712-50 EC-Council Certified CISO (CCISO) Questions and Answers

SQL injection is a very popular and successful injection attack method. Identify the basic SQL injection text:

Risk that remains after risk mitigation is known as

An organization has defined a set of standard security controls. This organization has also defined the circumstances and conditions in which they must be applied. What is the NEXT logical step in applying the controls in the organization?

Which of the following is considered the MOST effective tool against social engineering?

What should an organization do to ensure that they have a sound Business Continuity (BC) Plan?

Which of the following is a weakness of an asset or group of assets that can be exploited by one or more threats?

A global health insurance company is concerned about protecting confidential information. Which of the following is of MOST concern to this organization?

Which of the following is a MAJOR consideration when an organization retains sensitive customer data and uses this data to better target the organization’s products and services?

Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?

Which of the following represents the BEST method for obtaining business unit acceptance of security controls within an organization?

An international organization is planning a project to implement encryption technologies to protect company confidential information. This organization has data centers on three continents. Which of the following would be considered a MAJOR constraint for the project?

Which of the following represents the BEST reason for an organization to use the Control Objectives for Information and Related Technology (COBIT) as an Information Technology (IT) framework?

When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?

When dealing with a risk management process, asset classification is important because it will impact the overall:

According to the National Institute of Standards and Technology (NIST) SP 800-40, which of the following considerations are MOST important when creating a vulnerability management program?

What is the SECOND step to creating a risk management methodology according to the National Institute of Standards and Technology (NIST) SP 800-30 standard?

When you develop your audit remediation plan what is the MOST important criteria?

Which of the following activities must be completed BEFORE you can calculate risk?

You have implemented the new controls. What is the next step?

With respect to the audit management process, management response serves what function?

The process of creating a system which divides documents based on their security level to manage access to private data is known as

The ability to hold intruders accountable in a court of law is important. Which of the following activities are needed to ensure the highest possibility for successful prosecution?

While designing a secondary data center for your company what document needs to be analyzed to determine to how much should be spent on building the data center?

What is the FIRST step in developing the vulnerability management program?

The process for identifying, collecting, and producing digital information in support of legal proceedings is called

A key cybersecurity feature of a Personal Identification Verification (PIV) Card is:

When performing a forensic investigation, what are the two MOST common data sources for obtaining evidence from a computer and mobile devices?

An organization recently acquired a Data Loss Prevention (DLP) solution, and two months after the implementation, it was found that sensitive data was posted to numerous Dark Web sites. The DLP application was checked, and there are no apparent malfunctions and no errors.

What is the MOST likely reason why the sensitive data was posted?

The Board of Directors of a publicly-traded company is concerned about the security implications of a strategic project that will migrate 50% of the organization’s information technology assets to the cloud. They have requested a briefing on the project plan and a progress report of the security stream of the project. As the CISO, you have been tasked with preparing the report for the Chief Executive Officer to present.

Using the Earned Value Management (EVM), what does a Cost Variance (CV) of -1,200 mean?

A cloud computing environment that is bound together by technology that allows data and applications to be shared between public and private clouds is BEST referred to as a?

When information security falls under the Chief Information Officer (CIO), what is their MOST essential role?

As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity.

The performance quality audit activity is done in what project management process group?

In MOST organizations which group periodically reviews network intrusion detection system logs for all systems as part of their daily tasks?

The implementation of anti-malware and anti-phishing controls on centralized email servers is an example of what type of security control?

Which of the following is a countermeasure to prevent unauthorized database access from web applications?

Which of the following backup sites takes the longest recovery time?

Which of the following is a symmetric encryption algorithm?

Which of the following best summarizes the primary goal of a security program?

You are the CISO of a commercial social media organization. The leadership wants to rapidly create new methods of sharing customer data through creative linkages with mobile devices. You have voiced concern about privacy regulations but the velocity of the business is given priority. Which of the following BEST describes this organization?

A recommended method to document the respective roles of groups and individuals for a given process is to:

An organization has a stated requirement to block certain traffic on networks. The implementation of controls will disrupt a manufacturing process and cause unacceptable delays, resulting in sever revenue disruptions. Which of the following is MOST likely to be responsible for accepting the risk until mitigating controls can be implemented?

When reviewing a Solution as a Service (SaaS) provider’s security health and posture, which key document should you review?

You have been promoted to the CISO of a big-box retail store chain reporting to the Chief Information Officer (CIO). The CIO’s first mandate to you is to develop a cybersecurity compliance framework that will meet all the store’s compliance requirements.

Which of the following compliance standard is the MOST important to the organization?

What key technology can mitigate ransomware threats?

Optical biometric recognition such as retina scanning provides access to facilities through reading the unique characteristics of a person’s eye.

However, authorization failures can occur with individuals who have?

What organizational structure combines the functional and project structures to create a hybrid of the two?

Which of the following best describes revenue?

Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.

How can you reduce the administrative burden of distributing symmetric keys for your employer?

A consultant is hired to do physical penetration testing at a large financial company. In the first day of his

assessment, the consultant goes to the company’s building dressed like an electrician and waits in the lobby for

an employee to pass through the main access gate, then the consultant follows the employee behind to get into

the restricted area. Which type of attack did the consultant perform?

What are the primary reasons for the development of a business case for a security project?

The ability to demand the implementation and management of security controls on third parties providing services to an organization is

Access Control lists (ACLs), Firewalls, and Intrusion Prevention Systems are examples of

Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years.

This global retail company is expected to accept credit card payments. Which of the following is of MOST concern when defining a security program for this organization?

What is the primary reason for performing vendor management?

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.

Which of the following is the reason the CISO has not been able to advance the security agenda in this organization?

The new CISO was informed of all the Information Security projects that the organization has in progress. Two projects are over a year behind schedule and over budget. Using best business practices for project management you determine that the project correctly aligns with the company goals.

Which of the following needs to be performed NEXT?

When analyzing and forecasting a capital expense budget what are not included?

Scenario: The new CISO was informed of all the Information Security projects that the section has in progress. Two projects are over a year behind schedule and way over budget.

Using the best business practices for project management, you determine that the project correctly aligns with the organization goals. What should be verified next?

How often should the Statements of Standards for Attestation Engagements-16 (SSAE16)/International Standard on Assurance Engagements 3402 (ISAE3402) report of your vendors be reviewed?

Acme Inc. has engaged a third party vendor to provide 99.999% up-time for their online web presence and had them contractually agree to this service level agreement. What type of risk tolerance is Acme exhibiting? (choose the BEST answer):

Your incident response plan should include which of the following?

In order for a CISO to have true situational awareness there is a need to deploy technology that can give a real-time view of security events across the enterprise. Which tool selection represents the BEST choice to achieve situational awareness?

In effort to save your company money which of the following methods of training results in the lowest cost for the organization?

When entering into a third party vendor agreement for security services, at what point in the process is it BEST to understand and validate the security posture and compliance level of the vendor?