[Free] 2019(Nov) EnsurePass ECCouncil 712-50 Dumps with VCE and PDF 71-80

Get Full Version of the Exam

Question No.71

Which of the following should be determined while defining risk management strategies?

  1. Organizational objectives and risk tolerance

  2. Risk assessment criteria

  3. IT architecture complexity

  4. Enterprise disaster recovery plans

Correct Answer: A

Question No.72

What two methods are used to assess risk impact?

  1. Cost and annual rate of expectance

  2. Subjective and Objective

  3. Qualitative and percent of loss realized

  4. Quantitative and qualitative

Correct Answer: D

Question No.73

What is the first thing that needs to be completed in order to create a security program for your organization?

  1. Risk assessment

  2. Security program budget

  3. Business continuity plan

  4. Compliance and regulatory analysis

Correct Answer: A

Question No.74

Which of the following is the MOST important benefit of an effective security governance process?

  1. Reduction of liability and overall risk to the organization

  2. Better vendor management

  3. Reduction of security breaches

  4. Senior management participation in the incident response process

Correct Answer: A

Question No.75

A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?

  1. Lack of a formal security awareness program

  2. Lack of a formal security policy governance process

  3. Lack of formal definition of roles and responsibilities

  4. Lack of a formal risk management policy

Correct Answer: B

Question No.76

When choosing a risk mitigation method what is the MOST important factor?

  1. Approval from the board of directors

  2. Cost of the mitigation is less than the risk

  3. Metrics of mitigation method success

  4. Mitigation method complies with PCI regulations

Correct Answer: B

Question No.77

A security officer wants to implement a vulnerability scanning program. The officer is uncertain of the state of vulnerability resiliency within the organization#39;s large IT infrastructure. What would be the BEST approach to minimize scan data output while retaining a realistic view of system vulnerability?

  1. Scan a representative sample of systems

  2. Perform the scans only during off-business hours

  3. Decrease the vulnerabilities within the scan tool settings

  4. Filter the scan output so only pertinent data is analyzed

Correct Answer: A

Question No.78

Credit card information, medical data, and government records are all examples of:

  1. Confidential/Protected Information

  2. Bodily Information

  3. Territorial Information

  4. Communications Information

Correct Answer: A

Question No.79

Who is responsible for securing networks during a security incident?

  1. Chief Information Security Officer (CISO)

  2. Security Operations Center (SOC)

  3. Disaster Recovery (DR) manager

  4. Incident Response Team (IRT)

Correct Answer: D

Question No.80

An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?

  1. Data breach disclosure

  2. Consumer right disclosure

  3. Security incident disclosure

  4. Special circumstance disclosure

Correct Answer: A

Get Full Version of the Exam
712-50 Dumps
712-50 VCE and PDF