CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 512-50

Free 512-50 Exam Braindumps (page: 11)

Page 10 of 102
PDF with 404 Questions

When an organization claims it is secure because it is PCI-DSS certified, what is a good first question to ask towards assessing the effectiveness of their security program?

  1. How many credit card records are stored?
  2. How many servers do you have?
  3. What is the scope of the certification?
  4. What is the value of the assets at risk?

Answer(s): C



What is a difference from the list below between quantitative and qualitative Risk Assessment?

  1. Quantitative risk assessments result in an exact number (in monetary terms)
  2. Qualitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)
  3. Qualitative risk assessments map to business objectives
  4. Quantitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)

Answer(s): A



What is the definition of Risk in Information Security?

  1. Risk = Probability x Impact
  2. Risk = Threat x Probability
  3. Risk = Financial Impact x Probability
  4. Risk = Impact x Threat

Answer(s): A



Quantitative Risk Assessments have the following advantages over qualitative risk assessments:

  1. They are objective and can express risk / cost in real numbers
  2. They are subjective and can be completed more quickly
  3. They are objective and express risk / cost in approximates
  4. They are subjective and can express risk /cost in real numbers

Answer(s): A






Post your Comments and Discuss EC-Council 512-50 exam with other Community members:

512-50 Exam Discussions & Posts