512-50 Exam Details

  • Exam Code
    :512-50
  • Exam Name
    :EC-Council Information Security Manager (E|ISM)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :404 Q&As
  • Last Updated
    :Jul 14, 2026

EC-COUNCIL 512-50 Online Questions & Answers

  • Question 21:

    Michael starts a new job and discovers that he has unnecessary access to a variety of systems. Which of the following best describes the problem he has encountered?

    A. Rights collision
    B. Excessive privileges
    C. Privilege creep
    D. Least privileges

  • Question 22:

    Your company has a "no right to privacy" notice on all logon screens for your information systems and users sign an Acceptable Use Policy informing them of this condition. A peer group member and friend comes to you and requests access to one of her employee's email account. What should you do? (choose the BEST answer):

    A. Grant her access, the employee has been adequately warned through the AUP.
    B. Assist her with the request, but only after her supervisor signs off on the action.
    C. Reset the employee's password and give it to the supervisor.
    D. Deny the request citing national privacy laws.

  • Question 23:

    As the Chief Information Security Officer, you are performing an assessment of security posture to understand what your Defense-in-Depth capabilities are. Which network security technology examines network traffic flows to detect and actively stop vulnerability exploits and attacks?

    A. Gigamon
    B. Intrusion Prevention System
    C. Port Security
    D. Anti-virus

  • Question 24:

    Which of the following is the MOST important goal of risk management?

    A. Identifying the risk
    B. Finding economic balance between the impact of the risk and the cost of the control
    C. Identifying the victim of any potential exploits.
    D. Assessing the impact of potential threats

  • Question 25:

    The effectiveness of an audit is measured by?

    A. The number of actionable items in the recommendations
    B. How it exposes the risk tolerance of the company
    C. How the recommendations directly support the goals of the company
    D. The number of security controls the company has in use

  • Question 26:

    Your organization provides open guest wireless access with no captive portals. What can you do to assist with law enforcement investigations if one of your guests is suspected of committing an illegal act using your network?

    A. Configure logging on each access point
    B. Install a firewall software on each wireless access point.
    C. Provide IP and MAC address
    D. Disable SSID Broadcast and enable MAC address filtering on all wireless access points.

  • Question 27:

    What oversight should the information security team have in the change management process for application security?

    A. Information security should be informed of changes to applications only
    B. Development team should tell the information security team about any application security flaws
    C. Information security should be aware of any significant application security changes and work with developer to test for vulnerabilities before changes are deployed in production
    D. Information security should be aware of all application changes and work with developers before changes are deployed in production

  • Question 28:

    A company wants to fill a Chief Information Security Officer position in the organization. They need to define and implement a more holistic security program. Which of the following qualifications and experience would be MOST desirable to find in a candidate?

    A. Multiple certifications, strong technical capabilities and lengthy resume
    B. Industry certifications, technical knowledge and program management skills
    C. College degree, audit capabilities and complex project management
    D. Multiple references, strong background check and industry certifications

  • Question 29:

    An organization has a stated requirement to block certain traffic on networks. The implementation of controls will disrupt a manufacturing process and cause unacceptable delays, resulting in sever revenue disruptions. Which of the following is MOST likely to be responsible for accepting the risk until mitigating controls can be implemented?

    A. The CISO
    B. Audit and Compliance
    C. The CFO
    D. The business owner

  • Question 30:

    SQL injection is a very popular and successful injection attack method. Identify the basic SQL injection text:

    A. ` o 1=1 -
    B. /../../../../
    C. "DROPTABLE USERNAME"
    D. NOPS

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 512-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.