712-50 EC-Council Exam Questions and Free Practice Test

Question 7

- (Topic 1)
According to the National Institute of Standards and Technology (NIST) SP 800-40, which of the following considerations are MOST important when creating a vulnerability management program?

A. Susceptibility to attack, mitigation response time, and cost

B. Attack vectors, controls cost, and investigation staffing needs

C. Vulnerability exploitation, attack recovery, and mean time to repair

D. Susceptibility to attack, expected duration of attack, and mitigation availability

Correct Answer:A

Question 8

- (Topic 1)
What is the main purpose of the Incident Response Team?

A. Ensure efficient recovery and reinstate repaired systems

B. Create effective policies detailing program activities

C. Communicate details of information security incidents

D. Provide current employee awareness programs

Correct Answer:A

Question 9

- (Topic 1)
A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units. Which of the following standards and guidelines can BEST address this organization’s need?

A. International Organization for Standardizations – 22301 (ISO-22301)

B. Information Technology Infrastructure Library (ITIL)

C. Payment Card Industry Data Security Standards (PCI-DSS)

D. International Organization for Standardizations – 27005 (ISO-27005)

Correct Answer:A

Question 10

- (Topic 5)
As the CISO you need to write the IT security strategic plan. Which of the following is the MOST important to review before you start writing the plan?

A. The existing IT environment.

B. The company business plan.

C. The present IT budget.

D. Other corporate technology trends.

Correct Answer:B

Question 11

- (Topic 1)
When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?

A. An independent Governance, Risk and Compliance organization

B. Alignment of security goals with business goals

C. Compliance with local privacy regulations

D. Support from Legal and HR teams

Correct Answer:B

Question 12

- (Topic 4)
In terms of supporting a forensic investigation, it is now imperative that managers, first- responders, etc., accomplish the following actions to the computer under investigation:

A. Secure the area and shut-down the computer until investigators arrive

B. Secure the area and attempt to maintain power until investigators arrive

C. Immediately place hard drive and other components in an anti-static bag

D. Secure the area.

Correct Answer:B

START 712-50 EXAM