EC-COUNCIL 712-50 Actual Free Exam Questions & Community Discussion

Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and data. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.
What type of control is being implemented by supervisors and data owners?

The Health Insurance Portability and Accountability Act (HIPAA) requires an agreement between Cloud Service Providers (CCSP) and the covered entity. Based on HIPAA. which document must be completed between the covered entity and the CCSP?

Which of the following functions MUST your Information Security Governance program include for formal organizational reporting?

Risk appetite is typically determined by which of the following organizational functions?

Which of the following is the BEST solution to monitor, measure, and report changes to critical data in a system or repository?

Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years.
The organization has already been subject to a significant amount of credit card fraud. Which of the following is the MOST likely reason for this fraud?

Security related breaches are assessed and contained through which of the following?

During the course of a risk analysis your IT auditor identified threats and potential impacts. Next, your IT auditor should:

What is the primary reason for performing vendor management?

When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?

Which is the single MOST important factor for introducing digital evidence into a court of law?

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.
Which of the following is the reason the CISO has not been able to advance the security agenda in this organization?

Which of the following controls is MOST critical for protecting Artificial Intelligence (AI) systems?