Special Summer Discounts Limited Time 55% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 63r59951

512-50 EC-Council Information Security Manager (E|ISM) Questions and Answers

Questions 4

What is the FIRST step in developing the vulnerability management program?

Options:

A.

Baseline the Environment

B.

Maintain and Monitor

C.

Organization Vulnerability

D.

Define Policy

Buy Now
Questions 5

Which of the following strategies provides the BEST response to a ransomware attack?

Options:

A.

Real-time off-site replication

B.

Daily incremental backup

C.

Daily full backup

D.

Daily differential backup

Buy Now
Questions 6

While designing a secondary data center for your company what document needs to be analyzed to determine to how much should be spent on building the data center?

Options:

A.

Enterprise Risk Assessment

B.

Disaster recovery strategic plan

C.

Business continuity plan

D.

Application mapping document

Buy Now
Questions 7

You are having a penetration test done on your company network and the leader of the team says they discovered all the network devices because no one had changed the Simple Network Management Protocol (SNMP) community strings from the defaults. Which of the following is a default community string?

Options:

A.

Execute

B.

Read

C.

Administrator

D.

Public

Buy Now
Questions 8

An access point (AP) is discovered using Wireless Equivalent Protocol (WEP). The ciphertext sent by the AP is encrypted with the same key and cipher used by its stations. What authentication method is being used?

Options:

A.

Shared key

B.

Asynchronous

C.

Open

D.

None

Buy Now
Questions 9

Which of the following is a symmetric encryption algorithm?

Options:

A.

3DES

B.

MD5

C.

ECC

D.

RSA

Buy Now
Questions 10

Which of the following is a countermeasure to prevent unauthorized database access from web applications?

Options:

A.

Session encryption

B.

Removing all stored procedures

C.

Input sanitization

D.

Library control

Buy Now
Questions 11

In terms of supporting a forensic investigation, it is now imperative that managers, first-responders, etc., accomplish the following actions to the computer under investigation:

Options:

A.

Secure the area and shut-down the computer until investigators arrive

B.

Secure the area and attempt to maintain power until investigators arrive

C.

Immediately place hard drive and other components in an anti-static bag

D.

Secure the area.

Buy Now
Questions 12

Which of the following statements about Encapsulating Security Payload (ESP) is true?

Options:

A.

It is an IPSec protocol.

B.

It is a text-based communication protocol.

C.

It uses TCP port 22 as the default port and operates at the application layer.

D.

It uses UDP port 22

Buy Now
Questions 13

Which of the following reports should you as an IT auditor use to check on compliance with a service level agreement’s requirement for uptime?

Options:

A.

Systems logs

B.

Hardware error reports

C.

Utilization reports

D.

Availability reports

Buy Now
Questions 14

An audit was conducted and many critical applications were found to have no disaster recovery plans in place. You conduct a Business Impact Analysis (BIA) to determine impact to the company for each application. What should be the NEXT step?

Options:

A.

Determine the annual loss expectancy (ALE)

B.

Create a crisis management plan

C.

Create technology recovery plans

D.

Build a secondary hot site

Buy Now
Questions 15

An organization has implemented a change management process for all changes to the IT production environment. This change management process follows best practices and is expected to help stabilize the availability and integrity of the organization’s IT environment. Which of the following can be used to measure the effectiveness of this newly implemented process:

Options:

A.

Number of change orders rejected

B.

Number and length of planned outages

C.

Number of unplanned outages

D.

Number of change orders processed

Buy Now
Questions 16

Which of the following are necessary to formulate responses to external audit findings?

Options:

A.

Internal Audit, Management, and Technical Staff

B.

Internal Audit, Budget Authority, Management

C.

Technical Staff, Budget Authority, Management

D.

Technical Staff, Internal Audit, Budget Authority

Buy Now
Questions 17

Many times a CISO may have to speak to the Board of Directors (BOD) about their cyber security posture. What would be the BEST choice of security metrics to present to the BOD?

Options:

A.

All vulnerabilities found on servers and desktops

B.

Only critical and high vulnerabilities on servers and desktops

C.

Only critical and high vulnerabilities that impact important production servers

D.

All vulnerabilities that impact important production servers

Buy Now
Questions 18

The effectiveness of an audit is measured by?

Options:

A.

The number of actionable items in the recommendations

B.

How it exposes the risk tolerance of the company

C.

How the recommendations directly support the goals of the company

D.

The number of security controls the company has in use

Buy Now
Questions 19

Which of the following BEST describes an international standard framework that is based on the security model Information Technology—Code of Practice for Information Security Management?

Options:

A.

International Organization for Standardization 27001

B.

National Institute of Standards and Technology Special Publication SP 800-12

C.

Request For Comment 2196

D.

National Institute of Standards and Technology Special Publication SP 800-26

Buy Now
Questions 20

Dataflow diagrams are used by IT auditors to:

Options:

A.

Order data hierarchically.

B.

Highlight high-level data definitions.

C.

Graphically summarize data paths and storage processes.

D.

Portray step-by-step details of data generation.

Buy Now
Questions 21

Which of the following is a benefit of a risk-based approach to audit planning?

Options:

A.

Resources are allocated to the areas of the highest concern

B.

Scheduling may be performed months in advance

C.

Budgets are more likely to be met by the IT audit staff

D.

Staff will be exposed to a variety of technologies

Buy Now
Questions 22

At which point should the identity access management team be notified of the termination of an employee?

Options:

A.

At the end of the day once the employee is off site

B.

During the monthly review cycle

C.

Immediately so the employee account(s) can be disabled

D.

Before an audit

Buy Now
Questions 23

Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same?

Options:

A.

A substantive test of program library controls

B.

A compliance test of program library controls

C.

A compliance test of the program compiler controls

D.

A substantive test of the program compiler controls

Buy Now
Questions 24

The mean time to patch, number of virus outbreaks prevented, and number of vulnerabilities mitigated are examples of what type of performance metrics?

Options:

A.

Risk metrics

B.

Management metrics

C.

Operational metrics

D.

Compliance metrics

Buy Now
Questions 25

What is the BEST way to achieve on-going compliance monitoring in an organization?

Options:

A.

Only check compliance right before the auditors are scheduled to arrive onsite.

B.

Outsource compliance to a 3rd party vendor and let them manage the program.

C.

Have Compliance and Information Security partner to correct issues as they arise.

D.

Have Compliance direct Information Security to fix issues after the auditors report.

Buy Now
Questions 26

Which of the following is a critical operational component of an Incident Response Program (IRP)?

Options:

A.

Weekly program budget reviews to ensure the percentage of program funding remains constant.

B.

Annual review of program charters, policies, procedures and organizational agreements.

C.

Daily monitoring of vulnerability advisories relating to your organization’s deployed technologies.

D.

Monthly program tests to ensure resource allocation is sufficient for supporting the needs of the organization

Buy Now
Questions 27

A global health insurance company is concerned about protecting confidential information. Which of the following is of MOST concern to this organization?

Options:

A.

Compliance to the Payment Card Industry (PCI) regulations.

B.

Alignment with financial reporting regulations for each country where they operate.

C.

Alignment with International Organization for Standardization (ISO) standards.

D.

Compliance with patient data protection regulations for each country where they operate.

Buy Now
Questions 28

A company wants to fill a Chief Information Security Officer position in the organization. They need to define and implement a more holistic security program. Which of the following qualifications and experience would be MOST desirable to find in a candidate?

Options:

A.

Multiple certifications, strong technical capabilities and lengthy resume

B.

Industry certifications, technical knowledge and program management skills

C.

College degree, audit capabilities and complex project management

D.

Multiple references, strong background check and industry certifications

Buy Now
Questions 29

Quantitative Risk Assessments have the following advantages over qualitative risk assessments:

Options:

A.

They are objective and can express risk / cost in real numbers

B.

They are subjective and can be completed more quickly

C.

They are objective and express risk / cost in approximates

D.

They are subjective and can express risk /cost in real numbers

Buy Now
Questions 30

When an organization claims it is secure because it is PCI-DSS certified, what is a good first question to ask towards assessing the effectiveness of their security program?

Options:

A.

How many credit card records are stored?

B.

How many servers do you have?

C.

What is the scope of the certification?

D.

What is the value of the assets at risk?

Buy Now
Questions 31

Risk appetite directly affects what part of a vulnerability management program?

Options:

A.

Staff

B.

Scope

C.

Schedule

D.

Scan tools

Buy Now
Questions 32

Which of the following are the MOST important factors for proactively determining system vulnerabilities?

Options:

A.

Subscribe to vendor mailing list to get notification of system vulnerabilities

B.

Deploy Intrusion Detection System (IDS) and install anti-virus on systems

C.

Configure firewall, perimeter router and Intrusion Prevention System (IPS)

D.

Conduct security testing, vulnerability scanning, and penetration testing

Buy Now
Questions 33

When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?

Options:

A.

When there is a need to develop a more unified incident response capability.

B.

When the enterprise is made up of many business units with diverse business activities, risks profiles and regulatory requirements.

C.

When there is a variety of technologies deployed in the infrastructure.

D.

When it results in an overall lower cost of operating the security program.

Buy Now
Questions 34

A global retail company is creating a new compliance management process. Which of the following regulations is of MOST importance to be tracked and managed by this process?

Options:

A.

Information Technology Infrastructure Library (ITIL)

B.

International Organization for Standardization (ISO) standards

C.

Payment Card Industry Data Security Standards (PCI-DSS)

D.

National Institute for Standards and Technology (NIST) standard

Buy Now
Questions 35

Which of the following is a benefit of information security governance?

Options:

A.

Questioning the trust in vendor relationships.

B.

Increasing the risk of decisions based on incomplete management information.

C.

Direct involvement of senior management in developing control processes

D.

Reduction of the potential for civil and legal liability

Buy Now
Questions 36

As the Risk Manager of an organization, you are task with managing vendor risk assessments. During the assessment, you identified that the vendor is engaged with high profiled clients, and bad publicity can jeopardize your own brand.

Which is the BEST type of risk that defines this event?

Options:

A.

Compliance Risk

B.

Reputation Risk

C.

Operational Risk

D.

Strategic Risk

Buy Now
Questions 37

The organization does not have the time to remediate the vulnerability; however it is critical to release the application. Which of the following needs to be further evaluated to help mitigate the risks?

Options:

A.

Provide developer security training

B.

Deploy Intrusion Detection Systems

C.

Provide security testing tools

D.

Implement Compensating Controls

Buy Now
Questions 38

Which of the following is critical in creating a security program aligned with an organization’s goals?

Options:

A.

Ensure security budgets enable technical acquisition and resource allocation based on internal compliance requirements

B.

Develop a culture in which users, managers and IT professionals all make good decisions about information risk

C.

Provide clear communication of security program support requirements and audit schedules

D.

Create security awareness programs that include clear definition of security program goals and charters

Buy Now
Questions 39

A severe security threat has been detected on your corporate network. As CISO you quickly assemble key members of the Information Technology team and business operations to determine a modification to security controls in response to the threat. This is an example of:

Options:

A.

Change management

B.

Business continuity planning

C.

Security Incident Response

D.

Thought leadership

Buy Now
Questions 40

A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets installed, but the project gets a great deal of resistance across the organization. Which of the following represents the MOST likely reason for this situation?

Options:

A.

The software license expiration is probably out of synchronization with other software licenses

B.

The project was initiated without an effort to get support from impacted business units in the organization

C.

The software is out of date and does not provide for a scalable solution across the enterprise

D.

The security officer should allow time for the organization to get accustomed to her presence before initiating security projects

Buy Now
Questions 41

When should IT security project management be outsourced?

Options:

A.

When organizational resources are limited

B.

When the benefits of outsourcing outweigh the inherent risks of outsourcing

C.

On new, enterprise-wide security initiatives

D.

On projects not forecasted in the yearly budget

Buy Now
Questions 42

An organization has a stated requirement to block certain traffic on networks. The implementation of controls will disrupt a manufacturing process and cause unacceptable delays, resulting in sever revenue disruptions. Which of the following is MOST likely to be responsible for accepting the risk until mitigating controls can be implemented?

Options:

A.

The CISO

B.

Audit and Compliance

C.

The CFO

D.

The business owner

Buy Now
Questions 43

You are the CISO of a commercial social media organization. The leadership wants to rapidly create new methods of sharing customer data through creative linkages with mobile devices. You have voiced concern about privacy regulations but the velocity of the business is given priority. Which of the following BEST describes this organization?

Options:

A.

Risk averse

B.

Risk tolerant

C.

Risk conditional

D.

Risk minimal

Buy Now
Questions 44

A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?

Options:

A.

Alignment with the business

B.

Effective use of existing technologies

C.

Leveraging existing implementations

D.

Proper budget management

Buy Now
Questions 45

Which of the following is considered one of the most frequent failures in project management?

Options:

A.

Overly restrictive management

B.

Excessive personnel on project

C.

Failure to meet project deadlines

D.

Insufficient resources

Buy Now
Questions 46

A system was hardened at the Operating System level and placed into the production environment. Months later an audit was performed and it identified insecure configuration different from the original hardened state. Which of the following security issues is the MOST likely reason leading to the audit findings?

Options:

A.

Lack of asset management processes

B.

Lack of change management processes

C.

Lack of hardening standards

D.

Lack of proper access controls

Buy Now
Questions 47

A recommended method to document the respective roles of groups and individuals for a given process is to:

Options:

A.

Develop a detailed internal organization chart

B.

Develop a telephone call tree for emergency response

C.

Develop an isolinear response matrix with cost benefit analysis projections

D.

Develop a Responsible, Accountable, Consulted, Informed (RACI) chart

Buy Now
Questions 48

Which of the following is the MOST important component of any change management process?

Options:

A.

Scheduling

B.

Back-out procedures

C.

Outage planning

D.

Management approval

Buy Now
Questions 49

If a competitor wants to cause damage to your organization, steal critical secrets, or put you out of business,

they just have to find a job opening, prepare someone to pass the interview, have that person hired, and they

will be in the organization. How would you prevent such type of attacks?

Options:

A.

Conduct thorough background checks before you engage them

B.

Hire the people through third-party job agencies who will vet them for you

C.

Investigate their social networking profiles

D.

It is impossible to block these attacks

Buy Now
Questions 50

What is the difference between encryption and tokenization?

Options:

A.

Tokenization combined with hashing is always better than encryption

B.

Encryption can be mathematically reversed to provide the original information

C.

The token contains the all original information

D.

Tokenization can be mathematically reversed to provide the original information

Buy Now
Questions 51

What is the primary reason for performing a return on investment analysis?

Options:

A.

To decide between multiple vendors

B.

To decide is the solution costs less than the risk it is mitigating

C.

To determine the current present value of a project

D.

To determine the annual rate of loss

Buy Now
Questions 52

Which of the following conditions would be the MOST probable reason for a security project to be rejected by the executive board of an organization?

Options:

A.

The Net Present Value (NPV) of the project is positive

B.

The NPV of the project is negative

C.

The Return on Investment (ROI) is larger than 10 months

D.

The ROI is lower than 10 months

Buy Now
Questions 53

Which regulation or policy governs protection of personally identifiable user data gathered during a cyber investigation?

Options:

A.

ITIL

B.

Privacy Act

C.

Sarbanes Oxley

D.

PCI-DSS

Buy Now
Questions 54

What is meant by password aging?

Options:

A.

An expiration date set for passwords

B.

A Single Sign-On requirement

C.

Time in seconds a user is allocated to change a password

D.

The amount of time it takes for a password to activate

Buy Now
Questions 55

Which technology can provide a computing environment without requiring a dedicated hardware backend?

Options:

A.

Mainframe server

B.

Virtual Desktop

C.

Thin client

D.

Virtual Local Area Network

Buy Now
Questions 56

Michael starts a new job and discovers that he has unnecessary access to a variety of systems. Which of the

following best describes the problem he has encountered?

Options:

A.

Rights collision

B.

Excessive privileges

C.

Privilege creep

D.

Least privileges

Buy Now
Questions 57

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.

Which of the following is the reason the CISO has not been able to advance the security agenda in this organization?

Options:

A.

Lack of identification of technology stake holders

B.

Lack of business continuity process

C.

Lack of influence with leaders outside IT

D.

Lack of a security awareness program

Buy Now
Questions 58

A digital signature addresses which of the following concerns?

Options:

A.

Message alteration

B.

Message copying

C.

Message theft

D.

Unauthorized reading

Buy Now
Questions 59

The Annualized Loss Expectancy (Before) minus Annualized Loss Expectancy (After) minus Annual Safeguard Cost is the formula for determining:

Options:

A.

Safeguard Value

B.

Cost Benefit Analysis

C.

Single Loss Expectancy

D.

Life Cycle Loss Expectancy

Buy Now
Questions 60

Which of the following terms is used to describe countermeasures implemented to minimize risks to physical

property, information, and computing systems?

Options:

A.

Security frameworks

B.

Security policies

C.

Security awareness

D.

Security controls

Buy Now
Exam Code: 512-50
Exam Name: EC-Council Information Security Manager (E|ISM)
Last Update: Aug 19, 2022
Questions: 404

PDF + Testing Engine

$79.2  $175.99

Testing Engine

$59.4  $131.99
buy now 512-50 testing engine

PDF (Q&A)

$49.5  $109.99
buy now 512-50 pdf