EC-Council 512-50 EC-Council Information Security Manager (E|ISM) Online Training
EC-Council 512-50 Online Training
The questions for 512-50 were last updated at Nov 23,2024.
- Exam Code: 512-50
- Exam Name: EC-Council Information Security Manager (E|ISM)
- Certification Provider: EC-Council
- Latest update: Nov 23,2024
You have implemented a new security control.
Which of the following risk strategy options have you engaged in?
- A . Risk Avoidance
- B . Risk Acceptance
- C . Risk Transfer
- D . Risk Mitigation
After a risk assessment is performed, a particular risk is considered to have the potential of costing the organization 1.2 Million USD.
This is an example of
- A . Risk Tolerance
- B . Qualitative risk analysis
- C . Risk Appetite
- D . Quantitative risk analysis
Which of the following most commonly falls within the scope of an information security governance steering committee?
- A . Approving access to critical financial systems
- B . Developing content for security awareness programs
- C . Interviewing candidates for information security specialist positions
- D . Vetting information security policies
Which of the following is MOST important when dealing with an Information Security Steering committee:
- A . Include a mix of members from different departments and staff levels.
- B . Ensure that security policies and procedures have been vetted and approved.
- C . Review all past audit and compliance reports.
- D . Be briefed about new trends and products at each meeting by a vendor.
When briefing senior management on the creation of a governance process, the MOST important aspect should be:
- A . information security metrics.
- B . knowledge required to analyze each issue.
- C . baseline against which metrics are evaluated.
- D . linkage to business area objectives.
What is the BEST way to achieve on-going compliance monitoring in an organization?
- A . Only check compliance right before the auditors are scheduled to arrive onsite.
- B . Outsource compliance to a 3rd party vendor and let them manage the program.
- C . Have Compliance and Information Security partner to correct issues as they arise.
- D . Have Compliance direct Information Security to fix issues after the auditors report.
Which of the following is considered the MOST effective tool against social engineering?
- A . Anti-phishing tools
- B . Anti-malware tools
- C . Effective Security Vulnerability Management Program
- D . Effective Security awareness program
Risk is defined as:
- A . Threat times vulnerability divided by control
- B . Advisory plus capability plus vulnerability
- C . Asset loss times likelihood of event
- D . Quantitative plus qualitative impact
When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?
- A . When there is a need to develop a more unified incident response capability.
- B . When the enterprise is made up of many business units with diverse business activities, risks profiles and regulatory requirements.
- C . When there is a variety of technologies deployed in the infrastructure.
- D . When it results in an overall lower cost of operating the security program.
The FIRST step in establishing a security governance program is to?
- A . Conduct a risk assessment.
- B . Obtain senior level sponsorship.
- C . Conduct a workshop for all end users.
- D . Prepare a security budget.
Latest 512-50 Dumps Valid Version with 404 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
