CCISO 712-50 Reddit Questions

EC-Council Certified CISO (CCISO) Questions and Answers

Question 5

Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?

Options:

Need to comply with breach disclosure laws

Need to transfer the risk associated with hosting PII data

Need to better understand the risk associated with using PII data

Fiduciary responsibility to safeguard credit card information

Question 6

In which of the following cases, would an organization be more prone to risk acceptance vs. risk mitigation?

Options:

The organization uses exclusively a quantitative process to measure risk

The organization uses exclusively a qualitative process to measure risk

The organization’s risk tolerance is high

The organization’s risk tolerance is lo

Question 7

An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?

Options:

Data breach disclosure

Consumer right disclosure

Security incident disclosure

Special circumstance disclosure

Question 8

Risk that remains after risk mitigation is known as

Options:

Persistent risk

Residual risk

Accepted risk

Non-tolerated risk

Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

EC-Council Certified CISO (CCISO) Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

CompTIA

Fortinet

Microsoft

Salesforce