Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Master the Certified Ethical Hacker Exam 312-50 Exam with Confidence!

Questions 51

A consultant has been hired by the V.P. of a large financial organization to assess the company's security posture. During the security testing, the consultant comes across child pornography on the V.P.'s computer. What is the consultant's obligation to the financial organization?

Options:

A.

Say nothing and continue with the security testing.

B.

Stop work immediately and contact the authorities.

C.

Delete the pornography, say nothing, and continue security testing.

D.

Bring the discovery to the financial organization's human resource department.

Buy Now
Questions 52

A computer technician is using a new version of a word processing software package when it is discovered that a special sequence of characters causes the entire computer to crash. The technician researches the bug and discovers that no one else experienced the problem. What is the appropriate next step?

Options:

A.

Ignore the problem completely and let someone else deal with it.

B.

Create a document that will crash the computer when opened and send it to friends.

C.

Find an underground bulletin board and attempt to sell the bug to the highest bidder.

D.

Notify the vendor of the bug and do not disclose it until the vendor gets a chance to issue a fix.

Buy Now
Questions 53

When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration testing?

Options:

A.

At least once a year and after any significant upgrade or modification

B.

At least once every three years or after any significant upgrade or modification

C.

At least twice a year or after any significant upgrade or modification

D.

At least once every two years and after any significant upgrade or modification

Buy Now
Questions 54

Which of the following ensures that updates to policies, procedures, and configurations are made in a controlled and documented fashion?

Options:

A.

Regulatory compliance

B.

Peer review

C.

Change management

D.

Penetration testing

Buy Now
Questions 55

Which United States legislation mandates that the Chief Executive Officer (CEO) and the Chief Financial Officer (CFO) must sign statements verifying the completeness and accuracy of financial reports?

Options:

A.

Sarbanes-Oxley Act (SOX)

B.

Gramm-Leach-Bliley Act (GLBA)

C.

Fair and Accurate Credit Transactions Act (FACTA)

D.

Federal Information Security Management Act (FISMA)

Buy Now
Questions 56

Which type of security document is written with specific step-by-step details?

Options:

A.

Process

B.

Procedure

C.

Policy

D.

Paradigm

Buy Now
Questions 57

International Organization for Standardization (ISO) standard 27002 provides guidance for compliance by outlining

Options:

A.

guidelines and practices for security controls.

B.

financial soundness and business viability metrics.

C.

standard best practice for configuration management.

D.

contract agreement writing standards.

Buy Now
Questions 58

Which method can provide a better return on IT security investment and provide a thorough and comprehensive assessment of organizational security covering policy, procedure design, and implementation?

Options:

A.

Penetration testing

B.

Social engineering

C.

Vulnerability scanning

D.

Access control list reviews

Buy Now
Questions 59

How do employers protect assets with security policies pertaining to employee surveillance activities?

Options:

A.

Employers promote monitoring activities of employees as long as the employees demonstrate trustworthiness.

B.

Employers use informal verbal communication channels to explain employee monitoring activities to employees.

C.

Employers use network surveillance to monitor employee email traffic, network access, and to record employee keystrokes.

D.

Employers provide employees written statements that clearly discuss the boundaries of monitoring activities and consequences.

Buy Now
Questions 60

How can a policy help improve an employee's security awareness?

Options:

A.

By implementing written security procedures, enabling employee security training, and promoting the benefits of security

B.

By using informal networks of communication, establishing secret passing procedures, and immediately terminating employees

C.

By sharing security secrets with employees, enabling employees to share secrets, and establishing a consultative help line

D.

By decreasing an employee's vacation time, addressing ad-hoc employment clauses, and ensuring that managers know employee strengths

Buy Now