[Free] 2019(Nov) EnsurePass ECCouncil 712-50 Dumps with VCE and PDF 311-320

Get Full Version of the Exam

Question No.311

What is the BEST reason for having a formal request for proposal process?

  1. Creates a timeline for purchasing and budgeting

  2. Allows small companies to compete with larger companies

  3. Clearly identifies risks and benefits before funding is spent

  4. Informs suppliers a company is going to make a purchase

Correct Answer: C

Question No.312

Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years. This global retail company is expected to accept credit card payments. Which of the following is of MOST concern when defining a security program for this organization?

  1. International encryption restrictions

  2. Compliance to Payment Card Industry (PCI) data security standards

  3. Compliance with local government privacy laws

  4. Adherence to local data breach notification laws

Correct Answer: B

Question No.313

Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and data. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self- Service application. All employees have access to the organizational VPN. What type of control is being implemented by supervisors and data owners?

  1. Management

  2. Operational

  3. Technical

  4. Administrative

Correct Answer: B

Question No.314

The Annualized Loss Expectancy (Before) minus Annualized Loss Expectancy (After) minus Annual Safeguard Cost is the formula for determining:

  1. Safeguard Value

  2. Cost Benefit Analysis

  3. Single Loss Expectancy

  4. Life Cycle Loss Expectancy

Correct Answer: B

Question No.315

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda. From an Information Security Leadership perspective, which of the following is a MAJOR concern about the CISO#39;s approach to security?

  1. Lack of risk management process

  2. Lack of sponsorship from executive management

  3. IT security centric agenda

  4. Compliance centric agenda

Correct Answer: C

Question No.316

Your company has limited resources to spend on security initiatives. The Chief Financial Officer asks you to prioritize the protection of information resources based on their value to the company. It is essential that you be able to communicate in language that your fellow executives will understand. You should:

  1. Create timelines for mitigation

  2. Develop a cost-benefit analysis

  3. Calculate annual loss expectancy

  4. Create a detailed technical executive summary

Correct Answer: B

Question No.317

When analyzing and forecasting an operating expense budget what are not included?

  1. Software and hardware license fees

  2. Utilities and power costs

  3. Network connectivity costs

  4. New datacenter to operate from

Correct Answer: D

Question No.318

File Integrity Monitoring (FIM) is considered a

  1. Network based security preventative control

  2. Software segmentation control

  3. Security detective control

  4. User segmentation control

Correct Answer: C

Question No.319

When updating the security strategic planning document what two items must be included?

  1. Alignment with the business goals and the vision of the CIO

  2. The risk tolerance of the company and the company mission statement

  3. The executive summary and vision of the board of directors

  4. The alignment with the business goals and the risk tolerance

Correct Answer: D

Question No.320

What are the primary reasons for the development of a business case for a security project?

  1. To estimate risk and negate liability to the company

  2. To understand the attack vectors and attack sources

  3. To communicate risk and forecast resource needs

  4. To forecast usage and cost per software licensing

Correct Answer: C

Get Full Version of the Exam
712-50 Dumps
712-50 VCE and PDF