1. Home
  2. EC-COUNCIL
  3. 712-50

EC-COUNCIL 712-50 Online Practice Questions and Exam Preparation

712-50 Exam Details

  • Exam Code
    :712-50
  • Exam Name
    :EC-Council Certified CISO (CCISO)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :468 Q&As
  • Last Updated
    :May 31, 2026

EC-COUNCIL 712-50 Online Questions & Answers

  • Question 331:

    Which of the following is MOST likely to be discretionary?

    A. Policies
    B. Procedures
    C. Guidelines
    D. Standards

  • Question 332:

    The new CISO was informed of all the Information Security projects that the organization has in progress. Two projects are over a year behind schedule and over budget. Using best business practices for project management you determine that the project correctly aligns with the company goals.

    Which of the following needs to be performed NEXT?

    A. Verify technical resources
    B. Verify capacity constraints
    C. Verify the scope of the project
    D. Verify the regulatory requirements

  • Question 333:

    A Chief Information Security Officer received a list of high, medium, and low impact audit findings.

    Which of the following represents the BEST course of action?

    A. If the findings do not impact regulatory compliance, remediate only the high and medium risk findings.
    B. If the findings do not impact regulatory compliance, review current security controls.
    C. If the findings impact regulatory compliance, try to apply remediation that will address the most findings for the least cost.
    D. if the findings impact regulatory compliance, remediate the high findings as quickly as possible.

  • Question 334:

    With respect to the audit management process, management response serves what function?

    A. revealing the "root cause" of the process failure and mitigating for all internal and external units
    B. adding controls to ensure that proper oversight is achieved by management
    C. determining whether or not resources will be allocated to remediate a finding
    D. placing underperforming units on notice for failing to meet standards

  • Question 335:

    You are the Chief Information Security Officer of a large, multinational bank and you suspect there is a flaw in a two factor authentication token management process.

    Which of the following represents your BEST course of action?

    A. Determine program ownership to implement compensating controls
    B. Send a report to executive peers and business unit owners detailing your suspicions
    C. Validate that security awareness program content includes information about the potential vulnerability
    D. Conduct a throughout risk assessment against the current implementation to determine system functions

  • Question 336:

    The ability to demand the implementation and management of security controls on third parties providing services to an organization is_________________________.

    A. Disaster recovery
    B. Security Governance
    C. Vendor management
    D. Compliance management

  • Question 337:

    After a risk assessment is performed, a particular risk is considered to have the potential of costing the organization 1.2 Million USD. This is an example of____________.

    A. Qualitative risk analysis
    B. Risk Appetite
    C. Quantitative risk analysis
    D. Risk Tolerance

  • Question 338:

    Devising controls for information security is a balance between?

    A. Governance and compliance
    B. Auditing and security
    C. Budget and risk tolerance
    D. Threats and vulnerabilities

  • Question 339:

    A missing/ineffective security control is identified.

    Which of the following should be the NEXT step?

    A. Perform an audit to measure the control formally
    B. Escalate the issue to the IT organization
    C. Perform a risk assessment to measure risk
    D. Establish Key Risk Indicators

  • Question 340:

    A consultant is hired to do physical penetration testing at a large financial company. In the first day of his assessment, the consultant goes to the company's building dressed like an electrician and waits in the lobby for an employee to pass through the main access gate, then the consultant follows the employee behind to get into the restricted area. Which type of attack did the consultant perform?

    A. Shoulder surfing
    B. Tailgating
    C. Social engineering
    D. Mantrap

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 712-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.