712-50 : EC-Council Certified CISO : Part 18

712-50 : EC-Council Certified CISO : Part 18

1. Scenario: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization’s needs. The CISO discovers the scalability issue will only impact a small number of network segments.

   What is the next logical step to ensure the proper application of risk management methodology within the two-factor implementation project?

   • Decide to accept the risk on behalf of the impacted business units
   • Create new use cases for operational use of the solution
   • Report the deficiency to the audit team and create process exceptions
   • Determine if sufficient mitigating controls can be applied

2. Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.

   How can you reduce the administrative burden of distributing symmetric keys for your employer?

   • Use certificate authority to distribute private keys
   • Symmetrically encrypt the key and then use asymmetric encryption to unencrypt it
   • Use a self-generated key on both ends to eliminate the need for distribution
   • Use asymmetric encryption for the automated distribution of symmetric key

3. Scenario: Critical servers show signs of erratic behavior within your organization’s intranet. Initial information indicates the systems are under attack from an outside entity. As the Chief Information Security Officer (CISO), you decide to deploy the Incident Response Team (IRT) to determine the details of this incident and take action according to the information available to the team.

   In what phase of the response will the team extract information from the affected systems without altering original data?

   • Follow-up
   • Recovery
   • Response
   • Investigation

4. When creating contractual agreements and procurement processes why should security requirements be included?

   • To make sure the security process aligns with the vendor’s security process
   • To make sure they are added on after the process is completed.
   • To make sure the costs of security is included and understood
   • To make sure the patching process is included with the costs

5. Which type of physical security control scan a person’s external features through a digital video camera before granting access to a restricted area?

   • Iris scan
   • Retinal scan
   • Facial recognition scan
   • Signature kinetics scan

6. Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target company. Just as the employee opens the door, Bob walks up to the employee (still holding the box) and asks the employee to hold the door open so that he can enter. What is the best way to undermine the social engineering activity of tailgating?

   • Post a sign that states, “no tailgating” next to the special card reader adjacent to the secure door
   • Issue special cards to access secure doors at the company and provide a one-time only brief description of use of the special card
   • Educate and enforce physical security policies of the company to all the employees on a regular basis
   • Setup a mock video camera next to the special card reader adjacent to the secure door

7. Which type of scan is used on the eye to measure the layer of blood vessels?

   • Facial recognition scan
   • Iris scan
   • Signature kinetics scan
   • Retinal scan

8. A consultant is hired to do physical penetration testing at a large financial company. In the first day of his assessment, the consultant goes to the company’s building dressed like an electrician and waits in the lobby for an employee to pass through the main access gate, then the consultant follows the employee behind to get into the restricted area. Which type of attack did the consultant perform?

   • Shoulder surfing
   • Tailgating
   • Social engineering
   • Mantrap

9. Smith, the project manager for a larger multi-location firm, is leading a software project team that has 18 members, 5 of which are assigned to testing. Due to recent recommendations by an organizational quality audit team, the project manager is convinced to add a quality professional to lead to test team at additional cost to the project.

   The project manager is aware of the importance of communication for the success of the project and takes the step of introducing additional communication channels, making it more complex, in order to assure quality levels of the project. What will be the first project management document that Smith should change in order to accommodate additional communication channels?

   • WBS document
   • Scope statement
   • Change control document
   • Risk management plan

10. If the result of an NPV is positive, then the project should be selected. The net present value shows the present value of the project, based on the decisions taken for its selection. What is the net present value equal to?

    • Net profit – per capita income
    • Total investment – Discounted cash
    • Average profit – Annual investment
    • Initial investment – Future value

11. If a competitor wants to cause damage to your organization, steal critical secrets, or put you out of business, they just have to find a job opening, prepare someone to pass the interview, have that person hired, and they will be in the organization. How would you prevent such type of attacks?

    • Conduct thorough background checks before you engage them
    • Hire the people through third-party job agencies who will vet them for you
    • Investigate their social networking profiles
    • It is impossible to block these attacks

12. A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?

    • Effective use of existing technologies
    • Create a comprehensive security awareness program and provide success metrics to business units
    • Proper budget management
    • Leveraging existing implementations

13. Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda. From an Information Security Leadership perspective, which of the following is a MAJOR concern about the CISO’s approach to security?

    • Compliance centric agenda
    • IT security centric agenda
    • Lack of risk management process
    • Lack of sponsorship from executive management

14. A CISO has implemented a risk management capability within the security portfolio. Which of the following terms best describes this functionality?

    • Service
    • Program
    • Portfolio
    • Cost center

15. Using the Transport Layer Security (TLS) protocol enables a client in a network to be:

    • Provided with a digital signature
    • Assured of the server’s identity
    • Identified by a network
    • Registered by the server

16. The network administrator wants to strengthen physical security in the organization. Specifically, to implement a solution stopping people from entering certain restricted zones without proper credentials. Which of following physical security measures should the administrator use?

    • Video surveillance
    • Mantrap
    • Bollards
    • Fence

17. Which of the following is the MOST logical method of deploying security controls within an organization?

    • Obtain funding for all desired controls and then create project plans for implementation
    • Apply the simpler controls as quickly as possible and use a risk-based approach for the more difficult and costly controls
    • Apply the least costly controls to demonstrate positive program activity
    • Obtain business unit buy-in through close communication and coordination

18. Which of the following is a primary method of applying consistent configurations to IT systems?

    • Audits
    • Administration
    • Patching
    • Templates

19. Where does bottom-up financial planning primarily gain information for creating budgets?

    • By adding all capital and operational costs from the prior budgetary cycle, and determining potential financial shortages
    • By reviewing last year’s program-level costs and adding a percentage of expected additional portfolio costs
    • By adding the cost of all known individual tasks and projects that are planned for the next budgetary cycle
    • By adding all planned operational expenses per quarter then summarizing them in a budget request

20. Which of the following best describes revenue?

    • Non-operating financial liabilities minus expenses
    • The true profit-making potential of an organization
    • The sum value of all assets and cash flow into the business
    • The economic benefit derived by operating a business