1. Home
  2. EC-COUNCIL
  3. 712-50

EC-Council Certified CISO (CCISO)

Exam Details

  • Exam Code
    :712-50
  • Exam Name
    :EC-Council Certified CISO (CCISO)
  • Certification
    :CCISO
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :468 Q&As
  • Last Updated
    :Apr 14, 2024

EC-COUNCIL CCISO 712-50 Questions & Answers

  • Question 1:

    Devising controls for information security is a balance between?

    A. Governance and compliance

    B. Auditing and security

    C. Budget and risk tolerance

    D. Threats and vulnerabilities

  • Question 2:

    An organization has decided to develop an in-house BCM capability. The organization has determined it is best to follow a BCM standard published by the International Organization for Standardization (ISO).

    The BEST ISO standard to follow that outlines the complete lifecycle of BCM is?

    A. ISO 22318 Supply Chain Continuity

    B. ISO 27031 BCM Readiness

    C. ISO 22301 BCM Requirements

    D. ISO 22317 BIA

  • Question 3:

    From the CISO's perspective in looking at financial statements, the statement of retained earnings of an organization:

    A. Has a direct correlation with the CISO's budget

    B. Represents, in part, the savings generated by the proper acquisition and implementation of security controls

    C. Represents the sum of all capital expenditures

    D. Represents the percentage of earnings that could in part be used to finance future security controls

  • Question 4:

    What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?

    A. Business Impact Analysis

    B. Economic Impact analysis

    C. Return on Investment

    D. Cost-benefit analysis

  • Question 5:

    When managing a project, the MOST important activity in managing the expectations of stakeholders is:

    A. To force stakeholders to commit ample resources to support the project

    B. To facilitate proper communication regarding outcomes

    C. To assure stakeholders commit to the project start and end dates in writing

    D. To finalize detailed scope of the project at project initiation

  • Question 6:

    What are the common data hiding techniques used by criminals?

    A. Unallocated space and masking

    B. Website defacement and log manipulation

    C. Disabled Logging and admin elevation

    D. Encryption, Steganography, and Changing Metadata/Timestamps

  • Question 7:

    An auditor is reviewing the security classifications for a group of assets and finds that many of the assets are not correctly classified.

    What should the auditor's NEXT step be?

    A. Immediately notify the board of directors of the organization as to the finding

    B. Correct the classifications immediately based on the auditor's knowledge of the proper classification

    C. Document the missing classifications

    D. Identify the owner of the asset and induce the owner to apply a proper classification

  • Question 8:

    In defining a strategic security plan for an organization, what should a CISO first analyze?

    A. Reach out to a business similar to yours and ask for their plan

    B. Set goals that are difficult to attain to drive more productivity

    C. Review business acquisitions for the past 3 years

    D. Analyze the broader organizational strategic plan

  • Question 9:

    You have been hired as the CISO for a hospital. The hospital currently deploys a hybrid cloud model using a Software as a Service (SaaS) product for healthcare clearinghouse services. The Health Insurance Portability and Accountability Act (HIPAA) require an agreement between Cloud Service Providers (CSP) and the covered entity. Based on HIPAA, once the agreement between the covered entity and the CSP signed, the CSP is ____________?

    A. Partially liable for compliance with the applicable requirements of the HIPAA Rules

    B. Directly liable for compliance with the applicable requirements of the HIPAA Rules

    C. Not liable for compliance with the applicable requirements of the HIPAA Rules

    D. Indirectly liable for compliance with the applicable requirements of the HIPAA Rules

  • Question 10:

    You have been promoted to the CISO of a big-box retail store chain reporting to the Chief Information Officer (CIO). The CIO's first mandate to you is to develop a cybersecurity compliance framework that will meet all the store's compliance requirements.

    Which of the following compliance standard is the MOST important to the organization?

    A. The Federal Risk and Authorization Management Program (FedRAMP)

    B. ISO 27002

    C. NIST Cybersecurity Framework

    D. Payment Card Industry (PCI) Data Security Standard (DSS)

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 712-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.