Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 712-50

EC-Council 712-50 Exam Questions
EC-Council Certified CISO (Page 13 )

Updated On: 16-Feb-2026
Page 13 of 93
PDF with 494 Questions

An organization’s firewall technology needs replaced. A specific technology has been selected that is less costly than others and lacking in some important capabilities. The security officer has voiced concerns about sensitivedata breaches but the decision is made to purchase. What does this selection indicate?

  1. A high threat environment
  2. A low vulnerability environment
  3. A high risk tolerance environment
  4. A low risk tolerance environment

Answer(s): C



Which of the following is MOST important when dealing with an Information Security Steering committee?

  1. Ensure that security policies and procedures have been vetted and approved.
  2. Review all past audit and compliance reports.
  3. Include a mix of members from different departments and staff levels.
  4. Be briefed about new trends and products at each meeting by a vendor.

Answer(s): B



Risk that remains after risk mitigation is known as_____________.

  1. Accepted risk
  2. Residual risk
  3. Non-tolerated risk
  4. Persistent risk

Answer(s): B



An organization is looking for a framework to measure the efficiency and effectiveness of their Information Security Management System.

Which of the following international standards can BEST assist this organization?

  1. Payment Card Industry Data Security Standards (PCI-DSS)
  2. International Organization for Standardizations – 27005 (ISO-27005)
  3. International Organization for Standardizations – 27004 (ISO-27004)
  4. Control Objectives for Information Technology (COBIT)

Answer(s): C



When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?

  1. When there is a variety of technologies deployed in the infrastructure.
  2. When it results in an overall lower cost of operating the security program.
  3. When there is a need to develop a more unified incident response capability.
  4. When the enterprise is made up of many business units with diverse business activities, risks profiles and regulatory requirements.

Answer(s): D






Post your Comments and Discuss EC-Council 712-50 exam dumps with other Community members:

Join the 712-50 Discussion