Passed Exam Today 712-50

EC-Council Certified CISO (CCISO) Questions and Answers

Question 13

From an information security perspective, information that no longer supports the main purpose of the business should be:

Options:

assessed by a business impact analysis.

protected under the information classification policy.

analyzed under the data ownership policy.

analyzed under the retention policy

Question 14

The framework that helps to define a minimum standard of protection that business stakeholders must attempt to achieve is referred to as a standard of:

Options:

Due Protection

Due Care

Due Compromise

Due process

Question 15

A Security Operations Centre (SOC) manager is informed that a database containing highly sensitive corporate strategy information is under attack. Information has been stolen and the database server was disconnected. Who must be informed of this incident?

Options:

Internal audit

The data owner

All executive staff

Government regulators

Question 16

What is the SECOND step to creating a risk management methodology according to the National Institute of Standards and Technology (NIST) SP 800-30 standard?

Options:

Determine appetite

Evaluate risk avoidance criteria

Perform a risk assessment

Mitigate risk

Black Friday Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

EC-Council Certified CISO (CCISO) Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

CompTIA

Fortinet

Microsoft

Salesforce