EC-Council 512-50 EC-Council Information Security Manager (E|ISM) Online Training
EC-Council 512-50 Online Training
The questions for 512-50 were last updated at Nov 23,2024.
- Exam Code: 512-50
- Exam Name: EC-Council Information Security Manager (E|ISM)
- Certification Provider: EC-Council
- Latest update: Nov 23,2024
The Information Security Management program MUST protect:
- A . all organizational assets
- B . critical business processes and /or revenue streams
- C . intellectual property released into the public domain
- D . against distributed denial of service attacks
Regulatory requirements typically force organizations to implement
- A . Mandatory controls
- B . Discretionary controls
- C . Optional controls
- D . Financial controls
Which of the following is MOST likely to be discretionary?
- A . Policies
- B . Procedures
- C . Guidelines
- D . Standards
The single most important consideration to make when developing your security program, policies, and processes is:
- A . Budgeting for unforeseen data compromises
- B . Streamlining for efficiency
- C . Alignment with the business
- D . Establishing your authority as the Security Executive
When creating a vulnerability scan schedule, who is the MOST critical person to communicate with in order to ensure impact of the scan is minimized?
- A . The asset owner
- B . The asset manager
- C . The data custodian
- D . The project manager
What is a difference from the list below between quantitative and qualitative Risk Assessment?
- A . Quantitative risk assessments result in an exact number (in monetary terms)
- B . Qualitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)
- C . Qualitative risk assessments map to business objectives
- D . Quantitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)
Which of the following is used to establish and maintain a framework to provide assurance that information security strategies are aligned with organizational objectives?
- A . Awareness
- B . Compliance
- C . Governance
- D . Management
The purpose of NIST SP 800-53 as part of the NIST System Certification and Accreditation Project is to establish a set of standardized, minimum security controls for IT systems addressing low, moderate, and high levels of concern for
- A . Confidentiality, Integrity and Availability
- B . Assurance, Compliance and Availability
- C . International Compliance
- D . Integrity and Availability
Ensuring that the actions of a set of people, applications and systems follow the organization’s rules is BEST described as:
- A . Risk management
- B . Security management
- C . Mitigation management
- D . Compliance management
When an organization claims it is secure because it is PCI-DSS certified, what is a good first question to ask towards assessing the effectiveness of their security program?
- A . How many credit card records are stored?
- B . How many servers do you have?
- C . What is the scope of the certification?
- D . What is the value of the assets at risk?
Latest 512-50 Dumps Valid Version with 404 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
