EC-COUNCIL 512-50 Online Practice Questions and Exam Preparation

EC-COUNCIL 512-50 Online Questions & Answers

• Question 181:

  The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?

  A. Work with the IT group and tell them to put IPS in-line and say it won't cause any network impact
  B. Explain to the IT group that the IPS won't cause any network impact because it will fail open
  C. Explain to the IT group that this is a business need and the IPS will fail open however, if there is a network failure the CISO will accept responsibility
  D. Explain to the IT group that the IPS will fail open once in-line however it will be deployed in monitor mode for a set period of time to ensure that it doesn't block any legitimate traffic
  D. Explain to the IT group that the IPS will fail open once in-line however it will be deployed in monitor mode for a set period of time to ensure that it doesn't block any legitimate traffic

• Question 182:

  A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets installed, but the project gets a great deal of resistance across the organization. Which of the following represents the MOST likely reason for this situation?

  A. The software license expiration is probably out of synchronization with other software licenses
  B. The project was initiated without an effort to get support from impacted business units in the organization
  C. The software is out of date and does not provide for a scalable solution across the enterprise
  D. The security officer should allow time for the organization to get accustomed to her presence before initiating security projects
  B. The project was initiated without an effort to get support from impacted business units in the organization

• Question 183:

  Risk appetite directly affects what part of a vulnerability management program?

  A. Staff
  B. Scope
  C. Schedule
  D. Scan tools
  B. Scope

• Question 184:

  Which of the following is the MOST logical method of deploying security controls within an organization?

  A. Obtain funding for all desired controls and then create project plans for implementation
  B. Apply the simpler controls as quickly as possible and use a risk-based approach for the more difficult and costly controls
  C. Apply the least costly controls to demonstrate positive program activity
  D. Obtain business unit buy-in through close communication and coordination
  B. Apply the simpler controls as quickly as possible and use a risk-based approach for the more difficult and costly controls

• Question 185:

  You have implemented the new controls. What is the next step?

  A. Document the process for the stakeholders
  B. Monitor the effectiveness of the controls
  C. Update the audit findings report
  D. Perform a risk assessment
  B. Monitor the effectiveness of the controls

• Question 186:

  Human resource planning for security professionals in your organization is a:

  A. Simple and easy task because the threats are getting easier to find and correct.
  B. Training requirement that is met through once every year user training.
  C. Training requirement that is on-going and always changing.
  D. Not needed because automation and anti-virus software has eliminated the threats.
  C. Training requirement that is on-going and always changing.

• Question 187:

  What should an organization do to ensure that they have a sound Business Continuity (BC) Plan?

  A. Test every three years to ensure that things work as planned
  B. Conduct periodic tabletop exercises to refine the BC plan
  C. Outsource the creation and execution of the BC plan to a third party vendor
  D. Conduct a Disaster Recovery (DR) exercise every year to test the plan
  B. Conduct periodic tabletop exercises to refine the BC plan

• Question 188:

  Ensuring that the actions of a set of people, applications and systems follow the organization's rules is BEST described as:

  A. Risk management
  B. Security management
  C. Mitigation management
  D. Compliance management
  D. Compliance management

• Question 189:

  Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target company. Just as the employee opens the door, Bob walks up to the employee (still holding the box) and asks the employee to hold the door open so that he can enter. What is the best way to undermine the social engineering activity of tailgating?

  A. Post a sign that states, "no tailgating" next to the special card reader adjacent to the secure door
  B. Issue special cards to access secure doors at the company and provide a one-time only brief description of use of the special card
  C. Educate and enforce physical security policies of the company to all the employees on a regular basis
  D. Setup a mock video camera next to the special card reader adjacent to the secure door
  C. Educate and enforce physical security policies of the company to all the employees on a regular basis

• Question 190:

  Which of the following is a critical operational component of an Incident Response Program (IRP)?

  A. Weekly program budget reviews to ensure the percentage of program funding remains constant.
  B. Annual review of program charters, policies, procedures and organizational agreements.
  C. Daily monitoring of vulnerability advisories relating to your organization's deployed technologies.
  D. Monthly program tests to ensure resource allocation is sufficient for supporting the needs of the organization
  C. Daily monitoring of vulnerability advisories relating to your organization's deployed technologies.