New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

ECCouncil 712-50 Online Access

Page: 5 / 34
Question 20

As the CISO, you have been tasked with the execution of the company’s key management program. You

MUST ensure the integrity of encryption keys at the point of generation. Which principal of encryption key

control will ensure no single individual can constitute or re-constitute a key?

Options:

A.

Dual Control

B.

Separation of Duties

C.

Split Knowledge

D.

Least Privilege

Question 21

John is the project manager for a large project in his organization. A new change request has been proposed that will affect several areas of the project. One area of the project change impact is on work that a vendor has already completed. The vendor is refusing to make the changes as they’ve already completed the project work they were contracted to do. What can John do in this instance?

Options:

A.

Refer the vendor to the Service Level Agreement (SLA) and insist that they make the changes.

B.

Review the Request for Proposal (RFP) for guidance.

C.

Withhold the vendor’s payments until the issue is resolved.

D.

Refer to the contract agreement for direction.

Question 22

Which of the following provides an independent assessment of a vendor’s internal security controls and overall posture?

Options:

A.

Alignment with business goals

B.

ISO27000 accreditation

C.

PCI attestation of compliance

D.

Financial statements

Question 23

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.

From an Information Security Leadership perspective, which of the following is a MAJOR concern about the CISO’s approach to security?

Options:

A.

Lack of risk management process

B.

Lack of sponsorship from executive management

C.

IT security centric agenda

D.

Compliance centric agenda

Page: 5 / 34
Exam Code: 712-50
Exam Name: EC-Council Certified CISO (CCISO)
Last Update: Dec 22, 2024
Questions: 460
712-50 pdf

712-50 PDF

$25.5  $84.99
712-50 Engine

712-50 Testing Engine

$28.5  $94.99
712-50 PDF + Engine

712-50 PDF + Testing Engine

$40.5  $134.99