Spring Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
ECCouncil
EISM
512-50
EC-Council Information Security Manager (E|ISM) Questions and Answers

Pass the ECCouncil EISM 512-50 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam 512-50 Premium Access

View all detail and faqs for the 512-50 exam

Go to Exam

769 Students Passed

87% Average Score

92% Same Questions

Viewing page 2 out of 13 pages

Viewing questions 11-20 out of questions

Questions # 11:

The PRIMARY objective of security awareness is to:

Options:

Ensure that security policies are read.

Encourage security-conscious employee behavior.

Meet legal and regulatory requirements.

Put employees on notice in case follow-up action for noncompliance is necessary

Answer

Questions # 12:

What should an organization do to ensure that they have a sound Business Continuity (BC) Plan?

Options:

Test every three years to ensure that things work as planned

Conduct periodic tabletop exercises to refine the BC plan

Outsource the creation and execution of the BC plan to a third party vendor

Conduct a Disaster Recovery (DR) exercise every year to test the plan

Answer

Questions # 13:

Who in the organization determines access to information?

Options:

Legal department

Compliance officer

Data Owner

Information security officer

Answer

Questions # 14:

The success of the Chief Information Security Officer is MOST dependent upon:

Options:

favorable audit findings

following the recommendations of consultants and contractors

development of relationships with organization executives

raising awareness of security issues with end users

Answer

Questions # 15:

As the Risk Manager of an organization, you are task with managing vendor risk assessments. During the assessment, you identified that the vendor is engaged with high profiled clients, and bad publicity can jeopardize your own brand.

Which is the BEST type of risk that defines this event?

Options:

Compliance Risk

Reputation Risk

Operational Risk

Strategic Risk

Answer

Questions # 16:

A business unit within your organization intends to deploy a new technology in a manner that places it in violation of existing information security standards. What immediate action should the information security manager take?

Options:

Enforce the existing security standards and do not allow the deployment of the new technology.

Amend the standard to permit the deployment.

If the risks associated with that technology are not already identified, perform a risk analysis to quantify the risk, and allow the business unit to proceed based on the identified risk level.

Permit a 90-day window to see if an issue occurs and then amend the standard if there are no issues.

Answer

Questions # 17:

Which of the following has the GREATEST impact on the implementation of an information security governance model?

Options:

Organizational budget

Distance between physical locations

Number of employees

Complexity of organizational structure

Answer

Questions # 18:

You have recently drafted a revised information security policy. From whom should you seek endorsement in order to have the GREATEST chance for adoption and implementation throughout the entire organization?

Options:

Chief Information Security Officer

Chief Executive Officer

Chief Information Officer

Chief Legal Counsel

Answer

Questions # 19:

The exposure factor of a threat to your organization is defined by?

Options:

Asset value times exposure factor

Annual rate of occurrence

Annual loss expectancy minus current cost of controls

Percentage of loss experienced due to a realized threat event

Answer

Questions # 20:

Which of the following is of MOST importance when security leaders of an organization are required to align security to influence the culture of an organization?