Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Eccouncil Discussions

Exam 712-50 topic 1 question 333 discussion

Actual exam question from ECCouncil's 712-50
Question #: 333
Topic #: 1
[All 712-50 Questions]

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda. The CISO has been able to implement a number of technical controls and is able to influence the Information Technology teams but has not been able to influence the rest of the organization.
From an organizational perspective, which of the following is the LIKELY reason for this?

  • A. The CISO reports to the IT organization
  • B. The CISO has not implemented a policy management framework
  • C. The CISO does not report directly to the CEO of the organization
  • D. The CISO has not implemented a security awareness program
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by e_karma at Feb. 18, 2021, 3:19 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Boats
11 months, 1 week ago
If A is true, then C would be true as well. It is basically the same answer to the question. If the question was turned around to how to remediate the issue then the CISO should report directly to the CEO. So the direct answer is that the CISO is reporting to IT when he should be reporting to the CEO.
upvoted 1 times
Boats
11 months, 1 week ago
I select A.
upvoted 1 times
...
...
Otto_Aulicino
2 years, 4 months ago
It is "A" based on how the question is written: "...CISO has been able to implement a number of technical controls and is able to influence the Information Technology teams but has not been able to influence the rest of the organization..." The answer could be "not reporting to the CEO" too, but the fact that the CISO is able to influence the IT departments and not others, makes "A" a better answer.
upvoted 2 times
...
Rufus1
2 years, 5 months ago
"A" means that CISO is in a non-executive role. There his transversal influence across the organization is limited. My opinion is that "A" is most objective choice.
upvoted 2 times
...
ahmad_Hammad
3 years ago
I think it’s C not A
upvoted 1 times
...
e_karma
3 years, 1 month ago
How can this be "A" since nowhere in the question it says CISO reports to IT department, only that IT likes him. Most probably answer should be C.
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel