New Year Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free ECCouncil 512-50 Practice Exam with Questions & Answers | Set: 3

Questions 21

Which of the following is MOST useful when developing a business case for security initiatives?

Options:
A.

Budget forecasts

B.

Request for proposals

C.

Cost/benefit analysis

D.

Vendor management

ECCouncil 512-50 Premium Access
Questions 22

Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and data. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.

Once supervisors and data owners have approved requests, information system administrators will implement

Options:
A.

Technical control(s)

B.

Management control(s)

C.

Policy control(s)

D.

Operational control(s)

Questions 23

A CISO wants to change the defense strategy to ward off attackers. To accomplish this the CISO is looking to a strategy where attackers are lured into a zone of a safe network where attackers can be monitored, controlled, quarantined, or eradicated.

Options:
A.

Moderate investment

B.

Passive monitoring

C.

Integrated security controls

D.

Dynamic deception

Questions 24

Scenario: As you begin to develop the program for your organization, you assess the corporate culture and determine that there is a pervasive opinion that the security program only slows things down and limits the performance of the “real workers.”

Which group of people should be consulted when developing your security program?

Options:
A.

Peers

B.

End Users

C.

Executive Management

D.

All of the above

Questions 25

What is the BEST reason for having a formal request for proposal process?

Options:
A.

Creates a timeline for purchasing and budgeting

B.

Allows small companies to compete with larger companies

C.

Clearly identifies risks and benefits before funding is spent

D.

Informs suppliers a company is going to make a purchase

Questions 26

SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.

Which of the following is the FIRST action the CISO will perform after receiving the audit report?

Options:
A.

Inform peer executives of the audit results

B.

Validate gaps and accept or dispute the audit findings

C.

Create remediation plans to address program gaps

D.

Determine if security policies and procedures are adequate

Questions 27

When creating contractual agreements and procurement processes why should security requirements be included?

Options:
A.

To make sure they are added on after the process is completed

B.

To make sure the costs of security is included and understood

C.

To make sure the security process aligns with the vendor’s security process

D.

To make sure the patching process is included with the costs

Questions 28

Which of the following information would MOST likely be reported at the board-level within an organization?

Options:
A.

System scanning trends and results as they pertain to insider and external threat sources

B.

The capabilities of a security program in terms of staffing support

C.

Significant risks and security incidents that have been discovered since the last assembly of the

membership

D.

The numbers and types of cyberattacks experienced by the organization since the last assembly of the

membership

Questions 29

The process for management approval of the security certification process which states the risks and mitigation of such risks of a given IT system is called

Options:
A.

Security certification

B.

Security system analysis

C.

Security accreditation

D.

Alignment with business practices and goals.

Questions 30

Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years.

Which of the following frameworks and standards will BEST fit the organization as a baseline for their security program?

Options:
A.

NIST and Privacy Regulations

B.

ISO 27000 and Payment Card Industry Data Security Standards

C.

NIST and data breach notification laws

D.

ISO 27000 and Human resources best practices

Exam Code: 512-50
Certification Provider: ECCouncil
Exam Name: EC-Council Information Security Manager (E|ISM)
Last Update: Mar 28, 2025
Questions: 404

ECCouncil Related Exams

712-50 - EC-Council Certified CISO (CCISO)
EC0-350 - Ethical Hacking and Countermeasures V8
312-38 - Certified Network Defender (CND)
212-81 - EC-Council Certified Encryption Specialist (ECES)
ICS-SCADA - ICS/SCADA Cyber Security Exam
312-82 - EC-CouncilBlockchain Fintech CertificationB|FC exam
312-50v13 - Certified Ethical Hacker Exam (CEHv13)
212-82 - Certified Cybersecurity Technician (C|CT)
312-50v12 - Certified Ethical Hacker Exam (CEHv12)
412-79v10 - EC-Council Certified Security Analyst (ECSA) V10
312-49v9 - Computer Hacking Forensic Investigator (v9)
312-76 - Disaster Recovery Professional Practice Test
312-49v10 - Computer Hacking Forensic Investigator (CHFI-v10)
312-50v11 - Certified Ethical Hacker Exam (CEH v11)
ECSAv10 - EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing
ECCouncil Free Access
Get ECCouncil Full Access

ECCouncil Free Exams
ECCouncil Free Exams
Discover free ECCouncil exam prep resources at Examstrack. Access practice tests and study materials to enhance your ECCouncil exam success.