Last Updated on July 23, 2021 by InfraExam
712-50 : EC-Council Certified CISO : Part 07
How often should an environment be monitored for cyber threats, risks, and exposures?
Many times a CISO may have to speak to the Board of Directors (BOD) about their cyber security posture.
What would be the BEST choice of security metrics to present to the BOD?
- All vulnerabilities found on servers and desktops
- Only critical and high vulnerabilities servers
- Only critical and high vulnerabilities on servers and desktops
- All vulnerabilities that impact important production servers
Creating a secondary authentication process for network access would be an example of?
- Defense in depth cost enumerated costs
- Nonlinearities in physical security performance metrics
- System hardening and patching requirements
- Anti-virus for mobile devices
In MOST organizations which group periodically reviews network intrusion detection system logs for all systems as part of their daily tasks?
- Internal Audit
- Information Security
- Database Administration
Which of the following BEST describes an international standard framework that is based on the security model Information Technology-Code of Practice for Information Security Management?
- National Institute of Standards and technology Special Publication SP 800-12
- Request for Comment 2196
- International Organization for Standardization 27001
- National Institute of Standards and technology Special Publication SP 800-26
The BEST organization to provide a comprehensive, independent and certifiable perspective on established security controls in an environment is _______________.
- External Audit
- Forensic experts
- Internal Audit
- Penetration testers
When a critical vulnerability has been discovered on production systems and needs to be fixed immediately, what is the BEST approach for a CISO to mitigate the vulnerability under tight budget constraints?
- Schedule an emergency meeting and request the finding to fix the issue
- Take the system off line until budget is available
- Transfer financial resources from other critical programs
- Deploy countermeasures and compensation controls until the budget is available
The executive board has requested that the CISO of an organization define and Key Performance Indicators (KPI) to measure the effectiveness of the security awareness program provided to call center employees.
Which of the following can be used as a KPI?
- Number of successful social engineering attempts on the call center
- Number of callers who abandon the call before speaking with a representative
- Number of callers who report a lack of customer service from the call center
- Number of callers who report security issues.
The effectiveness of social engineering penetration testing using phishing can be used as a Key Performance Indicator (KPI) for the effectiveness of an organization’s
- Risk Management Program
- Anti-Spam controls
- Identity and Access Management Program
- Security Awareness Program
Which of the following is the MOST effective way to measure the effectiveness of security controls on a perimeter network?
- Perform a vulnerability scan of the network
- Internal Firewall ruleset reviews
- Implement network intrusion prevention systems
- External penetration testing by a qualified third party
The CIO of an organization has decided to assign the responsibility of internal IT audit to the IT team. This is considering a bad practice MAINLY because_______________.
- The IT team is not familiar in IT audit practices
- This represents a bad implementation of the Least Privilege principle
- The IT team is not certified to perform audits
- This represents a conflict of interest
Which of the following activities is the MAIN purpose of the risk assessment process?
- Creating an inventory of information assets
- Calculating the risks to which assets are exposed in their current setting
- Classifying and organizing information assets into meaningful groups
- Assigning value to each information asset
You are the Chief Information Security Officer of a large, multinational bank and you suspect there is a flaw in a two factor authentication token management process.
Which of the following represents your BEST course of action?
- Determine program ownership to implement compensating controls
- Send a report to executive peers and business unit owners detailing your suspicions
- Validate that security awareness program content includes information about the potential vulnerability
- Conduct a throughout risk assessment against the current implementation to determine system functions
Which of the following is considered to be an IT governance framework and a supporting toolset that allows for managers to bridge the gap between control requirements, technical issues, and business risks?
- Information technology Infrastructure Library (ITIL)
- Committee of Sponsoring Organizations (COSO)
- Control Objective for Information Technology (COBIT)
- Payment Card Industry (PCI)
Which is the BEST solution to monitor, measure, and report changes to critical data in a system?
- SNMP traps
- File integrity monitoring
- Application logs
Which of the following represents the BEST reason for an organization to use the Control Objectives for Information and Related Technology (COBIT) as an Information Technology (IT) framework?
- Information Security (IS) procedures often require augmentation with other standards
- Implementation of it eases an organization’s auditing and compliance burden
- It provides for a consistent and repeatable staffing model for technology organizations
- It allows executives to more effectively monitor IT implementation costs
The mean time to patch, number of virus outbreaks prevented, and number of vulnerabilities mitigated are examples of what type of performance metrics?
- Risk metrics
- Operational metrics
- Compliance metrics
- Management metrics
When should IT security project management be outsourced?
- On projects not forecasted in the yearly budget
- When organizational resources are limited
- When the benefits of outsourcing outweigh the inherent risks of outsourcing
- On new, enterprise-wide security initiatives
Assigning the role and responsibility of Information Assurance to a dedicated and independent security group is an example of:
- Detective Controls
- Proactive Controls
- Organizational Controls
- Preemptive Controls
An international organization is planning a project to implement encryption technologies to protect company confidential information. This organization has data centers on three continents.
Which of the following would be considered a MAJOR constraint for the project?
- Compliance to local hiring laws
- Encryption import/export regulations
- Local customer privacy laws
- Time zone differences