Pearson 712-50 New Attempt

EC-Council Certified CISO (CCISO) Questions and Answers

Question 25

Which of the following is the MOST logical method of deploying security controls within an organization?

Obtain funding for all desired controls and then create project plans for implementation

Apply the simpler controls as quickly as possible and use a risk-based approach for the more difficult and

costly controls

Apply the least costly controls to demonstrate positive program activity

Obtain business unit buy-in through close communication and coordination

Question 26

Smith, the project manager for a larger multi-location firm, is leading a software project team that has 18

members, 5 of which are assigned to testing. Due to recent recommendations by an organizational quality audit

team, the project manager is convinced to add a quality professional to lead to test team at additional cost to

the project.

The project manager is aware of the importance of communication for the success of the project and takes the

step of introducing additional communication channels, making it more complex, in order to assure quality

levels of the project. What will be the first project management document that Smith should change in order to

accommodate additional communication channels?

WBS document

Scope statement

Change control document

Risk management plan

Question 27

File Integrity Monitoring (FIM) is considered a

Network based security preventative control

Software segmentation control

Security detective control

User segmentation control

Question 28

Which of the following is true regarding expenditures?

Capital expenditures are never taxable

Operating expenditures are for acquiring assets, capital expenditures are for support costs of that asset

Capital expenditures are used to define depreciation tables of intangible assets

Capital expenditures are for acquiring assets, whereas operating expenditures are for support costs of that

asset