GOOD NEWS:Flydumps has published the new version with all the new added questions and answers.By training the EC-COUNCIL https://www.pass4itsure.com/712-50.html VCE dumps, you can pass the exam easily and quickly.
QUESTION 1
Which of the following is the MOST important benefit of an effective security governance process?
A. Reduction of liability and overall risk to the organization
B. Better vendor management
C. Reduction of security breaches
D. Senior management participation in the incident response process
Correct Answer: A QUESTION 2
The framework that helps to define a minimum standard of protection that business stakeholders must attempt to achieve is referred to as a standard of:
A. Due Protection
B. Due Care
C. Due Compromise
D. Due process
Correct Answer: B QUESTION 3
Risk is defined as:
A. Threat times vulnerability divided by control
B. Advisory plus capability plus vulnerability
C. Asset loss times likelihood of event
D. Quantitative plus qualitative impact
Correct Answer: A QUESTION 4
A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?
A. Lack of a formal security awareness program
B. Lack of a formal security policy governance process
C. Lack of formal definition of roles and responsibilities
D. Lack of a formal risk management policy
Correct Answer: B QUESTION 5
The Information Security Governance program MUST:
A. integrate with other organizational governance processes
B. support user choice for Bring Your Own Device (BYOD)
C. integrate with other organizational governance processes
D. show a return on investment for the organization
Correct Answer: A QUESTION 6
Which of the following is MOST important when dealing with an Information Security Steering committee: A. Include a mix of members from different departments and staff levels.
B. Ensure that security policies and procedures have been vetted and approved.
C. Review all past audit and compliance reports.
D. Be briefed about new trends and products at each meeting by a vendor.
Correct Answer: C
QUESTION 7
Which of the following is used to establish and maintain a framework to provide assurance that information security strategies are aligned with organizational objectives?
A. Awareness
B. Compliance
C. Governance
D. Management
Correct Answer: C
QUESTION 8
Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?
A. Need to comply with breach disclosure laws
B. Need to transfer the risk associated with hosting PII data
C. Need to better understand the risk associated with using PII data
D. Fiduciary responsibility to safeguard credit card information
Correct Answer: C
QUESTION 9
When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?
A. Escalation
B. Recovery
C. Eradication
D. Containment
Correct Answer: D
QUESTION 10
One of the MAIN goals of a Business Continuity Plan is to
A. Ensure all infrastructure and applications are available in the event of a disaster
B. Allow all technical first-responders to understand their roles in the event of a disaster
C. Provide step by step plans to recover business processes in the event of a disaster
D. Assign responsibilities to the technical teams responsible for the recovery of all data.
Correct Answer: C
QUESTION 11
After a risk assessment is performed, a particular risk is considered to have the potential of costing the organization 1.2 Million USD. This is an example of
A. Risk Tolerance
B. Qualitative risk analysis
C. Risk Appetite
D. Quantitative risk analysis
Correct Answer: D QUESTION 12
You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the
A. Controlled mitigation effort
B. Risk impact comparison
C. Relative likelihood of event
D. Comparative threat analysis
Correct Answer: C QUESTION 13
Which of the following should be determined while defining risk management strategies?
A. Organizational objectives and risk tolerance
B. Risk assessment criteria
C. IT architecture complexity
D. Enterprise disaster recovery plans
Correct Answer: A QUESTION 14
You have recently drafted a revised information security policy. From whom should you seek endorsement in order to have the GREATEST chance for adoption and implementation throughout the entire organization?
A. Chief Information Security Officer
B. Chief Executive Officer
C. Chief Information Officer
D. Chief Legal Counsel
Correct Answer: B QUESTION 15
Who in the organization determines access to information?
A. Legal department
B. Compliance officer
C. Data Owner
D. Information security officer
Correct Answer: C QUESTION 16
Within an organization’s vulnerability management program, who has the responsibility to implement remediation actions?
A. Security officer
B. Data owner
C. Vulnerability engineer
D. System administrator Correct Answer: D
QUESTION 17
When deploying an Intrusion Prevention System (IPS) the BEST way to get maximum protection from the system is to deploy it
A. In promiscuous mode and only detect malicious traffic.
B. In-line and turn on blocking mode to stop malicious traffic.
C. In promiscuous mode and block malicious traffic.
D. In-line and turn on alert mode to stop malicious traffic.
Correct Answer: B QUESTION 18
The Information Security Management program MUST protect:
A. all organizational assets
B. critical business processes and /or revenue streams
C. intellectual property released into the public domain
D. against distributed denial of service attacks
Correct Answer: B QUESTION 19
Which of the following is a MAJOR consideration when an organization retains sensitive customer data and uses this data to better target the organization’s products and services?
A. Strong authentication technologies
B. Financial reporting regulations
C. Credit card compliance and regulations
D. Local privacy laws
Correct Answer: D QUESTION 20
What role should the CISO play in properly scoping a PCI environment?
A. Validate the business units’ suggestions as to what should be included in the scoping process
B. Work with a Qualified Security Assessor (QSA) to determine the scope of the PCI environment
C. Ensure internal scope validation is completed and that an assessment has been done to discover all credit card data
D. Complete the self-assessment questionnaire and work with an Approved Scanning Vendor (ASV) to determine scope
Correct Answer: C
Get certified EC-COUNCIL 712-50 is a guaranteed way to succeed with IT careers.We help you do exactly that with our high quality EC-COUNCIL https://www.pass4itsure.com/712-50.html Certification Certified Information Systems Security Professional training materials.
The post EC-COUNCIL 712-50 Practice, Best EC-COUNCIL 712-50 Q&A Guaranteed Success appeared first on Best IT Certification Exam Providers - I-tec; VCE Exam Simulator 2.