EC-Council 512-50 EC-Council Information Security Manager (E|ISM) Online Training
EC-Council 512-50 Online Training
The questions for 512-50 were last updated at Nov 23,2024.
- Exam Code: 512-50
- Exam Name: EC-Council Information Security Manager (E|ISM)
- Certification Provider: EC-Council
- Latest update: Nov 23,2024
The exposure factor of a threat to your organization is defined by?
- A . Asset value times exposure factor
- B . Annual rate of occurrence
- C . Annual loss expectancy minus current cost of controls
- D . Percentage of loss experienced due to a realized threat event
A method to transfer risk is to:
- A . Implement redundancy
- B . move operations to another region
- C . purchase breach insurance
- D . Alignment with business operations
An organization’s Information Security Policy is of MOST importance because
- A . it communicates management’s commitment to protecting information resources
- B . it is formally acknowledged by all employees and vendors
- C . it defines a process to meet compliance requirements
- D . it establishes a framework to protect confidential information
Which of the following is of MOST importance when security leaders of an organization are required to align security to influence the culture of an organization?
- A . Poses a strong technical background
- B . Understand all regulations affecting the organization
- C . Understand the business goals of the organization
- D . Poses a strong auditing background
Which of the following represents the HIGHEST negative impact resulting from an ineffective security governance program?
- A . Reduction of budget
- B . Decreased security awareness
- C . Improper use of information resources
- D . Fines for regulatory non-compliance
The establishment of a formal risk management framework and system authorization program is essential.
The LAST step of the system authorization process is:
- A . Contacting the Internet Service Provider for an IP scope
- B . Getting authority to operate the system from executive management
- C . Changing the default passwords
- D . Conducting a final scan of the live system and mitigating all high and medium level vulnerabilities
A global health insurance company is concerned about protecting confidential information.
Which of the following is of MOST concern to this organization?
- A . Compliance to the Payment Card Industry (PCI) regulations.
- B . Alignment with financial reporting regulations for each country where they operate.
- C . Alignment with International Organization for Standardization (ISO) standards.
- D . Compliance with patient data protection regulations for each country where they operate.
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised.
What kind of law would require notifying the owner or licensee of this incident?
- A . Data breach disclosure
- B . Consumer right disclosure
- C . Security incident disclosure
- D . Special circumstance disclosure
A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently.
Which of the following is the MOST likely reason for the policy shortcomings?
- A . Lack of a formal security awareness program
- B . Lack of a formal security policy governance process
- C . Lack of formal definition of roles and responsibilities
- D . Lack of a formal risk management policy
What two methods are used to assess risk impact?
- A . Cost and annual rate of expectance
- B . Subjective and Objective
- C . Qualitative and percent of loss realized
- D . Quantitative and qualitative
Latest 512-50 Dumps Valid Version with 404 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
