[Free] 2018(Jan) EnsurePass Testking ECCouncil 712-50 Dumps with VCE and PDF 171-180

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 712-50
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/712-50.html

EC-Council Certified CISO (CCISO)

Question No: 171 – (Topic 2)

A missing/ineffective security control is identified. Which of the following should be the NEXT step?

  1. Perform an audit to measure the control formally

  2. Escalate the issue to the IT organization

  3. Perform a risk assessment to measure risk

  4. Establish Key Risk Indicators

Answer: C

Question No: 172 – (Topic 2)

Assigning the role and responsibility of Information Assurance to a dedicated and independent security group is an example of:

  1. Detective Controls

  2. Proactive Controls

  3. Preemptive Controls

  4. Organizational Controls

Answer: D

Topic 3, Management – Projects and Operations (Projects, Technology amp; Operations)

Question No: 173 – (Topic 3)

To get an Information Security project back on schedule, which of the following will provide the MOST help?

  1. Upper management support

  2. More frequent project milestone meetings

  3. Stakeholder support

  4. Extend work hours

Answer: A

Question No: 174 – (Topic 3)

Your company has a “no right to privacy” notice on all logon screens for your information systems and users sign an Acceptable Use Policy informing them of this condition. A peer group member and friend comes to you and requests access to one of her employee’s email account. What should you do? (choose the BEST answer):

  1. Grant her access, the employee has been adequately warned through the AUP.

  2. Assist her with the request, but only after her supervisor signs off on the action.

  3. Reset the employee’s password and give it to the supervisor.

  4. Deny the request citing national privacy laws.

Answer: B

Question No: 175 – (Topic 3)

You currently cannot provide for 24/7 coverage of your security monitoring and incident response duties and your company is resistant to the idea of adding more full-time employees to the payroll. Which combination of solutions would help to provide the coverage needed without the addition of more dedicated staff? (choose the best answer):

  1. Deploy a SEIM solution and have current staff review incidents first thing in the morning

  2. Contract with a managed security provider and have current staff on recall for incident response

  3. Configure your syslog to send SMS messages to current staff when target events are triggered

  4. Employ an assumption of breach protocol and defend only essential information resources

Answer: B

Question No: 176 – (Topic 3)

An international organization is planning a project to implement encryption technologies to protect company confidential information. This organization has data centers on three continents. Which of the following would be considered a MAJOR constraint for the project?

  1. Time zone differences

  2. Compliance to local hiring laws

  3. Encryption import/export regulations

  4. Local customer privacy laws

Answer: C

Question No: 177 – (Topic 3)

An organization has a stated requirement to block certain traffic on networks. The implementation of controls will disrupt a manufacturing process and cause unacceptable delays, resulting in sever revenue disruptions. Which of the following is MOST likely to be responsible for accepting the risk until mitigating controls can be implemented?

  1. The CISO

  2. Audit and Compliance

  3. The CFO

  4. The business owner

Answer: D

Question No: 178 – (Topic 3)

Which of the following functions evaluates risk present in IT initiatives and/or systems when implementing an information security program?

  1. Risk Management

  2. Risk Assessment

  3. System Testing

  4. Vulnerability Assessment

Answer: B

Question No: 179 – (Topic 3)

A person in your security team calls you at night and informs you that one of your web applications is potentially under attack from a cross-site scripting vulnerability. What do you do?

  1. tell him to shut down the server

  2. tell him to call the police

  3. tell him to invoke the incident response process

  4. tell him to analyze the problem, preserve the evidence and provide a full analysis and report

Answer: C

Question No: 180 – (Topic 3)

When entering into a third party vendor agreement for security services, at what point in the process is it BEST to understand and validate the security posture and compliance level of the vendor?

  1. At the time the security services are being performed and the vendor needs access to the network

  2. Once the agreement has been signed and the security vendor states that they will need access to the network

  3. Once the vendor is on premise and before they perform security services

  4. Prior to signing the agreement and before any security services are being performed

Answer: D

100% Ensurepass Free Download!
Download Free Demo:712-50 Demo PDF
100% Ensurepass Free Guaranteed!
712-50 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No