Last Updated on July 24, 2021 by InfraExam

712-50 : EC-Council Certified CISO : Part 14

  1. Your incident handling manager detects a virus attack in the network of your company. You develop a signature based on the characteristics of the detected virus.

    Which of the following phases in the incident handling process will utilize the signature to resolve this incident?

    • Eradication
    • Containment
    • Recovery
    • Identification
  2. A system is designed to dynamically block offending Internet IP-addresses from requesting services from a secure website.

    This type of control is considered______________________.

    • Preventive detection control
    • Corrective security control
    • Zero-day attack mitigation
    • Dynamic blocking control
  3. Which of the following is a countermeasure to prevent unauthorized database access from web applications?

    • Removing all stored procedures
    • Library control
    • Input sanitization
    • Session encryption
  4. The process for identifying, collecting, and producing digital information in support of legal proceedings is called _____________________________.

    • chain of custody
    • electronic review
    • evidence tampering
    • electronic discovery
  5. An anonymity network is a series of?

    • Covert government networks
    • Virtual network tunnels
    • Government networks in Tora
    • War driving maps
  6. The newly appointed CISO of an organization is reviewing the IT security strategic plan.

    Which of the following is the MOST important component of the strategic plan?

    • There is a clear definition of the IT security mission and vision.
    • The plan requires return on investment for all security projects.
    • There is integration between IT security and business staffing
    • There is an auditing methodology in place.
  7. Annual Loss Expectancy is derived from the function of which two factors?

    • Annual rate of Occurrence and Single Loss Expectancy
    • Annual rate of Occurrence and Asset Value
    • Safeguard value and Annual Rate of Occurrence
    • Single Loss Expectancy and Exposure factor
  8. Access Control lists (ACLs), Firewalls, and Intrusion Prevention Systems are examples of________________.

    • User segmentation controls
    • Software segmentation controls
    • Network based security detective controls
    • Network based security preventative controls
  9. The formal certification and accreditation process has four primary steps, what are they?

    • Evaluating, describing, testing and authorizing
    • Auditing, documenting, verifying, certifying
    • Evaluating, purchasing, testing, authorizing
    • Discovery, testing, authorizing, certifying
  10. While designing a secondary data center for your company what document needs to be analyzed to determine to how much should be spent on building the data center?

    • Business continuity plan
    • Application mapping document
    • Disaster recovery strategic plan
    • Enterprise Risk Assessment
  11. What is the primary reason for performing a return on investment analysis?

    • To determine the current present value of a project
    • To determine the annual rate of loss
    • To decide between multiple vendors
    • To decide is the solution costs less than the risk it is mitigating
  12. Network Forensics is the prerequisite for any successful legal action after attacks on your Enterprise Network.

    Which is the single most important factor to introducing digital evidence into a court of law?

    • Expert forensics witness
    • Fully trained network forensic expects to analyze all data right after the attack
    • Uninterrupted Chain of Custody
    • Comprehensive Log-Files from all servers and network devices affected during the attack
  13. What is the primary reason for performing vendor management?

    • To define the partnership for long-term success
    • To understand the risk coverage that are being mitigated by the vendor
    • To establish a vendor selection process
    • To document the relationship between the company and vendor
  14. Physical security measures typically include which of the following components?

    • Strong password, Biometric, Common Access Card
    • Technical. Strong Password, Operational
    • Operational, Biometric, Physical
    • Physical, Technical, Operational
  15. Which of the following is MOST important when tuning an Intrusion Detection System (IDS)?

    • Log retention
    • Storage encryption
    • Type of authentication
    • Trusted and untrusted networks
  16. Which of the following conditions would be the MOST probable reason for a security project to be rejected by the executive board of an organization?

    • The NPV of the project is negative
    • The return on Investment (ROI) is larger than 10 months
    • The Net Present value (NPV) of the project is positive
    • The ROI is lower than 10 months
  17. A customer of a bank has placed a dispute on a payment for a credit card account. The banking system uses digital signatures to safeguard the integrity of their transactions. The bank claims that the system shows proof that the customer in fact made the payment.

    What is this system capability commonly known as?

    • conflict resolution
    • strong authentication
    • non-repudiation
    • digital rights management
  18. The process for management approval of the security certification process which states the risks and mitigation of such risks of a given IT system is called___________________.

    • Security certification
    • Security system analysis
    • Alignment with business practices and goals
    • Security accreditation
  19. Your penetration testing team installs an in-line hardware key logger onto one of your network machines.

    Which of the following is of major concern to the security organization?

    • In-line hardware keyloggers are undetectable by software
    • In-line hardware keyloggers are relatively inexpensive
    • In-line hardware keyloggers don’t require physical access
    • In-line hardware keyloggers don’t comply to industry regulations
  20. An access point (AP) is discovered using Wireless Equivalent Protocol (WEP). The cipher text sent by the AP is encrypted with the same key and cipher used by its stations.

    What authentication method is being used?

    • Open
    • Asynchronous
    • None
    • Shared key