Spring Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
ECCouncil
EISM
512-50
EC-Council Information Security Manager (E|ISM) Questions and Answers

Pass the ECCouncil EISM 512-50 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam 512-50 Premium Access

View all detail and faqs for the 512-50 exam

Go to Exam

769 Students Passed

87% Average Score

92% Same Questions

Viewing page 9 out of 13 pages

Viewing questions 81-90 out of questions

Questions # 81:

When managing the critical path of an IT security project, which of the following is MOST important?

Options:

Knowing who all the stakeholders are.

Knowing the people on the data center team.

Knowing the threats to the organization.

Knowing the milestones and timelines of deliverables.

Answer

Questions # 82:

Which of the following is a major benefit of applying risk levels?

Options:

Risk management governance becomes easier since most risks remain low once mitigated

Resources are not wasted on risks that are already managed to an acceptable level

Risk budgets are more easily managed due to fewer identified risks as a result of using a methodology

Risk appetite can increase within the organization once the levels are understood

Answer

Questions # 83:

Your incident response plan should include which of the following?

Options:

Procedures for litigation

Procedures for reclamation

Procedures for classification

Procedures for charge-back

Answer

Questions # 84:

When should IT security project management be outsourced?

Options:

When organizational resources are limited

When the benefits of outsourcing outweigh the inherent risks of outsourcing

On new, enterprise-wide security initiatives

On projects not forecasted in the yearly budget

Answer

Questions # 85:

The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?

Options:

Work with the IT group and tell them to put IPS in-line and say it won’t cause any network impact

Explain to the IT group that the IPS won’t cause any network impact because it will fail open

Explain to the IT group that this is a business need and the IPS will fail open however, if there is a network failure the CISO will accept responsibility

Explain to the IT group that the IPS will fail open once in-line however it will be deployed in monitor mode for a set period of time to ensure that it doesn’t block any legitimate traffic

Answer

Questions # 86:

A CISO sees abnormally high volumes of exceptions to security requirements and constant pressure from business units to change security processes. Which of the following represents the MOST LIKELY cause of this situation?

Options:

Poor audit support for the security program

A lack of executive presence within the security program

Poor alignment of the security program to business needs

This is normal since business units typically resist security requirements

Answer

Questions # 87:

Which of the following is considered a project versus a managed process?

Options:

monitoring external and internal environment during incident response

ongoing risk assessments of routine operations

continuous vulnerability assessment and vulnerability repair

installation of a new firewall system

Answer

Questions # 88:

To get an Information Security project back on schedule, which of the following will provide the MOST help?

Options:

Upper management support

More frequent project milestone meetings

Stakeholder support

Extend work hours

Answer

Questions # 89:

Which of the following is the MOST important component of any change management process?

Options:

Scheduling

Back-out procedures

Outage planning

Management approval

Answer

Questions # 90:

You are the CISO of a commercial social media organization. The leadership wants to rapidly create new methods of sharing customer data through creative linkages with mobile devices. You have voiced concern about privacy regulations but the velocity of the business is given priority. Which of the following BEST describes this organization?