EC-COUNCIL 512-50 Actual Free Exam Questions & Community Discussion

The process for management approval of the security certification process which states the risks and mitigation of such risks of a given IT system is called

In terms of supporting a forensic investigation, it is now imperative that managers, first-responders, etc., accomplish the following actions to the computer under investigation:

The establishment of a formal risk management framework and system authorization program is essential. The LAST step of the system authorization process is:

Which technology can provide a computing environment without requiring a dedicated hardware backend?

Scenario: Your program is developed around minimizing risk to information by focusing on people, technology, and operations.
You have decided to deal with risk to information from people first. How can you minimize risk to your most sensitive information before granting access?

Acceptable levels of information security risk tolerance in an organization should be determined by?

The effectiveness of an audit is measured by?

Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive customer data has been stolen and is now being sold on the Internet by criminal elements. During your investigation of the rumored compromise you discover that data has been breached and you have discovered the repository of stolen data on a server located in a foreign country. Your team now has full access to the data on the foreign server.
Your defenses did not hold up to the test as originally thought. As you investigate how the data was compromised through log analysis you discover that a hardworking, but misguided business intelligence analyst posted the data to an obfuscated URL on a popular cloud storage service so they could work on it from home during their off-time. Which technology or solution could you deploy to prevent employees from removing corporate data from your network? Choose the BEST answer.

Which is the BEST solution to monitor, measure, and report changes to critical data in a system?

A missing/ineffective security control is identified. Which of the following should be the NEXT step?

What is the FIRST step in developing the vulnerability management program?