New Year Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Achieve Success in the ECCouncil 712-50 Exam: A Detailed EC-Council Certified CISO (CCISO) Guide

Questions 131

When evaluating a Managed Security Services Provider (MSSP), which service(s) is/are most important:

Options:
A.

Patch management

B.

Network monitoring

C.

Ability to provide security services tailored to the business’ needs

D.

24/7 tollfree number

ECCouncil 712-50 Premium Access
Questions 132

As the Risk Manager of an organization, you are task with managing vendor risk assessments. During the assessment, you identified that the vendor is engaged with high profiled clients, and bad publicity can jeopardize your own brand.

Which is the BEST type of risk that defines this event?

Options:
A.

Compliance Risk

B.

Reputation Risk

C.

Operational Risk

D.

Strategic Risk

Questions 133

With a focus on the review and approval aspects of board responsibilities, the Data Governance Council recommends that the boards provide strategic oversight regarding information and information security, include these four things:

Options:
A.

Metrics tracking security milestones, understanding criticality of information and information security, visibility into the types of information and how it is used, endorsement by the board of directors

B.

Annual security training for all employees, continual budget reviews, endorsement of the development and implementation of a security program, metrics to track the program

C.

Understanding criticality of information and information security, review investment in information security, endorse development and implementation of a security program, and require regular reports on adequacy and effectiveness

D.

Endorsement by the board of directors for security program, metrics of security program milestones, annual budget review, report on integration and acceptance of program

Questions 134

What organizational structure combines the functional and project structures to create a hybrid of the two?

Options:
A.

Traditional

B.

Composite

C.

Project

D.

Matrix

Questions 135

Who should be involved in the development of an internal campaign to address email phishing?

Options:
A.

Business unit leaders, CIO, CEO

B.

Business Unite Leaders, CISO, CIO and CEO

C.

All employees

D.

CFO, CEO, CIO

Questions 136

As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity.

The performance quality audit activity is done in what project management process group?

Options:
A.

Executing

B.

Controlling

C.

Planning

D.

Closing

Questions 137

Which of the following statements below regarding Key Performance indicators (KPIs) are true?

Options:
A.

Development of KPI’s are most useful when done independently

B.

They are a strictly quantitative measure of success

C.

They should be standard throughout the organization versus domain-specific so they are more easily correlated

D.

They are a strictly qualitative measure of success

Questions 138

What are the common data hiding techniques used by criminals?

Options:
A.

Unallocated space and masking

B.

Website defacement and log manipulation

C.

Disabled Logging and admin elevation

D.

Encryption, Steganography, and Changing Metadata/Timestamps