512-50 Exam Details

  • Exam Code
    :512-50
  • Exam Name
    :EC-Council Information Security Manager (E|ISM)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :404 Q&As
  • Last Updated
    :Jul 14, 2026

EC-COUNCIL 512-50 Online Questions & Answers

  • Question 381:

    Which of the following activities is the MAIN purpose of the risk assessment process?

    A. Creating an inventory of information assets
    B. Classifying and organizing information assets into meaningful groups
    C. Assigning value to each information asset
    D. Calculating the risks to which assets are exposed in their current setting

  • Question 382:

    Assigning the role and responsibility of Information Assurance to a dedicated and independent security group is an example of:

    A. Detective Controls
    B. Proactive Controls
    C. Preemptive Controls
    D. Organizational Controls

  • Question 383:

    Scenario: You are the CISO and are required to brief the C-level executive team on your information security audit for the year. During your review of the audit findings you discover that many of the controls that were put in place the previous year to correct some of the findings are not performing as needed. You have thirty days until the briefing.

    To formulate a remediation plan for the non-performing controls what other document do you need to review before adjusting the controls?

    A. Business Impact Analysis
    B. Business Continuity plan
    C. Security roadmap
    D. Annual report to shareholders

  • Question 384:

    Which of the following provides an audit framework?

    A. Control Objectives for IT (COBIT)
    B. Payment Card Industry-Data Security Standard (PCI-DSS)
    C. International Organization Standard (ISO) 27002
    D. National Institute of Standards and Technology (NIST) SP 800-30

  • Question 385:

    Which of the following is a term related to risk management that represents the estimated frequency at which a threat is expected to transpire?

    A. Single Loss Expectancy (SLE)
    B. Exposure Factor (EF)
    C. Annualized Rate of Occurrence (ARO)
    D. Temporal Probability (TP)

  • Question 386:

    The BEST organization to provide a comprehensive, independent and certifiable perspective on established security controls in an environment is

    A. Penetration testers
    B. External Audit
    C. Internal Audit
    D. Forensic experts

  • Question 387:

    An application vulnerability assessment has identified a security flaw in an application. This is a flaw that was previously identified and remediated on a prior release of the application. Which of the following is MOST likely the reason for this recurring issue?

    A. Ineffective configuration management controls
    B. Lack of change management controls
    C. Lack of version/source controls
    D. High turnover in the application development department

  • Question 388:

    Which of the following backup sites takes the longest recovery time?

    A. Cold site
    B. Hot site
    C. Warm site
    D. Mobile backup site

  • Question 389:

    When entering into a third party vendor agreement for security services, at what point in the process is it BEST to understand and validate the security posture and compliance level of the vendor?

    A. At the time the security services are being performed and the vendor needs access to the network
    B. Once the agreement has been signed and the security vendor states that they will need access to the network
    C. Once the vendor is on premise and before they perform security services
    D. Prior to signing the agreement and before any security services are being performed

  • Question 390:

    Which of the following is the MOST effective way to measure the effectiveness of security controls on a perimeter network?

    A. Perform a vulnerability scan of the network
    B. External penetration testing by a qualified third party
    C. Internal Firewall ruleset reviews
    D. Implement network intrusion prevention systems

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 512-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.