What is the main purpose of the Incident Response Team?
A. Communicate details of information security incidents
B. Create effective policies detailing program activities
C. Ensure efficient recovery and reinstate repaired systems
D. Provide effective employee awareness programs
During the course of a risk analysis your IT auditor identified threats and potential impacts. Next, your IT auditor should:
A. Identify and assess the risk assessment process used by management.
B. Identify and evaluate existing controls.
C. Identify information assets and the underlying systems.
D. Disclose the threats and impacts to management.
The success of the Chief Information Security Officer is MOST dependent upon:
A. following the recommendations of consultants and contractors
B. raising awareness of security issues with end users
C. favorable audit findings
D. development of relationships with organization executives
What is the BEST way to achieve on-going compliance monitoring in an organization?
A. Outsource compliance to a 3rd party vendor and let them manage the program.
B. Have Compliance Direct Information Security to fix issues after the auditor's report.
C. Only check compliance right before the auditors are scheduled to arrive onsite.
D. Have Compliance and Information Security partner to correct issues as they arise.
Who is responsible for securing networks during a security incident?
A. Security Operations Center (SOC)
B. Chief Information Security Officer (CISO)
C. Disaster Recovery (DR) manager
D. Incident response Team (IRT)
Which of the following is the MOST important for a CISO to understand when identifying threats?
A. How the security operations team will behave to reported incidents
B. How vulnerabilities can potentially be exploited in systems that impact the organization
C. How the firewall and other security devices are configured to prevent attacks
D. How the incident management team prepares to handle an attack
What is the MAIN reason for conflicts between Information Technology and Information Security programs?
A. The effective implementation of security controls can be viewed as an inhibitor to rapid Information technology implementations.
B. Technology Governance is focused on process risks whereas Security Governance is focused on business risk.
C. Technology governance defines technology policies and standards while security governance does not.
D. Security governance defines technology best practices and Information Technology governance does not.
Which of the following activities results in change requests?
A. Corrective actions
B. Defect repair
C. Preventive actions
D. Inspection
IT control objectives are useful to IT auditors as they provide the basis for understanding the:
A. The audit control checklist
B. Technique for securing information
C. Desired results or purpose of implementing specific control procedures.
D. Security policy
Which of the following backup sites takes the longest recovery time?
A. Hot site
B. Cold site
C. Mobile backup site
D. Warm site
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 712-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.