nerdexam
EC-Council

712-50 · Question #274

712-50 Question #274: Real Exam Question with Answer & Explanation

The correct answer is C. International Organization for Standardization ?ISO 27001/2. See the full explanation below for the reasoning.

Question

Scenario: You are the newly hired Chief Information Security Officer for a company that has not previously had a senior level security practitioner. The company lacks a defined security policy and framework for their Information Security Program. Your new boss, the Chief Financial Officer, has asked you to draft an outline of a security policy and recommend an industry/sector neutral information security control framework for implementation. Which of the following industry / sector neutral information security control frameworks should you recommend for implementation?

Options

  • ANational Institute of Standards and Technology (NIST) Special Publication 800-53
  • BPayment Card Industry Digital Security Standard (PCI DSS)
  • CInternational Organization for Standardization ?ISO 27001/2
  • DBritish Standard 7799 (BS7799)

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 712-50 Practice