712-50 : EC-Council Certified CISO : Part 10

712-50 : EC-Council Certified CISO : Part 10

1. Acme Inc. has engaged a third party vendor to provide 99.999% up-time for their online web presence and had them contractually agree to this service level agreement.

   What type of risk tolerance is Acme exhibiting?

   • medium-high risk-tolerance
   • low risk-tolerance
   • high risk-tolerance
   • moderate risk-tolerance

2. Your incident response plan should include which of the following?

   • Procedures for classification
   • Procedures for charge-back
   • Procedures for reclamation
   • Procedures for litigation

3. To get an Information Security project back on schedule, which of the following will provide the MOST help?

   • Upper management support
   • More frequent project milestone meetings
   • Stakeholder support
   • None
   • Extend work hours

4. You currently cannot provide for 24/7 coverage of your security monitoring and incident response duties and your company is resistant to the idea of adding more full-time employees to the payroll.

   Which combination of solutions would help to provide the coverage needed without the addition of more dedicated staff?

   • Employ an assumption of breach protocol and defend only essential information resources.
   • Deploy a SEIM solution and have current staff review incidents first in the morning
   • Configure your syslog to send SMS messages to current staff when target events are triggered.
   • Contract with a managed security provider and have current staff on recall for incident response

5. A department within your company has proposed a third party vendor solution to address an urgent, critical business need. As the CISO you have been asked to accelerate screening of their security control claims.

   Which of the following vendor provided documents is BEST to make your decision?

   • Vendor provided reference from an existing reputable client detailing their implementation
   • Vendor’s client list of reputable organizations currently using their solution
   • Vendor provided internal risk assessment and security control documentation
   • Vendor provided attestation of the detailed security controls from a reputable accounting firm

6. A severe security threat has been detected on your corporate network. As CISO you quickly assemble key members of the Information Technology team and business operations to determine a modification to security controls in response to the threat.

   This is an example of:

   • Change management
   • Thought leadership
   • Business continuity planning
   • Security Incident Response

7. Which of the following represents the best method of ensuring business unit alignment with security program requirements?

   • Create collaborative risk management approaches within the organization
   • Perform increased audits of security processes and procedures
   • Provide clear communication of security requirements throughout the organization
   • Demonstrate executive support with written mandates for security policy adherence

8. When operating under severe budget constraints a CISO will have to be creative to maintain a strong security organization.

   Which example below is the MOST creative way to maintain a strong security posture during these difficult times?

   • Download security tools from a trusted source and deploy to production network
   • Download open source security tools from a trusted site, test, and then deploy on production network
   • Download trial versions of commercially available security tools and deploy on your production network
   • Download open source security tools and deploy them on your production network

9. How often should the SSAE16 report of your vendors be reviewed?

   • Quarterly
   • Semi-annually
   • Bi-annually
   • Annually

10. Which of the following will be MOST helpful for getting an Information Security project that is behind schedule back on schedule?

    • More frequent project milestone meetings
    • Involve internal audit
    • Upper management support
    • More training of staff members

11. The organization does not have the time to remediate the vulnerability; however it is critical to release the application.

    Which of the following needs to be further evaluated to help mitigate the risks?

    • Provide security testing tools
    • Provide developer security training
    • Deploy Intrusion Detection Systems
    • Implement Compensating Controls

12. Your company has a “no right to privacy” notice on all logon screens for your information systems and users sign an Acceptable Use Policy informing them of this condition. A peer group member and friend comes to you and requests access to one of her employee’s email account.

    What should you do?

    • Deny the request citing national privacy laws
    • None
    • Grant her access, the employee has been adequately warned through the AUP.
    • Assist her with the request, but only after her supervisor signs off on the action.
    • Reset the employee’s password and give it to the supervisor.

13. Which one of the following BEST describes which member of the management team is accountable for the day-to-day operation of the information security program?

    • Security managers
    • Security analysts
    • Security technicians
    • Security administrators

14. Which of the following is a major benefit of applying risk levels?

    • Resources are not wasted on risks that are already managed to an acceptable level
    • Risk appetite increase within the organization once the levels are understood
    • Risk budgets are more easily managed due to fewer due to fewer identified risks as a result of using a methodology
    • Risk management governance becomes easier since most risks remain low once mitigated

15. Which business stakeholder is accountable for the integrity of a new information system?

    • Compliance Officer
    • CISO
    • Project manager
    • Board of directors

16. A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization.

    Which of the following principles does this best demonstrate?

    • Proper budget management
    • Effective use of existing technologies
    • Alignment with the business
    • Leveraging existing implementations

17. Which of the following functions evaluates risk present in IT initiatives and/or systems when implementing an information security program?

    • Risk Assessment
    • Risk Management
    • Vulnerability Assessment
    • System Testing

18. Which of the following information may be found in table top exercises for incident response?

    • Real-time to remediate
    • Process improvements
    • Security budget augmentation
    • Security control selection

19. When gathering security requirements for an automated business process improvement program, which of the following is MOST important?

    • Type of data contained in the process/system
    • Type of encryption required for the data once it is at rest
    • Type of computer the data is processed on
    • Type of connection/protocol used to transfer the data

20. You manage a newly created Security Operations Center (SOC), your team is being inundated with security alerts and don’t know what to do.

    What is the BEST approach to handle this situation?

    • Tune the sensors to help reduce false positives so the team can react better
    • Request additional resources to handle the workload
    • Tell the team to do their best and respond to each alert
    • Tell the team to only respond to the critical and high alerts