Spring Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
ECCouncil
EISM
512-50
EC-Council Information Security Manager (E|ISM) Questions and Answers

Pass the ECCouncil EISM 512-50 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam 512-50 Premium Access

View all detail and faqs for the 512-50 exam

Go to Exam

769 Students Passed

87% Average Score

92% Same Questions

Viewing page 11 out of 13 pages

Viewing questions 101-110 out of questions

Questions # 101:

An organization is required to implement background checks on all employees with access to databases containing credit card information. This is considered a security

Options:

Procedural control

Management control

Technical control

Administrative control

Answer

Questions # 102:

When a critical vulnerability has been discovered on production systems and needs to be fixed immediately, what is the BEST approach for a CISO to mitigate the vulnerability under tight budget constraints?

Options:

Transfer financial resources from other critical programs

Take the system off line until the budget is available

Deploy countermeasures and compensating controls until the budget is available

Schedule an emergency meeting and request the funding to fix the issue

Answer

Questions # 103:

Which of the following BEST describes an international standard framework that is based on the security model Information Technology—Code of Practice for Information Security Management?

Options:

International Organization for Standardization 27001

National Institute of Standards and Technology Special Publication SP 800-12

Request For Comment 2196

National Institute of Standards and Technology Special Publication SP 800-26

Answer

Questions # 104:

How often should an environment be monitored for cyber threats, risks, and exposures?

Options:

Weekly

Monthly

Quarterly

Daily

Answer

Questions # 105:

Which of the following is the MOST important goal of risk management?

Options:

Identifying the risk

Finding economic balance between the impact of the risk and the cost of the control

Identifying the victim of any potential exploits.

Assessing the impact of potential threats

Answer

Questions # 106:

A missing/ineffective security control is identified. Which of the following should be the NEXT step?

Options:

Perform an audit to measure the control formally

Escalate the issue to the IT organization

Perform a risk assessment to measure risk

Establish Key Risk Indicators

Answer

Questions # 107:

You have implemented the new controls. What is the next step?

Options:

Document the process for the stakeholders

Monitor the effectiveness of the controls

Update the audit findings report

Perform a risk assessment

Answer

Questions # 108:

Many times a CISO may have to speak to the Board of Directors (BOD) about their cyber security posture. What would be the BEST choice of security metrics to present to the BOD?

Options:

All vulnerabilities found on servers and desktops

Only critical and high vulnerabilities on servers and desktops

Only critical and high vulnerabilities that impact important production servers

All vulnerabilities that impact important production servers

Answer

Questions # 109:

Control Objectives for Information and Related Technology (COBIT) is which of the following?

Options:

An Information Security audit standard

An audit guideline for certifying secure systems and controls

A framework for Information Technology management and governance

A set of international regulations for Information Technology governance

Answer

Questions # 110:

An information security department is required to remediate system vulnerabilities when they are discovered. Please select the three primary remediation methods that can be used on an affected system.