Spring Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
ECCouncil
EISM
512-50
EC-Council Information Security Manager (E|ISM) Questions and Answers

Pass the ECCouncil EISM 512-50 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam 512-50 Premium Access

View all detail and faqs for the 512-50 exam

Go to Exam

769 Students Passed

87% Average Score

92% Same Questions

Viewing page 10 out of 13 pages

Viewing questions 91-100 out of questions

Questions # 91:

In order for a CISO to have true situational awareness there is a need to deploy technology that can give a real-time view of security events across the enterprise. Which tool selection represents the BEST choice to achieve situational awareness?

Options:

Vmware, router, switch, firewall, syslog, vulnerability management system (VMS)

Intrusion Detection System (IDS), firewall, switch, syslog

Security Incident Event Management (SIEM), IDS, router, syslog

SIEM, IDS, firewall, VMS

Answer

Questions # 92:

When considering using a vendor to help support your security devices remotely, what is the BEST choice for allowing access?

Options:

Vendors uses their own laptop and logins with same admin credentials your security team uses

Vendor uses a company supplied laptop and logins using two factor authentication with same admin credentials your security team uses

Vendor uses a company supplied laptop and logins using two factor authentication with their own unique credentials

Vendor uses their own laptop and logins using two factor authentication with their own unique credentials

Answer

Questions # 93:

Which of the following functions implements and oversees the use of controls to reduce risk when creating an information security program?

Options:

Risk Assessment

Incident Response

Risk Management

Network Security administration

Answer

Questions # 94:

The security team has investigated the theft/loss of several unencrypted laptop computers containing sensitive corporate information. To prevent the loss of any additional corporate data it is unilaterally decided by the CISO that all existing and future laptop computers will be encrypted. Soon, the help desk is flooded with complaints about the slow performance of the laptops and users are upset. What did the CISO do wrong? (choose the BEST answer):

Options:

Failed to identify all stakeholders and their needs

Deployed the encryption solution in an inadequate manner

Used 1024 bit encryption when 256 bit would have sufficed

Used hardware encryption instead of software encryption

Answer

Questions # 95:

When entering into a third party vendor agreement for security services, at what point in the process is it BEST to understand and validate the security posture and compliance level of the vendor?

Options:

At the time the security services are being performed and the vendor needs access to the network

Once the agreement has been signed and the security vendor states that they will need access to the network

Once the vendor is on premise and before they perform security services

Prior to signing the agreement and before any security services are being performed

Answer

Questions # 96:

An application vulnerability assessment has identified a security flaw in an application. This is a flaw that was previously identified and remediated on a prior release of the application. Which of the following is MOST likely the reason for this recurring issue?

Options:

Ineffective configuration management controls

Lack of change management controls

Lack of version/source controls

High turnover in the application development department

Answer

Questions # 97:

Which of the following represents the best method of ensuring business unit alignment with security program requirements?

Options:

Provide clear communication of security requirements throughout the organization

Demonstrate executive support with written mandates for security policy adherence

Create collaborative risk management approaches within the organization

Perform increased audits of security processes and procedures

Answer

Questions # 98:

Which of the following functions evaluates patches used to close software vulnerabilities of new systems to assure compliance with policy when implementing an information security program?

Options:

System testing

Risk assessment

Incident response

Planning

Answer

Questions # 99:

How often should the SSAE16 report of your vendors be reviewed?

Options:

Quarterly

Semi-annually

Annually

Bi-annually

Answer

Questions # 100:

An organization has a stated requirement to block certain traffic on networks. The implementation of controls will disrupt a manufacturing process and cause unacceptable delays, resulting in sever revenue disruptions. Which of the following is MOST likely to be responsible for accepting the risk until mitigating controls can be implemented?