Black Friday Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

How to Easily Pass the ECCouncil 512-50 Exam: Expert Advice

Questions 101

What oversight should the information security team have in the change management process for application security?

Options:

A.

Information security should be informed of changes to applications only

B.

Development team should tell the information security team about any application security flaws

C.

Information security should be aware of any significant application security changes and work with developer to test for vulnerabilities before changes are deployed in production

D.

Information security should be aware of all application changes and work with developers before changes are deployed in production

Buy Now
Questions 102

An example of professional unethical behavior is:

Options:

A.

Gaining access to an affiliated employee’s work email account as part of an officially sanctioned internal investigation

B.

Sharing copyrighted material with other members of a professional organization where all members have legitimate access to the material

C.

Copying documents from an employer’s server which you assert that you have an intellectual property claim to possess, but the company disputes

D.

Storing client lists and other sensitive corporate internal documents on a removable thumb drive

Buy Now
Questions 103

Which of the following can the company implement in order to avoid this type of security issue in the future?

Options:

A.

Network based intrusion detection systems

B.

A security training program for developers

C.

A risk management process

D.

A audit management process

Buy Now
Questions 104

Which of the following represents the BEST method for obtaining business unit acceptance of security controls within an organization?

Options:

A.

Allow the business units to decide which controls apply to their systems, such as the encryption of sensitive data

B.

Create separate controls for the business units based on the types of business and functions they perform

C.

Ensure business units are involved in the creation of controls and defining conditions under which they must be applied

D.

Provide the business units with control mandates and schedules of audits for compliance validation

Buy Now
Questions 105

You currently cannot provide for 24/7 coverage of your security monitoring and incident response duties and your company is resistant to the idea of adding more full-time employees to the payroll. Which combination of solutions would help to provide the coverage needed without the addition of more dedicated staff? (choose the best answer):

Options:

A.

Deploy a SEIM solution and have current staff review incidents first thing in the morning

B.

Contract with a managed security provider and have current staff on recall for incident response

C.

Configure your syslog to send SMS messages to current staff when target events are triggered

D.

Employ an assumption of breach protocol and defend only essential information resources

Buy Now
Questions 106

Acme Inc. has engaged a third party vendor to provide 99.999% up-time for their online web presence and had them contractually agree to this service level agreement. What type of risk tolerance is Acme exhibiting? (choose the BEST answer):

Options:

A.

low risk-tolerance

B.

high risk-tolerance

C.

moderate risk-tolerance

D.

medium-high risk-tolerance

Buy Now
Questions 107

A stakeholder is a person or group:

Options:

A.

Vested in the success and/or failure of a project or initiative regardless of budget implications.

B.

Vested in the success and/or failure of a project or initiative and is tied to the project budget.

C.

That has budget authority.

D.

That will ultimately use the system.

Buy Now
Questions 108

An international organization is planning a project to implement encryption technologies to protect company confidential information. This organization has data centers on three continents. Which of the following would be considered a MAJOR constraint for the project?

Options:

A.

Time zone differences

B.

Compliance to local hiring laws

C.

Encryption import/export regulations

D.

Local customer privacy laws

Buy Now
Questions 109

A department within your company has proposed a third party vendor solution to address an urgent, critical business need. As the CISO you have been asked to accelerate screening of their security control claims. Which of the following vendor provided documents is BEST to make your decision:

Options:

A.

Vendor’s client list of reputable organizations currently using their solution

B.

Vendor provided attestation of the detailed security controls from a reputable accounting firm

C.

Vendor provided reference from an existing reputable client detailing their implementation

D.

Vendor provided internal risk assessment and security control documentation

Buy Now
Questions 110

The security team has investigated the theft/loss of several unencrypted laptop computers containing sensitive corporate information. To prevent the loss of any additional corporate data it is unilaterally decided by the CISO that all existing and future laptop computers will be encrypted. Soon, the help desk is flooded with complaints about the slow performance of the laptops and users are upset. What did the CISO do wrong? (choose the BEST answer):

Options:

A.

Failed to identify all stakeholders and their needs

B.

Deployed the encryption solution in an inadequate manner

C.

Used 1024 bit encryption when 256 bit would have sufficed

D.

Used hardware encryption instead of software encryption

Buy Now
Exam Code: 512-50
Exam Name: EC-Council Information Security Manager (E|ISM)
Last Update: Dec 4, 2024
Questions: 404

PDF + Testing Engine

$164.99
$66

Testing Engine

$124.99
$50

PDF (Q&A)

$104.99
$42