EC-COUNCIL 512-50 Online Practice Questions and Exam Preparation

EC-COUNCIL 512-50 Online Questions & Answers

• Question 151:

  You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the

  A. Controlled mitigation effort
  B. Risk impact comparison
  C. Relative likelihood of event
  D. Comparative threat analysis
  C. Relative likelihood of event

• Question 152:

  SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.

  The CISO has implemented remediation activities. Which of the following is the MOST logical next step?

  A. Validate the effectiveness of applied controls
  B. Validate security program resource requirements
  C. Report the audit findings and remediation status to business stake holders
  D. Review security procedures to determine if they need modified according to findings
  A. Validate the effectiveness of applied controls

• Question 153:

  Acme Inc. has engaged a third party vendor to provide 99.999% up-time for their online web presence and had them contractually agree to this service level agreement. What type of risk tolerance is Acme exhibiting? (choose the BEST answer):

  A. low risk-tolerance
  B. high risk-tolerance
  C. moderate risk-tolerance
  D. medium-high risk-tolerance
  A. low risk-tolerance

• Question 154:

  The process to evaluate the technical and non-technical security controls of an IT system to validate that a given design and implementation meet a specific set of security requirements is called

  A. Security certification
  B. Security system analysis
  C. Security accreditation
  D. Alignment with business practices and goals.
  A. Security certification

• Question 155:

  The process for identifying, collecting, and producing digital information in support of legal proceedings is called

  A. chain of custody.
  B. electronic discovery.
  C. evidence tampering.
  D. electronic review.
  B. electronic discovery.

• Question 156:

  Risk that remains after risk mitigation is known as

  A. Persistent risk
  B. Residual risk
  C. Accepted risk
  D. Non-tolerated risk
  B. Residual risk

• Question 157:

  Which of the following is considered the foundation for the Enterprise Information Security Architecture (EISA)?

  A. Security regulations
  B. Asset classification
  C. Information security policy
  D. Data classification
  C. Information security policy

• Question 158:

  The FIRST step in establishing a security governance program is to?

  A. Conduct a risk assessment.
  B. Obtain senior level sponsorship.
  C. Conduct a workshop for all end users.
  D. Prepare a security budget.
  B. Obtain senior level sponsorship.

• Question 159:

  What is the first thing that needs to be completed in order to create a security program for your organization?

  A. Risk assessment
  B. Security program budget
  C. Business continuity plan
  D. Compliance and regulatory analysis
  A. Risk assessment

• Question 160:

  You currently cannot provide for 24/7 coverage of your security monitoring and incident response duties and your company is resistant to the idea of adding more full-time employees to the payroll. Which combination of solutions would help to provide the coverage needed without the addition of more dedicated staff? (choose the best answer):

  A. Deploy a SEIM solution and have current staff review incidents first thing in the morning
  B. Contract with a managed security provider and have current staff on recall for incident response
  C. Configure your syslog to send SMS messages to current staff when target events are triggered
  D. Employ an assumption of breach protocol and defend only essential information resources
  B. Contract with a managed security provider and have current staff on recall for incident response