New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

512-50 EC-Council Information Security Manager (E|ISM) Questions and Answers

Questions 4

Which of the following set of processes is considered to be one of the cornerstone cycles of the International Organization for Standardization (ISO) 27001 standard?

Options:

A.

Plan-Check-Do-Act

B.

Plan-Do-Check-Act

C.

Plan-Select-Implement-Evaluate

D.

SCORE (Security Consensus Operational Readiness Evaluation)

Buy Now
Questions 5

A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets installed, but the project gets a great deal of resistance across the organization. Which of the following represents the MOST likely reason for this situation?

Options:

A.

The software license expiration is probably out of synchronization with other software licenses

B.

The project was initiated without an effort to get support from impacted business units in the organization

C.

The software is out of date and does not provide for a scalable solution across the enterprise

D.

The security officer should allow time for the organization to get accustomed to her presence before initiating security projects

Buy Now
Questions 6

Scenario: Your program is developed around minimizing risk to information by focusing on people, technology, and operations.

An effective way to evaluate the effectiveness of an information security awareness program for end users, especially senior executives, is to conduct periodic:

Options:

A.

Controlled spear phishing campaigns

B.

Password changes

C.

Baselining of computer systems

D.

Scanning for viruses

Buy Now
Questions 7

If a competitor wants to cause damage to your organization, steal critical secrets, or put you out of business,

they just have to find a job opening, prepare someone to pass the interview, have that person hired, and they

will be in the organization. How would you prevent such type of attacks?

Options:

A.

Conduct thorough background checks before you engage them

B.

Hire the people through third-party job agencies who will vet them for you

C.

Investigate their social networking profiles

D.

It is impossible to block these attacks

Buy Now
Questions 8

Your organization provides open guest wireless access with no captive portals. What can you do to assist with law enforcement investigations if one of your guests is suspected of committing an illegal act using your network?

Options:

A.

Configure logging on each access point

B.

Install a firewall software on each wireless access point.

C.

Provide IP and MAC address

D.

Disable SSID Broadcast and enable MAC address filtering on all wireless access points.

Buy Now
Questions 9

The organization does not have the time to remediate the vulnerability; however it is critical to release the application. Which of the following needs to be further evaluated to help mitigate the risks?

Options:

A.

Provide developer security training

B.

Deploy Intrusion Detection Systems

C.

Provide security testing tools

D.

Implement Compensating Controls

Buy Now
Questions 10

A recommended method to document the respective roles of groups and individuals for a given process is to:

Options:

A.

Develop a detailed internal organization chart

B.

Develop a telephone call tree for emergency response

C.

Develop an isolinear response matrix with cost benefit analysis projections

D.

Develop a Responsible, Accountable, Consulted, Informed (RACI) chart

Buy Now
Questions 11

A severe security threat has been detected on your corporate network. As CISO you quickly assemble key members of the Information Technology team and business operations to determine a modification to security controls in response to the threat. This is an example of:

Options:

A.

Change management

B.

Business continuity planning

C.

Security Incident Response

D.

Thought leadership

Buy Now
Questions 12

A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?

Options:

A.

Alignment with the business

B.

Effective use of existing technologies

C.

Leveraging existing implementations

D.

Proper budget management

Buy Now
Questions 13

Which of the following are the triple constraints of project management?

Options:

A.

Time, quality, and scope

B.

Cost, quality, and time

C.

Scope, time, and cost

D.

Quality, scope, and cost

Buy Now
Questions 14

To get an Information Security project back on schedule, which of the following will provide the MOST help?

Options:

A.

Upper management support

B.

More frequent project milestone meetings

C.

Stakeholder support

D.

Extend work hours

Buy Now
Questions 15

Scenario: Most industries require compliance with multiple government regulations and/or industry standards to meet data protection and privacy mandates.

What is one proven method to account for common elements found within separate regulations and/or standards?

Options:

A.

Hire a GRC expert

B.

Use the Find function of your word processor

C.

Design your program to meet the strictest government standards

D.

Develop a crosswalk

Buy Now
Questions 16

Scenario: You are the newly hired Chief Information Security Officer for a company that has not previously had a senior level security practitioner. The company lacks a defined security policy and framework for their Information Security Program. Your new boss, the Chief Financial Officer, has asked you to draft an outline of a security policy and recommend an industry/sector neutral information security control framework for implementation.

Your Corporate Information Security Policy should include which of the following?

Options:

A.

Information security theory

B.

Roles and responsibilities

C.

Incident response contacts

D.

Desktop configuration standards

Buy Now
Questions 17

Which of the following is a symmetric encryption algorithm?

Options:

A.

3DES

B.

MD5

C.

ECC

D.

RSA

Buy Now
Questions 18

Which of the following statements about Encapsulating Security Payload (ESP) is true?

Options:

A.

It is an IPSec protocol.

B.

It is a text-based communication protocol.

C.

It uses TCP port 22 as the default port and operates at the application layer.

D.

It uses UDP port 22

Buy Now
Questions 19

Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive customer data has been stolen and is now being sold on the Internet by criminal elements. During your investigation of the rumored compromise you discover that data has been breached and you have discovered the repository of stolen data on a server located in a foreign country. Your team now has full access to the data on the foreign server.

Your defenses did not hold up to the test as originally thought. As you investigate how the data was compromised through log analysis you discover that a hardworking, but misguided business intelligence analyst posted the data to an obfuscated URL on a popular cloud storage service so they could work on it from home during their off-time. Which technology or solution could you deploy to prevent employees from removing corporate data from your network? Choose the BEST answer.

Options:

A.

Security Guards posted outside the Data Center

B.

Data Loss Prevention (DLP)

C.

Rigorous syslog reviews

D.

Intrusion Detection Systems (IDS)

Buy Now
Questions 20

Which of the following is a fundamental component of an audit record?

Options:

A.

Date and time of the event

B.

Failure of the event

C.

Originating IP-Address

D.

Authentication type

Buy Now
Questions 21

The process of identifying and classifying assets is typically included in the

Options:

A.

Threat analysis process

B.

Asset configuration management process

C.

Business Impact Analysis

D.

Disaster Recovery plan

Buy Now
Questions 22

Which of the following should be determined while defining risk management strategies?

Options:

A.

Organizational objectives and risk tolerance

B.

Risk assessment criteria

C.

IT architecture complexity

D.

Enterprise disaster recovery plans

Buy Now
Questions 23

SCENARIO: Critical servers show signs of erratic behavior within your organization’s intranet. Initial information indicates the systems are under attack from an outside entity. As the Chief Information Security Officer (CISO), you decide to deploy the Incident Response Team (IRT) to determine the details of this incident and take action according to the information available to the team.

In what phase of the response will the team extract information from the affected systems without altering original data?

Options:

A.

Response

B.

Investigation

C.

Recovery

D.

Follow-up

Buy Now
Questions 24

Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.

How can you reduce the administrative burden of distributing symmetric keys for your employer?

Options:

A.

Use asymmetric encryption for the automated distribution of the symmetric key

B.

Use a self-generated key on both ends to eliminate the need for distribution

C.

Use certificate authority to distribute private keys

D.

Symmetrically encrypt the key and then use asymmetric encryption to unencrypt it

Buy Now
Questions 25

Scenario: Most industries require compliance with multiple government regulations and/or industry standards to meet data protection and privacy mandates.

When multiple regulations or standards apply to your industry you should set controls to meet the:

Options:

A.

Easiest regulation or standard to implement

B.

Stricter regulation or standard

C.

Most complex standard to implement

D.

Recommendations of your Legal Staff

Buy Now
Questions 26

Which of the following is MOST useful when developing a business case for security initiatives?

Options:

A.

Budget forecasts

B.

Request for proposals

C.

Cost/benefit analysis

D.

Vendor management

Buy Now
Questions 27

Which of the following is a MAJOR consideration when an organization retains sensitive customer data and uses this data to better target the organization’s products and services?

Options:

A.

Strong authentication technologies

B.

Financial reporting regulations

C.

Credit card compliance and regulations

D.

Local privacy laws

Buy Now
Questions 28

Which of the following is considered the foundation for the Enterprise Information Security Architecture (EISA)?

Options:

A.

Security regulations

B.

Asset classification

C.

Information security policy

D.

Data classification

Buy Now
Questions 29

A person in your security team calls you at night and informs you that one of your web applications is potentially under attack from a cross-site scripting vulnerability. What do you do?

Options:

A.

tell him to shut down the server

B.

tell him to call the police

C.

tell him to invoke the incident response process

D.

tell him to analyze the problem, preserve the evidence and provide a full analysis and report

Buy Now
Questions 30

What oversight should the information security team have in the change management process for application security?

Options:

A.

Information security should be informed of changes to applications only

B.

Development team should tell the information security team about any application security flaws

C.

Information security should be aware of any significant application security changes and work with developer to test for vulnerabilities before changes are deployed in production

D.

Information security should be aware of all application changes and work with developers before changes are deployed in production

Buy Now
Questions 31

When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?

Options:

A.

When there is a need to develop a more unified incident response capability.

B.

When the enterprise is made up of many business units with diverse business activities, risks profiles and regulatory requirements.

C.

When there is a variety of technologies deployed in the infrastructure.

D.

When it results in an overall lower cost of operating the security program.

Buy Now
Questions 32

According to ISO 27001, of the steps for establishing an Information Security Governance program listed below, which comes first?

Options:

A.

Identify threats, risks, impacts and vulnerabilities

B.

Decide how to manage risk

C.

Define the budget of the Information Security Management System

D.

Define Information Security Policy

Buy Now
Questions 33

Which of the following is MOST important when tuning an Intrusion Detection System (IDS)?

Options:

A.

Trusted and untrusted networks

B.

Type of authentication

C.

Storage encryption

D.

Log retention

Buy Now
Questions 34

What is the term describing the act of inspecting all real-time Internet traffic (i.e., packets) traversing a major Internet backbone without introducing any apparent latency?

Options:

A.

Traffic Analysis

B.

Deep-Packet inspection

C.

Packet sampling

D.

Heuristic analysis

Buy Now
Questions 35

Which of the following represents the best method of ensuring business unit alignment with security program requirements?

Options:

A.

Provide clear communication of security requirements throughout the organization

B.

Demonstrate executive support with written mandates for security policy adherence

C.

Create collaborative risk management approaches within the organization

D.

Perform increased audits of security processes and procedures

Buy Now
Questions 36

When entering into a third party vendor agreement for security services, at what point in the process is it BEST to understand and validate the security posture and compliance level of the vendor?

Options:

A.

At the time the security services are being performed and the vendor needs access to the network

B.

Once the agreement has been signed and the security vendor states that they will need access to the network

C.

Once the vendor is on premise and before they perform security services

D.

Prior to signing the agreement and before any security services are being performed

Buy Now
Questions 37

Risk appetite directly affects what part of a vulnerability management program?

Options:

A.

Staff

B.

Scope

C.

Schedule

D.

Scan tools

Buy Now
Questions 38

Which of the following international standards can be BEST used to define a Risk Management process in an organization?

Options:

A.

National Institute for Standards and Technology 800-50 (NIST 800-50)

B.

International Organization for Standardizations – 27005 (ISO-27005)

C.

Payment Card Industry Data Security Standards (PCI-DSS)

D.

International Organization for Standardizations – 27004 (ISO-27004)

Buy Now
Questions 39

When creating a vulnerability scan schedule, who is the MOST critical person to communicate with in order to ensure impact of the scan is minimized?

Options:

A.

The asset owner

B.

The asset manager

C.

The data custodian

D.

The project manager

Buy Now
Questions 40

With a focus on the review and approval aspects of board responsibilities, the Data Governance Council recommends that the boards provide strategic oversight regarding information and information security, include these four things:

Options:

A.

Metrics tracking security milestones, understanding criticality of information and information security, visibility into the types of information and how it is used, endorsement by the board of directors

B.

Annual security training for all employees, continual budget reviews, endorsement of the development and implementation of a security program, metrics to track the program

C.

Understanding criticality of information and information security, review investment in information security, endorse development and implementation of a security program, and require regular reports on adequacy and effectiveness

D.

Endorsement by the board of directors for security program, metrics of security program milestones, annual budget review, report on integration and acceptance of program

Buy Now
Questions 41

One of the MAIN goals of a Business Continuity Plan is to

Options:

A.

Ensure all infrastructure and applications are available in the event of a disaster

B.

Allow all technical first-responders to understand their roles in the event of a disaster

C.

Provide step by step plans to recover business processes in the event of a disaster

D.

Assign responsibilities to the technical teams responsible for the recovery of all data.

Buy Now
Questions 42

Which of the following is considered one of the most frequent failures in project management?

Options:

A.

Overly restrictive management

B.

Excessive personnel on project

C.

Failure to meet project deadlines

D.

Insufficient resources

Buy Now
Questions 43

You have implemented the new controls. What is the next step?

Options:

A.

Document the process for the stakeholders

B.

Monitor the effectiveness of the controls

C.

Update the audit findings report

D.

Perform a risk assessment

Buy Now
Questions 44

The effectiveness of an audit is measured by?

Options:

A.

The number of actionable items in the recommendations

B.

How it exposes the risk tolerance of the company

C.

How the recommendations directly support the goals of the company

D.

The number of security controls the company has in use

Buy Now
Questions 45

Which of the following activities results in change requests?

Options:

A.

Preventive actions

B.

Inspection

C.

Defect repair

D.

Corrective actions

Buy Now
Questions 46

The process of creating a system which divides documents based on their security level to manage access to private data is known as

Options:

A.

security coding

B.

data security system

C.

data classification

D.

privacy protection

Buy Now
Questions 47

Physical security measures typically include which of the following components?

Options:

A.

Physical, Technical, Operational

B.

Technical, Strong Password, Operational

C.

Operational, Biometric, Physical

D.

Strong password, Biometric, Common Access Card

Buy Now
Questions 48

As the CISO, you have been tasked with the execution of the company’s key management program. You

MUST ensure the integrity of encryption keys at the point of generation. Which principal of encryption key

control will ensure no single individual can constitute or re-constitute a key?

Options:

A.

Dual Control

B.

Separation of Duties

C.

Split Knowledge

D.

Least Privilege

Buy Now
Questions 49

Your incident handling manager detects a virus attack in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the following phases in the incident handling process will utilize the signature to resolve this incident?

Options:

A.

Containment

B.

Recovery

C.

Identification

D.

Eradication

Buy Now
Questions 50

Which of the following is the MAIN security concern for public cloud computing?

Options:

A.

Unable to control physical access to the servers

B.

Unable to track log on activity

C.

Unable to run anti-virus scans

D.

Unable to patch systems as needed

Buy Now
Questions 51

An organization is looking for a framework to measure the efficiency and effectiveness of their Information Security Management System. Which of the following international standards can BEST assist this organization?

Options:

A.

International Organization for Standardizations – 27004 (ISO-27004)

B.

Payment Card Industry Data Security Standards (PCI-DSS)

C.

Control Objectives for Information Technology (COBIT)

D.

International Organization for Standardizations – 27005 (ISO-27005)

Buy Now
Questions 52

Which of the following has the GREATEST impact on the implementation of an information security governance model?

Options:

A.

Organizational budget

B.

Distance between physical locations

C.

Number of employees

D.

Complexity of organizational structure

Buy Now
Questions 53

Why is it vitally important that senior management endorse a security policy?

Options:

A.

So that they will accept ownership for security within the organization.

B.

So that employees will follow the policy directives.

C.

So that external bodies will recognize the organizations commitment to security.

D.

So that they can be held legally accountable.

Buy Now
Questions 54

When a critical vulnerability has been discovered on production systems and needs to be fixed immediately, what is the BEST approach for a CISO to mitigate the vulnerability under tight budget constraints?

Options:

A.

Transfer financial resources from other critical programs

B.

Take the system off line until the budget is available

C.

Deploy countermeasures and compensating controls until the budget is available

D.

Schedule an emergency meeting and request the funding to fix the issue

Buy Now
Questions 55

The patching and monitoring of systems on a consistent schedule is required by?

Options:

A.

Local privacy laws

B.

Industry best practices

C.

Risk Management frameworks

D.

Audit best practices

Buy Now
Questions 56

A recent audit has identified a few control exceptions and is recommending the implementation of technology and processes to address the finding. Which of the following is the MOST likely reason for the organization to reject the implementation of the recommended technology and processes?

Options:

A.

The auditors have not followed proper auditing processes

B.

The CIO of the organization disagrees with the finding

C.

The risk tolerance of the organization permits this risk

D.

The organization has purchased cyber insurance

Buy Now
Questions 57

Which International Organization for Standardization (ISO) below BEST describes the performance of risk management, and includes a five-stage risk management methodology.

Options:

A.

ISO 27001

B.

ISO 27002

C.

ISO 27004

D.

ISO 27005

Buy Now
Questions 58

Which of the following BEST describes an international standard framework that is based on the security model Information Technology—Code of Practice for Information Security Management?

Options:

A.

International Organization for Standardization 27001

B.

National Institute of Standards and Technology Special Publication SP 800-12

C.

Request For Comment 2196

D.

National Institute of Standards and Technology Special Publication SP 800-26

Buy Now
Questions 59

Which of the following organizations is typically in charge of validating the implementation and effectiveness of security controls?

Options:

A.

Security Administrators

B.

Internal/External Audit

C.

Risk Management

D.

Security Operations

Buy Now
Questions 60

Your IT auditor is reviewing significant events from the previous year and has identified some procedural oversights. Which of the following would be the MOST concerning?

Options:

A.

Lack of notification to the public of disclosure of confidential information.

B.

Lack of periodic examination of access rights

C.

Failure to notify police of an attempted intrusion

D.

Lack of reporting of a successful denial of service attack on the network.

Buy Now
Exam Code: 512-50
Exam Name: EC-Council Information Security Manager (E|ISM)
Last Update: Dec 26, 2024
Questions: 404
512-50 pdf

512-50 PDF

$25.5  $84.99
512-50 Engine

512-50 Testing Engine

$30  $99.99
512-50 PDF + Engine

512-50 PDF + Testing Engine

$40.5  $134.99