최신 712-50 무료덤프 - EC-COUNCIL EC-Council Certified CISO (CCISO)

문제1

In MOST organizations which group periodically reviews network intrusion detection system logs for all systems as part of their daily tasks?

A. Information Security

B. Compliance

C. Internal Audit

D. Database Administration

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제2

An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?

A. Consumer right disclosure

B. Security incident disclosure

C. Data breach disclosure

D. Special circumstance disclosure

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제3

A bastion host should be placed:

A. Beyond the outer perimeter firewall

B. Inside the DMZ

C. As the gatekeeper to the organization's honeynet

D. In-line with the data center firewall

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제4

A severe security threat has been detected on your corporate network. As CISO you quickly assemble key members of the Information Technology team and business operations to determine a modification to security controls in response to the threat. This is an example of:

A. Security Incident Response

B. Business continuity planning

C. Thought leadership

D. Change management

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제5

After a risk assessment is performed, a particular risk is considered to have the potential of costing the organization 1.2 Million USD. This is an example of

A. Quantitative risk analysis

B. Risk Appetite

C. Qualitative risk analysis

D. Risk Tolerance

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제6

Which of the following is an accurate statement regarding capital expenses?

A. The organization is typically able to regain the initial cost by selling this type of asset

B. Capital expenses are typically long-term investments with value being realized through their use

C. Capital expenses can never be replaced by operational expenses

D. They are easily reduced through the elimination of usage, such as reducing power for lighting of work areas during off-hours

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제7

Which of the following is the MOST effective method for discovering common technical vulnerabilities within the IT environment?

A. Reviewing system administrator logs

B. Performing system scans

C. Auditing configuration templates

D. Checking vendor product releases

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제8

When dealing with risk, the information security practitioner may choose to:

A. transfer

B. acknowledge

C. defer

D. assign

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제9

What oversight should the information security team have in the change management process for application security?

A. Information security should be aware of all application changes and work with developers before changes are deployed in production

B. Information security should be aware of any significant application security changes and work with developer to test for vulnerabilities before changes are deployed in production

C. Information security should be informed of changes to applications only

D. Development team should tell the information security team about any application security flaws

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제10

When managing the security architecture for your company you must consider:

A. All of the above

B. Budget

C. Company Values

D. Security and IT Staff size

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제11

As the CISO you need to write the IT security strategic plan. Which of the following is the MOST important to review before you start writing the plan?

A. The company business plan.

B. The existing IT environment.

C. The present IT budget.

D. Other corporate technology trends.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제12

Which of the following is the MOST important benefit of an effective security governance process?

A. Reduction of liability and overall risk to the organization

B. Reduction of security breaches

C. Senior management participation in the incident response process

D. Better vendor management

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제13

The organization does not have the time to remediate the vulnerability; however it is critical to release the application. Which of the following needs to be further evaluated to help mitigate the risks?

A. Provide developer security training

B. Implement Compensating Controls

C. Provide security testing tools

D. Deploy Intrusion Detection Systems

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제14

Which of the following backup sites takes the longest recovery time?

A. Cold site

B. Warm site

C. Hot site

D. Mobile backup site

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제15

When analyzing and forecasting a capital expense budget what are not included?

A. Network connectivity costs

B. Upgrade of mainframe

C. Purchase of new mobile devices to improve operations

D. New datacenter to operate from

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

최신 712-50 무료덤프 - EC-COUNCIL EC-Council Certified CISO (CCISO)

우리와 연락하기

유용한 링크

최신 업데이트