Limited Time Discount Offer 30% Off - Ends in 02:00:00


ECCouncil 712-50 Exam - EC-Council Certified CISO

Download Free ECCouncil 712-50 Exam Questions

Questions & Answers for ECCouncil 712-50

Showing 1-15 of 343 Questions

Question #1 - Topic 1

Who in the organization determines access to information?

A. Legal department

B. Compliance officer

C. Data Owner

D. Information security officer

Question #2 - Topic 1

What is the BEST way to achieve on-going compliance monitoring in an organization?

A. Only check compliance right before the auditors are scheduled to arrive onsite.

B. Outsource compliance to a 3rd party vendor and let them manage the program.

C. Have Compliance and Information Security partner to correct issues as they arise.

D. Have Compliance direct Information Security to fix issues after the auditors report.

Question #3 - Topic 1

When dealing with a risk management process, asset classification is important because it
will impact the overall:

A. Threat identification

B. Risk monitoring

C. Risk treatment

D. Risk tolerance

Question #4 - Topic 1

Ensuring that the actions of a set of people, applications and systems follow the
organizations rules is BEST described as:

A. Risk management

B. Security management

C. Mitigation management

D. Compliance management

Question #5 - Topic 1

Which of the following is a MAJOR consideration when an organization retains sensitive
customer data and uses this data to better target the organizations products and services?

A. Strong authentication technologies

B. Financial reporting regulations

C. Credit card compliance and regulations

D. Local privacy laws

Question #6 - Topic 1

Which of the following is a benefit of information security governance?

A. Questioning the trust in vendor relationships.

B. Increasing the risk of decisions based on incomplete management information.

C. Direct involvement of senior management in developing control processes

D. Reduction of the potential for civil and legal liability

Question #7 - Topic 1

In accordance with best practices and international standards, how often is security
awareness training provided to employees of an organization?

A. High risk environments 6 months, low risk environments 12 months

B. Every 12 months

C. Every 18 months

D. Every six months

Question #8 - Topic 1

Which of the following is of MOST importance when security leaders of an organization are
required to align security to influence the culture of an organization?

A. Poses a strong technical background

B. Understand all regulations affecting the organization

C. Understand the business goals of the organization

D. Poses a strong auditing background

Question #9 - Topic 1

Which of the following is used to establish and maintain a framework to provide assurance
that information security strategies are aligned with organizational objectives?

A. Awareness

B. Compliance

C. Governance

D. Management

Question #10 - Topic 1

Which of the following provides an audit framework?

A. Control Objectives for IT (COBIT)

B. Payment Card Industry-Data Security Standard (PCI-DSS)

C. International Organization Standard (ISO) 27002

D. National Institute of Standards and Technology (NIST) SP 800-30

Question #11 - Topic 1

The PRIMARY objective of security awareness is to:

A. Ensure that security policies are read.

B. Encourage security-conscious employee behavior.

C. Meet legal and regulatory requirements.

D. Put employees on notice in case follow-up action for noncompliance is necessary

Question #12 - Topic 1

When deploying an Intrusion Prevention System (IPS) the BEST way to get maximum
protection from the system is to deploy it

A. In promiscuous mode and only detect malicious traffic.

B. In-line and turn on blocking mode to stop malicious traffic.

C. In promiscuous mode and block malicious traffic.

D. In-line and turn on alert mode to stop malicious traffic.

Question #13 - Topic 1

Risk is defined as:

A. Threat times vulnerability divided by control

B. Advisory plus capability plus vulnerability

C. Asset loss times likelihood of event

D. Quantitative plus qualitative impact

Question #14 - Topic 1

Which of the following are the MOST important factors for proactively determining system

A. Subscribe to vendor mailing list to get notification of system vulnerabilities

B. Deploy Intrusion Detection System (IDS) and install anti-virus on systems

C. Configure firewall, perimeter router and Intrusion Prevention System (IPS)

D. Conduct security testing, vulnerability scanning, and penetration testing

Question #15 - Topic 1

What is the first thing that needs to be completed in order to create a security program for
your organization?

A. Risk assessment

B. Security program budget

C. Business continuity plan

D. Compliance and regulatory analysis

Try Our Special 30% Discount Offer for
Premium 712-50 VCE File

  • Verified by experts

712-50 Premium File

  • Real Questions
  • Last Update: Feb 9, 2020
  • 100% Accurate Answers
  • Fast Exam Update




You save

Enter Your Email Address to Receive Your 30% Discount Code


You save

Use Discount Code:

A confirmation link was sent to your e-mail.

Please check your mailbox for a message from [email protected] and follow the directions.

Download Free Demo of VCE Exam Simulator

Experience Avanset VCE Exam Simulator for yourself.

Simply submit your e-mail address below to get started with our interactive software demo of your free trial.

  • Realistic exam simulation and exam editor with preview functions
  • Whole exam in a single file with several different question types
  • Customizable exam-taking mode & detailed score reports