[Free] 2019(Nov) EnsurePass ECCouncil 712-50 Dumps with VCE and PDF 121-130

Get Full Version of the Exam
http://www.EnsurePass.com/712-50.html

Question No.121

The risk found after a control has been fully implemented is called:

  1. Residual Risk

  2. Total Risk

  3. Post implementation risk

  4. Transferred risk

Correct Answer: A

Question No.122

Which of the following BEST describes an international standard framework that is based on the security model Information TechnologyCode of Practice for Information Security Management?

  1. International Organization for Standardization 27001

  2. National Institute of Standards and Technology Special Publication SP 800-12

  3. Request For Comment 2196

  4. National Institute of Standards and Technology Special Publication SP 800-26

Correct Answer: A

Question No.123

Which of the following is a fundamental component of an audit record?

  1. Date and time of the event

  2. Failure of the event

  3. Originating IP-Address

  4. Authentication type

Correct Answer: A

Question No.124

As a new CISO at a large healthcare company you are told that everyone has to badge in to get in the building. Below your office window you notice a door that is normally propped open during the day for groups of people to take breaks outside. Upon looking closer you see there is no badge reader. What should you do?

  1. Nothing, this falls outside your area of influence.

  2. Close and chain the door shut and send a company-wide memo banning the practice.

  3. Have a risk assessment performed.

  4. Post a guard at the door to maintain physical security

Correct Answer: C

Question No.125

The effectiveness of an audit is measured by?

  1. The number of actionable items in the recommendations

  2. How it exposes the risk tolerance of the company

  3. How the recommendations directly support the goals of the company

  4. The number of security controls the company has in use

Correct Answer: C

Question No.126

Which of the following is the MOST important goal of risk management?

  1. Identifying the risk

  2. Finding economic balance between the impact of the risk and the cost of the control

  3. Identifying the victim of any potential exploits.

  4. Assessing the impact of potential threats

Correct Answer: B

Question No.127

Creating a secondary authentication process for network access would be an example of?

  1. Nonlinearities in physical security performance metrics

  2. Defense in depth cost enumerated costs

  3. System hardening and patching requirements

  4. Anti-virus for mobile devices

Correct Answer: A

Question No.128

Providing oversight of a comprehensive information security program for the entire organization is the primary responsibility of which group under the InfoSec governance framework?

  1. Senior Executives

  2. Office of the Auditor

  3. Office of the General Counsel

  4. All employees and users

Correct Answer: A

Question No.129

The mean time to patch, number of virus outbreaks prevented, and number of vulnerabilities mitigated are examples of what type of performance metrics?

  1. Risk metrics

  2. Management metrics

  3. Operational metrics

  4. Compliance metrics

Correct Answer: C

Question No.130

At which point should the identity access management team be notified of the termination of an employee?

  1. At the end of the day once the employee is off site

  2. During the monthly review cycle

  3. Immediately so the employee account(s) can be disabled

  4. Before an audit

Correct Answer: C

Get Full Version of the Exam
712-50 Dumps
712-50 VCE and PDF