ECCouncil 712-50 - EC-Council Certified CISO Exam
Page: 1 / 94
Total 467 questions
Question #1 (Topic: Single Topic)
When briefing senior management on the creation of a governance process, the MOST important aspect should be:
A. knowledge required to analyze each issue
B. information security metrics
C. linkage to business area objectives
D. baseline against which metrics are evaluated
Answer: C
Question #2 (Topic: Single Topic)
Which of the following should be determined while defining risk management strategies?
A. Organizational objectives and risk tolerance
B. Enterprise disaster recovery plans
C. Risk assessment criteria
D. IT architecture complexity
Answer: A
Question #3 (Topic: Single Topic)
Which of the following is the MOST important benefit of an effective security governance process?
A. Senior management participation in the incident response process
B. Better vendor management
C. Reduction of security breaches
D. Reduction of liability and overall risk to the organization
Answer: D
Question #4 (Topic: Single Topic)
A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units.
Which of the following standards and guidelines can BEST address this organization's need?
Which of the following standards and guidelines can BEST address this organization's need?
A. International Organization for Standardizations ג€" 22301 (ISO-22301)
B. Information Technology Infrastructure Library (ITIL)
C. Payment Card Industry Data Security Standards (PCI-DSS)
D. International Organization for Standardizations ג€" 27005 (ISO-27005)
Answer: A
Question #5 (Topic: Single Topic)
A security manager regularly checks work areas after business hours for security violations; such as unsecured files or unattended computers with active
sessions.
This activity BEST demonstrates what part of a security program?
sessions.
This activity BEST demonstrates what part of a security program?
A. Compliance management
B. Audit validation
C. Physical control testing
D. Security awareness training
Answer: A