CertsTopics Logo

Black Friday Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

712-50 Exam Results

Page: 12 / 35
Total 460 questions
Get 712-50 Full Access Download 712-50 PDF

EC-Council Certified CISO (CCISO) Questions and Answers

Question 45

Where does bottom-up financial planning primarily gain information for creating budgets?

Options:

A.

By adding all capital and operational costs from the prior budgetary cycle, and determining potential

financial shortages

B.

By reviewing last year’s program-level costs and adding a percentage of expected additional portfolio costs

C.

By adding the cost of all known individual tasks and projects that are planned for the next budgetary cycle

D.

By adding all planned operational expenses per quarter then summarizing them in a budget request

Question 46

Scenario: You are the CISO and have just completed your first risk assessment for your organization. You find many risks with no security controls, and some risks with inadequate controls. You assign work to your staff to create or adjust existing security controls to ensure they are adequate for risk mitigation needs.

When adjusting the controls to mitigate the risks, how often should the CISO perform an audit to verify the controls?

Options:

A.

Annually

B.

Semi-annually

C.

Quarterly

D.

Never

Question 47

The MOST common method to get an unbiased measurement of the effectiveness of an Information Security Management System (ISMS) is to

Options:

A.

assign the responsibility to the information security team.

B.

assign the responsibility to the team responsible for the management of the controls.

C.

create operational reports on the effectiveness of the controls.

D.

perform an independent audit of the security controls.

Question 48

Which of the following represents the BEST reason for an organization to use the Control Objectives for Information and Related Technology (COBIT) as an Information Technology (IT) framework?

Options:

A.

It allows executives to more effectively monitor IT implementation costs

B.

Implementation of it eases an organization’s auditing and compliance burden

C.

Information Security (IS) procedures often require augmentation with other standards

D.

It provides for a consistent and repeatable staffing model for technology organizations

Page: 12 / 35
Total 460 questions
Get 712-50 Full Access Download 712-50 PDF