1. Home
  2. EC-COUNCIL
  3. 512-50

EC-COUNCIL 512-50 Online Practice Questions and Exam Preparation

512-50 Exam Details

  • Exam Code
    :512-50
  • Exam Name
    :EC-Council Information Security Manager (E|ISM)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :404 Q&As
  • Last Updated
    :May 25, 2026

EC-COUNCIL 512-50 Online Questions & Answers

  • Question 231:

    The process of creating a system which divides documents based on their security level to manage access to private data is known as

    A. security coding
    B. data security system
    C. data classification
    D. privacy protection

  • Question 232:

    Providing oversight of a comprehensive information security program for the entire organization is the primary responsibility of which group under the InfoSec governance framework?

    A. Senior Executives
    B. Office of the Auditor
    C. Office of the General Counsel
    D. All employees and users

  • Question 233:

    An employee successfully avoids becoming a victim of a sophisticated spear phishing attack due to knowledge gained through the corporate information security awareness program. What type of control has been effectively utilized?

    A. Management Control
    B. Technical Control
    C. Training Control
    D. Operational Control

  • Question 234:

    An IT auditor has recently discovered that because of a shortage of skilled operations personnel, the security administrator has agreed to work one late night shift a week as the senior computer operator. The most appropriate course of action for the IT auditor is to:

    A. Inform senior management of the risk involved.
    B. Agree to work with the security officer on these shifts as a form of preventative control.
    C. Develop a computer assisted audit technique to detect instances of abuses of the arrangement.
    D. Review the system log for each of the late night shifts to determine whether any irregular actions occurred.

  • Question 235:

    As the new CISO at the company you are reviewing the audit reporting process and notice that it includes only detailed technical diagrams. What else should be in the reporting process?

    A. Executive summary
    B. Penetration test agreement
    C. Names and phone numbers of those who conducted the audit
    D. Business charter

  • Question 236:

    The organization does not have the time to remediate the vulnerability; however it is critical to release the application. Which of the following needs to be further evaluated to help mitigate the risks?

    A. Provide developer security training
    B. Deploy Intrusion Detection Systems
    C. Provide security testing tools
    D. Implement Compensating Controls

  • Question 237:

    A security manager regularly checks work areas after business hours for security violations; such as unsecured files or unattended computers with active sessions. This activity BEST demonstrates what part of a security program?

    A. Audit validation
    B. Physical control testing
    C. Compliance management
    D. Security awareness training

  • Question 238:

    Which of the following is considered a project versus a managed process?

    A. monitoring external and internal environment during incident response
    B. ongoing risk assessments of routine operations
    C. continuous vulnerability assessment and vulnerability repair
    D. installation of a new firewall system

  • Question 239:

    What is the relationship between information protection and regulatory compliance?

    A. That all information in an organization must be protected equally.
    B. The information required to be protected by regulatory mandate does not have to be identified in the organizations data classification policy.
    C. That the protection of some information such as National ID information is mandated by regulation and other information such as trade secrets are protected based on business need.
    D. There is no relationship between the two.

  • Question 240:

    When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?

    A. Escalation
    B. Recovery
    C. Eradication
    D. Containment

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 512-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.