[Free] 2018(Jan) EnsurePass Testking ECCouncil 712-50 Dumps with VCE and PDF 11-20

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 712-50
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified CISO (CCISO)

Question No: 11 – (Topic 1)

A global retail company is creating a new compliance management process. Which of the following regulations is of MOST importance to be tracked and managed by this process?

  1. Information Technology Infrastructure Library (ITIL)

  2. International Organization for Standardization (ISO) standards

  3. Payment Card Industry Data Security Standards (PCI-DSS)

  4. National Institute for Standards and Technology (NIST) standard

Answer: C

Question No: 12 – (Topic 1)

Which of the following is a weakness of an asset or group of assets that can be exploited by one or more threats?

  1. Threat

  2. Vulnerability

  3. Attack vector

  4. Exploitation

Answer: B

Question No: 13 – (Topic 1)

In accordance with best practices and international standards, how often is security awareness training provided to employees of an organization?

  1. High risk environments 6 months, low risk environments 12 months

  2. Every 12 months

  3. Every 18 months

  4. Every six months

Answer: B

Question No: 14 – (Topic 1)

What is the SECOND step to creating a risk management methodology according to the National Institute of Standards and Technology (NIST) SP 800-30 standard?

  1. Determine appetite

  2. Evaluate risk avoidance criteria

  3. Perform a risk assessment

  4. Mitigate risk

Answer: D

Question No: 15 – (Topic 1)

What is a difference from the list below between quantitative and qualitative Risk Assessment?

  1. Quantitative risk assessments result in an exact number (in monetary terms)

  2. Qualitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)

  3. Qualitative risk assessments map to business objectives

  4. Quantitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)

Answer: A

Question No: 16 – (Topic 1)

The FIRST step in establishing a security governance program is to?

  1. Conduct a risk assessment.

  2. Obtain senior level sponsorship.

  3. Conduct a workshop for all end users.

  4. Prepare a security budget.

Answer: B

Question No: 17 – (Topic 1)

A company wants to fill a Chief Information Security Officer position in the organization. They need to define and implement a more holistic security program. Which of the following qualifications and experience would be MOST desirable to find in a candidate?

  1. Multiple certifications, strong technical capabilities and lengthy resume

  2. Industry certifications, technical knowledge and program management skills

  3. College degree, audit capabilities and complex project management

  4. Multiple references, strong background check and industry certifications

Answer: B

Question No: 18 – (Topic 1)

Why is it vitally important that senior management endorse a security policy?

  1. So that they will accept ownership for security within the organization.

  2. So that employees will follow the policy directives.

  3. So that external bodies will recognize the organizations commitment to security.

  4. So that they can be held legally accountable.

Answer: A

Question No: 19 – (Topic 1)

The Information Security Management program MUST protect:

  1. all organizational assets

  2. critical business processes and /or revenue streams

  3. intellectual property released into the public domain

  4. against distributed denial of service attacks

Answer: B

Question No: 20 – (Topic 1)

A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units. Which of the following standards and guidelines can BEST address this organization’s need?

  1. International Organization for Standardizations – 22301 (ISO-22301)

  2. Information Technology Infrastructure Library (ITIL)

  3. Payment Card Industry Data Security Standards (PCI-DSS)

  4. International Organization for Standardizations – 27005 (ISO-27005)

Answer: A

100% Ensurepass Free Download!
Download Free Demo:712-50 Demo PDF
100% Ensurepass Free Guaranteed!
712-50 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No