512-50 Exam Details

  • Exam Code
    :512-50
  • Exam Name
    :EC-Council Information Security Manager (E|ISM)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :404 Q&As
  • Last Updated
    :Jul 14, 2026

EC-COUNCIL 512-50 Online Questions & Answers

  • Question 371:

    During the 3rd quarter of a budget cycle, the CISO noticed she spent more than was originally planned in her annual budget. What is the condition of her current budgetary posture?

    A. The budget is in a temporary state of imbalance
    B. The budget is operating at a deficit
    C. She can realign the budget through moderate capital expense (CAPEX) allocation
    D. She has a surplus of operational expenses (OPEX)

  • Question 372:

    A severe security threat has been detected on your corporate network. As CISO you quickly assemble key members of the Information Technology team and business operations to determine a modification to security controls in response to the threat. This is an example of:

    A. Change management
    B. Business continuity planning
    C. Security Incident Response
    D. Thought leadership

  • Question 373:

    According to the National Institute of Standards and Technology (NIST) SP 800-40, which of the following considerations are MOST important when creating a vulnerability management program?

    A. Susceptibility to attack, mitigation response time, and cost
    B. Attack vectors, controls cost, and investigation staffing needs
    C. Vulnerability exploitation, attack recovery, and mean time to repair
    D. Susceptibility to attack, expected duration of attack, and mitigation availability

  • Question 374:

    Many times a CISO may have to speak to the Board of Directors (BOD) about their cyber security posture. What would be the BEST choice of security metrics to present to the BOD?

    A. All vulnerabilities found on servers and desktops
    B. Only critical and high vulnerabilities on servers and desktops
    C. Only critical and high vulnerabilities that impact important production servers
    D. All vulnerabilities that impact important production servers

  • Question 375:

    An organization information security policy serves to

    A. establish budgetary input in order to meet compliance requirements
    B. establish acceptable systems and user behavior
    C. define security configurations for systems
    D. define relationships with external law enforcement agencies

  • Question 376:

    What is a difference from the list below between quantitative and qualitative Risk Assessment?

    A. Quantitative risk assessments result in an exact number (in monetary terms)
    B. Qualitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)
    C. Qualitative risk assessments map to business objectives
    D. Quantitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)

  • Question 377:

    Which of the following information may be found in table top exercises for incident response?

    A. Security budget augmentation
    B. Process improvements
    C. Real-time to remediate
    D. Security control selection

  • Question 378:

    SCENARIO: Critical servers show signs of erratic behavior within your organization's intranet. Initial information indicates the systems are under attack from an outside entity. As the Chief Information Security Officer (CISO), you decide to deploy the Incident Response Team (IRT) to determine the details of this incident and take action according to the information available to the team.

    What phase of the response provides measures to reduce the likelihood of an incident from recurring?

    A. Response
    B. Investigation
    C. Recovery
    D. Follow-up

  • Question 379:

    Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?

    A. Need to comply with breach disclosure laws
    B. Need to transfer the risk associated with hosting PII data
    C. Need to better understand the risk associated with using PII data
    D. Fiduciary responsibility to safeguard credit card information

  • Question 380:

    Which of the following represents the HIGHEST negative impact resulting from an ineffective security governance program?

    A. Reduction of budget
    B. Decreased security awareness
    C. Improper use of information resources
    D. Fines for regulatory non-compliance

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 512-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.