512-50 Exam Details

  • Exam Code
    :512-50
  • Exam Name
    :EC-Council Information Security Manager (E|ISM)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :404 Q&As
  • Last Updated
    :Jul 14, 2026

EC-COUNCIL 512-50 Online Questions & Answers

  • Question 391:

    The general ledger setup function in an enterprise resource package allows for setting accounting periods. Access to this function has been permitted to users in finance, the shipping department, and production scheduling. What is the most likely reason for such broad access?

    A. The need to change accounting periods on a regular basis.
    B. The requirement to post entries for a closed accounting period.
    C. The need to create and modify the chart of accounts and its allocations.
    D. The lack of policies and procedures for the proper segregation of duties.

  • Question 392:

    Creating good security metrics is essential for a CISO. What would be the BEST sources for creating security metrics for baseline defenses coverage?

    A. Servers, routers, switches, modem
    B. Firewall, exchange, web server, intrusion detection system (IDS)
    C. Firewall, anti-virus console, IDS, syslog
    D. IDS, syslog, router, switches

  • Question 393:

    Acceptable levels of information security risk tolerance in an organization should be determined by?

    A. Corporate legal counsel
    B. CISO with reference to the company goals
    C. CEO and board of director
    D. Corporate compliance committee

  • Question 394:

    Which of the following is a weakness of an asset or group of assets that can be exploited by one or more threats?

    A. Threat
    B. Vulnerability
    C. Attack vector
    D. Exploitation

  • Question 395:

    Which of the following reports should you as an IT auditor use to check on compliance with a service level agreement's requirement for uptime?

    A. Systems logs
    B. Hardware error reports
    C. Utilization reports
    D. Availability reports

  • Question 396:

    As the Business Continuity Coordinator of a financial services organization, you are responsible for ensuring assets are recovered timely in the event of a disaster. Which is the BEST Disaster Recovery performance indicator to validate that you are prepared for a disaster?

    A. Recovery Point Objective (RPO)
    B. Disaster Recovery Plan
    C. Recovery Time Objective (RTO)
    D. Business Continuity Plan

  • Question 397:

    The remediation of a specific audit finding is deemed too expensive and will not be implemented. Which of the following is a TRUE statement?

    A. The asset is more expensive than the remediation
    B. The audit finding is incorrect
    C. The asset being protected is less valuable than the remediation costs
    D. The remediation costs are irrelevant; it must be implemented regardless of cost.

  • Question 398:

    As the Risk Manager of an organization, you are task with managing vendor risk assessments. During the assessment, you identified that the vendor is engaged with high profiled clients, and bad publicity can jeopardize your own brand. Which is the BEST type of risk that defines this event?

    A. Compliance Risk
    B. Reputation Risk
    C. Operational Risk
    D. Strategic Risk

  • Question 399:

    Scenario: You are the newly hired Chief Information Security Officer for a company that has not previously had a senior level security practitioner. The company lacks a defined security policy and framework for their Information Security Program. Your new boss, the Chief Financial Officer, has asked you to draft an outline of a security policy and recommend an industry/sector neutral information security control framework for implementation.

    Which of the following industry / sector neutral information security control frameworks should you recommend for implementation?

    A. National Institute of Standards and Technology (NIST) Special Publication 800-53
    B. Payment Card Industry Digital Security Standard (PCI DSS)
    C. International Organization for Standardization ?ISO 27001/2
    D. British Standard 7799 (BS7799)

  • Question 400:

    At what level of governance are individual projects monitored and managed?

    A. Program
    B. Milestone
    C. Enterprise
    D. Portfolio

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 512-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.