Free Access EC-COUNCIL.712-50.v2022-03-22.q344 Practice Test (Page 28)

Question 131

SCENARIO: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization's needs.
The CISO is unsure of the information provided and orders a vendor proof of concept to validate the system's scalability. This demonstrates which of the following?

A.An approach that allows for minimum budget impact if the solution is unsuitable

B.A risk-based approach to determine if the solution is suitable for investment

C.An approach providing minimum time impact to the implementation schedules

D.A methodology-based approach to ensure authentication mechanism functions

Question 132

What are the three stages of an identity and access management system?

A.Provision, Administration, Enforcement

B.Provision, Administration, Authentication

C.Authentication, Authorize, Validation

D.Administration, Validation, Protect

Question 133

In accordance with best practices and international standards, how often is security awareness training provided to employees of an organization?

A.Every 18 months

B.Every 12 months

C.High risk environments 6 months, low-risk environments 12 months

D.Every 6 months

Question 134

To have accurate and effective information security policies how often should the CISO review the organization policies?

A.Before an audit

B.At least once a year

C.Quarterly

D.Every 6 months

Question 135

The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?

A.Explain to the IT group that the IPS won't cause any network impact because it will fail open

B.Explain to the IT group that this is a business need and the IPS will fail open however, if there is a network failure the CISO will accept responsibility

C.Work with the IT group and tell them to put IPS in-line and say it won't cause any network impact

D.Explain to the IT group that the IPS will fail open once in-line however it will be deployed in monitor mode for a set period of time to ensure that it doesn't block any legitimate traffic

Other Version: 278EC-COUNCIL.712-50.v2025-12-08.q123; 6479EC-COUNCIL.712-50.v2022-08-05.q375; 107EC-COUNCIL.Trainingdump.712-50.v2021-11-15.by.priscilla.195q.pdf

Latest Upload: 104IAPP.AIGP.v2025-12-25.q64; 103CISI.UAE-Financial-Rules-and-Regulations.v2025-12-25.q35; 104SAP.C-S4TM-2023.v2025-12-25.q82; 110EMC.D-VXR-DS-00.v2025-12-24.q43; 122Splunk.SPLK-5001.v2025-12-24.q37; 125Huawei.H19-308-ENU.v2025-12-24.q74; 109APMG-International.AgilePM-Foundation.v2025-12-24.q74; 139SAP.C-C4H62-2408.v2025-12-24.q81; 111ASHRAE.HFDP.v2025-12-24.q39; 115ISQI.CTFL-UT.v2025-12-23.q13

Question 131

Question 132

Question 133

Question 134

Question 135

Download PDF File