ECCouncil 712-50 EC-Council Certified CISO (CCISO) Exam Practice Test

Single Loss Expectancy (SLE)

Exposure Factor (EF)

Annualized Rate of Occurrence (ARO)

Temporal Probability (TP)

assign the responsibility to the information security team.

assign the responsibility to the team responsible for the management of the controls.

create operational reports on the effectiveness of the controls.

perform an independent audit of the security controls.

Date and time of the event

Failure of the event

Originating IP-Address

Authentication type

Determining the likelihood that vulnerable systems will be attacked by specific threats

Calculating the risks to which assets are exposed in their current setting

Assigning a value to each information asset

Assessing the relative risk facing the organization’s information assets

Executive summary

Penetration test agreement

Names and phone numbers of those who conducted the audit

Business charter

Weekly

Monthly

Quarterly

Daily

Single loss expectancy multiplied by the annual rate of occurrence

Total loss expectancy multiplied by the total loss frequency

Value of the asset multiplied by the loss expectancy

Replacement cost multiplied by the single loss expectancy

Organization control

Procedural control

Management control

Technical control

Risk metrics

Management metrics

Operational metrics

Compliance metrics

A substantive test of program library controls

A compliance test of program library controls

A compliance test of the program compiler controls

A substantive test of the program compiler controls

Have internal audit conduct another audit to see what has changed.

Contract with an external audit company to conduct an unbiased audit

Review the recommendations and follow up to see if audit implemented the changes

Meet with audit team to determine a timeline for corrections

Install software patch, Operate system, Maintain system

Discover software, Remove affected software, Apply software patch

Install software patch, configuration adjustment, Software Removal

Software removal, install software patch, maintain system

establish budgetary input in order to meet compliance requirements

establish acceptable systems and user behavior

define security configurations for systems

define relationships with external law enforcement agencies

The types of cardholder data retained

The duration card holder data is retained

The size of the organization processing credit card data

The number of transactions performed per year by an organization

Confidential/Protected Information

Bodily Information

Territorial Information

Communications Information

Anti-phishing tools

Anti-malware tools

Effective Security Vulnerability Management Program

Effective Security awareness program

Implement redundancy

move operations to another region

purchase breach insurance

Alignment with business operations

How many credit card records are stored?

How many servers do you have?

What is the scope of the certification?

What is the value of the assets at risk?

favorable audit findings

following the recommendations of consultants and contractors

development of relationships with organization executives

raising awareness of security issues with end users

Legal department

Compliance officer

Data Owner

Information security officer

Weekly program budget reviews to ensure the percentage of program funding remains constant.

Annual review of program charters, policies, procedures and organizational agreements.

Daily monitoring of vulnerability advisories relating to your organization’s deployed technologies.

Monthly program tests to ensure resource allocation is sufficient for supporting the needs of the organization

Audit validation

Physical control testing

Compliance management

Security awareness training

Information Technology Infrastructure Library (ITIL)

International Organization for Standardization (ISO) standards

Payment Card Industry Data Security Standards (PCI-DSS)

National Institute for Standards and Technology (NIST) standard

Reduction of budget

Decreased security awareness

Improper use of information resources

Fines for regulatory non-compliance

War driving

Operating system attacks

Social engineering

Shrink wrap attack

Enterprise Risk Assessment

Disaster recovery strategic plan

Business continuity plan

Application mapping document

Cold site

Hot site

Warm site

Mobile backup site

Wireless Application Protocol (WAP)

Wifi Protected Access version 2 (WPA2)

Wireless Equivalence Protocol (WEP)

Extensible Authentication Protocol (EAP)

Covert government networks

War driving maps

Government networks in Tora

Virtual network tunnels

Physical, Technical, Operational

Technical, Strong Password, Operational

Operational, Biometric, Physical

Strong password, Biometric, Common Access Card

It is an IPSec protocol.

It is a text-based communication protocol.

It uses TCP port 22 as the default port and operates at the application layer.

It uses UDP port 22

3DES

MD5

ECC

RSA

Comprehensive Log-Files from all servers and network devices affected during the attack

Fully trained network forensic experts to analyze all data right after the attack

Uninterrupted Chain of Custody

Expert forensics witness

Unable to control physical access to the servers

Unable to track log on activity

Unable to run anti-virus scans

Unable to patch systems as needed

Secure the area and shut-down the computer until investigators arrive

Secure the area and attempt to maintain power until investigators arrive

Immediately place hard drive and other components in an anti-static bag

Secure the area.

Threat analysis process

Asset configuration management process

Business Impact Analysis

Disaster Recovery plan

This makes sure the files you exchange aren’t unnecessarily flagged by the Data Loss Prevention (DLP) system

Contracting rules typically require you to have conversations with two or more groups

Discussing decisions with a very large group of people always provides a better outcome

It helps to avoid regulatory or internal compliance issues

Reasonable, Actionable, Controlled, and Implemented

Responsible, Actors, Consult, and Instigate

Responsible, Accountable, Consulted, and Informed

Review, Act, Communicate, and Inform

Inside the DMZ

In-line with the data center firewall

Beyond the outer perimeter firewall

As the gatekeeper to the organization’s honeynet

Account management policy

Training policy

Acceptable Use policy

Remote Access policy

Threat analyst, IT auditor, forensic analyst

Network engineer, help desk technician, system administrator

CIO, CFO, CSO

Financial analyst, payroll clerk, HR manager

A section of a contract that defines tasks to be performed under said contract

An outline of what the military will do during war

A document that outlines specific desired outcomes as part of a request for proposal

Business guidance provided by the CEO

Reach out to a business similar to yours and ask for their plan

Set goals that are difficult to attain to drive more productivity

Review business acquisitions for the past 3 years

Analyze the broader organizational strategic plan

SaaS provider’s website certifications and representations (certs and reps)

SOC-2 Report

Metasploit Audit Report

Statement from SaaS provider attesting their ability to secure your data

Standards will include regulations

Standards that aren’t followed are punishable by fines

Regulations are made enforceable by the power provided by laws

Regulations must be reviewed and approved by the business

To force stakeholders to commit ample resources to support the project

To facilitate proper communication regarding outcomes

To assure stakeholders commit to the project start and end dates in writing

To finalize detailed scope of the project at project initiation

Development of KPI’s are most useful when done independently

They are a strictly quantitative measure of success

They should be standard throughout the organization versus domain-specific so they are more easily correlated

They are a strictly qualitative measure of success

Conduct a quantitative risk assessment

Conduct a hybrid risk assessment

Conduct a subjective risk assessment

Conduct a qualitative risk assessment

Iris scan

Retinal scan

Facial recognition scan

Signature kinetics scan

Network connectivity costs

New datacenter to operate from

Upgrade of mainframe

Purchase of new mobile devices to improve operations

The existing IT environment.

The company business plan.

The present IT budget.

Other corporate technology trends.

Alignment with the business goals and the vision of the CIO

The risk tolerance of the company and the company mission statement

The executive summary and vision of the board of directors

The alignment with the business goals and the risk tolerance

Budget forecasts

Request for proposals

Cost/benefit analysis

Vendor management

Audits

Administration

Patching

Templates

Zero-day attack mitigation

Preventive detection control

Corrective security control

Dynamic blocking control

Tokenization combined with hashing is always better than encryption

Encryption can be mathematically reversed to provide the original information

The token contains the all original information

Tokenization can be mathematically reversed to provide the original information

Reviewing system administrator logs

Auditing configuration templates

Checking vendor product releases

Performing system scans

There is integration between IT security and business staffing.

There is a clear definition of the IT security mission and vision.

There is an auditing methodology in place.

The plan requires return on investment for all security projects.

Professional user education on phishing conducted by a reputable vendor

Multi-factor authentication employing hard tokens

Forcing password changes every 90 days

Decreasing the number of employees with administrator privileges

Use asymmetric encryption for the automated distribution of the symmetric key

Use a self-generated key on both ends to eliminate the need for distribution

Use certificate authority to distribute private keys

Symmetrically encrypt the key and then use asymmetric encryption to unencrypt it

The software license expiration is probably out of synchronization with other software licenses

The project was initiated without an effort to get support from impacted business units in the organization

The software is out of date and does not provide for a scalable solution across the enterprise

The security officer should allow time for the organization to get accustomed to her presence before initiating security projects

Download open source security tools and deploy them on your production network

Download trial versions of commercially available security tools and deploy on your production network

Download open source security tools from a trusted site, test, and then deploy on production network

Download security tools from a trusted source and deploy to production network

Failed to identify all stakeholders and their needs

Deployed the encryption solution in an inadequate manner

Used 1024 bit encryption when 256 bit would have sufficed

Used hardware encryption instead of software encryption

Time zone differences

Compliance to local hiring laws

Encryption import/export regulations

Local customer privacy laws

Alignment with the business

Effective use of existing technologies

Leveraging existing implementations

Proper budget management

Provide clear communication of security requirements throughout the organization

Demonstrate executive support with written mandates for security policy adherence

Create collaborative risk management approaches within the organization

Perform increased audits of security processes and procedures

At the time the security services are being performed and the vendor needs access to the network

Once the agreement has been signed and the security vendor states that they will need access to the network

Once the vendor is on premise and before they perform security services

Prior to signing the agreement and before any security services are being performed