Which of the following activities must be completed BEFORE you can calculate risk?
A. Assigning a value to each information asset
B. Assessing the relative risk facing the organization's information assets
C. Determining the likelihood that vulnerable systems will be attacked by specific threats
D. Calculating the risks to which assets are exposed in their current setting
A system was hardened at the Operating System level and placed into the production environment. Months later an audit was performed and it identified insecure configuration different from the original hardened state.
Which of the following security issues is the MOST likely reason leading to the audit findings?
A. Lack of asset management processes
B. Lack of hardening standards
C. Lack of proper access controls
D. Lack of change management processes
Step-by-step procedures to regain normalcy in the event of a major earthquake is PRIMARILY covered by which of the following plans?
A. Damage control plan
B. Disaster recovery plan
C. Business Continuity plan
D. Incident response plan
An employee successfully avoids becoming a victim of a sophisticated spear phishing attack due to knowledge gained through the corporate information security awareness program.
What type of control has been effectively utilized?
A. Technical Control
B. Management Control
C. Operational Control
D. Training Control
The ultimate goal of an IT security projects is:
A. Support business requirements
B. Implement information security policies
C. Increase stock value
D. Complete security
An organization has implemented a change management process for all changes to the IT production environment. This change management process follows best practices and is expected to help stabilize the availability and integrity of the organization's IT environment.
Which of the following can be used to measure the effectiveness of this newly implemented process?
A. Number and length of planned outages
B. Number of change orders processed
C. Number of change orders rejected
D. Number of unplanned outages
You have implemented the new controls. What is the next step?
A. Perform a risk assessment
B. Monitor the effectiveness of the controls
C. Document the process for the stakeholders
D. Update the audit findings report
When working in the Payment Card Industry (PCI), how often should security logs be review to comply with the standards?
A. Monthly
B. Hourly
C. Weekly
D. Daily
The MOST common method to get an unbiased measurement of the effectiveness of an Information Security Management System (ISMS) is to_________________________.
A. assign the responsibility to the information security team
B. assign the responsibility to the team responsible for the management of the controls
C. perform an independent audit of the security controls
D. create operational reports on the effectiveness of the controls.
Which represents PROPER separation of duties in the corporate environment?
A. Information Security and Network teams perform two distinct functions
B. Information Security and Identity Access Management teams perform two distinct functions
C. Finance has access to Human Resources data
D. Developers and Network teams both have admin rights on servers
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 712-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.