[Free] 2019(Nov) EnsurePass ECCouncil 712-50 Dumps with VCE and PDF 211-220

Get Full Version of the Exam

Question No.211

When selecting a security solution with reoccurring maintenance costs after the first year (choose the BEST answer):

  1. The CISO should cut other essential programs to ensure the new solution#39;s continued use

  2. Communicate future operating costs to the CIO/CFO and seek commitment from them to ensure the new solution#39;s continued use

  3. Defer selection until the market improves and cash flow is positive

  4. Implement the solution and ask for the increased operating cost budget when it is time

Correct Answer: B

Question No.212

What oversight should the information security team have in the change management process for application security?

  1. Information security should be informed of changes to applications only

  2. Development team should tell the information security team about any application security flaws

  3. Information security should be aware of any significant application security changes and work with developer to test for vulnerabilities before changes are deployed in production

  4. Information security should be aware of all application changes and work with developers before changes are deployed in production

Correct Answer: C

Question No.213

A severe security threat has been detected on your corporate network. As CISO you quickly assemble key members of the Information Technology team and business operations to determine a modification to security controls in response to the threat. This is an example of:

  1. Change management

  2. Business continuity planning

  3. Security Incident Response

  4. Thought leadership

Correct Answer: C

Question No.214

Which of the following are not stakeholders of IT security projects?

  1. Board of directors

  2. Third party vendors

  3. CISO

  4. Help Desk

Correct Answer: B

Question No.215

Which of the following is MOST beneficial in determining an appropriate balance between

uncontrolled innovation and excessive caution in an organization?

  1. Define the risk appetite

  2. Determine budget constraints

  3. Review project charters

  4. Collaborate security projects

Correct Answer: A

Question No.216

Which of the following methodologies references the recommended industry standard that Information security project managers should follow?

  1. The Security Systems Development Life Cycle

  2. The Security Project And Management Methodology

  3. Project Management System Methodology

  4. Project Management Body of Knowledge

Correct Answer: D

Question No.217

Which of the following is considered a project versus a managed process?

  1. monitoring external and internal environment during incident response

  2. ongoing risk assessments of routine operations

  3. continuous vulnerability assessment and vulnerability repair

  4. installation of a new firewall system

Correct Answer: D

Question No.218

Which of the following information may be found in table top exercises for incident response?

  1. Security budget augmentation

  2. Process improvements

  3. Real-time to remediate

  4. Security control selection

Correct Answer: B

Question No.219

The organization does not have the time to remediate the vulnerability; however it is critical to release the application. Which of the following needs to be further evaluated to help mitigate the risks?

  1. Provide developer security training

  2. Deploy Intrusion Detection Systems

  3. Provide security testing tools

  4. Implement Compensating Controls

Correct Answer: D

Question No.220

How often should the SSAE16 report of your vendors be reviewed?

  1. Quarterly

  2. Semi-annually

  3. Annually

  4. Bi-annually

Correct Answer: C

Get Full Version of the Exam
712-50 Dumps
712-50 VCE and PDF