712-50 Exam - EC-Council Certified CISO (CCISO)

NEW QUESTION 1

When creating a vulnerability scan schedule, who is the MOST critical person to communicate with in order to ensure impact of the scan is minimized?

• A. The asset owner
• B. The asset manager
• C. The data custodian
• D. The project manager

Answer: :A

NEW QUESTION 2

A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets installed, but the project gets a great deal of resistance across the organization. Which of the following represents the MOST likely reason for this situation?

• A. The software license expiration is probably out of synchronization with other software licenses
• B. The project was initiated without an effort to get support from impacted business units in the organization
• C. The software is out of date and does not provide for a scalable solution across the enterprise
• D. The security officer should allow time for the organization to get accustomed to her presence before initiating security projects

Answer: B

NEW QUESTION 3

A business unit within your organization intends to deploy a new technology in a manner that places it in violation of existing information security standards. What immediate action should the information security manager take?

• A. Enforce the existing security standards and do not allow the deployment of the new technology.
• B. Amend the standard to permit the deployment.
• C. If the risks associated with that technology are not already identified, perform a risk analysis to quantify the risk, and allow the business unit to proceed based on the identified risk level.
• D. Permit a 90-day window to see if an issue occurs and then amend the standard if there are no issues.

Answer: C

NEW QUESTION 4

When briefing senior management on the creation of a governance process, the MOST important aspect should be:

• A. information security metrics.
• B. knowledge required to analyze each issue.
• C. baseline against which metrics are evaluated.
• D. linkage to business area objectives.

Answer: D

NEW QUESTION 5

The process for management approval of the security certification process which states the risks and mitigation of such risks of a given IT system is called

• A. Security certification
• B. Security system analysis
• C. Security accreditation
• D. Alignment with business practices and goals.

Answer: C

NEW QUESTION 6

In MOST organizations which group periodically reviews network intrusion detection system logs for all systems as part of their daily tasks?

• A. Internal Audit
• B. Database Administration
• C. Information Security
• D. Compliance

Answer: C

NEW QUESTION 7

What is the first thing that needs to be completed in order to create a security program for your organization?

• A. Risk assessment
• B. Security program budget
• C. Business continuity plan
• D. Compliance and regulatory analysis

Answer: A

NEW QUESTION 8

As the CISO for your company you are accountable for the protection of information resources commensurate with:

• A. Customer demand
• B. Cost and time to replace
• C. Insurability tables
• D. Risk of exposure

Answer: D

NEW QUESTION 9

An information security department is required to remediate system vulnerabilities when they are discovered. Please select the three primary remediation methods that can be used on an affected system.

• A. Install software patch, Operate system, Maintain system
• B. Discover software, Remove affected software, Apply software patch
• C. Install software patch, configuration adjustment, Software Removal
• D. Software removal, install software patch, maintain system

Answer: C

NEW QUESTION 10

Which of the following is a fundamental component of an audit record?

• A. Date and time of the event
• B. Failure of the event
• C. Originating IP-Address
• D. Authentication type

Answer: A

NEW QUESTION 11

Scenario: You are the CISO and are required to brief the C-level executive team on your information security audit for the year. During your review of the audit findings you discover that many of the controls that were put in place the previous year to correct some of the findings are not performing as needed. You have thirty days until the briefing.
To formulate a remediation plan for the non-performing controls what other document do you need to review before adjusting the controls?

• A. Business Impact Analysis
• B. Business Continuity plan
• C. Security roadmap
• D. Annual report to shareholders

Answer: A

NEW QUESTION 12

You are just hired as the new CISO and are being briefed on all the Information Security projects that your section has on going. You discover that most projects are behind schedule and over budget.
Using the best business practices for project management you determine that the project correct aligns with the company goals. What needs to be verified FIRST?

• A. Scope of the project
• B. Training of the personnel on the project
• C. Timeline of the project milestones
• D. Vendor for the project

Answer: A

NEW QUESTION 13

Which of the following is the MOST important reason to measure the effectiveness of an Information Security Management System (ISMS)?

• A. Meet regulatory compliance requirements
• B. Better understand the threats and vulnerabilities affecting the environment
• C. Better understand strengths and weaknesses of the program
• D. Meet legal requirements

Answer: C

NEW QUESTION 14

Developing effective security controls is a balance between:

• A. Risk Management and Operations
• B. Corporate Culture and Job Expectations
• C. Operations and Regulations
• D. Technology and Vendor Management

Answer: A

NEW QUESTION 15

A recent audit has identified a few control exceptions and is recommending the implementation of technology and processes to address the finding. Which of the following is the MOST likely reason for the organization to reject the implementation of the recommended technology and processes?

• A. The auditors have not followed proper auditing processes
• B. The CIO of the organization disagrees with the finding
• C. The risk tolerance of the organization permits this risk
• D. The organization has purchased cyber insurance

Answer: C

NEW QUESTION 16

Which of the following represents the BEST reason for an organization to use the Control Objectives for Information and Related Technology (COBIT) as an Information Technology (IT) framework?

• A. It allows executives to more effectively monitor IT implementation costs
• B. Implementation of it eases an organization’s auditing and compliance burden
• C. Information Security (IS) procedures often require augmentation with other standards
• D. It provides for a consistent and repeatable staffing model for technology organizations

Answer: B

NEW QUESTION 17

A security manager has created a risk program. Which of the following is a critical part of ensuring the program is successful?

• A. Providing a risk program governance structure
• B. Ensuring developers include risk control comments in code
• C. Creating risk assessment templates based on specific threats
• D. Allowing for the acceptance of risk for regulatory compliance requirements

Answer: A

NEW QUESTION 18

Which of the following should be determined while defining risk management strategies?

• A. Organizational objectives and risk tolerance
• B. Risk assessment criteria
• C. IT architecture complexity
• D. Enterprise disaster recovery plans

Answer: A

NEW QUESTION 19

The Information Security Management program MUST protect:

• A. all organizational assets
• B. critical business processes and /or revenue streams
• C. intellectual property released into the public domain
• D. against distributed denial of service attacks

Answer: B

NEW QUESTION 20

The Information Security Governance program MUST:

• A. integrate with other organizational governance processes
• B. support user choice for Bring Your Own Device (BYOD)
• C. integrate with other organizational governance processes
• D. show a return on investment for the organization

Answer: A

NEW QUESTION 21

If your organization operates under a model of "assumption of breach", you should:

• A. Protect all information resource assets equally
• B. Establish active firewall monitoring protocols
• C. Purchase insurance for your compliance liability
• D. Focus your security efforts on high value assets

Answer: :C

NEW QUESTION 22

When working in the Payment Card Industry (PCI), how often should security logs be review to comply with the standards?

• A. Daily
• B. Hourly
• C. Weekly
• D. Monthly

Answer: A

NEW QUESTION 23

Risk appetite directly affects what part of a vulnerability management program?

• A. Staff
• B. Scope
• C. Schedule
• D. Scan tools

Answer: B

NEW QUESTION 24

When an organization claims it is secure because it is PCI-DSS certified, what is a good first question to ask towards assessing the effectiveness of their security program?

• A. How many credit card records are stored?
• B. How many servers do you have?
• C. What is the scope of the certification?
• D. What is the value of the assets at risk?

Answer: C

NEW QUESTION 25

When choosing a risk mitigation method what is the MOST important factor?

• A. Approval from the board of directors
• B. Cost of the mitigation is less than the risk
• C. Metrics of mitigation method success
• D. Mitigation method complies with PCI regulations

Answer: B

NEW QUESTION 26

Which of the following functions MUST your Information Security Governance program include for formal organizational reporting?

• A. Audit and Legal
• B. Budget and Compliance
• C. Human Resources and Budget
• D. Legal and Human Resources

Answer: A

NEW QUESTION 27

The alerting, monitoring and life-cycle management of security related events is typically handled by the

• A. security threat and vulnerability management process
• B. risk assessment process
• C. risk management process
• D. governance, risk, and compliance tools

Answer: :A

NEW QUESTION 28

Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and data. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.
What type of control is being implemented by supervisors and data owners?

• A. Management
• B. Operational
• C. Technical
• D. Administrative

Answer: B

NEW QUESTION 29

A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?

• A. Lack of a formal security awareness program
• B. Lack of a formal security policy governance process
• C. Lack of formal definition of roles and responsibilities
• D. Lack of a formal risk management policy

Answer: B

NEW QUESTION 30

The company decides to release the application without remediating the high-risk vulnerabilities. Which of the following is the MOST likely reason for the company to release the application?

• A. The company lacks a risk management process
• B. The company does not believe the security vulnerabilities to be real
• C. The company has a high risk tolerance
• D. The company lacks the tools to perform a vulnerability assessment

Answer: C

NEW QUESTION 31
......