1. Home
  2. ECCouncil
  3. EISM
  4. 512-50
  5. EC-Council Information Security Manager (E|ISM) Questions and Answers

Pass the ECCouncil EISM 512-50 Questions and answers with CertsForce

 ECCouncil Exams      Go to Exam Detail      Get Premium Access
Viewing page 10 out of 13 pages
Viewing questions 91-100 out of questions
Questions # 91:

Which of the following are primary concerns for management with regard to assessing internal control objectives?

Options:
A.

Confidentiality, Availability, Integrity

B.

Compliance, Effectiveness, Efficiency

C.

Communication, Reliability, Cost

D.

Confidentiality, Compliance, Cost

Expert Solution
Questions # 92:

Which of the following best represents a calculation for Annual Loss Expectancy (ALE)?

Options:
A.

Single loss expectancy multiplied by the annual rate of occurrence

B.

Total loss expectancy multiplied by the total loss frequency

C.

Value of the asset multiplied by the loss expectancy

D.

Replacement cost multiplied by the single loss expectancy

Expert Solution
Questions # 93:

Control Objectives for Information and Related Technology (COBIT) is which of the following?

Options:
A.

An Information Security audit standard

B.

An audit guideline for certifying secure systems and controls

C.

A framework for Information Technology management and governance

D.

A set of international regulations for Information Technology governance

Expert Solution
Questions # 94:

An employee successfully avoids becoming a victim of a sophisticated spear phishing attack due to knowledge gained through the corporate information security awareness program. What type of control has been effectively utilized?

Options:
A.

Management Control

B.

Technical Control

C.

Training Control

D.

Operational Control

Expert Solution
Questions # 95:

Dataflow diagrams are used by IT auditors to:

Options:
A.

Order data hierarchically.

B.

Highlight high-level data definitions.

C.

Graphically summarize data paths and storage processes.

D.

Portray step-by-step details of data generation.

Expert Solution
Questions # 96:

You work as a project manager for TYU project. You are planning for risk mitigation. You need to quickly identify high-level risks that will need a more in-depth analysis. Which of the following activities will help you in this?

Options:
A.

Qualitative analysis

B.

Quantitative analysis

C.

Risk mitigation

D.

Estimate activity duration

Expert Solution
Questions # 97:

Which of the following is a fundamental component of an audit record?

Options:
A.

Date and time of the event

B.

Failure of the event

C.

Originating IP-Address

D.

Authentication type

Expert Solution
Questions # 98:

Step-by-step procedures to regain normalcy in the event of a major earthquake is PRIMARILY covered by which of the following plans?

Options:
A.

Incident response plan

B.

Business Continuity plan

C.

Disaster recovery plan

D.

Damage control plan

Expert Solution
Questions # 99:

A new CISO just started with a company and on the CISO's desk is the last complete Information Security Management audit report. The audit report is over two years old. After reading it, what should be the CISO's FIRST priority?

Options:
A.

Have internal audit conduct another audit to see what has changed.

B.

Contract with an external audit company to conduct an unbiased audit

C.

Review the recommendations and follow up to see if audit implemented the changes

D.

Meet with audit team to determine a timeline for corrections

Expert Solution
Questions # 100:

The mean time to patch, number of virus outbreaks prevented, and number of vulnerabilities mitigated are examples of what type of performance metrics?

Options:
A.

Risk metrics

B.

Management metrics

C.

Operational metrics

D.

Compliance metrics

Expert Solution
Viewing page 10 out of 13 pages
Viewing questions 91-100 out of questions