Which of the following activities is the MAIN purpose of the risk assessment process?
A. Creating an inventory of information assetsAssigning the role and responsibility of Information Assurance to a dedicated and independent security group is an example of:
A. Detective ControlsScenario: You are the CISO and are required to brief the C-level executive team on your information security audit for the year. During your review of the audit findings you discover that many of the controls that were put in place the previous year to correct some of the findings are not performing as needed. You have thirty days until the briefing.
To formulate a remediation plan for the non-performing controls what other document do you need to review before adjusting the controls?
A. Business Impact AnalysisWhich of the following provides an audit framework?
A. Control Objectives for IT (COBIT)Which of the following is a term related to risk management that represents the estimated frequency at which a threat is expected to transpire?
A. Single Loss Expectancy (SLE)The BEST organization to provide a comprehensive, independent and certifiable perspective on established security controls in an environment is
A. Penetration testersAn application vulnerability assessment has identified a security flaw in an application. This is a flaw that was previously identified and remediated on a prior release of the application. Which of the following is MOST likely the reason for this recurring issue?
A. Ineffective configuration management controlsWhich of the following backup sites takes the longest recovery time?
A. Cold siteWhen entering into a third party vendor agreement for security services, at what point in the process is it BEST to understand and validate the security posture and compliance level of the vendor?
A. At the time the security services are being performed and the vendor needs access to the networkWhich of the following is the MOST effective way to measure the effectiveness of security controls on a perimeter network?
A. Perform a vulnerability scan of the networkNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 512-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.