512-50 Exam Details

  • Exam Code
    :512-50
  • Exam Name
    :EC-Council Information Security Manager (E|ISM)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :404 Q&As
  • Last Updated
    :Jul 14, 2026

EC-COUNCIL 512-50 Online Questions & Answers

  • Question 61:

    Your penetration testing team installs an in-line hardware key logger onto one of your network machines. Which of the following is of major concern to the security organization?

    A. In-line hardware keyloggers don't require physical access
    B. In-line hardware keyloggers don't comply to industry regulations
    C. In-line hardware keyloggers are undetectable by software
    D. In-line hardware keyloggers are relatively inexpensive

  • Question 62:

    File Integrity Monitoring (FIM) is considered a

    A. Network based security preventative control
    B. Software segmentation control
    C. Security detective control
    D. User segmentation control

  • Question 63:

    When managing the critical path of an IT security project, which of the following is MOST important?

    A. Knowing who all the stakeholders are.
    B. Knowing the people on the data center team.
    C. Knowing the threats to the organization.
    D. Knowing the milestones and timelines of deliverables.

  • Question 64:

    How often should the SSAE16 report of your vendors be reviewed?

    A. Quarterly
    B. Semi-annually
    C. Annually
    D. Bi-annually

  • Question 65:

    What is the primary reason for performing a return on investment analysis?

    A. To decide between multiple vendors
    B. To decide is the solution costs less than the risk it is mitigating
    C. To determine the current present value of a project
    D. To determine the annual rate of loss

  • Question 66:

    A business unit within your organization intends to deploy a new technology in a manner that places it in violation of existing information security standards. What immediate action should the information security manager take?

    A. Enforce the existing security standards and do not allow the deployment of the new technology.
    B. Amend the standard to permit the deployment.
    C. If the risks associated with that technology are not already identified, perform a risk analysis to quantify the risk, and allow the business unit to proceed based on the identified risk level.
    D. Permit a 90-day window to see if an issue occurs and then amend the standard if there are no issues.

  • Question 67:

    The process for management approval of the security certification process which states the risks and mitigation of such risks of a given IT system is called

    A. Security certification
    B. Security system analysis
    C. Security accreditation
    D. Alignment with business practices and goals.

  • Question 68:

    Which of the following functions evaluates risk present in IT initiatives and/or systems when implementing an information security program?

    A. Risk Management
    B. Risk Assessment
    C. System Testing
    D. Vulnerability Assessment

  • Question 69:

    When updating the security strategic planning document what two items must be included?

    A. Alignment with the business goals and the vision of the CIO
    B. The risk tolerance of the company and the company mission statement
    C. The executive summary and vision of the board of directors
    D. The alignment with the business goals and the risk tolerance

  • Question 70:

    What is the MAIN reason for conflicts between Information Technology and Information Security programs?

    A. Technology governance defines technology policies and standards while security governance does not.
    B. Security governance defines technology best practices and Information Technology governance does not.
    C. Technology Governance is focused on process risks whereas Security Governance is focused on business risk.
    D. The effective implementation of security controls can be viewed as an inhibitor to rapid Information Technology implementations.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 512-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.