New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. ECCouncil
  3. CCISO
  4. 712-50 - EC-Council Certified CISO (CCISO)

712-50 Exam Dumps - EC-Council Certified CISO (CCISO)

Go to page:
Question # 25

Payment Card Industry (PCI) compliance requirements are based on what criteria?

A.

The types of cardholder data retained

B.

The duration card holder data is retained

C.

The size of the organization processing credit card data

D.

The number of transactions performed per year by an organization

Full Access
Question # 26

Which of the following is MOST likely to be discretionary?

A.

Policies

B.

Procedures

C.

Guidelines

D.

Standards

Full Access
Question # 27

What is the definition of Risk in Information Security?

A.

Risk = Probability x Impact

B.

Risk = Threat x Probability

C.

Risk = Financial Impact x Probability

D.

Risk = Impact x Threat

Full Access
Question # 28

Regulatory requirements typically force organizations to implement

A.

Mandatory controls

B.

Discretionary controls

C.

Optional controls

D.

Financial controls

Full Access
Question # 29

An organization’s firewall technology needs replaced. A specific technology has been selected that is less costly than others and lacking in some important capabilities. The security officer has voiced concerns about sensitive data breaches but the decision is made to purchase. What does this selection indicate?

A.

A high threat environment

B.

A low risk tolerance environment

C.

I low vulnerability environment

D.

A high risk tolerance environment

Full Access
Question # 30

The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?

A.

Work with the IT group and tell them to put IPS in-line and say it won’t cause any network impact

B.

Explain to the IT group that the IPS won’t cause any network impact because it will fail open

C.

Explain to the IT group that this is a business need and the IPS will fail open however, if there is a network failure the CISO will accept responsibility

D.

Explain to the IT group that the IPS will fail open once in-line however it will be deployed in monitor mode for a set period of time to ensure that it doesn’t block any legitimate traffic

Full Access
Question # 31

When should IT security project management be outsourced?

A.

When organizational resources are limited

B.

When the benefits of outsourcing outweigh the inherent risks of outsourcing

C.

On new, enterprise-wide security initiatives

D.

On projects not forecasted in the yearly budget

Full Access
Question # 32

Which of the following represents the BEST method of ensuring security program alignment to business needs?

A.

Create a comprehensive security awareness program and provide success metrics to business units

B.

Create security consortiums, such as strategic security planning groups, that include business unit participation

C.

Ensure security implementations include business unit testing and functional validation prior to production rollout

D.

Ensure the organization has strong executive-level security representation through clear sponsorship or the creation of a CISO role

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps