One of the MAIN goals of a Business Continuity Plan is to_______________.
A. Ensure all infrastructure and applications are available in the event of a disaster
B. Assign responsibilities to the technical teams responsible for the recovery of all data
C. Provide step by step plans to recover business processes in the event of a disaster
D. Allow all technical first-responders to understand their roles in the event of a disaster.
An organization's Information Security Policy is of MOST importance because_____________.
A. It defines a process to meet compliance requirements
B. It establishes a framework to protect confidential information
C. It communicates management's commitment to protecting information resources
D. It is formally acknowledged by all employees and vendors
A global retail company is creating a new compliance management process.
Which of the following regulations is of MOST importance to be tracked and managed by this process?
A. Information Technology Infrastructure Library (ITIL)
B. National Institute for Standards and technology (NIST) standard
C. International Organization for Standardization (ISO) standards
D. Payment Card Industry Data Security Standards (PCI-DSS)
From an information security perspective, information that no longer supports the main purpose of the business should be:
A. protected under the information classification policy
B. analyzed under the data ownership policy
C. assessed by a business impact analysis.
D. analyzed under the retention policy.
A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy.
This policy, however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?
A. Lack of a formal risk management policy
B. Lack of a formal security policy governance process
C. Lack of formal definition of roles and responsibilities
D. Lack of a formal security awareness program
Regulatory requirements typically force organizations to implement ____________.
A. Financial controls
B. Mandatory controls
C. Discretionary controls
D. Optional controls
Which of the following international standards can be BEST used to define a Risk Management process in an organization?
A. International Organization for Standardizations ?27005 (ISO-27005)
B. National Institute for Standards and Technology 800-50 (NIST 800-50)
C. Payment Card Industry Data Security Standards (PCI-DSS)
D. International Organization for Standardizations ?27004 (ISO-27004)
Ensuring that the actions of a set of people, applications and systems follow the organization's rules is BEST described as:
A. Compliance management
B. Security management
C. Risk management
D. Mitigation management
A security manager has created a risk program. Which of the following is a critical part of ensuring the program is successful?
A. Ensuring developers include risk control comments in code
B. Creating risk assessment templates based on specific threats
C. Providing a risk program governance structure
D. Allowing for the acceptance of risk for regulatory compliance requirements
The FIRST step in establishing a security governance program is to?
A. Obtain senior level sponsorship
B. Conduct a workshop for all end users.
C. Conduct a risk assessment.
D. Prepare a security budget.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 712-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.