EC-COUNCIL 512-50 Online Practice Questions and Exam Preparation

EC-COUNCIL 512-50 Online Questions & Answers

• Question 161:

  The single most important consideration to make when developing your security program, policies, and processes is:

  A. Budgeting for unforeseen data compromises
  B. Streamlining for efficiency
  C. Alignment with the business
  D. Establishing your authority as the Security Executive
  C. Alignment with the business

• Question 162:

  You have purchased a new insurance policy as part of your risk strategy. Which of the following risk strategy options have you engaged in?

  A. Risk Avoidance
  B. Risk Acceptance
  C. Risk Transfer
  D. Risk Mitigation
  C. Risk Transfer

• Question 163:

  John is the project manager for a large project in his organization. A new change request has been proposed that will affect several areas of the project. One area of the project change impact is on work that a vendor has already completed. The vendor is refusing to make the changes as they've already completed the project work they were contracted to do. What can John do in this instance?

  A. Refer the vendor to the Service Level Agreement (SLA) and insist that they make the changes.
  B. Review the Request for Proposal (RFP) for guidance.
  C. Withhold the vendor's payments until the issue is resolved.
  D. Refer to the contract agreement for direction.
  D. Refer to the contract agreement for direction.

• Question 164:

  Physical security measures typically include which of the following components?

  A. Physical, Technical, Operational
  B. Technical, Strong Password, Operational
  C. Operational, Biometric, Physical
  D. Strong password, Biometric, Common Access Card
  A. Physical, Technical, Operational

• Question 165:

  The regular review of a firewall ruleset is considered a

  A. Procedural control
  B. Organization control
  C. Technical control
  D. Management control
  A. Procedural control

• Question 166:

  Risk is defined as:

  A. Threat times vulnerability divided by control
  B. Advisory plus capability plus vulnerability
  C. Asset loss times likelihood of event
  D. Quantitative plus qualitative impact
  A. Threat times vulnerability divided by control

• Question 167:

  One of the MAIN goals of a Business Continuity Plan is to

  A. Ensure all infrastructure and applications are available in the event of a disaster
  B. Allow all technical first-responders to understand their roles in the event of a disaster
  C. Provide step by step plans to recover business processes in the event of a disaster
  D. Assign responsibilities to the technical teams responsible for the recovery of all data.
  C. Provide step by step plans to recover business processes in the event of a disaster

• Question 168:

  The formal certification and accreditation process has four primary steps, what are they?

  A. Evaluating, describing, testing and authorizing
  B. Evaluating, purchasing, testing, authorizing
  C. Auditing, documenting, verifying, certifying
  D. Discovery, testing, authorizing, certifying
  A. Evaluating, describing, testing and authorizing

• Question 169:

  When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?

  A. ISO 27001
  B. PRINCE2
  C. ISO 27004
  D. ITILv3
  C. ISO 27004

• Question 170:

  When dealing with risk, the information security practitioner may choose to:

  A. assign
  B. transfer
  C. acknowledge
  D. defer
  C. acknowledge