Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Achieve Success in the ECCouncil 712-50 Exam: A Detailed EC-Council Certified CISO (CCISO) Guide

Questions 71

As the CISO for your company you are accountable for the protection of information resources commensurate with:

Options:

A.

Customer demand

B.

Cost and time to replace

C.

Insurability tables

D.

Risk of exposure

Buy Now
Questions 72

When selecting a security solution with reoccurring maintenance costs after the first year, the CISO should: (choose the BEST answer)

Options:

A.

The CISO should cut other essential programs to ensure the new solution’s continued use

B.

Communicate future operating costs to the CIO/CFO and seek commitment from them to ensure the new solution’s continued use

C.

Defer selection until the market improves and cash flow is positive

D.

Implement the solution and ask for the increased operating cost budget when it is time

Buy Now
Questions 73

A CISO implements smart cards for credential management, and as a result has reduced costs associated with help desk operations supporting password resets. This demonstrates which of the following principles?

Options:

A.

Security alignment to business goals

B.

Regulatory compliance effectiveness

C.

Increased security program presence

D.

Proper organizational policy enforcement

Buy Now
Questions 74

When considering using a vendor to help support your security devices remotely, what is the BEST choice for allowing access?

Options:

A.

Vendors uses their own laptop and logins with same admin credentials your security team uses

B.

Vendor uses a company supplied laptop and logins using two factor authentication with same admin credentials your security team uses

C.

Vendor uses a company supplied laptop and logins using two factor authentication with their own unique credentials

D.

Vendor uses their own laptop and logins using two factor authentication with their own unique credentials

Buy Now
Questions 75

What oversight should the information security team have in the change management process for application security?

Options:

A.

Information security should be informed of changes to applications only

B.

Development team should tell the information security team about any application security flaws

C.

Information security should be aware of any significant application security changes and work with developer to test for vulnerabilities before changes are deployed in production

D.

Information security should be aware of all application changes and work with developers before changes are deployed in production

Buy Now
Questions 76

An organization has a stated requirement to block certain traffic on networks. The implementation of controls will disrupt a manufacturing process and cause unacceptable delays, resulting in sever revenue disruptions. Which of the following is MOST likely to be responsible for accepting the risk until mitigating controls can be implemented?

Options:

A.

The CISO

B.

Audit and Compliance

C.

The CFO

D.

The business owner

Buy Now
Questions 77

Which of the following are not stakeholders of IT security projects?

Options:

A.

Board of directors

B.

Third party vendors

C.

CISO

D.

Help Desk

Buy Now
Questions 78

A CISO has recently joined an organization with a poorly implemented security program. The desire is to base the security program on a risk management approach. Which of the following is a foundational requirement in order to initiate this type of program?

Options:

A.

A security organization that is adequately staffed to apply required mitigation strategies and regulatory compliance solutions

B.

A clear set of security policies and procedures that are more concept-based than controls-based

C.

A complete inventory of Information Technology assets including infrastructure, networks, applications and data

D.

A clearly identified executive sponsor who will champion the effort to ensure organizational buy-in

Buy Now
Questions 79

Which of the following can the company implement in order to avoid this type of security issue in the future?

Options:

A.

Network based intrusion detection systems

B.

A security training program for developers

C.

A risk management process

D.

A audit management process

Buy Now
Questions 80

When operating under severe budget constraints a CISO will have to be creative to maintain a strong security organization. Which example below is the MOST creative way to maintain a strong security posture during these difficult times?

Options:

A.

Download open source security tools and deploy them on your production network

B.

Download trial versions of commercially available security tools and deploy on your production network

C.

Download open source security tools from a trusted site, test, and then deploy on production network

D.

Download security tools from a trusted source and deploy to production network

Buy Now