Who is responsible for verifying that audit directives are implemented?
A. IT Management
B. Internal Audit
C. IT Security
D. BOD Audit Committee
What is the MOST important reason for monitoring Key Risk Indicators (KRIs)?
A. The organization's risk profile is subject to change
B. The processes used to develop KRIs can be fraught with errors and must be rechecked periodically
C. Effective KRIs will reduce the time to implement risk treatment options
D. A large number of KRIs is a critical part of continuous improvement of management
What is the primary notification system for physical security?
A. Cameras
B. Security Guards
C. E-mail alerts
D. Alarms
Which of the following is the mechanism that provides decision-makers the information they need to understand the risk factors that may adversely affect the operations and affect the outputs of the company processes?
A. Business Impact Analysis
B. Critical Process Assessment
C. Vulnerability Assessment
D. Risk Assessment
A CISO must conduct risk assessments using a method where the Chief Financial Officer (CFO) receives impact data in financial terms to use as input to select the proper level of coverage in a new cybersecurity insurance policy.
What is the MOST effective method of risk analysis to provide the CFO with the information required?
A. Conduct a quantitative risk assessment
B. Conduct a hybrid risk assessment
C. Conduct a subjective risk assessment
D. Conduct a qualitative risk assessment
What is a key policy that should be part of the information security plan?
A. Account management policy
B. Training policy
C. Acceptable Use policy
D. Remote Access policy
Which of the following is the MOST effective method to counter phishing attacks?
A. User awareness and training
B. Host based Intrusion Detection System (IPS)
C. Acceptable use guide signed by all system users
D. Antispam solution
What is the main result of a company keeping its information security functions siloed in different business units?
A. Overlapping security initiatives, with wasted resources, or major gaps that can lead to serious security compromises
B. Board of Directors gains greater insight into the overall functions of the company and the separate security processes
C. Greater integration between groups that takes greater effort and expense but results in close execution of processes
D. Security and risk management teams have a responsibility to learn every aspect of the company and find ways to integrate into each silo
As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity.
The performance quality audit activity is done in what project management process group?
A. Executing
B. Controlling
C. Planning
D. Closing
What is the primary difference between regulations and standards?
A. Standards will include regulations
B. Standards that aren't followed are punishable by fines
C. Regulations are made enforceable by the power provided by laws
D. Regulations must be reviewed and approved by the business
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 712-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.