Special Summer Discounts Limited Time 55% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 63r59951

712-50 EC-Council Certified CISO (CCISO) Questions and Answers

Questions 4

Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and data. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.

What type of control is being implemented by supervisors and data owners?

Options:

A.

Management

B.

Operational

C.

Technical

D.

Administrative

Buy Now
Questions 5

Which of the following is the MOST effective method for discovering common technical vulnerabilities within the

IT environment?

Options:

A.

Reviewing system administrator logs

B.

Auditing configuration templates

C.

Checking vendor product releases

D.

Performing system scans

Buy Now
Questions 6

A newly-hired CISO needs to understand the organization’s financial management standards for business units

and operations. Which of the following would be the best source of this information?

Options:

A.

The internal accounting department

B.

The Chief Financial Officer (CFO)

C.

The external financial audit service

D.

The managers of the accounts payables and accounts receivables teams

Buy Now
Questions 7

Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.

How can you reduce the administrative burden of distributing symmetric keys for your employer?

Options:

A.

Use asymmetric encryption for the automated distribution of the symmetric key

B.

Use a self-generated key on both ends to eliminate the need for distribution

C.

Use certificate authority to distribute private keys

D.

Symmetrically encrypt the key and then use asymmetric encryption to unencrypt it

Buy Now
Questions 8

Of the following types of SOCs (Security Operations Centers), which one would be MOST likely used if the CISO has decided to outsource the infrastructure and administration of it?

Options:

A.

Virtual

B.

Dedicated

C.

Fusion

D.

Command

Buy Now
Questions 9

What organizational structure combines the functional and project structures to create a hybrid of the two?

Options:

A.

Traditional

B.

Composite

C.

Project

D.

Matrix

Buy Now
Questions 10

A bastion host should be placed:

Options:

A.

Inside the DMZ

B.

In-line with the data center firewall

C.

Beyond the outer perimeter firewall

D.

As the gatekeeper to the organization’s honeynet

Buy Now
Questions 11

When reviewing a Solution as a Service (SaaS) provider’s security health and posture, which key document should you review?

Options:

A.

SaaS provider’s website certifications and representations (certs and reps)

B.

SOC-2 Report

C.

Metasploit Audit Report

D.

Statement from SaaS provider attesting their ability to secure your data

Buy Now
Questions 12

A Security Operations (SecOps) Manager is considering implementing threat hunting to be able to make better decisions on protecting information and assets.

What is the MAIN goal of threat hunting to the SecOps Manager?

Options:

A.

Improve discovery of valid detected events

B.

Enhance tuning of automated tools to detect and prevent attacks

C.

Replace existing threat detection strategies

D.

Validate patterns of behavior related to an attack

Buy Now
Questions 13

When performing a forensic investigation, what are the two MOST common data sources for obtaining evidence from a computer and mobile devices?

Options:

A.

RAM and unallocated space

B.

Unallocated space and RAM

C.

Slack space and browser cache

D.

Persistent and volatile data

Buy Now
Questions 14

Who should be involved in the development of an internal campaign to address email phishing?

Options:

A.

Business unit leaders, CIO, CEO

B.

Business Unite Leaders, CISO, CIO and CEO

C.

All employees

D.

CFO, CEO, CIO

Buy Now
Questions 15

Which of the following are the triple constraints of project management?

Options:

A.

Time, quality, and scope

B.

Cost, quality, and time

C.

Scope, time, and cost

D.

Quality, scope, and cost

Buy Now
Questions 16

What are the common data hiding techniques used by criminals?

Options:

A.

Unallocated space and masking

B.

Website defacement and log manipulation

C.

Disabled Logging and admin elevation

D.

Encryption, Steganography, and Changing Metadata/Timestamps

Buy Now
Questions 17

What does RACI stand for?

Options:

A.

Reasonable, Actionable, Controlled, and Implemented

B.

Responsible, Actors, Consult, and Instigate

C.

Responsible, Accountable, Consulted, and Informed

D.

Review, Act, Communicate, and Inform

Buy Now
Questions 18

When information security falls under the Chief Information Officer (CIO), what is their MOST essential role?

Options:

A.

Oversees the organization’s day-to-day operations, creating the policies and strategies that govern operations

B.

Enlisting support from key executives the information security program budget and policies

C.

Charged with developing and implementing policies designed to protect employees and customers’ data from unauthorized access

D.

Responsible for the success or failure of the IT organization and setting strategic direction

Buy Now
Questions 19

What is a key policy that should be part of the information security plan?

Options:

A.

Account management policy

B.

Training policy

C.

Acceptable Use policy

D.

Remote Access policy

Buy Now
Questions 20

One of your executives needs to send an important and confidential email. You want to ensure that the message cannot be read by anyone but the recipient. Which of the following keys should be used to encrypt the message?

Options:

A.

Your public key

B.

The recipient's private key

C.

The recipient's public key

D.

Certificate authority key

Buy Now
Questions 21

Your organization provides open guest wireless access with no captive portals. What can you do to assist with law enforcement investigations if one of your guests is suspected of committing an illegal act using your network?

Options:

A.

Configure logging on each access point

B.

Install a firewall software on each wireless access point.

C.

Provide IP and MAC address

D.

Disable SSID Broadcast and enable MAC address filtering on all wireless access points.

Buy Now
Questions 22

Physical security measures typically include which of the following components?

Options:

A.

Physical, Technical, Operational

B.

Technical, Strong Password, Operational

C.

Operational, Biometric, Physical

D.

Strong password, Biometric, Common Access Card

Buy Now
Questions 23

Your penetration testing team installs an in-line hardware key logger onto one of your network machines. Which of the following is of major concern to the security organization?

Options:

A.

In-line hardware keyloggers don’t require physical access

B.

In-line hardware keyloggers don’t comply to industry regulations

C.

In-line hardware keyloggers are undetectable by software

D.

In-line hardware keyloggers are relatively inexpensive

Buy Now
Questions 24

The process of creating a system which divides documents based on their security level to manage access to private data is known as

Options:

A.

security coding

B.

data security system

C.

data classification

D.

privacy protection

Buy Now
Questions 25

While designing a secondary data center for your company what document needs to be analyzed to determine to how much should be spent on building the data center?

Options:

A.

Enterprise Risk Assessment

B.

Disaster recovery strategic plan

C.

Business continuity plan

D.

Application mapping document

Buy Now
Questions 26

The process of identifying and classifying assets is typically included in the

Options:

A.

Threat analysis process

B.

Asset configuration management process

C.

Business Impact Analysis

D.

Disaster Recovery plan

Buy Now
Questions 27

The process for identifying, collecting, and producing digital information in support of legal proceedings is called

Options:

A.

chain of custody.

B.

electronic discovery.

C.

evidence tampering.

D.

electronic review.

Buy Now
Questions 28

Which of the following backup sites takes the longest recovery time?

Options:

A.

Cold site

B.

Hot site

C.

Warm site

D.

Mobile backup site

Buy Now
Questions 29

SQL injection is a very popular and successful injection attack method. Identify the basic SQL injection text:

Options:

A.

‘ o 1=1 - -

B.

/../../../../

C.

“DROPTABLE USERNAME”

D.

NOPS

Buy Now
Questions 30

You are having a penetration test done on your company network and the leader of the team says they discovered all the network devices because no one had changed the Simple Network Management Protocol (SNMP) community strings from the defaults. Which of the following is a default community string?

Options:

A.

Execute

B.

Read

C.

Administrator

D.

Public

Buy Now
Questions 31

The general ledger setup function in an enterprise resource package allows for setting accounting periods. Access to this function has been permitted to users in finance, the shipping department, and production scheduling. What is the most likely reason for such broad access?

Options:

A.

The need to change accounting periods on a regular basis.

B.

The requirement to post entries for a closed accounting period.

C.

The need to create and modify the chart of accounts and its allocations.

D.

The lack of policies and procedures for the proper segregation of duties.

Buy Now
Questions 32

A stakeholder is a person or group:

Options:

A.

Vested in the success and/or failure of a project or initiative regardless of budget implications.

B.

Vested in the success and/or failure of a project or initiative and is tied to the project budget.

C.

That has budget authority.

D.

That will ultimately use the system.

Buy Now
Questions 33

Which of the following methodologies references the recommended industry standard that Information security project managers should follow?

Options:

A.

The Security Systems Development Life Cycle

B.

The Security Project And Management Methodology

C.

Project Management System Methodology

D.

Project Management Body of Knowledge

Buy Now
Questions 34

Which of the following is a major benefit of applying risk levels?

Options:

A.

Risk management governance becomes easier since most risks remain low once mitigated

B.

Resources are not wasted on risks that are already managed to an acceptable level

C.

Risk budgets are more easily managed due to fewer identified risks as a result of using a methodology

D.

Risk appetite can increase within the organization once the levels are understood

Buy Now
Questions 35

Which of the following will be MOST helpful for getting an Information Security project that is behind schedule back on schedule?

Options:

A.

Upper management support

B.

More frequent project milestone meetings

C.

More training of staff members

D.

Involve internal audit

Buy Now
Questions 36

An organization has a stated requirement to block certain traffic on networks. The implementation of controls will disrupt a manufacturing process and cause unacceptable delays, resulting in sever revenue disruptions. Which of the following is MOST likely to be responsible for accepting the risk until mitigating controls can be implemented?

Options:

A.

The CISO

B.

Audit and Compliance

C.

The CFO

D.

The business owner

Buy Now
Questions 37

You currently cannot provide for 24/7 coverage of your security monitoring and incident response duties and your company is resistant to the idea of adding more full-time employees to the payroll. Which combination of solutions would help to provide the coverage needed without the addition of more dedicated staff? (choose the best answer):

Options:

A.

Deploy a SEIM solution and have current staff review incidents first thing in the morning

B.

Contract with a managed security provider and have current staff on recall for incident response

C.

Configure your syslog to send SMS messages to current staff when target events are triggered

D.

Employ an assumption of breach protocol and defend only essential information resources

Buy Now
Questions 38

Knowing the potential financial loss an organization is willing to suffer if a system fails is a determination of which of the following?

Options:

A.

Cost benefit

B.

Risk appetite

C.

Business continuity

D.

Likelihood of impact

Buy Now
Questions 39

A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets installed, but the project gets a great deal of resistance across the organization. Which of the following represents the MOST likely reason for this situation?

Options:

A.

The software license expiration is probably out of synchronization with other software licenses

B.

The project was initiated without an effort to get support from impacted business units in the organization

C.

The software is out of date and does not provide for a scalable solution across the enterprise

D.

The security officer should allow time for the organization to get accustomed to her presence before initiating security projects

Buy Now
Questions 40

To get an Information Security project back on schedule, which of the following will provide the MOST help?

Options:

A.

Upper management support

B.

More frequent project milestone meetings

C.

Stakeholder support

D.

Extend work hours

Buy Now
Questions 41

A person in your security team calls you at night and informs you that one of your web applications is potentially under attack from a cross-site scripting vulnerability. What do you do?

Options:

A.

tell him to shut down the server

B.

tell him to call the police

C.

tell him to invoke the incident response process

D.

tell him to analyze the problem, preserve the evidence and provide a full analysis and report

Buy Now
Questions 42

This occurs when the quantity or quality of project deliverables is expanded from the original project plan.

Options:

A.

Scope creep

B.

Deadline extension

C.

Scope modification

D.

Deliverable expansion

Buy Now
Questions 43

Which of the following functions evaluates patches used to close software vulnerabilities of new systems to assure compliance with policy when implementing an information security program?

Options:

A.

System testing

B.

Risk assessment

C.

Incident response

D.

Planning

Buy Now
Questions 44

What is the main purpose of the Incident Response Team?

Options:

A.

Ensure efficient recovery and reinstate repaired systems

B.

Create effective policies detailing program activities

C.

Communicate details of information security incidents

D.

Provide current employee awareness programs

Buy Now
Questions 45

What is a difference from the list below between quantitative and qualitative Risk Assessment?

Options:

A.

Quantitative risk assessments result in an exact number (in monetary terms)

B.

Qualitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)

C.

Qualitative risk assessments map to business objectives

D.

Quantitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)

Buy Now
Questions 46

Risk is defined as:

Options:

A.

Threat times vulnerability divided by control

B.

Advisory plus capability plus vulnerability

C.

Asset loss times likelihood of event

D.

Quantitative plus qualitative impact

Buy Now
Questions 47

Which of the following functions MUST your Information Security Governance program include for formal organizational reporting?

Options:

A.

Audit and Legal

B.

Budget and Compliance

C.

Human Resources and Budget

D.

Legal and Human Resources

Buy Now
Questions 48

A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?

Options:

A.

Lack of a formal security awareness program

B.

Lack of a formal security policy governance process

C.

Lack of formal definition of roles and responsibilities

D.

Lack of a formal risk management policy

Buy Now
Questions 49

Which of the following is a benefit of information security governance?

Options:

A.

Questioning the trust in vendor relationships.

B.

Increasing the risk of decisions based on incomplete management information.

C.

Direct involvement of senior management in developing control processes

D.

Reduction of the potential for civil and legal liability

Buy Now
Questions 50

What is the definition of Risk in Information Security?

Options:

A.

Risk = Probability x Impact

B.

Risk = Threat x Probability

C.

Risk = Financial Impact x Probability

D.

Risk = Impact x Threat

Buy Now
Questions 51

Which of the following has the GREATEST impact on the implementation of an information security governance model?

Options:

A.

Organizational budget

B.

Distance between physical locations

C.

Number of employees

D.

Complexity of organizational structure

Buy Now
Questions 52

What should an organization do to ensure that they have a sound Business Continuity (BC) Plan?

Options:

A.

Test every three years to ensure that things work as planned

B.

Conduct periodic tabletop exercises to refine the BC plan

C.

Outsource the creation and execution of the BC plan to a third party vendor

D.

Conduct a Disaster Recovery (DR) exercise every year to test the plan

Buy Now
Questions 53

When creating a vulnerability scan schedule, who is the MOST critical person to communicate with in order to ensure impact of the scan is minimized?

Options:

A.

The asset owner

B.

The asset manager

C.

The data custodian

D.

The project manager

Buy Now
Questions 54

Within an organization’s vulnerability management program, who has the responsibility to implement remediation actions?

Options:

A.

Security officer

B.

Data owner

C.

Vulnerability engineer

D.

System administrator

Buy Now
Questions 55

One of the MAIN goals of a Business Continuity Plan is to

Options:

A.

Ensure all infrastructure and applications are available in the event of a disaster

B.

Allow all technical first-responders to understand their roles in the event of a disaster

C.

Provide step by step plans to recover business processes in the event of a disaster

D.

Assign responsibilities to the technical teams responsible for the recovery of all data.

Buy Now
Questions 56

Using the Transport Layer Security (TLS) protocol enables a client in a network to be:

Options:

A.

Provided with a digital signature

B.

Assured of the server’s identity

C.

Identified by a network

D.

Registered by the server

Buy Now
Questions 57

File Integrity Monitoring (FIM) is considered a

Options:

A.

Network based security preventative control

B.

Software segmentation control

C.

Security detective control

D.

User segmentation control

Buy Now
Questions 58

At what level of governance are individual projects monitored and managed?

Options:

A.

Program

B.

Milestone

C.

Enterprise

D.

Portfolio

Buy Now
Questions 59

Where does bottom-up financial planning primarily gain information for creating budgets?

Options:

A.

By adding all capital and operational costs from the prior budgetary cycle, and determining potential

financial shortages

B.

By reviewing last year’s program-level costs and adding a percentage of expected additional portfolio costs

C.

By adding the cost of all known individual tasks and projects that are planned for the next budgetary cycle

D.

By adding all planned operational expenses per quarter then summarizing them in a budget request

Buy Now
Questions 60

A large number of accounts in a hardened system were suddenly compromised to an external party. Which of

the following is the MOST probable threat actor involved in this incident?

Options:

A.

Poorly configured firewalls

B.

Malware

C.

Advanced Persistent Threat (APT)

D.

An insider

Buy Now
Questions 61

Which of the following best represents a calculation for Annual Loss Expectancy (ALE)?

Options:

A.

Single loss expectancy multiplied by the annual rate of occurrence

B.

Total loss expectancy multiplied by the total loss frequency

C.

Value of the asset multiplied by the loss expectancy

D.

Replacement cost multiplied by the single loss expectancy

Buy Now
Questions 62

You are the Chief Information Security Officer of a large, multinational bank and you suspect there is a flaw in a two factor authentication token management process. Which of the following represents your BEST course of action?

Options:

A.

Validate that security awareness program content includes information about the potential vulnerability

B.

Conduct a thorough risk assessment against the current implementation to determine system functions

C.

Determine program ownership to implement compensating controls

D.

Send a report to executive peers and business unit owners detailing your suspicions

Buy Now
Questions 63

A recent audit has identified a few control exceptions and is recommending the implementation of technology and processes to address the finding. Which of the following is the MOST likely reason for the organization to reject the implementation of the recommended technology and processes?

Options:

A.

The auditors have not followed proper auditing processes

B.

The CIO of the organization disagrees with the finding

C.

The risk tolerance of the organization permits this risk

D.

The organization has purchased cyber insurance

Buy Now
Questions 64

Which of the following is a term related to risk management that represents the estimated frequency at which a threat is expected to transpire?

Options:

A.

Single Loss Expectancy (SLE)

B.

Exposure Factor (EF)

C.

Annualized Rate of Occurrence (ARO)

D.

Temporal Probability (TP)

Buy Now
Questions 65

Which of the following is the MOST important reason to measure the effectiveness of an Information Security Management System (ISMS)?

Options:

A.

Meet regulatory compliance requirements

B.

Better understand the threats and vulnerabilities affecting the environment

C.

Better understand strengths and weaknesses of the program

D.

Meet legal requirements

Buy Now
Questions 66

Creating a secondary authentication process for network access would be an example of?

Options:

A.

An administrator with too much time on their hands.

B.

Putting undue time commitment on the system administrator.

C.

Supporting the concept of layered security

D.

Network segmentation.

Buy Now
Questions 67

The CIO of an organization has decided to assign the responsibility of internal IT audit to the IT team. This is consider a bad practice MAINLY because

Options:

A.

The IT team is not familiar in IT audit practices

B.

This represents a bad implementation of the Least Privilege principle

C.

This represents a conflict of interest

D.

The IT team is not certified to perform audits

Buy Now
Exam Code: 712-50
Exam Name: EC-Council Certified CISO (CCISO)
Last Update: Aug 19, 2022
Questions: 449

PDF + Testing Engine

$79.2  $175.99

Testing Engine

$59.4  $131.99
buy now 712-50 testing engine

PDF (Q&A)

$49.5  $109.99
buy now 712-50 pdf