Weekend Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bigdisc65

512-50 Exam Dumps - ECCouncil EISM Questions and Answers

Question # 14

Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years.

Which of the following frameworks and standards will BEST fit the organization as a baseline for their security program?

Options:

A.

NIST and Privacy Regulations

B.

ISO 27000 and Payment Card Industry Data Security Standards

C.

NIST and data breach notification laws

D.

ISO 27000 and Human resources best practices

Buy Now
Question # 15

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.

Which of the following is the reason the CISO has not been able to advance the security agenda in this organization?

Options:

A.

Lack of identification of technology stake holders

B.

Lack of business continuity process

C.

Lack of influence with leaders outside IT

D.

Lack of a security awareness program

Buy Now
Question # 16

During the last decade, what trend has caused the MOST serious issues in relation to physical security?

Options:

A.

Data is more portable due to the increased use of smartphones and tablets

B.

The move from centralized computing to decentralized computing

C.

Camera systems have become more economical and expanded in their use

D.

The internet of Things allows easy compromise of cloud-based systems

Buy Now
Question # 17

Which of the following is a primary method of applying consistent configurations to IT systems?

Options:

A.

Audits

B.

Administration

C.

Patching

D.

Templates

Buy Now
Question # 18

A department within your company has proposed a third party vendor solution to address an urgent, critical business need. As the CISO you have been asked to accelerate screening of their security control claims. Which of the following vendor provided documents is BEST to make your decision:

Options:

A.

Vendor’s client list of reputable organizations currently using their solution

B.

Vendor provided attestation of the detailed security controls from a reputable accounting firm

C.

Vendor provided reference from an existing reputable client detailing their implementation

D.

Vendor provided internal risk assessment and security control documentation

Buy Now
Question # 19

When entering into a third party vendor agreement for security services, at what point in the process is it BEST to understand and validate the security posture and compliance level of the vendor?

Options:

A.

At the time the security services are being performed and the vendor needs access to the network

B.

Once the agreement has been signed and the security vendor states that they will need access to the network

C.

Once the vendor is on premise and before they perform security services

D.

Prior to signing the agreement and before any security services are being performed

Buy Now
Question # 20

A large number of accounts in a hardened system were suddenly compromised to an external party. Which of

the following is the MOST probable threat actor involved in this incident?

Options:

A.

Poorly configured firewalls

B.

Malware

C.

Advanced Persistent Threat (APT)

D.

An insider

Buy Now
Question # 21

With respect to the audit management process, management response serves what function?

Options:

A.

placing underperforming units on notice for failing to meet standards

B.

determining whether or not resources will be allocated to remediate a finding

C.

adding controls to ensure that proper oversight is achieved by management

D.

revealing the “root cause” of the process failure and mitigating for all internal and external units

Buy Now
Question # 22

Which of the following are primary concerns for management with regard to assessing internal control objectives?

Options:

A.

Confidentiality, Availability, Integrity

B.

Compliance, Effectiveness, Efficiency

C.

Communication, Reliability, Cost

D.

Confidentiality, Compliance, Cost

Buy Now
Question # 23

Assigning the role and responsibility of Information Assurance to a dedicated and independent security group is an example of:

Options:

A.

Detective Controls

B.

Proactive Controls

C.

Preemptive Controls

D.

Organizational Controls

Buy Now
Exam Code: 512-50
Exam Name: EC-Council Information Security Manager (EISM)
Last Update: Aug 17, 2025
Questions: 404
512-50 pdf

512-50 PDF

$29.75  $84.99
 Add to Cart
512-50 Engine

512-50 Testing Engine

$33.25  $94.99
 Add to Cart
512-50 PDF + Engine

512-50 PDF + Testing Engine

$47.25  $134.99
 Add to Cart