CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 512-50

Free 512-50 Exam Braindumps (page: 26)

Page 25 of 102
PDF with 404 Questions

According to the National Institute of Standards and Technology (NIST) SP 800-40, which of the following considerations are MOST important when creating a vulnerability management program?

  1. Susceptibility to attack, mitigation response time, and cost
  2. Attack vectors, controls cost, and investigation staffing needs
  3. Vulnerability exploitation, attack recovery, and mean time to repair
  4. Susceptibility to attack, expected duration of attack, and mitigation availability

Answer(s): A



As the Risk Manager of an organization, you are task with managing vendor risk assessments. During the assessment, you identified that the vendor is engaged with high profiled clients, and bad publicity can jeopardize your own brand.

Which is the BEST type of risk that defines this event?

  1. Compliance Risk
  2. Reputation Risk
  3. Operational Risk
  4. Strategic Risk

Answer(s): B



With a focus on the review and approval aspects of board responsibilities, the Data Governance Council recommends that the boards provide strategic oversight regarding information and information security, include these four things:

  1. Metrics tracking security milestones, understanding criticality of information and information security, visibility into the types of information and how it is used, endorsement by the board of directors
  2. Annual security training for all employees, continual budget reviews, endorsement of the development and implementation of a security program, metrics to track the program
  3. Understanding criticality of information and information security, review investment in information security, endorse development and implementation of a security program, and require regular reports on adequacy and effectiveness
  4. Endorsement by the board of directors for security program, metrics of security program milestones, annual budget review, report on integration and acceptance of program

Answer(s): C


Reference:

https://nanopdf.com/download/information-security-governance-guidance-for-boards- of_pdf (9)



Which of the following best represents a calculation for Annual Loss Expectancy (ALE)?

  1. Single loss expectancy multiplied by the annual rate of occurrence
  2. Total loss expectancy multiplied by the total loss frequency
  3. Value of the asset multiplied by the loss expectancy
  4. Replacement cost multiplied by the single loss expectancy

Answer(s): A






Post your Comments and Discuss EC-Council 512-50 exam with other Community members:

512-50 Discussions & Posts