New Year Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free ECCouncil 712-50 Practice Exam with Questions & Answers | Set: 13

Questions 121

What is the purpose of the statement of retained earnings of an organization?

Options:
A.

It represents the sum of all capital expenditures

B.

It represents the percentage of earnings that could in part be used to finance future security controls

C.

It represents the savings generated by the proper acquisition and implementation of security controls

D.

It has a direct correlation with the CISO’s budget

ECCouncil 712-50 Premium Access
Questions 122

A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage.

What Security Operations Center (SOC) model does this BEST describe?

Options:
A.

Virtual SOC

B.

In-house SOC

C.

Security Network Operations Center (SNOC)

D.

Hybrid SOC

Questions 123

Which of the following is the MOST effective method to counter phishing attacks?

Options:
A.

User awareness and training

B.

Host based Intrusion Detection System (IPS)

C.

Acceptable use guide signed by all system users

D.

Antispam solution

Questions 124

Which of the following provides the BEST approach to achieving positive outcomes while preserving savings?

Options:
A.

Business Impact Analysis

B.

Cost-benefit analysis

C.

Economic impact analysis

D.

Return on Investment

Questions 125

What does RACI stand for?

Options:
A.

Reasonable, Actionable, Controlled, and Implemented

B.

Responsible, Actors, Consult, and Instigate

C.

Responsible, Accountable, Consulted, and Informed

D.

Review, Act, Communicate, and Inform

Questions 126

During a cyber incident, which non-security personnel might be needed to assist the security team?

Options:
A.

Threat analyst, IT auditor, forensic analyst

B.

Network engineer, help desk technician, system administrator

C.

CIO, CFO, CSO

D.

Financial analyst, payroll clerk, HR manager

Questions 127

A company wants to fill a Chief Information Security Officer position. Which of the following qualifications and experience would be MOST desirable in a candidate?

Options:
A.

Multiple certifications, strong technical capabilities and lengthy resume

B.

Industry certifications, technical knowledge and program management skills

C.

College degree, audit capabilities and complex project management

D.

Multiple references, strong background check and industry certifications

Questions 128

The alerting, monitoring, and lifecycle management of security-related events are typically managed by the:

Options:
A.

Security controls group

B.

Governance, risk, and compliance tools

C.

Security Threat and vulnerability management process

D.

Risk assessment process

Questions 129

A CISO must conduct risk assessments using a method where the Chief Financial Officer (CFO) receives impact data in financial terms to use as input to select the proper level of coverage in a new cybersecurity insurance policy.

What is the MOST effective method of risk analysis to provide the CFO with the information required?

Options:
A.

Conduct a quantitative risk assessment

B.

Conduct a hybrid risk assessment

C.

Conduct a subjective risk assessment

D.

Conduct a qualitative risk assessment

Questions 130

A bastion host should be placed:

Options:
A.

Inside the DMZ

B.

In-line with the data center firewall

C.

Beyond the outer perimeter firewall

D.

As the gatekeeper to the organization’s honeynet