[Free] 2019(Nov) EnsurePass ECCouncil 712-50 Dumps with VCE and PDF 101-110

Get Full Version of the Exam
http://www.EnsurePass.com/712-50.html

Question No.101

Which of the following best represents a calculation for Annual Loss Expectancy (ALE)?

  1. Single loss expectancy multiplied by the annual rate of occurrence

  2. Total loss expectancy multiplied by the total loss frequency

  3. Value of the asset multiplied by the loss expectancy

  4. Replacement cost multiplied by the single loss expectancy

Correct Answer: A

Question No.102

Creating a secondary authentication process for network access would be an example of?

  1. An administrator with too much time on their hands.

  2. Putting undue time commitment on the system administrator.

  3. Supporting the concept of layered security

  4. Network segmentation.

Correct Answer: C

Question No.103

The implementation of anti-malware and anti-phishing controls on centralized email servers is an example of what type of security control?

  1. Organization control

  2. Procedural control

  3. Management control

  4. Technical control

Correct Answer: D

Question No.104

An information security department is required to remediate system vulnerabilities when they are discovered. Please select the three primary remediation methods that can be used on an affected system.

  1. Install software patch, Operate system, Maintain system

  2. Discover software, Remove affected software, Apply software patch

  3. Install software patch, configuration adjustment, Software Removal

  4. Software removal, install software patch, maintain system

Correct Answer: C

Question No.105

A new CISO just started with a company and on the CISO#39;s desk is the last complete Information Security Management audit report. The audit report is over two years old. After reading it, what should be the CISO#39;s FIRST priority?

  1. Have internal audit conduct another audit to see what has changed.

  2. Contract with an external audit company to conduct an unbiased audit

  3. Review the recommendations and follow up to see if audit implemented the changes

  4. Meet with audit team to determine a timeline for corrections

Correct Answer: C

Question No.106

To have accurate and effective information security policies how often should the CISO review the organization policies?

  1. Every 6 months

  2. Quarterly

  3. Before an audit

  4. At least once a year

Correct Answer: D

Question No.107

Your IT auditor is reviewing significant events from the previous year and has identified some procedural oversights. Which of the following would be the MOST concerning?

  1. Lack of notification to the public of disclosure of confidential information.

  2. Lack of periodic examination of access rights

  3. Failure to notify police of an attempted intrusion

  4. Lack of reporting of a successful denial of service attack on the network.

Correct Answer: A

Question No.108

Which of the following is a benefit of a risk-based approach to audit planning?

  1. Resources are allocated to the areas of the highest concern

  2. Scheduling may be performed months in advance

  3. Budgets are more likely to be met by the IT audit staff

  4. Staff will be exposed to a variety of technologies

Correct Answer: A

Question No.109

Which of the following are primary concerns for management with regard to assessing internal control objectives?

  1. Confidentiality, Availability, Integrity

  2. Compliance, Effectiveness, Efficiency

  3. Communication, Reliability, Cost

  4. Confidentiality, Compliance, Cost

Correct Answer: B

Question No.110

Which of the following illustrates an operational control process:

  1. Classifying an information system as part of a risk assessment

  2. Installing an appropriate fire suppression system in the data center

  3. Conducting an audit of the configuration management process

  4. Establishing procurement standards for cloud vendors

Correct Answer: B

Get Full Version of the Exam
712-50 Dumps
712-50 VCE and PDF

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.