New Year Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free ECCouncil 712-50 Practice Exam with Questions & Answers | Set: 8

Questions 71

Which of the following is the MOST effective way to measure the effectiveness of security controls on a perimeter network?

Options:
A.

Perform a vulnerability scan of the network

B.

External penetration testing by a qualified third party

C.

Internal Firewall ruleset reviews

D.

Implement network intrusion prevention systems

ECCouncil 712-50 Premium Access
Questions 72

An organization's Information Security Policy is of MOST importance because

Options:
A.

it communicates management’s commitment to protecting information resources

B.

it is formally acknowledged by all employees and vendors

C.

it defines a process to meet compliance requirements

D.

it establishes a framework to protect confidential information

Questions 73

A security manager regualrly checks work areas after buisness hours for security violations; such as unsecured files or unattended computers with active sessions. This activity BEST demonstrates what part of a security program?

Options:
A.

Audit validation

B.

Physical control testing

C.

Compliance management

D.

Security awareness training

Questions 74

A company wants to fill a Chief Information Security Officer position in the organization. They need to define and implement a more holistic security program. Which of the following qualifications and experience would be MOST desirable to find in a candidate?

Options:
A.

Multiple certifications, strong technical capabilities and lengthy resume

B.

Industry certifications, technical knowledge and program management skills

C.

College degree, audit capabilities and complex project management

D.

Multiple references, strong background check and industry certifications

Questions 75

At which point should the identity access management team be notified of the termination of an employee?

Options:
A.

At the end of the day once the employee is off site

B.

During the monthly review cycle

C.

Immediately so the employee account(s) can be disabled

D.

Before an audit

Questions 76

Which of the following are the MOST important factors for proactively determining system vulnerabilities?

Options:
A.

Subscribe to vendor mailing list to get notification of system vulnerabilities

B.

Deploy Intrusion Detection System (IDS) and install anti-virus on systems

C.

Configure firewall, perimeter router and Intrusion Prevention System (IPS)

D.

Conduct security testing, vulnerability scanning, and penetration testing

Questions 77

What is the definition of Risk in Information Security?

Options:
A.

Risk = Probability x Impact

B.

Risk = Threat x Probability

C.

Risk = Financial Impact x Probability

D.

Risk = Impact x Threat

Questions 78

Which of the following is a critical operational component of an Incident Response Program (IRP)?

Options:
A.

Weekly program budget reviews to ensure the percentage of program funding remains constant.

B.

Annual review of program charters, policies, procedures and organizational agreements.

C.

Daily monitoring of vulnerability advisories relating to your organization’s deployed technologies.

D.

Monthly program tests to ensure resource allocation is sufficient for supporting the needs of the organization

Questions 79

A missing/ineffective security control is identified. Which of the following should be the NEXT step?

Options:
A.

Perform an audit to measure the control formally

B.

Escalate the issue to the IT organization

C.

Perform a risk assessment to measure risk

D.

Establish Key Risk Indicators

Questions 80

You have purchased a new insurance policy as part of your risk strategy. Which of the following risk strategy options have you engaged in?

Options:
A.

Risk Avoidance

B.

Risk Acceptance

C.

Risk Transfer

D.

Risk Mitigation