EC-Council 512-50 EC-Council Information Security Manager (E|ISM) Online Training
EC-Council 512-50 Online Training
The questions for 512-50 were last updated at Nov 22,2024.
- Exam Code: 512-50
- Exam Name: EC-Council Information Security Manager (E|ISM)
- Certification Provider: EC-Council
- Latest update: Nov 22,2024
One of the MAIN goals of a Business Continuity Plan is to
- A . Ensure all infrastructure and applications are available in the event of a disaster
- B . Allow all technical first-responders to understand their roles in the event of a disaster
- C . Provide step by step plans to recover business processes in the event of a disaster
- D . Assign responsibilities to the technical teams responsible for the recovery of all data.
An organization information security policy serves to
- A . establish budgetary input in order to meet compliance requirements
- B . establish acceptable systems and user behavior
- C . define security configurations for systems
- D . define relationships with external law enforcement agencies
A global retail company is creating a new compliance management process.
Which of the following regulations is of MOST importance to be tracked and managed by this process?
- A . Information Technology Infrastructure Library (ITIL)
- B . International Organization for Standardization (ISO) standards
- C . Payment Card Industry Data Security Standards (PCI-DSS)
- D . National Institute for Standards and Technology (NIST) standard
If your organization operates under a model of "assumption of breach", you should:
- A . Protect all information resource assets equally
- B . Establish active firewall monitoring protocols
- C . Purchase insurance for your compliance liability
- D . Focus your security efforts on high value assets
Which of the following international standards can be BEST used to define a Risk Management process in an organization?
- A . National Institute for Standards and Technology 800-50 (NIST 800-50)
- B . International Organization for Standardizations C 27005 (ISO-27005)
- C . Payment Card Industry Data Security Standards (PCI-DSS)
- D . International Organization for Standardizations C 27004 (ISO-27004)
What is the SECOND step to creating a risk management methodology according to the National Institute of Standards and Technology (NIST) SP 800-30 standard?
- A . Determine appetite
- B . Evaluate risk avoidance criteria
- C . Perform a risk assessment
- D . Mitigate risk
Risk appetite directly affects what part of a vulnerability management program?
- A . Staff
- B . Scope
- C . Schedule
- D . Scan tools
Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?
- A . Need to comply with breach disclosure laws
- B . Need to transfer the risk associated with hosting PII data
- C . Need to better understand the risk associated with using PII data
- D . Fiduciary responsibility to safeguard credit card information
With a focus on the review and approval aspects of board responsibilities, the Data Governance Council recommends that the boards provide strategic oversight regarding information and information security, include these four things:
- A . Metrics tracking security milestones, understanding criticality of information and information security, visibility into the types of information and how it is used, endorsement by the board of directors
- B . Annual security training for all employees, continual budget reviews, endorsement of the development and implementation of a security program, metrics to track the program
- C . Understanding criticality of information and information security, review investment in information security, endorse development and implementation of a security program, and require regular reports on adequacy and effectiveness
- D . Endorsement by the board of directors for security program, metrics of security program milestones, annual budget review, report on integration and acceptance of program
Which of the following provides an audit framework?
- A . Control Objectives for IT (COBIT)
- B . Payment Card Industry-Data Security Standard (PCI-DSS)
- C . International Organization Standard (ISO) 27002
- D . National Institute of Standards and Technology (NIST) SP 800-30
Latest 512-50 Dumps Valid Version with 404 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
