Which of the following information may be found in table top exercises for incident response?
A. Real-time to remediate
B. Process improvements
C. Security budget augmentation
D. Security control selection
When gathering security requirements for an automated business process improvement program, which of the following is MOST important?
A. Type of data contained in the process/system
B. Type of encryption required for the data once it is at rest
C. Type of computer the data is processed on
D. Type of connection/protocol used to transfer the data
Which business stakeholder is accountable for the integrity of a new information system?
A. Compliance Officer
B. CISO
C. Project manager
D. Board of directors
A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization.
Which of the following principles does this best demonstrate?
A. Proper budget management
B. Effective use of existing technologies
C. Alignment with the business
D. Leveraging existing implementations
The organization does not have the time to remediate the vulnerability; however it is critical to release the application.
Which of the following needs to be further evaluated to help mitigate the risks?
A. Provide security testing tools
B. Provide developer security training
C. Deploy Intrusion Detection Systems
D. Implement Compensating Controls
Your company has a "no right to privacy" notice on all logon screens for your information systems and users sign an Acceptable Use Policy informing them of this condition. A peer group member and friend comes to you and requests access to one of her employee's email account.
What should you do?
A. Deny the request citing national privacy laws
B. None
C. Grant her access, the employee has been adequately warned through the AUP.
D. Assist her with the request, but only after her supervisor signs off on the action.
E. Reset the employee's password and give it to the supervisor.
Which one of the following BEST describes which member of the management team is accountable for the day-to-day operation of the information security program?
A. Security managers
B. Security analysts
C. Security technicians
D. Security administrators
Which of the following is a major benefit of applying risk levels?
A. Resources are not wasted on risks that are already managed to an acceptable level
B. Risk appetite increase within the organization once the levels are understood
C. Risk budgets are more easily managed due to fewer due to fewer identified risks as a result of using a methodology
D. Risk management governance becomes easier since most risks remain low once mitigated
How often should the SSAE16 report of your vendors be reviewed?
A. Quarterly
B. Semi-annually
C. Bi-annually
D. Annually
Which of the following will be MOST helpful for getting an Information Security project that is behind schedule back on schedule?
A. More frequent project milestone meetings
B. Involve internal audit
C. Upper management support
D. More training of staff members
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 712-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.