New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. ECCouncil
  3. CCISO
  4. 712-50 - EC-Council Certified CISO (CCISO)

712-50 Exam Dumps - EC-Council Certified CISO (CCISO)

Go to page:
Question # 65

Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same?

A.

A substantive test of program library controls

B.

A compliance test of program library controls

C.

A compliance test of the program compiler controls

D.

A substantive test of the program compiler controls

Full Access
Question # 66

Which of the following organizations is typically in charge of validating the implementation and effectiveness of security controls?

A.

Security Administrators

B.

Internal/External Audit

C.

Risk Management

D.

Security Operations

Full Access
Question # 67

When a critical vulnerability has been discovered on production systems and needs to be fixed immediately, what is the BEST approach for a CISO to mitigate the vulnerability under tight budget constraints?

A.

Transfer financial resources from other critical programs

B.

Take the system off line until the budget is available

C.

Deploy countermeasures and compensating controls until the budget is available

D.

Schedule an emergency meeting and request the funding to fix the issue

Full Access
Question # 68

Which of the following is the MOST important goal of risk management?

A.

Identifying the risk

B.

Finding economic balance between the impact of the risk and the cost of the control

C.

Identifying the victim of any potential exploits.

D.

Assessing the impact of potential threats

Full Access
Question # 69

Many times a CISO may have to speak to the Board of Directors (BOD) about their cyber security posture. What would be the BEST choice of security metrics to present to the BOD?

A.

All vulnerabilities found on servers and desktops

B.

Only critical and high vulnerabilities on servers and desktops

C.

Only critical and high vulnerabilities that impact important production servers

D.

All vulnerabilities that impact important production servers

Full Access
Question # 70

A new CISO just started with a company and on the CISO's desk is the last complete Information Security Management audit report. The audit report is over two years old. After reading it, what should be the CISO's FIRST priority?

A.

Have internal audit conduct another audit to see what has changed.

B.

Contract with an external audit company to conduct an unbiased audit

C.

Review the recommendations and follow up to see if audit implemented the changes

D.

Meet with audit team to determine a timeline for corrections

Full Access
Question # 71

The regular review of a firewall ruleset is considered a

A.

Procedural control

B.

Organization control

C.

Technical control

D.

Management control

Full Access
Question # 72

Assigning the role and responsibility of Information Assurance to a dedicated and independent security group is an example of:

A.

Detective Controls

B.

Proactive Controls

C.

Preemptive Controls

D.

Organizational Controls

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps