Black Friday Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Achieve Success in the ECCouncil 712-50 Exam: A Detailed EC-Council Certified CISO (CCISO) Guide

Questions 61

Which of the following will be MOST helpful for getting an Information Security project that is behind schedule back on schedule?

Options:

A.

Upper management support

B.

More frequent project milestone meetings

C.

More training of staff members

D.

Involve internal audit

Buy Now
Questions 62

A CISO sees abnormally high volumes of exceptions to security requirements and constant pressure from business units to change security processes. Which of the following represents the MOST LIKELY cause of this situation?

Options:

A.

Poor audit support for the security program

B.

A lack of executive presence within the security program

C.

Poor alignment of the security program to business needs

D.

This is normal since business units typically resist security requirements

Buy Now
Questions 63

How often should the Statements of Standards for Attestation Engagements-16 (SSAE16)/International Standard on Assurance Engagements 3402 (ISAE3402) report of your vendors be reviewed?

Options:

A.

Quarterly

B.

Semi-annually

C.

Bi-annually

D.

Annually

Buy Now
Questions 64

Your company has a “no right to privacy” notice on all logon screens for your information systems and users sign an Acceptable Use Policy informing them of this condition. A peer group member and friend comes to you and requests access to one of her employee’s email account. What should you do? (choose the BEST answer):

Options:

A.

Grant her access, the employee has been adequately warned through the AUP.

B.

Assist her with the request, but only after her supervisor signs off on the action.

C.

Reset the employee’s password and give it to the supervisor.

D.

Deny the request citing national privacy laws.

Buy Now
Questions 65

An application vulnerability assessment has identified a security flaw in an application. This is a flaw that was previously identified and remediated on a prior release of the application. Which of the following is MOST likely the reason for this recurring issue?

Options:

A.

Ineffective configuration management controls

B.

Lack of change management controls

C.

Lack of version/source controls

D.

High turnover in the application development department

Buy Now
Questions 66

A department within your company has proposed a third party vendor solution to address an urgent, critical business need. As the CISO you have been asked to accelerate screening of their security control claims. Which of the following vendor provided documents is BEST to make your decision:

Options:

A.

Vendor’s client list of reputable organizations currently using their solution

B.

Vendor provided attestation of the detailed security controls from a reputable accounting firm

C.

Vendor provided reference from an existing reputable client detailing their implementation

D.

Vendor provided internal risk assessment and security control documentation

Buy Now
Questions 67

An example of professional unethical behavior is:

Options:

A.

Gaining access to an affiliated employee’s work email account as part of an officially sanctioned internal investigation

B.

Sharing copyrighted material with other members of a professional organization where all members have legitimate access to the material

C.

Copying documents from an employer’s server which you assert that you have an intellectual property claim to possess, but the company disputes

D.

Storing client lists and other sensitive corporate internal documents on a removable thumb drive

Buy Now
Questions 68

How often should the SSAE16 report of your vendors be reviewed?

Options:

A.

Quarterly

B.

Semi-annually

C.

Annually

D.

Bi-annually

Buy Now
Questions 69

You are the CISO of a commercial social media organization. The leadership wants to rapidly create new methods of sharing customer data through creative linkages with mobile devices. You have voiced concern about privacy regulations but the velocity of the business is given priority. Which of the following BEST describes this organization?

Options:

A.

Risk averse

B.

Risk tolerant

C.

Risk conditional

D.

Risk minimal

Buy Now
Questions 70

A system was hardened at the Operating System level and placed into the production environment. Months later an audit was performed and it identified insecure configuration different from the original hardened state. Which of the following security issues is the MOST likely reason leading to the audit findings?

Options:

A.

Lack of asset management processes

B.

Lack of change management processes

C.

Lack of hardening standards

D.

Lack of proper access controls

Buy Now
Exam Code: 712-50
Exam Name: EC-Council Certified CISO (CCISO)
Last Update: Dec 13, 2024
Questions: 460

PDF + Testing Engine

$164.99
$66

Testing Engine

$124.99
$50

PDF (Q&A)

$104.99
$42

ECCouncil Free Exams

ECCouncil Free Exams
Discover free ECCouncil exam prep resources at Examstrack. Access practice tests and study materials to enhance your ECCouncil exam success.