Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Achieve Success in the ECCouncil 712-50 Exam: A Detailed EC-Council Certified CISO (CCISO) Guide

Questions 11

What is the primary difference between regulations and standards?

Options:

A.

Standards will include regulations

B.

Standards that aren’t followed are punishable by fines

C.

Regulations are made enforceable by the power provided by laws

D.

Regulations must be reviewed and approved by the business

Buy Now
Questions 12

When reviewing a Solution as a Service (SaaS) provider’s security health and posture, which key document should you review?

Options:

A.

SaaS provider’s website certifications and representations (certs and reps)

B.

SOC-2 Report

C.

Metasploit Audit Report

D.

Statement from SaaS provider attesting their ability to secure your data

Buy Now
Questions 13

What are the common data hiding techniques used by criminals?

Options:

A.

Unallocated space and masking

B.

Website defacement and log manipulation

C.

Disabled Logging and admin elevation

D.

Encryption, Steganography, and Changing Metadata/Timestamps

Buy Now
Questions 14

A bastion host should be placed:

Options:

A.

Inside the DMZ

B.

In-line with the data center firewall

C.

Beyond the outer perimeter firewall

D.

As the gatekeeper to the organization’s honeynet

Buy Now
Questions 15

Which of the following has the GREATEST impact on the implementation of an information security governance model?

Options:

A.

Organizational budget

B.

Distance between physical locations

C.

Number of employees

D.

Complexity of organizational structure

Buy Now
Questions 16

The exposure factor of a threat to your organization is defined by?

Options:

A.

Asset value times exposure factor

B.

Annual rate of occurrence

C.

Annual loss expectancy minus current cost of controls

D.

Percentage of loss experienced due to a realized threat event

Buy Now
Questions 17

A security manager has created a risk program. Which of the following is a critical part of ensuring the program is successful?

Options:

A.

Providing a risk program governance structure

B.

Ensuring developers include risk control comments in code

C.

Creating risk assessment templates based on specific threats

D.

Allowing for the acceptance of risk for regulatory compliance requirements

Buy Now
Questions 18

A security manager regualrly checks work areas after buisness hours for security violations; such as unsecured files or unattended computers with active sessions. This activity BEST demonstrates what part of a security program?

Options:

A.

Audit validation

B.

Physical control testing

C.

Compliance management

D.

Security awareness training

Buy Now
Questions 19

A global health insurance company is concerned about protecting confidential information. Which of the following is of MOST concern to this organization?

Options:

A.

Compliance to the Payment Card Industry (PCI) regulations.

B.

Alignment with financial reporting regulations for each country where they operate.

C.

Alignment with International Organization for Standardization (ISO) standards.

D.

Compliance with patient data protection regulations for each country where they operate.

Buy Now
Questions 20

When deploying an Intrusion Prevention System (IPS) the BEST way to get maximum protection from the system is to deploy it

Options:

A.

In promiscuous mode and only detect malicious traffic.

B.

In-line and turn on blocking mode to stop malicious traffic.

C.

In promiscuous mode and block malicious traffic.

D.

In-line and turn on alert mode to stop malicious traffic.

Buy Now