[Free] 2019(Nov) EnsurePass ECCouncil 712-50 Dumps with VCE and PDF 301-310

Get Full Version of the Exam

Question No.301

Which of the following is considered the foundation for the Enterprise Information Security Architecture (EISA)?

  1. Security regulations

  2. Asset classification

  3. Information security policy

  4. Data classification

Correct Answer: C

Question No.302

Access Control lists (ACLs), Firewalls, and Intrusion Prevention Systems are examples of

  1. Network based security preventative controls

  2. Software segmentation controls

  3. Network based security detective controls

  4. User segmentation controls

Correct Answer: A

Question No.303

The total cost of security controls should:

  1. Be equal to the value of the information resource being protected

  2. Be greater than the value of the information resource being protected

  3. Be less than the value of the information resource being protected

  4. Should not matter, as long as the information resource is protected

Correct Answer: C

Question No.304

A system is designed to dynamically block offending Internet IP-addresses from requesting services from a secure website. This type of control is considered

  1. Zero-day attack mitigation

  2. Preventive detection control

  3. Corrective security control

  4. Dynamic blocking control

Correct Answer: C

Question No.305

John is the project manager for a large project in his organization. A new change request has been proposed that will affect several areas of the project. One area of the project change impact is on work that a vendor has already completed. The vendor is refusing to make the changes as they#39;ve already completed the project work they were contracted to do. What can John do in this instance?

  1. Refer the vendor to the Service Level Agreement (SLA) and insist that they make the changes.

  2. Review the Request for Proposal (RFP) for guidance.

  3. Withhold the vendor#39;s payments until the issue is resolved.

  4. Refer to the contract agreement for direction.

Correct Answer: D

Question No.306

Scenario: Critical servers show signs of erratic behavior within your organization#39;s intranet. Initial information indicates the systems are under attack from an outside entity. As the Chief Information Security Officer (CISO), you decide to deploy the Incident Response Team (IRT) to determine the details of this incident and take action according to the information available to the team. What phase of the response provides measures to reduce the likelihood of an incident from recurring?

  1. Response

  2. Investigation

  3. Recovery

  4. Follow-up

Correct Answer: D

Question No.307

You are just hired as the new CISO and are being briefed on all the Information Security projects that your section has on going. You discover that most projects are behind schedule and over budget. Using the best business practices for project management you determine that the project correct aligns with the company goals. What needs to be verified FIRST?

  1. Scope of the project

  2. Training of the personnel on the project

  3. Timeline of the project milestones

  4. Vendor for the project

Correct Answer: A

Question No.308

Scenario: The new CISO was informed of all the Information Security projects that the section has in progress. Two projects are over a year behind schedule and way over budget. Using the best business practices for project management, you determine that the project correctly aligns with the organization goals. What should be verified next?

  1. Scope

  2. Budget

  3. Resources

  4. Constraints

Correct Answer: A

Question No.309

Annual Loss Expectancy is derived from the function of which two factors?

  1. Annual Rate of Occurrence and Asset Value

  2. Single Loss Expectancy and Exposure Factor

  3. Safeguard Value and Annual Rate of Occurrence

  4. Annual Rate of Occurrence and Single Loss Expectancy

Correct Answer: D

Question No.310

Scenario: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified. The CISO has implemented remediation activities. Which of the following is the MOST logical next step?

  1. Validate the effectiveness of applied controls

  2. Validate security program resource requirements

  3. Report the audit findings and remediation status to business stake holders

  4. Review security procedures to determine if they need modified according to findings

Correct Answer: A

Get Full Version of the Exam
712-50 Dumps
712-50 VCE and PDF