1. Home
  2. EC-COUNCIL
  3. 512-50

EC-Council Information Security Manager (E|ISM)

Exam Details

  • Exam Code
    :512-50
  • Exam Name
    :EC-Council Information Security Manager (E|ISM)
  • Certification
    :EISM
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :404 Q&As
  • Last Updated
    :May 09, 2024

EC-COUNCIL EISM 512-50 Questions & Answers

  • Question 11:

    What is one key difference between Capital expenditures and Operating expenditures?

    A. Operating expense cannot be written off while Capital expense can

    B. Operating expenses can be depreciated over time and Capital expenses cannot

    C. Capital expenses cannot include salaries and Operating expenses can

    D. Capital expenditures allow for the cost to be depreciated over time and Operating does not

  • Question 12:

    Which of the following is true regarding expenditures?

    A. Capital expenditures are never taxable

    B. Operating expenditures are for acquiring assets, capital expenditures are for support costs of that asset

    C. Capital expenditures are used to define depreciation tables of intangible assets

    D. Capital expenditures are for acquiring assets, whereas operating expenditures are for support costs of that asset

  • Question 13:

    Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.

    From an Information Security Leadership perspective, which of the following is a MAJOR concern about the CISO's approach to security?

    A. Compliance centric agenda

    B. IT security centric agenda

    C. Lack of risk management process

    D. Lack of sponsorship from executive management

  • Question 14:

    Which of the following is used to lure attackers into false environments so they can be monitored, contained, or blocked from reaching critical systems?

    A. Segmentation controls.

    B. Shadow applications.

    C. Deception technology.

    D. Vulnerability management.

  • Question 15:

    The new CISO was informed of all the Information Security projects that the organization has in progress. Two projects are over a year behind schedule and over budget. Using best business practices for project management you determine that the project correctly aligns with the company goals.

    Which of the following needs to be performed NEXT?

    A. Verify the scope of the project

    B. Verify the regulatory requirements

    C. Verify technical resources

    D. Verify capacity constraints

  • Question 16:

    Acceptable levels of information security risk tolerance in an organization should be determined by?

    A. Corporate legal counsel

    B. CISO with reference to the company goals

    C. CEO and board of director

    D. Corporate compliance committee

  • Question 17:

    As the Chief Information Security Officer, you are performing an assessment of security posture to understand what your Defense-in-Depth capabilities are.

    Which network security technology examines network traffic flows to detect and actively stop vulnerability exploits and attacks?

    A. Gigamon

    B. Intrusion Prevention System

    C. Port Security

    D. Anti-virus

  • Question 18:

    Which of the following is considered the foundation for the Enterprise Information Security Architecture (EISA)?

    A. Security regulations

    B. Asset classification

    C. Information security policy

    D. Data classification

  • Question 19:

    What is the primary reason for performing vendor management?

    A. To understand the risk coverage that are being mitigated by the vendor

    B. To establish a vendor selection process

    C. To document the relationship between the company and the vendor

    D. To define the partnership for long-term success

  • Question 20:

    Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.

    The CISO has been able to implement a number of technical controls and is able to influence the Information Technology teams but has not been able to influence the rest of the organization. From an organizational perspective, which of the following is the LIKELY reason for this?

    A. The CISO does not report directly to the CEO of the organization

    B. The CISO reports to the IT organization

    C. The CISO has not implemented a policy management framework

    D. The CISO has not implemented a security awareness program

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 512-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.