Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 712-50 All Questions

View all questions & answers for the 712-50 exam
Go to Exam

Exam 712-50 topic 1 question 306 discussion

Actual exam question from ECCouncil's 712-50
Question #: 306
Topic #: 1
[All 712-50 Questions]

Scenario: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified. The CISO has validated audit findings, determined if compensating controls exist, and started initial remediation planning.
Which of the following is the MOST logical next step?

  • A. Create detailed remediation funding and staffing plans
  • B. Report the audit findings and remediation status to business stake holders
  • C. Validate the effectiveness of current controls
  • D. Review security procedures to determine if they need modified according to findings
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by arifbhatkar at July 4, 2023, 2:42 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
alfaMegatron
3 months, 1 week ago
Selected Answer: B
remediation need business owners approval
upvoted 1 times
...
johndoe69
4 months, 1 week ago
Selected Answer: B
Reporting to Business Stakeholders: After validating the audit findings and starting initial remediation planning, it is essential to communicate the results and the status of the remediation efforts to business stakeholders. This ensures that all relevant parties are informed about the security posture, the identified gaps, and the steps being taken to address them. It also helps in gaining their support and approval for any required resources or changes.
upvoted 1 times
...
moodi5005
4 months, 2 weeks ago
The most logical next step in this scenario would be option B
upvoted 1 times
...
chimaerant
8 months, 3 weeks ago
Nice ChatGPT. The effectiveness of current controls has already taken place. Given answer is correct.
upvoted 2 times
...
arifbhatkar
1 year, 4 months ago
Selected Answer: C
The most logical next step in this scenario would be option C: Validate the effectiveness of current controls. After identifying the gaps in the security program through the audit, it is essential to verify whether the existing controls are effectively addressing the identified risks or if further adjustments are necessary. This validation helps ensure that the controls are providing the intended level of protection and mitigating the identified vulnerabilities. In summary, validating the effectiveness of current controls is the most logical next step as it ensures that the existing controls are providing the intended level of protection. This step provides a solid foundation for creating detailed remediation plans (option A) and reporting to business stakeholders (option B), while reviewing security procedures (option D) comes later in the process.
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel