The Avant-garde Guide To 712-50 Brain Dumps

NEW QUESTION 1

You currently cannot provide for 24/7 coverage of your security monitoring and incident response duties and your company is resistant to the idea of adding more full-time employees to the payroll. Which combination of solutions would help to provide the coverage needed without the addition of more dedicated staff? (choose the best answer):

• A. Deploy a SEIM solution and have current staff review incidents first thing in the morning
• B. Contract with a managed security provider and have current staff on recall for incident response
• C. Configure your syslog to send SMS messages to current staff when target events are triggered
• D. Employ an assumption of breach protocol and defend only essential information resources

Answer: B

NEW QUESTION 2

Your incident handling manager detects a virus attack in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the following phases in the incident handling process will utilize the signature to resolve this incident?

• A. Containment
• B. Recovery
• C. Identification
• D. Eradication

Answer: D

NEW QUESTION 3

When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?

• A. An independent Governance, Risk and Compliance organization
• B. Alignment of security goals with business goals
• C. Compliance with local privacy regulations
• D. Support from Legal and HR teams

Answer: B

NEW QUESTION 4

What is the MOST critical output of the incident response process?

• A. A complete document of all involved team members and the support they provided
• B. Recovery of all data from affected systems
• C. Lessons learned from the incident, so they can be incorporated into the incident response processes
• D. Clearly defined documents detailing standard evidence collection and preservation processes

Answer: C

Explanation:
Reference: https://www.eccouncil.org/incident-response-plan-phases/

NEW QUESTION 5

SCENARIO: Critical servers show signs of erratic behavior within your organization’s intranet. Initial information indicates the systems are under attack from an outside entity. As the Chief Information Security Officer (CISO), you decide to deploy the Incident Response Team (IRT) to determine the details of this incident and take action according to the information available to the team.
During initial investigation, the team suspects criminal activity but cannot initially prove or disprove illegal actions. What is the MOST critical aspect of the team’s activities?

• A. Regular communication of incident status to executives
• B. Eradication of malware and system restoration
• C. Determination of the attack source
• D. Preservation of information

Answer: D

NEW QUESTION 6

A new CISO just started with a company and on the CISO's desk is the last complete Information Security Management audit report. The audit report is over two years old. After reading it, what should be the CISO's FIRST priority?

• A. Have internal audit conduct another audit to see what has changed.
• B. Contract with an external audit company to conduct an unbiased audit
• C. Review the recommendations and follow up to see if audit implemented the changes
• D. Meet with audit team to determine a timeline for corrections

Answer: C

NEW QUESTION 7

You are the CISO of a commercial social media organization. The leadership wants to rapidly create new methods of sharing customer data through creative linkages with mobile devices. You have voiced concern about privacy regulations but the velocity of the business is given priority. Which of the following BEST describes this organization?

• A. Risk averse
• B. Risk tolerant
• C. Risk conditional
• D. Risk minimal

Answer: B

NEW QUESTION 8

A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?

• A. Lack of a formal security awareness program
• B. Lack of a formal security policy governance process
• C. Lack of formal definition of roles and responsibilities
• D. Lack of a formal risk management policy

Answer: B

NEW QUESTION 9

When a CISO considers delaying or not remediating system vulnerabilities which of the following are MOST important to take into account?

• A. Threat Level, Risk of Compromise, and Consequences of Compromise
• B. Risk Avoidance, Threat Level, and Consequences of Compromise
• C. Risk Transfer, Reputational Impact, and Consequences of Compromise
• D. Reputational Impact, Financial Impact, and Risk of Compromise

Answer: A

NEW QUESTION 10

A security manager has created a risk program. Which of the following is a critical part of ensuring the program is successful?

• A. Providing a risk program governance structure
• B. Ensuring developers include risk control comments in code
• C. Creating risk assessment templates based on specific threats
• D. Allowing for the acceptance of risk for regulatory compliance requirements

Answer: A

NEW QUESTION 11

When creating a vulnerability scan schedule, who is the MOST critical person to communicate with in order to ensure impact of the scan is minimized?

• A. The asset owner
• B. The asset manager
• C. The data custodian
• D. The project manager

Answer: A

NEW QUESTION 12

The total cost of security controls should:

• A. Be equal to the value of the information resource being protected
• B. Be greater than the value of the information resource being protected
• C. Be less than the value of the information resource being protected
• D. Should not matter, as long as the information resource is protected

Answer: C

NEW QUESTION 13

An anonymity network is a series of?

• A. Covert government networks
• B. War driving maps
• C. Government networks in Tora
• D. Virtual network tunnels

Answer: D

NEW QUESTION 14

Which of the following is an accurate description of a balance sheet?

• A. The percentage of earnings that are retained by the organization for reinvestment in the business
• B. The details of expenses and revenue over a long period of time
• C. A summarized statement of all assets and liabilities at a specific point in time
• D. A review of regulations and requirements impacting the business from a financial perspective

Answer: C

NEW QUESTION 15

Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same?

• A. A substantive test of program library controls
• B. A compliance test of program library controls
• C. A compliance test of the program compiler controls
• D. A substantive test of the program compiler controls

Answer: B

NEW QUESTION 16

Which of the following is a weakness of an asset or group of assets that can be exploited by one or more threats?

• A. Threat
• B. Vulnerability
• C. Attack vector
• D. Exploitation

Answer: B

NEW QUESTION 17

Which of the following represents the best method of ensuring business unit alignment with security program requirements?

• A. Provide clear communication of security requirements throughout the organization
• B. Demonstrate executive support with written mandates for security policy adherence
• C. Create collaborative risk management approaches within the organization
• D. Perform increased audits of security processes and procedures

Answer: C

NEW QUESTION 18

What are the three stages of an identity and access management system?

• A. Authentication, Authorize, Validation
• B. Provision, Administration, Enforcement
• C. Administration, Validation, Protect
• D. Provision, Administration, Authentication

Answer: A

Explanation:
Reference: https://digitalguardian.com/blog/what-identity-and-access-management-iam

NEW QUESTION 19
......