Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
712-50 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader ECCouncil 712-50 Dumps with VCE and PDF 161-170

September 23, 2017

EnsurePass
2017 Sep ECCouncil Official New Released 712-50
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/712-50.html

EC-Council Certified CISO (CCISO)

Question No: 161 – (Topic 2)

An audit was conducted and many critical applications were found to have no disaster recovery plans in place. You conduct a Business Impact Analysis (BIA) to determine impact to the company for each application. What should be the NEXT step?

  1. Determine the annual loss expectancy (ALE)

  2. Create a crisis management plan

  3. Create technology recovery plans

  4. Build a secondary hot site

Answer: C

Question No: 162 – (Topic 2)

The remediation of a specific audit finding is deemed too expensive and will not be implemented. Which of the following is a TRUE statement?

  1. The asset is more expensive than the remediation

  2. The audit finding is incorrect

  3. The asset being protected is less valuable than the remediation costs

  4. The remediation costs are irrelevant; it must be implemented regardless of cost.

Answer: C

Question No: 163 – (Topic 2)

Which of the following set of processes is considered to be one of the cornerstone cycles of the International Organization for Standardization (ISO) 27001 standard?

  1. Plan-Check-Do-Act

  2. Plan-Do-Check-Act

  3. Plan-Select-Implement-Evaluate

  4. SCORE (Security Consensus Operational Readiness Evaluation)

Answer: B

Question No: 164 – (Topic 2)

When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?

  1. ISO 27001

  2. PRINCE2

  3. ISO 27004

  4. ITILv3

Answer: C

Question No: 165 – (Topic 2)

Which of the following best describes the purpose of the International Organization for Standardization (ISO) 27002 standard?

  1. To give information security management recommendations to those who are responsible for initiating, implementing, or maintaining security in their organization.

  2. To provide a common basis for developing organizational security standards

  3. To provide effective security management practice and to provide confidence in inter- organizational dealings

  4. To established guidelines and general principles for initiating, implementing, maintaining, and improving information security management within an organization

Answer: D

Question No: 166 – (Topic 2)

Which of the following activities must be completed BEFORE you can calculate risk?

  1. Determining the likelihood that vulnerable systems will be attacked by specific threats

  2. Calculating the risks to which assets are exposed in their current setting

  3. Assigning a value to each information asset

  4. Assessing the relative risk facing the organization’s information assets

Answer: C

Question No: 167 – (Topic 2)

Control Objectives for Information and Related Technology (COBIT) is which of the following?

  1. An Information Security audit standard

  2. An audit guideline for certifying secure systems and controls

  3. A framework for Information Technology management and governance

  4. A set of international regulations for Information Technology governance

Answer: C

Question No: 168 – (Topic 2)

The executive board has requested that the CISO of an organization define and Key Performance Indicators (KPI) to measure the effectiveness of the security awareness program provided to call center employees. Which of the following can be used as a KPI?

  1. Number of callers who report security issues.

  2. Number of callers who report a lack of customer service from the call center

  3. Number of successful social engineering attempts on the call center

  4. Number of callers who abandon the call before speaking with a representative

Answer: C

Question No: 169 – (Topic 2)

Which of the following is a term related to risk management that represents the estimated frequency at which a threat is expected to transpire?

  1. Single Loss Expectancy (SLE)

  2. Exposure Factor (EF)

  3. Annualized Rate of Occurrence (ARO)

  4. Temporal Probability (TP)

Answer: C

Question No: 170 – (Topic 2)

The MOST common method to get an unbiased measurement of the effectiveness of an Information Security Management System (ISMS) is to

  1. assign the responsibility to the information security team.

  2. assign the responsibility to the team responsible for the management of the controls.

  3. create operational reports on the effectiveness of the controls.

  4. perform an independent audit of the security controls.

Answer: D

100% Free Download!
Download Free Demo:712-50 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass 712-50 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE