Free Access EC-COUNCIL.512-50.v2022-06-13.q103 Practice Test (Page 4)

Question 11

A new CISO just started with a company and on the CISO's desk is the last complete Information Security Management audit report. The audit report is over two years old. After reading it, what should be the CISO's FIRST priority?

A.Have internal audit conduct another audit to see what has changed.

B.Meet with audit team to determine a timeline for corrections

C.Review the recommendations and follow up to see if audit implemented the changes

D.Contract with an external audit company to conduct an unbiased audit

Question 12

The alerting, monitoring and life-cycle management of security related events is typically handled by the

A.risk assessment process

B.risk management process

C.security threat and vulnerability management process

D.governance, risk, and compliance tools

Question 13

The general ledger setup function in an enterprise resource package allows for setting accounting periods.
Access to this function has been permitted to users in finance, the shipping department, and production scheduling. What is the most likely reason for such broad access?

A.The requirement to post entries for a closed accounting period.

B.The need to create and modify the chart of accounts and its allocations.

C.The need to change accounting periods on a regular basis.

D.The lack of policies and procedures for the proper segregation of duties.

Question 14

A CISO has recently joined an organization with a poorly implemented security program. The desire is to base the security program on a risk management approach. Which of the following is a foundational requirement in order to initiate this type of program?

A.A complete inventory of Information Technology assets including infrastructure, networks, applications and data

B.A clearly identified executive sponsor who will champion the effort to ensure organizational buy-in

C.A clear set of security policies and procedures that are more concept-based than controls-based

D.A security organization that is adequately staffed to apply required mitigation strategies and regulatory compliance solutions

Question 15

The exposure factor of a threat to your organization is defined by?

A.Annual rate of occurrence

B.Asset value times exposure factor

C.Percentage of loss experienced due to a realized threat event

D.Annual loss expectancy minus current cost of controls

Latest Upload: 107EMC.D-VXR-DS-00.v2025-12-24.q43; 110Splunk.SPLK-5001.v2025-12-24.q37; 121Huawei.H19-308-ENU.v2025-12-24.q74; 106APMG-International.AgilePM-Foundation.v2025-12-24.q74; 134SAP.C-C4H62-2408.v2025-12-24.q81; 108ASHRAE.HFDP.v2025-12-24.q39; 113ISQI.CTFL-UT.v2025-12-23.q13; 123ARDMS.SPI.v2025-12-23.q102; 119Microsoft.SC-300.v2025-12-23.q333; 120PaloAltoNetworks.PSE-Prisma-Pro-24.v2025-12-23.q39

Question 11

Question 12

Question 13

Question 14

Question 15

Download PDF File