Last Updated on July 23, 2021 by InfraExam
712-50 : EC-Council Certified CISO : Part 08
A new CISO just started with a company and on the CISO’s desk is the last complete Information Security Management audit report. The audit report is over two years old.
After reading it, what should be your first priority?
- Review the recommendations and follow up to see if audit implemented the changes
- Meet with audit team to determine a timeline for corrections
- Have internal audit conduct another audit to see what has changed.
- Contract with an external audit company to conduct an unbiased audit
The risk found after a control has been fully implemented is called:
- Total Risk
- Transferred Risk
- Residual Risk
- Post Implementation Risk
Which of the following set of processes is considered to be one of the cornerstone cycles of the International Organization for Standardization (ISO) 27001 standard?
- SCORE (Security Consensus Operational Readiness Evaluation)
A recent audit has identified a few control exceptions and is recommending the implementation of technology and processes to address the finding.
Which of the following is the MOST likely reason for the organization to reject the implementation of the recommended technology and processes?
- The organization has purchased cyber insurance
- The risk tolerance of the organization permits this risk
- The CIO of the organization disagrees with the finding
- The auditors have not followed proper auditing processes
When you develop your audit remediation plan what is the MOST important criteria?
- To validate the remediation process with the auditor.
- To validate that the cost of the remediation is less than risk of the finding.
- To remediate half of the findings before the next audit.
- To remediate all of the findings before the next audit.
To have accurate and effective information security policies how often should the CISO review the organization policies?
- Before an audit
- At least once a year
- Every 6 months
When a CISO considers delaying or not remediating system vulnerabilities which of the following are MOST important to take into account?
- Threat Level, Risk of Compromise, and Consequences of Compromise
- Risk Avoidance, Threat Level, and Consequences of Compromise
- Reputational Impact, Financial impact, and Risk of Compromise
- Risk transfer, reputational Impact, and Consequences of Compromise
When managing the critical path of an IT security project, which of the following is MOST important?
- Knowing all the stakeholders.
- Knowing the milestones and timelines of deliverables.
- Knowing the people on the data center team.
- Knowing the threats to the organization.
Creating good security metrics is essential for a CISO. What would be the BEST sources for creating security metrics for baseline defenses coverage?
- Servers, routers, switches, modem
- Firewall, anti-virus console, IDS, syslog
- Firewall, exchange, web server, intrusion detection system (IDS)
- IDS, syslog, router, switches
A Chief Information Security Officer received a list of high, medium, and low impact audit findings.
Which of the following represents the BEST course of action?
- If the findings do not impact regulatory compliance, remediate only the high and medium risk findings.
- If the findings do not impact regulatory compliance, review current security controls.
- If the findings impact regulatory compliance, try to apply remediation that will address the most findings for the least cost.
- if the findings impact regulatory compliance, remediate the high findings as quickly as possible.
At which point should the identity access management team be notified of the termination of an employee?
- Immediately so the employee account(s) can be disabled
- During the monthly review cycle
- At the end of the day once the employee is off site
- Before an audit
Providing oversight of a comprehensive information security program for the entire organization is the primary responsibility of which group under the InfoSec governance framework?
- Office of the General Counsel
- Office of the Auditor
- Senior Executives
- All employees and users
Which International Organization for Standardization (ISO) below BEST describes the performance of risk management, and includes a five-stage risk management methodology.
- ISO 27005
- ISO 27004
- ISO 27002
- ISO 27001
With respect to the audit management process, management response serves what function?
- revealing the “root cause” of the process failure and mitigating for all internal and external units
- adding controls to ensure that proper oversight is achieved by management
- determining whether or not resources will be allocated to remediate a finding
- placing underperforming units on notice for failing to meet standards
The remediation of a specific audit finding is deemed too expensive and will not be implemented.
Which of the following is a TRUE statement?
- The audit findings is incorrect
- The asset is more expensive than the remediation
- The asset being protected is less valuable than the remediation costs
- The remediation costs are irrelevant; it must be implemented regardless of cost.
Which of the following organizations is typically in charge of validating the implementation and effectiveness of security controls?
- Security Operations
- Internal/External Audit
- Risk Management
- Security Administrators
An information security department is required to remediate system vulnerabilities when they are discovered. Please select the three primary remediation methods that can be used on an affected system.
- Install software patch, configuration adjustment, software removal
- Install software patch, operate system, maintain system
- Discover software, remove affected software, apply software patch
- Software removal, install software patch, maintain system
Which of the following best describes the purpose of the International Organization for Standardization (ISO) 27002 standard?
- To provide effective security management practice and to provide confidence in interorganizational dealings
- To established guidelines and general principles for initiating, implementing, maintaining and improving information security management within an organization
- To give information security management recommendations to those who are responsible for initiating, implementing, or maintaining security in their organization.
- To provide a common basis for developing organizational security standards
Which represents PROPER separation of duties in the corporate environment?
- Information Security and Network teams perform two distinct functions
- Information Security and Identity Access Management teams perform two distinct functions
- Finance has access to Human Resources data
- Developers and Network teams both have admin rights on servers
When working in the Payment Card Industry (PCI), how often should security logs be review to comply with the standards?