New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. ECCouncil
  3. CCISO
  4. 712-50 - EC-Council Certified CISO (CCISO)

712-50 Exam Dumps - EC-Council Certified CISO (CCISO)

Go to page:
Question # 9

A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?

A.

Lack of a formal security awareness program

B.

Lack of a formal security policy governance process

C.

Lack of formal definition of roles and responsibilities

D.

Lack of a formal risk management policy

Full Access
Question # 10

Risk appetite directly affects what part of a vulnerability management program?

A.

Staff

B.

Scope

C.

Schedule

D.

Scan tools

Full Access
Question # 11

When deploying an Intrusion Prevention System (IPS) the BEST way to get maximum protection from the system is to deploy it

A.

In promiscuous mode and only detect malicious traffic.

B.

In-line and turn on blocking mode to stop malicious traffic.

C.

In promiscuous mode and block malicious traffic.

D.

In-line and turn on alert mode to stop malicious traffic.

Full Access
Question # 12

Which of the following is a benefit of information security governance?

A.

Questioning the trust in vendor relationships.

B.

Increasing the risk of decisions based on incomplete management information.

C.

Direct involvement of senior management in developing control processes

D.

Reduction of the potential for civil and legal liability

Full Access
Question # 13

According to ISO 27001, of the steps for establishing an Information Security Governance program listed below, which comes first?

A.

Identify threats, risks, impacts and vulnerabilities

B.

Decide how to manage risk

C.

Define the budget of the Information Security Management System

D.

Define Information Security Policy

Full Access
Question # 14

What two methods are used to assess risk impact?

A.

Cost and annual rate of expectance

B.

Subjective and Objective

C.

Qualitative and percent of loss realized

D.

Quantitative and qualitative

Full Access
Question # 15

A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units. Which of the following standards and guidelines can BEST address this organization’s need?

A.

International Organization for Standardizations – 22301 (ISO-22301)

B.

Information Technology Infrastructure Library (ITIL)

C.

Payment Card Industry Data Security Standards (PCI-DSS)

D.

International Organization for Standardizations – 27005 (ISO-27005)

Full Access
Question # 16

When dealing with a risk management process, asset classification is important because it will impact the overall:

A.

Threat identification

B.

Risk monitoring

C.

Risk treatment

D.

Risk tolerance

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps