As a new CISO at a large healthcare company you are told that everyone has to badge in to get in the building. Below your office window you notice a door that is normally propped open during the day for groups of people to take breaks outside. Upon looking closer, you see there is no badge reader.
What should you do?
A. Post a guard at the door to maintain physical security
B. Close and chain the door shut and send a company-wide memo banning the practice
C. A physical risk assessment on the facility
D. Nothing, this falls outside your area of influence
What is the first thing that needs to be completed in order to create a security program for your organization?
A. Security program budget
B. Compliance and regulatory analysis
C. Risk assessment
D. Business continuity plan
Which of the following is a critical operational component of an Incident Response Program (IRP)?
A. Monthly program tests to ensure resource allocation is sufficient for supporting the needs of the organization.
B. Weekly program budget reviews to ensure the percentage of program funding remains constant.
C. Annual review of program charters, policies, procedures and organizational agreements.
D. Daily monitoring of vulnerability advisories relating to your organization's deployed technologies.
Within an organization's vulnerability management program, who has the responsibility to implement remediation actions?
A. Data owner
B. Data center manager
C. Network architect
D. System administrator
The amount of risk an organization is willing to accept in pursuit of its mission is known as______________.
A. risk transfer
B. risk mitigation
C. risk acceptance
D. risk tolerance
Which of the following represents the MOST negative impact resulting from an ineffective security governance program?
A. Improper use of information resources
B. Reduction of budget
C. Decreased security awareness
D. Fines for regulatory non-compliance
A global health insurance company is concerned about protecting confidential information.
Which of the following is of MOST concern to this organization?
A. Alignment with International Organization for Standardization (ISO) standards.
B. Alignment with financial reporting regulations for each country where they operate.
C. Compliance to the payment Card Industry (PCI) regulations.
D. Compliance with patient data protection regulations for each country where they operate.
You work as a project manager for TYU project. You are planning for risk mitigation. You need to quickly identify high-level risks that will need a more in-depth analysis.
Which one of the following approaches would you use?
A. Risk mitigation
B. Estimate activity duration
C. Quantitative analysis
D. Qualitative analysis
Which of the following reports should you as an IT auditor use to check on compliance with a Service Level Agreement (SLA) requirement for uptime?
A. Systems logs
B. Hardware error reports
C. Availability reports
D. Utilization reports
What role should the CISO play in properly scoping a PCI environment?
A. Complete the self-assessment questionnaire and work with an Approved Scanning Vendor (ASV) to determine scope
B. Work with a Qualified Security Assessor (QSA) to determine the scope of the PCI environment
C. Validate the business units' suggestions as to what should be included in the scoping process
D. Ensure internal scope validation is completed and that an assessment has been done to discover all credit card data
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 712-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.