The risk found after a control has been fully implemented is called:
Correct Answer: A
Definition of Residual Risk: * Residual risk is the level of risk that remains after all planned controls have been implemented. Management Implications: * Organizations must determine whether residual risk falls within acceptable thresholds or requires further action. Supporting Reference: * CCISO materials define residual risk as a critical concept in risk management and ongoing security monitoring.
712-50 Exam Question 172
A system was hardened at the Operating System level and placed into the production environment. Months later an audit was performed and it identified insecure configuration different from the original hardened state. Which of the following security issues is the MOST likely reason leading to the audit findings?
Correct Answer: B
Explanation of Issue: * Change management processes ensure that updates and configuration changes to systems are documented, reviewed, and approved. The absence of such processes can lead to insecure configurations over time. * This could include unauthorized changes, missed updates, or deviations from the originally hardened state. Why Other Options Are Less Likely: * A. Lack of asset management processes: This deals with inventory and tracking of assets rather than configuration changes. * C. Lack of hardening standards: The system was initially hardened, so standards were likely in place. * D. Lack of proper access controls: While important, this is unrelated to the system's deviation from the hardened state. EC-Council CISO Reference:The CISO program emphasizes the critical role of change management in maintaining secure configurations and compliance over time.
712-50 Exam Question 173
Which of the following functions implements and oversees the use of controls to reduce risk when creating an information security program?
Correct Answer: C
Role of Risk Management:Risk management implements and oversees controls to reduce identified risks, ensuring they are maintained within acceptable levels. It involves continuous monitoring, mitigation, and review of risks. Key Considerations: * Develops strategies to mitigate risks effectively. * Oversees the implementation and operation of security controls. Why Not Other Options: * Risk Assessment (A): Focuses on identifying and analyzing risks, not implementing controls. * Incident Response (B): Handles specific security incidents rather than managing overarching risks. * Network Security Administration (D): Focuses on technical operations, not comprehensive risk reduction. EC-Council Guidance:The risk management function aligns with the strategic implementation and oversight of risk reduction measures in an organization.
712-50 Exam Question 174
Which of the following is the MAIN security concern for public cloud computing?
Correct Answer: A
Cloud Security ConcernsPublic cloud computing environments present unique challenges. The most significant concern stems from the lack of direct physical control over server infrastructure. As these servers are managed and owned by third-party providers, organizations cannot implement or enforce their physical security measures. This concern is frequently emphasized in EC-Council's CISO guidance as it directly affects the CIA (Confidentiality, Integrity, Availability) triad. Impact of Physical Access Control * Confidentiality: Without physical control, organizations risk unauthorized physical access, potentially leading to data breaches. * Integrity: Physical tampering can compromise system configurations, software, or data integrity. * Availability: Physical tampering may result in downtime or service disruption. Comparative Analysis of Options * B. Unable to track log on activity: Public cloud providers offer robust logging and monitoring tools, making this concern manageable with proper configurations. * C. Unable to run anti-virus scans: Cloud environments support anti-virus solutions and endpoint protections at various levels. * D. Unable to patch systems as needed: Public cloud providers facilitate regular patching through automated solutions and shared responsibility models. EC-Council CISO References * Control and Oversight: EC-Council emphasizes understanding the shared responsibility model. While the cloud provider manages physical infrastructure, organizations are responsible for data and application security. * Mitigation Strategies: Implementing robust contractual agreements and auditing mechanisms ensures that the provider adheres to industry-standard physical security controls. ConclusionAmong the listed concerns, the inability to control physical access to servers is the most pressing for public cloud computing due to the potential direct impact on the overall security posture. By prioritizing this, organizations align their risk management strategies with the EC-Council's frameworks for cloud security.
712-50 Exam Question 175
The PRIMARY objective of security awareness is to:
Correct Answer: B
Purpose of Security Awareness Programs:The primary objective of security awareness initiatives is to foster a culture of security within the organization by educating employees on recognizing and responding to security risks. Why Behavior Matters: * Educated employees act as a strong first line of defense against threats such as phishing and social engineering. * Awareness programs aim to integrate security-conscious behavior into daily workflows. Why Other Options Are Incorrect: * A. Reading Policies: While important, it is not the primary focus of awareness programs. * C. Legal/Regulatory Requirements: Awareness contributes but is not solely for compliance. * D. Noncompliance Notice: Awareness is preventative, not primarily disciplinary. References:EC-Council prioritizes fostering secure behaviors as the core purpose of security awareness initiatives.
