When an organization claims it is secure because it is PCI-DSS certified, what is a good first question to ask towards assessing the effectiveness of their security program?
A. How many credit records are stored?
B. What is the value of the assets at risk?
C. What is the scope of the certification?
D. How many servers do you have?
What is the relationship between information protection and regulatory compliance?
A. That all information in an organization must be protected equally.
B. The information required to be protected by regulatory mandate does not have to be identified in the organizations data classification policy.
C. There is no relationship between the two.
D. That the protection of some information such as National ID information is mandated by regulation and other information such as trade secrets are protected based on business need.
Who in the organization determines access to information?
A. Compliance officer
B. Legal department
C. Data Owner
D. Information security officer
When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?
A. Compliance with local privacy regulations
B. An independent Governance, Risk and Compliance organization
C. Support Legal and HR teams
D. Alignment of security goals with business goals
When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?
A. Eradication
B. Escalation
C. Containment
D. Recovery
Which of the following has the GREATEST impact on the implementation of an information security governance model?
A. Complexity of organizational structure
B. Distance between physical locations
C. Organizational budget
D. Number of employees
Which of the following is MOST likely to be discretionary?
A. Policies
B. Procedures
C. Guidelines
D. Standards
The PRIMARY objective of security awareness is to:
A. Encourage security-conscious employee behavior
B. Put employees on notice in case follow-up action for noncompliance is necessary
C. Ensure that security policies are read
D. Meet legal and regulatory requirements
Why is it vitally important that senior management endorse a security policy?
A. So that employees will follow the policy directives.
B. So that they can be held legally accountable.
C. So that external bodies will recognize the organizations commitment to security.
D. So that they will accept ownership for security within the organization.
Which of the following is of MOST importance when security leaders of an organization are required to align security to influence the culture of an organization?
A. Understand the business goals of the organization
B. Poses a strong technical background
C. Poses a strong auditing background
D. Understand all regulations affecting the organization
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 712-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.