[Free] 2019(Nov) EnsurePass ECCouncil 712-50 Dumps with VCE and PDF 21-30

Get Full Version of the Exam

Question No.21

Risk appetite directly affects what part of a vulnerability management program?

  1. Staff

  2. Scope

  3. Schedule

  4. Scan tools

Correct Answer: B

Question No.22

Payment Card Industry (PCI) compliance requirements are based on what criteria?

  1. The types of cardholder data retained

  2. The duration card holder data is retained

  3. The size of the organization processing credit card data

  4. The number of transactions performed per year by an organization

Correct Answer: D

Question No.23

An organization information security policy serves to

  1. establish budgetary input in order to meet compliance requirements

  2. establish acceptable systems and user behavior

  3. define security configurations for systems

  4. define relationships with external law enforcement agencies

Correct Answer: B

Question No.24

When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?

  1. Escalation

  2. Recovery

  3. Eradication

  4. Containment

Correct Answer: D

Question No.25

An organization has defined a set of standard security controls. This organization has also defined the circumstances and conditions in which they must be applied. What is the NEXT logical step in applying the controls in the organization?

  1. Determine the risk tolerance

  2. Perform an asset classification

  3. Create an architecture gap analysis

  4. Analyze existing controls on systems

Correct Answer: B

Question No.26

What should an organization do to ensure that they have a sound Business Continuity (BC) Plan?

  1. Test every three years to ensure that things work as planned

  2. Conduct periodic tabletop exercises to refine the BC plan

  3. Outsource the creation and execution of the BC plan to a third party vendor

  4. Conduct a Disaster Recovery (DR) exercise every year to test the plan

Correct Answer: B

Question No.27

Which of the following is a benefit of information security governance?

  1. Questioning the trust in vendor relationships.

  2. Increasing the risk of decisions based on incomplete management information.

  3. Direct involvement of senior management in developing control processes

  4. Reduction of the potential for civil and legal liability

Correct Answer: D

Question No.28

Which of the following international standards can be BEST used to define a Risk Management process in an organization?

  1. National Institute for Standards and Technology 800-50 (NIST 800-50)

  2. International Organization for Standardizations – 27005 (ISO-27005)

  3. Payment Card Industry Data Security Standards (PCI-DSS)

  4. International Organization for Standardizations – 27004 (ISO-27004)

Correct Answer: B

Question No.29

You have purchased a new insurance policy as part of your risk strategy. Which of the following risk strategy options have you engaged in?

  1. Risk Avoidance

  2. Risk Acceptance

  3. Risk Transfer

  4. Risk Mitigation

Correct Answer: C

Question No.30

Which of the following is of MOST importance when security leaders of an organization are required to align security to influence the culture of an organization?

  1. Poses a strong technical background

  2. Understand all regulations affecting the organization

  3. Understand the business goals of the organization

  4. Poses a strong auditing background

Correct Answer: C

Get Full Version of the Exam
712-50 Dumps
712-50 VCE and PDF