EC-COUNCIL 712-50 Online Practice Questions and Exam Preparation

EC-COUNCIL 712-50 Online Questions & Answers

• Question 391:

  Scenario: As you begin to develop the program for your organization, you assess the corporate culture and determine that there is a pervasive opinion that the security program only slows things down and limits the performance of the "real workers."

  Which group of people should be consulted when developing your security program?

  A. Peers
  B. End Users
  C. All of the above
  D. Executive Management
  C. All of the above

• Question 392:

  Within an organization's vulnerability management program, who has the responsibility to implement remediation actions?

  A. Data owner
  B. Data center manager
  C. Network architect
  D. System administrator
  D. System administrator

• Question 393:

  The process for identifying, collecting, and producing digital information in support of legal proceedings is called _____________________________.

  A. chain of custody
  B. electronic review
  C. evidence tampering
  D. electronic discovery
  A. chain of custody

  ---

  Explanation/Reference:

• Question 394:

  Your organization provides open guest wireless access with no captive portals. What can you do to assist with law enforcement investigations if one of your guests is suspected of committing an illegal act using your network?

  A. Provide IP and MAC address
  B. Disable SSID Broadcast and enable MAC address filtering on all wireless access points.
  C. Install a firewall software on each wireless access point.
  D. Configure logging on each access point
  A. Provide IP and MAC address

• Question 395:

  The effectiveness of an audit is measured by?

  A. The number of security controls the company has in use
  B. How it exposes the risk tolerance of the company
  C. The number of actionable items in the recommendations
  D. How the recommendations directly support the goals of the company
  D. How the recommendations directly support the goals of the company

• Question 396:

  Which of the following is the MOST important for a CISO to understand when identifying threats?

  A. How the security operations team will behave to reported incidents
  B. How vulnerabilities can potentially be exploited in systems that impact the organization
  C. How the firewall and other security devices are configured to prevent attacks
  D. How the incident management team prepares to handle an attack
  B. How vulnerabilities can potentially be exploited in systems that impact the organization

• Question 397:

  What is the name of a formal statement that defines the strategy, approach, or expectations related to specific concerns within an organization?

  A. Policy
  B. Procedure
  C. Guideline
  D. Standard
  A. Policy

  ---

  Explanation/Reference:

• Question 398:

  Involvement of senior management is MOST important in the development of:

  A. IT security procedures
  B. IT security implementation plans
  C. Standards and guidelines
  D. IT security policies
  D. IT security policies

• Question 399:

  As the CISO for your company you are accountable for the protection of information resources commensurate with:

  A. Risk of exposure
  B. Cost and time to replace
  C. Insurability tables
  D. Customer demand
  A. Risk of exposure

• Question 400:

  The alerting, monitoring and life-cycle management of security related events is typically handled by the_________________.

  A. risk management process
  B. risk assessment process
  C. governance, risk, and compliance tools
  D. security threat and vulnerability management process
  D. security threat and vulnerability management process