Human resource planning for security professionals in your organization is a:
A. Training requirement that is on-going and always changing.
B. Simple and easy task because the threats are getting easier to find and correct.
C. Training requirement that is met through once every year user training.
D. Not needed because automation and anti-virus software has eliminated the threats.
When dealing with risk, the information security practitioner may choose to:
A. acknowledge
B. transfer
C. assign
D. defer
One of your executives needs to send an important and confidential email. You want to ensure that the message cannot be read by anyone but the recipient.
Which of the following keys should be used to encrypt the message?
A. Certificate authority key
B. The recipient's private key
C. The recipient's public key
D. Your public key
John is the project manager for a large project in his organization. A new change request has been proposed that will affect several areas of the project. One area of the project change impact is on work that a vendor has already completed. The vendor is refusing to make the changes as they've already completed the project work they were contracted to do.
What can John do in this instance?
A. Withhold the vendor's payments until the issue is resolved.
B. refer to the contract agreement for direction.
C. Refer the vendor to the Service Level Agreement (SLA) and insist that they make the changes.
D. Review the Request for proposal (RFP) for guidance.
File Integrity Monitoring (FIM) is considered a________________________.
A. Network-based security preventative control
B. Software segmentation control
C. User segmentation control
D. Security detective control
What are the primary reasons for the development of a business case for a security project?
A. To forecast usage and cost per software licensing
B. To understand the attack vectors and attack sources
C. To communicate risk and forecast resource needs
D. To estimate risk and negate liability to the company
As the CISO for your company you are accountable for the protection of information resources commensurate with:
A. Risk of exposure
B. Cost and time to replace
C. Insurability tables
D. Customer demand
The process of identifying and classifying assets is typically included in the________________.
A. Threat analysis process
B. Business Impact Analysis
C. Asset configuration management process
D. Disaster Recovery plan
Which of the following functions implements and oversees the use of controls to reduce risk when creating an information security program?
A. Risk Assessment
B. Risk Management
C. Incident Response
D. Network Security administration
Which of the following is MOST beneficial in determining an appropriate balance between uncontrolled innovation and excessive caution in an organization?
A. Collaborate security projects
B. Review project charters
C. Define the risk appetite
D. Determine budget constraints
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 712-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.