Month End Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Achieve Success in the ECCouncil 712-50 Exam: A Detailed EC-Council Certified CISO (CCISO) Guide

Questions 51

The total cost of security controls should:

Options:
A.

Be equal to the value of the information resource being protected

B.

Be greater than the value of the information resource being protected

C.

Be less than the value of the information resource being protected

D.

Should not matter, as long as the information resource is protected

ECCouncil 712-50 Premium Access
Questions 52

Involvement of senior management is MOST important in the development of:

Options:
A.

IT security implementation plans.

B.

Standards and guidelines.

C.

IT security policies.

D.

IT security procedures.

Questions 53

What are the three hierarchically related aspects of strategic planning and in which order should they be done?

Options:
A.

1) Information technology strategic planning, 2) Enterprise strategic planning, 3) Cybersecurity or

information security strategic planning

B.

1) Cybersecurity or information security strategic planning, 2) Enterprise strategic planning, 3) Information

technology strategic planning

C.

1) Enterprise strategic planning, 2) Information technology strategic planning, 3) Cybersecurity or

information security strategic planning

D.

1) Enterprise strategic planning, 2) Cybersecurity or information security strategic planning, 3) Information

technology strategic planning

Questions 54

SCENARIO: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization’s needs.

The CISO discovers the scalability issue will only impact a small number of network segments. What is the next logical step to ensure the proper application of risk management methodology within the two-facto implementation project?

Options:
A.

Create new use cases for operational use of the solution

B.

Determine if sufficient mitigating controls can be applied

C.

Decide to accept the risk on behalf of the impacted business units

D.

Report the deficiency to the audit team and create process exceptions

Questions 55

Michael starts a new job and discovers that he has unnecessary access to a variety of systems. Which of the

following best describes the problem he has encountered?

Options:
A.

Rights collision

B.

Excessive privileges

C.

Privilege creep

D.

Least privileges

Questions 56

As the Business Continuity Coordinator of a financial services organization, you are responsible for ensuring assets are recovered timely in the event of a disaster. Which is the BEST Disaster Recovery performance indicator to validate that you are prepared for a disaster?

Options:
A.

Recovery Point Objective (RPO)

B.

Disaster Recovery Plan

C.

Recovery Time Objective (RTO)

D.

Business Continuity Plan

Questions 57

What is the difference between encryption and tokenization?

Options:
A.

Tokenization combined with hashing is always better than encryption

B.

Encryption can be mathematically reversed to provide the original information

C.

The token contains the all original information

D.

Tokenization can be mathematically reversed to provide the original information

Questions 58

Which of the following is MOST useful when developing a business case for security initiatives?

Options:
A.

Budget forecasts

B.

Request for proposals

C.

Cost/benefit analysis

D.

Vendor management

Questions 59

Which of the following best describes a portfolio?

Options:
A.

The portfolio is used to manage and track individual projects

B.

The portfolio is used to manage incidents and events

C.

A portfolio typically consists of several programs

D.

A portfolio delivers one specific service or program to the business

Questions 60

Using the Transport Layer Security (TLS) protocol enables a client in a network to be:

Options:
A.

Provided with a digital signature

B.

Assured of the server’s identity

C.

Identified by a network

D.

Registered by the server