EC-Council 512-50 EC-Council Information Security Manager (E|ISM) Online Training
EC-Council 512-50 Online Training
The questions for 512-50 were last updated at Nov 23,2024.
- Exam Code: 512-50
- Exam Name: EC-Council Information Security Manager (E|ISM)
- Certification Provider: EC-Council
- Latest update: Nov 23,2024
A security officer wants to implement a vulnerability scanning program. The officer is uncertain of the state of vulnerability resiliency within the organization’s large IT infrastructure.
What would be the BEST approach to minimize scan data output while retaining a realistic view of system vulnerability?
- A . Scan a representative sample of systems
- B . Perform the scans only during off-business hours
- C . Decrease the vulnerabilities within the scan tool settings
- D . Filter the scan output so only pertinent data is analyzed
An organization’s firewall technology needs replaced. A specific technology has been selected that is less costly than others and lacking in some important capabilities. The security officer has voiced concerns about sensitive data breaches but the decision is made to purchase.
What does this selection indicate?
- A . A high threat environment
- B . A low risk tolerance environment
- C . I low vulnerability environment
- D . A high risk tolerance environment
When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?
- A . Escalation
- B . Recovery
- C . Eradication
- D . Containment
A Security Operations Centre (SOC) manager is informed that a database containing highly sensitive corporate strategy information is under attack. Information has been stolen and the database server was disconnected. Who must be informed of this incident?
- A . Internal audit
- B . The data owner
- C . All executive staff
- D . Government regulators
The PRIMARY objective of security awareness is to:
- A . Ensure that security policies are read.
- B . Encourage security-conscious employee behavior.
- C . Meet legal and regulatory requirements.
- D . Put employees on notice in case follow-up action for noncompliance is necessary
Credit card information, medical data, and government records are all examples of:
- A . Confidential/Protected Information
- B . Bodily Information
- C . Territorial Information
- D . Communications Information
What is the definition of Risk in Information Security?
- A . Risk = Probability x Impact
- B . Risk = Threat x Probability
- C . Risk = Financial Impact x Probability
- D . Risk = Impact x Threat
Which of the following is a benefit of information security governance?
- A . Questioning the trust in vendor relationships.
- B . Increasing the risk of decisions based on incomplete management information.
- C . Direct involvement of senior management in developing control processes
- D . Reduction of the potential for civil and legal liability
Quantitative Risk Assessments have the following advantages over qualitative risk assessments:
- A . They are objective and can express risk / cost in real numbers
- B . They are subjective and can be completed more quickly
- C . They are objective and express risk / cost in approximates
- D . They are subjective and can express risk /cost in real numbers
A company wants to fill a Chief Information Security Officer position in the organization. They need to define and implement a more holistic security program.
Which of the following qualifications and experience would be MOST desirable to find in a candidate?
- A . Multiple certifications, strong technical capabilities and lengthy resume
- B . Industry certifications, technical knowledge and program management skills
- C . College degree, audit capabilities and complex project management
- D . Multiple references, strong background check and industry certifications
Latest 512-50 Dumps Valid Version with 404 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
