
712-50リアルな試験問題712-50練習問題集
厳密検証された712-50試験問題集と解答で無料提供の712-50問題と正解付き
質問 # 283
Which of the following represents the BEST method of ensuring security program alignment to business needs?
- A. Create a comprehensive security awareness program and provide success metrics to business units
- B. Ensure security implementations include business unit testing and functional validation prior to production rollout
- C. Ensure the organization has strong executive-level security representation through clear sponsorship or the creation of a CISO role
- D. Create security consortiums, such as strategic security planning groups, that include business unit participation
正解:D
質問 # 284
The BEST organization to provide a comprehensive, independent and certifiable perspective on established security controls in an environment is
- A. Forensic experts
- B. Penetration testers
- C. Internal Audit
- D. External Audit
正解:D
解説:
Why External Audit Provides the Best Perspective:
* External auditors are independent and unbiased, offering a certifiable assessment of established controls.
* They evaluate compliance with standards, effectiveness of controls, and areas needing improvement.
Why This is Correct:
* External audits provide an objective view that internal teams or penetration testers may not.
* Results from an external audit are often recognized for certifications or regulatory compliance.
Why Other Options Are Incorrect:
* A. Penetration Testers: Focus on identifying vulnerabilities, not certifying overall controls.
* C. Internal Audit: Valuable but lacks the independence of an external review.
* D. Forensic Experts: Specialize in investigating incidents, not evaluating ongoing controls.
References:
EC-Council emphasizes the role of external audits in providing comprehensive and independent validation of security controls.
質問 # 285
Risk is defined as:
- A. Asset loss times likelihood of event
- B. Quantitative plus qualitative impact
- C. Advisory plus capability plus vulnerability
- D. Threat times vulnerability divided by control
正解:D
質問 # 286
An information security department is required to remediate system vulnerabilities when they are discovered.
Please select the three primary remediation methods that can be used on an affected system.
- A. Discover software, Remove affected software, Apply software patch
- B. Install software patch, configuration adjustment, Software Removal
- C. Install software patch, Operate system, Maintain system
- D. Software removal, install software patch, maintain system
正解:B
解説:
Primary Remediation Methods:
* Software Patch: Corrects the vulnerability by updating the affected software.
* Configuration Adjustment: Modifies system settings to reduce risk exposure.
* Software Removal: Eliminates vulnerable software if a patch or adjustment is not feasible.
Comprehensive Approach:
* These three methods cover a range of options to address system vulnerabilities effectively.
Supporting Reference:
* CCISO emphasizes using a combination of remediation methods tailored to the specific vulnerability and system environment.
質問 # 287
What is a difference from the list below between quantitative and qualitative Risk Assessment?
- A. Quantitative risk assessments result in an exact number (in monetary terms)
- B. Quantitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)
- C. Qualitative risk assessments map to business objectives
- D. Qualitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)
正解:A
解説:
Difference Between Quantitative and Qualitative Assessments:
* Quantitative Assessment: Provides measurable data, often expressed in monetary terms, to quantify risk impact.
* Qualitative Assessment: Uses descriptive categories (e.g., high, medium, low) to assess risk based on subjective judgment.
Why Option A Is Correct:Quantitative assessments focus on precise calculations, such as potential financial loss, which is a distinguishing feature.
Why Other Options Are Incorrect:
* B & D: These describe qualitative assessments, not quantitative.
* C. Mapping to Business Objectives: Both types can be mapped to objectives; this is not a distinguishing factor.
References:EC-Council describes quantitative methods as data-driven and focused on objective metrics, while qualitative methods emphasize subjective risk prioritization.
質問 # 288
A CISO wants to change the defense strategy to ward off attackers. To accomplish this the CISO is looking to a strategy where attackers are lured into a zone of a safe network where attackers can be monitored, controlled, quarantined, or eradicated.
- A. Integrated security controls
- B. Passive monitoring
- C. Moderate investment
- D. Dynamic deception
正解:D
質問 # 289
A Security Operations Centre (SOC) manager is informed that a database containing highly sensitive corporate strategy information is under attack. Information has been stolen, and the database server was disconnected.
Who must be informed of this incident?
- A. Government regulators
- B. Internal audit
- C. All executive staff
- D. The data owner
正解:D
質問 # 290
You are having a penetration test done on your company network and the leader of the team says they discovered all the network devices because no one had changed the Simple Network Management Protocol (SNMP) community strings from the defaults. Which of the following is a default community string?
- A. Administrator
- B. Execute
- C. Public
- D. Read
正解:C
解説:
The Simple Network Management Protocol (SNMP) uses "community strings" as a form of authentication.
The default read-only string for SNMP is often set to "Public".
* SNMP Overview:
* SNMP is used for monitoring and managing network devices such as routers, switches, and servers.
* Default Community Strings:
* Default strings like "Public" (read-only) and "Private" (read-write) are well-known and often targeted by attackers if not changed.
* Penetration Test Findings:
* Discovering devices through SNMP indicates improper security practices where default settings haven't been updated, making devices vulnerable.
* Mitigation:
* Change SNMP community strings to strong, unique values.
* Restrict SNMP access to trusted IP ranges.
* Configuration Management: Emphasizes updating default settings as a baseline security measure.
* Penetration Testing Insights: Findings like this are critical for improving network security posture, aligning with EC-Council's penetration testing methodologies.
EC-Council CISO References:
質問 # 291
An employee successfully avoids becoming a victim of a sophisticated spear phishing attack due to knowledge gained through the corporate information security awareness program. What type of control has been effectively utilized?
- A. Training Control
- B. Technical Control
- C. Management Control
- D. Operational Control
正解:D
質問 # 292
A CISO has implemented a risk management capability within the security portfolio. Which of the following terms best describes this functionality?
- A. Service
- B. Portfolio
- C. Program
- D. Cost center
正解:C
質問 # 293
The remediation of a specific audit finding is deemed too expensive and will not be implemented. Which of the following is a TRUE statement?
- A. The asset is more expensive than the remediation
- B. The asset being protected is less valuable than the remediation costs
- C. The remediation costs are irrelevant; it must be implemented regardless of cost.
- D. The audit finding is incorrect
正解:B
質問 # 294
Which of the following functions evaluates patches used to close software vulnerabilities of new systems to assure compliance with policy when implementing an information security program?
- A. Risk assessment
- B. Planning
- C. System testing
- D. Incident response
正解:C
質問 # 295
Which of the following is the MOST effective way to measure the effectiveness of security controls on a perimeter network?
- A. Implement network intrusion prevention systems
- B. Internal Firewall ruleset reviews
- C. Perform a vulnerability scan of the network
- D. External penetration testing by a qualified third party
正解:D
質問 # 296
A stakeholder is a person or group:
- A. Vested in the success and/or failure of a project or initiative regardless of budget implications.
- B. That has budget authority.
- C. That will ultimately use the system.
- D. Vested in the success and/or failure of a project or initiative and is tied to the project budget.
正解:A
解説:
Definition of a Stakeholder:
* Stakeholders include anyone with an interest in the success or failure of a project or initiative, irrespective of their direct financial involvement or usage of the system.
Why Other Options Are Incorrect:
* B. Vested in success and tied to budget: Budget involvement is not a prerequisite for being a stakeholder.
* C. That has budget authority: Stakeholders are not limited to those with financial control.
* D. That will ultimately use the system: Users are stakeholders, but stakeholders are not limited to end- users.
EC-Council CISO Reference:EC-Council defines stakeholders broadly to include all parties affected by or invested in a project's outcome, emphasizing their influence and varied roles.
質問 # 297
As the CISO, you have been tasked with the execution of the company's key management program. You MUST ensure the integrity of encryption keys at the point of generation. Which principal of encryption key control will ensure no single individual can constitute or re-constitute a key?
- A. Separation of Duties
- B. Least Privilege
- C. Split Knowledge
- D. Dual Control
正解:D
解説:
Explanation/Reference: https://info.townsendsecurity.com/bid/23881/PCI-DSS-2-0-and-Encryption-Key-Management
質問 # 298
When you develop your audit remediation plan what is the MOST important criteria?
- A. To validate that the cost of the remediation is less than the risk of the finding.
- B. To validate the remediation process with the auditor.
- C. To remediate half of the findings before the next audit.
- D. To remediate all of the findings before the next audit.
正解:A
解説:
Importance of Cost-Risk Analysis
* The EC-Council CISO framework emphasizes the principle of risk-based decision-making in all cybersecurity processes, including audit remediation. Addressing audit findings requires organizations to evaluate the potential risks associated with each finding and prioritize remediation efforts based on their cost-effectiveness.
* Ensuring that the cost of remediation is proportional to the risk mitigated avoids unnecessary expenditures while addressing critical vulnerabilities.
Comparison with Other Options
* A. To remediate half of the findings before the next audit:This approach lacks a strategic foundation. Arbitrarily remediating half of the findings does not align with a risk-based strategy, leading to potential neglect of high-priority issues.
* B. To remediate all of the findings before the next audit:While remediating all findings is ideal, it is often impractical due to resource constraints. A prioritized, risk-based approach ensures critical vulnerabilities are addressed first, maximizing the impact of remediation efforts.
* D. To validate the remediation process with the auditor:Although validation with the auditor is a good practice, it is a secondary step. The primary focus must be on ensuring that remediation efforts align with risk mitigation objectives and resource efficiency.
EC-Council CISO Guidance on Audit Remediation Plans
* The framework highlights these critical steps:
* Risk Assessment: Analyze the severity and potential impact of findings.
* Cost-Benefit Analysis: Determine if the remediation cost is justified by the reduction in risk exposure.
* Prioritization: Address high-risk findings first, ensuring critical vulnerabilities are mitigated promptly.
* Alignment with Organizational Goals: Ensure remediation efforts support broader business and security objectives.
Balancing Compliance and Practicality
* An effective audit remediation plan balances compliance requirements with practical considerations.
Overcommitting resources to less impactful findings can divert attention from critical risks.
* Validating the cost-risk ratio ensures that resources are utilized effectively, enabling sustainable compliance and operational resilience.
Conclusion
* The most important criterion when developing an audit remediation plan is to validate that the cost of the remediation is less than the risk of the finding. This approach ensures that the organization prioritizes its efforts effectively, aligns with risk management principles, and maximizes resource utilization.
質問 # 299
Scenario: The new CISO was informed of all the Information Security projects that the section has in progress. Two projects are over a year behind schedule and way over budget.
Using the best business practices for project management, you determine that the project correctly aligns with the organization goals. What should be verified next?
- A. Scope
- B. Constraints
- C. Resources
- D. Budget
正解:A
解説:
When a project is behind schedule and over budget, after verifying alignment with organizational goals, the next step is to verify the scope of the project. Scope creep or poorly defined scope is a common reason for delays and cost overruns.
* Why Verify Scope?:
* Ensures that the project's deliverables and objectives are clearly defined and aligned with expectations.
* Identifies any scope creep or additions not accounted for in the original plan.
* Impact of Scope Verification:
* Helps determine if the delays and overruns are due to changes in scope or lack of clarity.
* Provides a foundation for making adjustments to schedules, budgets, or resources.
* Other Factors:
* While budget, resources, and constraints are also critical, addressing the scope provides clarity on the root cause of project inefficiencies.
* Project Management Frameworks: Emphasizes scope management as a key step in addressing project delays.
* Best Practices in Project Oversight: Aligns scope verification with organizational goals and deliverables.
質問 # 300
Creating a secondary authentication process for network access would be an example of?
- A. System hardening and patching requirements
- B. Anti-virus for mobile devices
- C. Defense in depth cost enumerated costs
- D. Nonlinearities in physical security performance metrics
正解:C
解説:
Layered Security Approach:
* Secondary authentication adds another layer of security, contributing to the Defense in Depth strategy.
* Enumerating costs ensures the layered approach is cost-effective and aligns with organizational budgets.
Why This is Correct:
* Secondary authentication strengthens access controls, a critical aspect of Defense in Depth.
Why Other Options Are Incorrect:
* A. Nonlinearities in metrics: Irrelevant to authentication processes.
* C. System hardening: Focuses on system configurations, not authentication.
* D. Anti-virus for mobile devices: Unrelated to authentication processes.
References:
EC-Council highlights Defense in Depth strategies as essential for layered protection mechanisms like secondary authentication.
質問 # 301
Which of the following is the PRIMARY goal of information security?
- A. To document and act on security breaches
- B. To monitor all security controls and processes
- C. To manage all compliance requirements
- D. To identify and manage risk to the organization
正解:D
解説:
Comprehensive and Detailed Explanation:
According to the EC-Council CCISO framework, the primary goal of information security is to identify, manage, and reduce risk to the organization. Breach handling, compliance, and monitoring are supporting activities, not the core objective.
CCISO materials consistently define information security as a risk management discipline, making option B correct.
質問 # 302
Which is the BEST solution to monitor, measure, and report changes to critical data in a system?
- A. Syslog
- B. File integrity monitoring
- C. Application logs
- D. SNMP traps
正解:B
解説:
Purpose of File Integrity Monitoring (FIM):
* FIM tracks changes to critical files and directories, providing alerts for unauthorized or unexpected modifications.
* Ensures integrity and compliance with standards like PCI-DSS.
Why This is Correct:
* Specifically designed to detect and report changes in critical data.
Why Other Options Are Incorrect:
* A. Application Logs: Track application events but lack specific focus on data changes.
* C. SNMP Traps: Focus on network device monitoring, not file integrity.
* D. Syslog: Centralizes logs but doesn't inherently monitor data changes.
References:EC-Council recognizes FIM as the best tool for monitoring critical data integrity.
質問 # 303
An organization is required to implement background checks on all employees with access to databases containing credit card information. This is considered a security___________.
- A. Management control
- B. Procedural control
- C. Technical control
- D. Administrative control
正解:A
質問 # 304
......
EC-COUNCIL 712-50認定試験は、情報セキュリティガバナンス、リスク管理、コンプライアンス、戦略的計画、リーダーシップなど、広範なトピックをカバーする包括的なプログラムです。この認定プログラムは、候補者に複雑なセキュリティプログラムを効果的に管理し、セキュリティポリシーと手順を開発および実装し、経営陣およびその他の利害関係者と効果的にコミュニケーションを取るために必要な知識とスキルを提供することを目的としています。EC-COUNCIL 712-50認定を取得することは、情報セキュリティ管理の高度な専門知識を示し、候補者の専門的な成長と継続的な学習への取り組みを強調することになります。
無料でゲット!高評価EC-COUNCIL 712-50試験問題集を今すぐダウンロード!:https://www.goshiken.com/EC-COUNCIL/712-50-mondaishu.html
あなたを合格させる712-50無料最新問題集でEC-COUNCIL練習テストしよう:https://drive.google.com/open?id=1hu32x75StPlElWUrlWKz5RacYPKkJZHu