Practice Exams:

Free 712-50 Exam Braindumps

Pass your EC-Council Certified CISO (CCISO) exam with these free Questions and Answers

Page 9 of 90
PDF with 449 Questions
QUESTION 36

- (Topic 3)
The organization does not have the time to remediate the vulnerability; however it is critical to release the application. Which of the following needs to be further evaluated to help
mitigate the risks?

  1. A. Provide developer security training
  2. B. Deploy Intrusion Detection Systems
  3. C. Provide security testing tools
  4. D. Implement Compensating Controls

Correct Answer: D

QUESTION 37

- (Topic 3)
You currently cannot provide for 24/7 coverage of your security monitoring and incident response duties and your company is resistant to the idea of adding more full-time employees to the payroll. Which combination of solutions would help to provide the coverage needed without the addition of more dedicated staff? (choose the best answer):

  1. A. Deploy a SEIM solution and have current staff review incidents first thing in the morning
  2. B. Contract with a managed security provider and have current staff on recall for incident response
  3. C. Configure your syslog to send SMS messages to current staff when target events are triggered
  4. D. Employ an assumption of breach protocol and defend only essential information resources

Correct Answer: B

QUESTION 38

- (Topic 3)
Which of the following is the MOST important component of any change management process?

  1. A. Scheduling
  2. B. Back-out procedures
  3. C. Outage planning
  4. D. Management approval

Correct Answer: D

QUESTION 39

- (Topic 1)
What is the SECOND step to creating a risk management methodology according to the National Institute of Standards and Technology (NIST) SP 800-30 standard?

  1. A. Determine appetite
  2. B. Evaluate risk avoidance criteria
  3. C. Perform a risk assessment
  4. D. Mitigate risk

Correct Answer: D

QUESTION 40

- (Topic 5)
Human resource planning for security professionals in your organization is a:

  1. A. Simple and easy task because the threats are getting easier to find and correct.
  2. B. Training requirement that is met through once every year user training.
  3. C. Training requirement that is on-going and always changing.
  4. D. Not needed because automation and anti-virus software has eliminated the threats.

Correct Answer: C

Page 9 of 90
PDF with 449 Questions

Post your Comments and Discuss EC-Council 712-50 exam with other Community members: