Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

ECCouncil 512-50 - EC-Council Information Security Manager (E|ISM)

Page: 10 / 13
Total 404 questions

To have accurate and effective information security policies how often should the CISO review the organization policies?

A.

Every 6 months

B.

Quarterly

C.

Before an audit

D.

At least once a year

Which of the following is a fundamental component of an audit record?

A.

Date and time of the event

B.

Failure of the event

C.

Originating IP-Address

D.

Authentication type

The amount of risk an organization is willing to accept in pursuit of its mission is known as

A.

Risk mitigation

B.

Risk transfer

C.

Risk tolerance

D.

Risk acceptance

Which is the BEST solution to monitor, measure, and report changes to critical data in a system?

A.

Application logs

B.

File integrity monitoring

C.

SNMP traps

D.

Syslog

Which of the following activities results in change requests?

A.

Preventive actions

B.

Inspection

C.

Defect repair

D.

Corrective actions

How often should an environment be monitored for cyber threats, risks, and exposures?

A.

Weekly

B.

Monthly

C.

Quarterly

D.

Daily

Assigning the role and responsibility of Information Assurance to a dedicated and independent security group is an example of:

A.

Detective Controls

B.

Proactive Controls

C.

Preemptive Controls

D.

Organizational Controls

The patching and monitoring of systems on a consistent schedule is required by?

A.

Local privacy laws

B.

Industry best practices

C.

Risk Management frameworks

D.

Audit best practices

A recent audit has identified a few control exceptions and is recommending the implementation of technology and processes to address the finding. Which of the following is the MOST likely reason for the organization to reject the implementation of the recommended technology and processes?

A.

The auditors have not followed proper auditing processes

B.

The CIO of the organization disagrees with the finding

C.

The risk tolerance of the organization permits this risk

D.

The organization has purchased cyber insurance

You have implemented the new controls. What is the next step?

A.

Document the process for the stakeholders

B.

Monitor the effectiveness of the controls

C.

Update the audit findings report

D.

Perform a risk assessment