In defining a strategic security plan for an organization, what should a CISO first analyze?
A. Reach out to a business similar to yours and ask for their plan
B. Set goals that are difficult to attain to drive more productivity
C. Review business acquisitions for the past 3 years
D. Analyze the broader organizational strategic plan
An auditor is reviewing the security classifications for a group of assets and finds that many of the assets are not correctly classified. What should the auditor's NEXT step be?
A. Immediately notify the board of directors of the organization as to the finding
B. Correct the classifications immediately based on the auditor's knowledge of the proper classification
C. Document the missing classifications
D. Identify the owner of the asset and induce the owner to apply a proper classification
What are the common data hiding techniques used by criminals?
A. Unallocated space and masking
B. Website defacement and log manipulation
C. Disabled Logging and admin elevation
D. Encryption, Steganography, and Changing Metadata/Timestamps
When managing a project, the MOST important activity in managing the expectations of stakeholders is:
A. To force stakeholders to commit ample resources to support the project
B. To facilitate proper communication regarding outcomes
C. To assure stakeholders commit to the project start and end dates in writing
D. To finalize detailed scope of the project at project initiation
What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
A. Business Impact Analysis
B. Economic Impact analysis
C. Return on Investment
D. Cost-benefit analysis
An organization has decided to develop an in-house BCM capability. The organization has determined it is best to follow a BCM standard published by the International Organization for Standardization (ISO). The BEST ISO standard to follow that outlines the complete lifecycle of BCM is?
A. ISO 22318 Supply Chain Continuity
B. ISO 27031 BCM Readiness
C. ISO 22301 BCM Requirements
D. ISO 22317 BIA
From the CISO's perspective in looking at financial statements, the statement of retained earnings of an organization:
A. Has a direct correlation with the CISO's budget
B. Represents, in part, the savings generated by the proper acquisition and implementation of security controls
C. Represents the sum of all capital expenditures
D. Represents the percentage of earnings that could in part be used to finance future security controls
Devising controls for information security is a balance between?
A. Governance and compliance
B. Auditing and security
C. Budget and risk tolerance
D. Threats and vulnerabilities
What is the name of a formal statement that defines the strategy, approach, or expectations related to specific concerns within an organization?
A. Policy
B. Procedure
C. Guideline
D. Standard
Which of the following is an example of risk transference?
A. Purchasing Cyber insurance
B. Outsourcing the function to a 3rd party
C. Writing specific language in an agreement that puts the burden back on the other party
D. Implementing changes to current operating procedure
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 712-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.