needed

  3. Continue with the project until the scalability issue is validated by others, such as an auditor or third party assessor

  4. Cancel the project if the business need was based on internal requirements versus regulatory compliance requirements

Correct Answer: A

Question No.284

The process to evaluate the technical and non-technical security controls of an IT system to validate that a given design and implementation meet a specific set of security requirements is called

  1. Security certification

  2. Security system analysis

  3. Security accreditation

  4. Alignment with business practices and goals.

Correct Answer: A

Question No.285

The rate of change in technology increases the importance of:

  1. Outsourcing the IT functions.

  2. Understanding user requirements.

  3. Hiring personnel with leading edge skills.

  4. Implementing and enforcing good processes.

Correct Answer: D

Question No.286

Scenario: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization#39;s needs. The CISO discovers the scalability issue will only impact a small number of network segments. What is the next logical step to ensure the proper application of risk management methodology within the two-facto implementation project?

  1. Create new use cases for operational use of the solution

  2. Determine if sufficient mitigating controls can be applied

  3. Decide to accept the risk on behalf of the impacted business units

  4. Report the deficiency to the audit team and create process exceptions

Correct Answer: B

Question No.287

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda. Which of the following is the reason the CISO

has not been able to advance the security agenda in this organization?

  1. Lack of identification of technology stake holders

  2. Lack of business continuity process

  3. Lack of influence with leaders outside IT

  4. Lack of a security awareness program

Correct Answer: C

Question No.288

You are just hired as the new CISO and are being briefed on all the Information Security projects that your section has on going. You discover that most projects are behind schedule and over budget. Using the best business practices for project management you determine that the project correctly aligns with the company goals and the scope of the project is correct. What is the NEXT step?

  1. Review time schedules

  2. Verify budget

  3. Verify resources

  4. Verify constraints

Correct Answer: C

Question No.289

What is the primary reason for performing a return on investment analysis?

  1. To decide between multiple vendors

  2. To decide is the solution costs less than the risk it is mitigating

  3. To determine the current present value of a project

  4. To determine the annual rate of loss

Correct Answer: B

Question No.290

Scenario: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified. Which of the following is the FIRST action the CISO will perform after receiving the audit report?

  1. Inform peer executives of the audit results

  2. Validate gaps and accept or dispute the audit findings

  3. Create remediation plans to address program gaps

  4. Determine if security policies and procedures are adequate

Correct Answer: B

Get Full Version of the Exam
712-50 Dumps
712-50 VCE and PDF