Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free ECCouncil 512-50 Practice Exam with Questions & Answers | Set: 2

Questions 11

Which of the following is the MOST important for a CISO to understand when identifying threats?

Options:
A.

How vulnerabilities can potentially be exploited in systems that impact the organization

B.

How the security operations team will behave to reported incidents

C.

How the firewall and other security devices are configured to prevent attacks

D.

How the incident management team prepares to handle an attack

ECCouncil 512-50 Premium Access
Questions 12

Why is it vitally important that senior management endorse a security policy?

Options:
A.

So that they will accept ownership for security within the organization.

B.

So that employees will follow the policy directives.

C.

So that external bodies will recognize the organizations commitment to security.

D.

So that they can be held legally accountable.

Questions 13

Scenario: Your program is developed around minimizing risk to information by focusing on people, technology, and operations.

An effective way to evaluate the effectiveness of an information security awareness program for end users, especially senior executives, is to conduct periodic:

Options:
A.

Controlled spear phishing campaigns

B.

Password changes

C.

Baselining of computer systems

D.

Scanning for viruses

Questions 14

As the Business Continuity Coordinator of a financial services organization, you are responsible for ensuring assets are recovered timely in the event of a disaster. Which is the BEST Disaster Recovery performance indicator to validate that you are prepared for a disaster?

Options:
A.

Recovery Point Objective (RPO)

B.

Disaster Recovery Plan

C.

Recovery Time Objective (RTO)

D.

Business Continuity Plan

Questions 15

SCENARIO: Critical servers show signs of erratic behavior within your organization’s intranet. Initial information indicates the systems are under attack from an outside entity. As the Chief Information Security Officer (CISO), you decide to deploy the Incident Response Team (IRT) to determine the details of this incident and take action according to the information available to the team.

In what phase of the response will the team extract information from the affected systems without altering original data?

Options:
A.

Response

B.

Investigation

C.

Recovery

D.

Follow-up

Questions 16

You are just hired as the new CISO and are being briefed on all the Information Security projects that your section has on going. You discover that most projects are behind schedule and over budget.

Using the best business practices for project management you determine that the project correct aligns with the company goals. What needs to be verified FIRST?

Options:
A.

Scope of the project

B.

Training of the personnel on the project

C.

Timeline of the project milestones

D.

Vendor for the project

Questions 17

When analyzing and forecasting a capital expense budget what are not included?

Options:
A.

Network connectivity costs

B.

New datacenter to operate from

C.

Upgrade of mainframe

D.

Purchase of new mobile devices to improve operations

Questions 18

Which type of physical security control scan a person’s external features through a digital video camera before

granting access to a restricted area?

Options:
A.

Iris scan

B.

Retinal scan

C.

Facial recognition scan

D.

Signature kinetics scan

Questions 19

The total cost of security controls should:

Options:
A.

Be equal to the value of the information resource being protected

B.

Be greater than the value of the information resource being protected

C.

Be less than the value of the information resource being protected

D.

Should not matter, as long as the information resource is protected

Questions 20

Which of the following is used to lure attackers into false environments so they can be monitored, contained, or blocked from reaching critical systems?

Options:
A.

Segmentation controls.

B.

Shadow applications.

C.

Deception technology.

D.

Vulnerability management.

Exam Code: 512-50
Certification Provider: ECCouncil
Exam Name: EC-Council Information Security Manager (E|ISM)
Last Update: Jul 9, 2025
Questions: 404

ECCouncil Related Exams

312-76 - Disaster Recovery Professional Practice Test
412-79 - EC-Council Certified Security Analyst (ECSA)
312-49v9 - Computer Hacking Forensic Investigator (v9)
312-39 - Certified SOC Analyst (CSA)
212-77 - Linux Security
112-51 - Network Defense Essentials (NDE) Exam
212-81 - EC-Council Certified Encryption Specialist (ECES)
712-50 - EC-Council Certified CISO (CCISO)
312-40 - EC-Council Certified Cloud Security Engineer (CCSE)
EC0-479 - EC-Council Certified Security Analyst (ECSA)
212-89 - EC Council Certified Incident Handler (ECIH v3)
312-82 - EC-CouncilBlockchain Fintech CertificationB|FC exam
EC0-350 - Ethical Hacking and Countermeasures V8
ICS-SCADA - ICS/SCADA Cyber Security Exam
312-50v12 - Certified Ethical Hacker Exam (CEHv12)
ECCouncil Free Access
Get ECCouncil Full Access

ECCouncil Free Exams
ECCouncil Free Exams
Discover free ECCouncil exam prep resources at Examstrack. Access practice tests and study materials to enhance your ECCouncil exam success.