Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Eccouncil Discussions

Exam 712-50 topic 1 question 31 discussion

Actual exam question from ECCouncil's 712-50
Question #: 31
Topic #: 1
[All 712-50 Questions]

An organization has defined a set of standard security controls. This organization has also defined the circumstances and conditions in which they must be applied.
What is the NEXT logical step in applying the controls in the organization?

  • A. Determine the risk tolerance
  • B. Perform an asset classification
  • C. Analyze existing controls on systems
  • D. Create an architecture gap analysis
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by 38eefed at Feb. 22, 2024, 10 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Emporeo
2 months ago
Selected Answer: C
analyze existing controls. asset classification must be in place already. how to apply the correct controls if you do not know the asset classification?
upvoted 2 times
Perseus_68
2 months ago
That was my first thought. But the question does not state a program has been implemented and it is being reviewed. Our only info is the company has some documentation on controls, not that any have been applied, so the first step in Risk management is to categorize the Asset or System, pg 71 CCISO guide.
upvoted 2 times
Emporeo
1 month ago
Maybe the question is not 100% clear for me, i was rather thinking about Control Lifecycle Management . The steps are select, validate, catalog, implement. So if in first step a control has been selected/defined...next to validate (which i thought also analyse existing ones...)
upvoted 1 times
...
...
...
Perseus_68
2 months ago
Selected Answer: B
What happens before you apply controls, you need to know your assets and what level of protection they need based on the standards.
upvoted 2 times
...
38eefed
2 months, 1 week ago
Selected Answer: C
Since the organization has already defined its security controls and their application conditions, the next step is to analyze the existing controls on systems (Option C). This will help the organization understand where these standard controls need to be applied or where existing controls may need to be updated.
upvoted 3 times
arkb103
2 weeks, 2 days ago
How do you define new set of controls without first analyzing the exisiting controls to determine their effectiveness or otherwise. You can only come up with the standard controls and their applicability after thorough understanding of existing controls not the other way round. Answer C is incorrect.
upvoted 1 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel