EC-Council Certified Chief Information Security Officer (C|CISO) (712-50) - EC Council Actual Exam Questions
Last updated on May 13, 2026
Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?
Need to comply with breach disclosure laws
Need to transfer the risk associated with hosting PII data
Need to better understand the risk associated with using PII data
Fiduciary responsibility to safeguard credit card information
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
Which of the following conditions would be the MOST probable reason for a security project to be rejected by the executive board of an organization?
The Net Present Value (NPV) of the project is positive
The NPV of the project is negative
The Return on Investment (ROI) is larger than 10 months
The ROI is lower than 10 months
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
An access point (AP) is discovered using Wireless Equivalent Protocol (WEP). The ciphertext sent by the AP is encrypted with the same key and cipher used by its stations. What authentication method is being used?
Shared key
Asynchronous
Open
None
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
According to the National Institute of Standards and Technology (NIST) SP 800-40, which of the following considerations are MOST important when creating a vulnerability management program?
Susceptibility to attack, mitigation response time, and cost
Attack vectors, controls cost, and investigation staffing needs
Vulnerability exploitation, attack recovery, and mean time to repair
Susceptibility to attack, expected duration of attack, and mitigation availability
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
As a new CISO at a large healthcare company you are told that everyone has to badge in to get in the building. Below your office window you notice a door that is normally propped open during the day for groups of people to take breaks outside. Upon looking closer you see there is no badge reader. What should you do?
Nothing, this falls outside your area of influence.
Close and chain the door shut and send a company-wide memo banning the practice.
Have a risk assessment performed.
Post a guard at the door to maintain physical security
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
Finish Practice?
Are you sure you want to finish? This will end your practice session.