512-50 EC-Council Information Security Manager (E|ISM) Training Questions

test2022-11-07T06:23:01+00:00

512-50 EC-Council Information Security Manager (E|ISM) Training Questions are new available online, which are valuable for your test preparation. The EISM exam is a light version of the CCISO exam and tests the fundamentals of information security management. There are 150 multiple choice question in the EISM exam, and you should achieve 70% score in 120 minutes, then you can achieve your EISM certification. In our 512-50 EC-Council Information Security Manager (E|ISM) Training Questions, you will practice real questions and pass your EC-Council 512-50 exam easily.

Try free 512-50 practice exam below.

Page 1 of 11

1. Which of the following is a term related to risk management that represents the estimated frequency at which a threat is expected to transpire?

Single Loss Expectancy (SLE)

Exposure Factor (EF)

Annualized Rate of Occurrence (ARO)

Temporal Probability (TP)

2. To get an Information Security project back on schedule, which of the following will provide the MOST help?

Upper management support

More frequent project milestone meetings

Stakeholder support

Extend work hours

3. Which International Organization for Standardization (ISO) below BEST describes the performance of risk management, and includes a five-stage risk management methodology.

ISO 27001

ISO 27002

ISO 27004

ISO 27005

4. If a Virtual Machine’s (VM) data is being replicated and that data is corrupted, this corruption will automatically be replicated to the other machine(s).

What would be the BEST control to safeguard data integrity?

Backup to tape

Maintain separate VM backups

Backup to a remote location

Increase VM replication frequency

5. What is the main purpose of the Incident Response Team?

Ensure efficient recovery and reinstate repaired systems

Create effective policies detailing program activities

Communicate details of information security incidents

Provide current employee awareness programs

6. Scenario: Most industries require compliance with multiple government regulations and/or industry standards to meet data protection and privacy mandates.

What is one proven method to account for common elements found within separate regulations and/or standards?

Hire a GRC expert

Use the Find function of your word processor

Design your program to meet the strictest government standards

Develop a crosswalk

7. Which regulation or policy governs protection of personally identifiable user data gathered during a cyber investigation?

ITIL

Privacy Act

Sarbanes Oxley

PCI-DSS

8. SCENARIO: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization’s needs.

What is the MOST logical course of action the CISO should take?

Review the original solution set to determine if another system would fit the organization’s risk appetite and budget regulatory compliance requirements

Continue with the implementation and submit change requests to the vendor in order to ensure required functionality will be provided when needed

Continue with the project until the scalability issue is validated by others, such as an auditor or third party assessor

Cancel the project if the business need was based on internal requirements versus regulatory compliance requirements

9. If a competitor wants to cause damage to your organization, steal critical secrets, or put you out of business, they just have to find a job opening, prepare someone to pass the interview, have that person hired, and they will be in the organization.

How would you prevent such type of attacks?

Conduct thorough background checks before you engage them

Hire the people through third-party job agencies who will vet them for you

Investigate their social networking profiles

It is impossible to block these attacks

10. A system was hardened at the Operating System level and placed into the production environment. Months later an audit was performed and it identified insecure configuration different from the original hardened state.

Which of the following security issues is the MOST likely reason leading to the audit findings?

Lack of asset management processes

Lack of change management processes

Lack of hardening standards

Lack of proper access controls

Page 2 of 11

11. Which of the following BEST describes an international standard framework that is based on the security model Information Technology―Code of Practice for Information Security Management?

International Organization for Standardization 27001

National Institute of Standards and Technology Special Publication SP 800-12

Request For Comment 2196

National Institute of Standards and Technology Special Publication SP 800-26

12. Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive customer data has been stolen and is now being sold on the Internet by criminal elements. During your investigation of the rumored compromise you discover that data has been breached and you have discovered the repository of stolen data on a server located in a foreign country. Your team now has full access to the data on the foreign server.

What action should you take FIRST?

Destroy the repository of stolen data

Contact your local law enforcement agency

Consult with other C-Level executives to develop an action plan

Contract with a credit reporting company for paid monitoring services for affected customers

13. Which of the following is a MAJOR consideration when an organization retains sensitive customer data and uses this data to better target the organization’s products and services?

Strong authentication technologies

Financial reporting regulations

Credit card compliance and regulations

Local privacy laws

14. Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years.

This global retail company is expected to accept credit card payments.

Which of the following is of MOST concern when defining a security program for this organization?

International encryption restrictions

Compliance to Payment Card Industry (PCI) data security standards

Compliance with local government privacy laws

Adherence to local data breach notification laws

15. A digital signature addresses which of the following concerns?

Message alteration

Message copying

Message theft

Unauthorized reading

16. The establishment of a formal risk management framework and system authorization program is essential.

The LAST step of the system authorization process is:

Contacting the Internet Service Provider for an IP scope

Getting authority to operate the system from executive management

Changing the default passwords

Conducting a final scan of the live system and mitigating all high and medium level vulnerabilities

17. A recent audit has identified a few control exceptions and is recommending the implementation of technology and processes to address the finding.

Which of the following is the MOST likely reason for the organization to reject the implementation of the recommended technology and processes?

The auditors have not followed proper auditing processes

The CIO of the organization disagrees with the finding

The risk tolerance of the organization permits this risk

The organization has purchased cyber insurance

18. The formal certification and accreditation process has four primary steps, what are they?

Evaluating, describing, testing and authorizing

Evaluating, purchasing, testing, authorizing

Auditing, documenting, verifying, certifying

Discovery, testing, authorizing, certifying

19. John is the project manager for a large project in his organization. A new change request has been proposed that will affect several areas of the project. One area of the project change impact is on work that a vendor has already completed. The vendor is refusing to make the changes as they’ve already completed the project work they were contracted to do.

What can John do in this instance?

Refer the vendor to the Service Level Agreement (SLA) and insist that they make the changes.

Review the Request for Proposal (RFP) for guidance.

Withhold the vendor’s payments until the issue is resolved.

Refer to the contract agreement for direction.

20. During the last decade, what trend has caused the MOST serious issues in relation to physical security?

Data is more portable due to the increased use of smartphones and tablets

The move from centralized computing to decentralized computing

Camera systems have become more economical and expanded in their use

The internet of Things allows easy compromise of cloud-based systems

Page 3 of 11

21. Which of the following most commonly falls within the scope of an information security governance steering committee?

Approving access to critical financial systems

Developing content for security awareness programs

Interviewing candidates for information security specialist positions

Vetting information security policies

22. Which of the following represents the BEST method for obtaining business unit acceptance of security controls within an organization?

Allow the business units to decide which controls apply to their systems, such as the encryption of sensitive data

Create separate controls for the business units based on the types of business and functions they perform

Ensure business units are involved in the creation of controls and defining conditions under which they must be applied

Provide the business units with control mandates and schedules of audits for compliance validation

23. What role should the CISO play in properly scoping a PCI environment?

Validate the business units’ suggestions as to what should be included in the scoping process

Work with a Qualified Security Assessor (QSA) to determine the scope of the PCI environment

Ensure internal scope validation is completed and that an assessment has been done to discover all credit card data

Complete the self-assessment questionnaire and work with an Approved Scanning Vendor (ASV) to determine scope

24. An organization has a stated requirement to block certain traffic on networks. The implementation of controls will disrupt a manufacturing process and cause unacceptable delays, resulting in sever revenue disruptions.

Which of the following is MOST likely to be responsible for accepting the risk until mitigating controls can be implemented?

The CISO

Audit and Compliance

The CFO

The business owner

25. The process of creating a system which divides documents based on their security level to manage access to private data is known as

security coding

data security system

data classification

privacy protection

26. The regular review of a firewall ruleset is considered a

Procedural control

Organization control

Technical control

Management control

27. What are the three hierarchically related aspects of strategic planning and in which order should they be done?

1) Information technology strategic planning, 2) Enterprise strategic planning, 3) Cybersecurity or information security strategic planning

1) Cybersecurity or information security strategic planning, 2) Enterprise strategic planning, 3) Information technology strategic planning

1) Enterprise strategic planning, 2) Information technology strategic planning, 3) Cybersecurity or information security strategic planning

1) Enterprise strategic planning, 2) Cybersecurity or information security strategic planning, 3) Information technology strategic planning

28. Scenario: Your program is developed around minimizing risk to information by focusing on people, technology, and operations.

You have decided to deal with risk to information from people first.

How can you minimize risk to your most sensitive information before granting access?

Conduct background checks on individuals before hiring them

Develop an Information Security Awareness program

Monitor employee browsing and surfing habits

Set your firewall permissions aggressively and monitor logs regularly.

29. Which of the following functions implements and oversees the use of controls to reduce risk when creating an information security program?

Risk Assessment

Incident Response

Risk Management

Network Security administration

30. Which of the following strategies provides the BEST response to a ransomware attack?

Real-time off-site replication

Daily incremental backup

Daily full backup

Daily differential backup

Page 4 of 11

31. As the new CISO at the company you are reviewing the audit reporting process and notice that it includes only detailed technical diagrams.

What else should be in the reporting process?

Executive summary

Penetration test agreement

Names and phone numbers of those who conducted the audit

Business charter

32. The process to evaluate the technical and non-technical security controls of an IT system to validate that a given design and implementation meet a specific set of security requirements is called

Security certification

Security system analysis

Security accreditation

Alignment with business practices and goals.

33. Which of the following information would MOST likely be reported at the board-level within an organization?

System scanning trends and results as they pertain to insider and external threat sources

The capabilities of a security program in terms of staffing support

Significant risks and security incidents that have been discovered since the last assembly of the membership

The numbers and types of cyberattacks experienced by the organization since the last assembly of the membership

34. The remediation of a specific audit finding is deemed too expensive and will not be implemented.

Which of the following is a TRUE statement?

The asset is more expensive than the remediation

The audit finding is incorrect

The asset being protected is less valuable than the remediation costs

The remediation costs are irrelevant; it must be implemented regardless of cost.

35. Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.

From an Information Security Leadership perspective, which of the following is a MAJOR concern about the CISO’s approach to security?

Lack of risk management process

Lack of sponsorship from executive management

IT security centric agenda

Compliance centric agenda

36. The network administrator wants to strengthen physical security in the organization. Specifically, to implement a solution stopping people from entering certain restricted zones without proper credentials.

Which of following physical security measures should the administrator use?

Video surveillance

Mantrap

Bollards

Fence

37. The general ledger setup function in an enterprise resource package allows for setting accounting periods. Access to this function has been permitted to users in finance, the shipping department, and production scheduling.

What is the most likely reason for such broad access?

The need to change accounting periods on a regular basis.

The requirement to post entries for a closed accounting period.

The need to create and modify the chart of accounts and its allocations.

The lack of policies and procedures for the proper segregation of duties.

38. When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?

Escalation

Recovery

Eradication

Containment

39. When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?

An independent Governance, Risk and Compliance organization

Alignment of security goals with business goals

Compliance with local privacy regulations

Support from Legal and HR teams

40. Scenario: You are the newly hired Chief Information Security Officer for a company that has not previously had a senior level security practitioner. The company lacks a defined security policy and framework for their Information Security Program. Your new boss, the Chief Financial Officer, has asked you to draft an outline of a security policy and recommend an industry/sector neutral information security control framework for implementation.

Which of the following industry / sector neutral information security control frameworks should you recommend for implementation?

National Institute of Standards and Technology (NIST) Special Publication 800-53

Payment Card Industry Digital Security Standard (PCI DSS)

International Organization for Standardization C ISO 27001/2

British Standard 7799 (BS7799)

Page 5 of 11

41. Your company has a “no right to privacy” notice on all logon screens for your information systems and users sign an Acceptable Use Policy informing them of this condition. A peer group member and friend comes to you and requests access to one of her employee’s email account.

What should you do? (choose the BEST answer):

Grant her access, the employee has been adequately warned through the AU

Assist her with the request, but only after her supervisor signs off on the action.

Reset the employee’s password and give it to the supervisor.

Deny the request citing national privacy laws.

42. A Security Operations Centre (SOC) manager is informed that a database containing highly sensitive corporate strategy information is under attack. Information has been stolen and the database server was disconnected. Who must be informed of this incident?

Internal audit

The data owner

All executive staff

Government regulators

43. With respect to the audit management process, management response serves what function?

placing underperforming units on notice for failing to meet standards

determining whether or not resources will be allocated to remediate a finding

adding controls to ensure that proper oversight is achieved by management

revealing the “root cause” of the process failure and mitigating for all internal and external units

44. SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.

The CISO has implemented remediation activities.

Which of the following is the MOST logical next step?

Validate the effectiveness of applied controls

Validate security program resource requirements

Report the audit findings and remediation status to business stake holders

Review security procedures to determine if they need modified according to findings

45. Which of the following is considered to be an IT governance framework and a supporting toolset that allows for managers to bridge the gap between control requirements, technical issues, and business risks?

Control Objective for Information Technology (COBIT)

Committee of Sponsoring Organizations (COSO)

Payment Card Industry (PCI)

Information Technology Infrastructure Library (ITIL)

46. A system is designed to dynamically block offending Internet IP-addresses from requesting services from a secure website.

This type of control is considered

Zero-day attack mitigation

Preventive detection control

Corrective security control

Dynamic blocking control

47. When a CISO considers delaying or not remediating system vulnerabilities which of the following are MOST important to take into account?

Threat Level, Risk of Compromise, and Consequences of Compromise

Risk Avoidance, Threat Level, and Consequences of Compromise

Risk Transfer, Reputational Impact, and Consequences of Compromise

Reputational Impact, Financial Impact, and Risk of Compromise

48. An audit was conducted and many critical applications were found to have no disaster recovery plans in place. You conduct a Business Impact Analysis (BIA) to determine impact to the company for each application.

What should be the NEXT step?

Determine the annual loss expectancy (ALE)

Create a crisis management plan

Create technology recovery plans

Build a secondary hot site

49. SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.

After determining the audit findings are accurate, which of the following is the MOST logical next activity?

Begin initial gap remediation analyses

Review the security organization’s charter

Validate gaps with the Information Technology team

Create a briefing of the findings for executive management

50. Which of the following organizations is typically in charge of validating the implementation and effectiveness of security controls?

Security Administrators

Internal/External Audit

Risk Management

Security Operations

Page 6 of 11

51. Which type of scan is used on the eye to measure the layer of blood vessels?

Facial recognition scan

Iris scan

Signature kinetics scan

Retinal scan

52. The ability to demand the implementation and management of security controls on third parties providing services to an organization is

Security Governance

Compliance management

Vendor management

Disaster recovery

53. Which of the following represents the best method of ensuring business unit alignment with security program requirements?

Provide clear communication of security requirements throughout the organization

Demonstrate executive support with written mandates for security policy adherence

Create collaborative risk management approaches within the organization

Perform increased audits of security processes and procedures

54. A CISO wants to change the defense strategy to ward off attackers. To accomplish this the CISO is looking to a strategy where attackers are lured into a zone of a safe network where attackers can be monitored, controlled, quarantined, or eradicated.

Moderate investment

Passive monitoring

Integrated security controls

Dynamic deception

55. A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization.

Which of the following principles does this best demonstrate?

Effective use of existing technologies

Create a comprehensive security awareness program and provide success metrics to business units

Proper budget management

Leveraging existing implementations

56. You have recently drafted a revised information security policy.

From whom should you seek endorsement in order to have the GREATEST chance for adoption and implementation throughout the entire organization?

Chief Information Security Officer

Chief Executive Officer

Chief Information Officer

Chief Legal Counsel

57. The patching and monitoring of systems on a consistent schedule is required by?

Local privacy laws

Industry best practices

Risk Management frameworks

Audit best practices

58. Which of the following is a weakness of an asset or group of assets that can be exploited by one or more threats?

Threat

Vulnerability

Attack vector

Exploitation

59. You are the CISO of a commercial social media organization. The leadership wants to rapidly create new methods of sharing customer data through creative linkages with mobile devices. You have voiced concern about privacy regulations but the velocity of the business is given priority.

Which of the following BEST describes this organization?

Risk averse

Risk tolerant

Risk conditional

Risk minimal

60. The implementation of anti-malware and anti-phishing controls on centralized email servers is an example of what type of security control?

Organization control

Procedural control

Management control

Technical control

Page 7 of 11

61. Which of the following will be MOST helpful for getting an Information Security project that is behind schedule back on schedule?

Upper management support

More frequent project milestone meetings

More training of staff members

Involve internal audit

62. Which of the following activities is the MAIN purpose of the risk assessment process?

Creating an inventory of information assets

Classifying and organizing information assets into meaningful groups

Assigning value to each information asset

Calculating the risks to which assets are exposed in their current setting

63. A customer of a bank has placed a dispute on a payment for a credit card account. The banking system uses digital signatures to safeguard the integrity of their transactions. The bank claims that the system shows proof that the customer in fact made the payment.

What is this system capability commonly known as?

non-repudiation

conflict resolution

strong authentication

digital rights management

64. Network Forensics is the prerequisite for any successful legal action after attacks on your Enterprise Network.

Which is the single most important factor to introducing digital evidence into a court of law?

Comprehensive Log-Files from all servers and network devices affected during the attack

Fully trained network forensic experts to analyze all data right after the attack

Uninterrupted Chain of Custody

Expert forensics witness

65. Simon had all his systems administrators implement hardware and software firewalls to ensure network security. They implemented IDS/IPS systems throughout the network to check for and stop any unauthorized traffic that may attempt to enter. Although Simon and his administrators believed they were secure, a hacker group was able to get into the network and modify files hosted on the company's website. After searching through the firewall and server logs, no one could find how the attackers were able to get in. He decides that the entire network needs to be monitored for critical and essential file changes. This monitoring tool alerts administrators when a critical file is altered.

What tool could Simon and his administrators implement to accomplish this?

They need to use Nessus.

They can implement Wireshark.

Snort is the best tool for their situation.

They could use Tripwire.

66. An organization is looking for a framework to measure the efficiency and effectiveness of their Information Security Management System.

Which of the following international standards can BEST assist this organization?

International Organization for Standardizations C 27004 (ISO-27004)

Payment Card Industry Data Security Standards (PCI-DSS)

Control Objectives for Information Technology (COBIT)

International Organization for Standardizations C 27005 (ISO-27005)

67. Which of the following is a common technology for visual monitoring?

Closed circuit television

Open circuit television

Blocked video

Local video

68. Scenario: As you begin to develop the program for your organization, you assess the corporate culture and determine that there is a pervasive opinion that the security program only slows things down and limits the performance of the “real workers.”

What must you do first in order to shift the prevailing opinion and reshape corporate culture to understand the value of information security to the organization?

Cite compliance with laws, statutes, and regulations C explaining the financial implications for the company for non-compliance

Understand the business and focus your efforts on enabling operations securely

Draw from your experience and recount stories of how other companies have been compromised

Cite corporate policy and insist on compliance with audit findings

69. Which of the following best describes a portfolio?

The portfolio is used to manage and track individual projects

The portfolio is used to manage incidents and events

A portfolio typically consists of several programs

A portfolio delivers one specific service or program to the business

70. Which of the following are the triple constraints of project management?

Time, quality, and scope

Cost, quality, and time

Scope, time, and cost

Quality, scope, and cost

Page 8 of 11

71. A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently.

Which of the following is the MOST likely reason for the policy shortcomings?

Lack of a formal security awareness program

Lack of a formal security policy governance process

Lack of formal definition of roles and responsibilities

Lack of a formal risk management policy

72. Which of the following is a symmetric encryption algorithm?

3DES

MD5

ECC

RSA

73. Which of the following activities results in change requests?

Preventive actions

Inspection

Defect repair

Corrective actions

74. Which of the following set of processes is considered to be one of the cornerstone cycles of the International Organization for Standardization (ISO) 27001 standard?

Plan-Check-Do-Act

Plan-Do-Check-Act

Plan-Select-Implement-Evaluate

SCORE (Security Consensus Operational Readiness Evaluation)

75. Step-by-step procedures to regain normalcy in the event of a major earthquake is PRIMARILY covered by which of the following plans?

Incident response plan

Business Continuity plan

Disaster recovery plan

Damage control plan

76. File Integrity Monitoring (FIM) is considered a

Network based security preventative control

Software segmentation control

Security detective control

User segmentation control

77. Payment Card Industry (PCI) compliance requirements are based on what criteria?

The types of cardholder data retained

The duration card holder data is retained

The size of the organization processing credit card data

The number of transactions performed per year by an organization

78. As the Chief Information Security Officer, you are performing an assessment of security posture to understand what your Defense-in-Depth capabilities are.

Which network security technology examines network traffic flows to detect and actively stop vulnerability exploits and attacks?

Gigamon

Intrusion Prevention System

Port Security

Anti-virus

79. Creating a secondary authentication process for network access would be an example of?

Nonlinearities in physical security performance metrics

Defense in depth cost enumerated costs

System hardening and patching requirements

Anti-virus for mobile devices

80. Access Control lists (ACLs), Firewalls, and Intrusion Prevention Systems are examples of

Network based security preventative controls

Software segmentation controls

Network based security detective controls

User segmentation controls

Page 9 of 11

81. Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?

Need to comply with breach disclosure laws

Need to transfer the risk associated with hosting PII data

Need to better understand the risk associated with using PII data

Fiduciary responsibility to safeguard credit card information

82. The PRIMARY objective for information security program development should be:

Reducing the impact of the risk to the business.

Establishing strategic alignment with business continuity requirements

Establishing incident response programs.

Identifying and implementing the best security solutions.

83. You have purchased a new insurance policy as part of your risk strategy.

Which of the following risk strategy options have you engaged in?

Risk Avoidance

Risk Acceptance

Risk Transfer

Risk Mitigation

84. The process for management approval of the security certification process which states the risks and mitigation of such risks of a given IT system is called

Security certification

Security system analysis

Security accreditation

Alignment with business practices and goals.

85. A person in your security team calls you at night and informs you that one of your web applications is potentially under attack from a cross-site scripting vulnerability.

What do you do?

tell him to shut down the server

tell him to call the police

tell him to invoke the incident response process

tell him to analyze the problem, preserve the evidence and provide a full analysis and report

86. Acme Inc. has engaged a third party vendor to provide 99.999% up-time for their online web presence and had them contractually agree to this service level agreement.

What type of risk tolerance is Acme exhibiting? (choose the BEST answer):

low risk-tolerance

high risk-tolerance

moderate risk-tolerance

medium-high risk-tolerance

87. You work as a project manager for TYU project. You are planning for risk mitigation. You need to quickly identify high-level risks that will need a more in-depth analysis.

Which of the following activities will help you in this?

Qualitative analysis

Quantitative analysis

Risk mitigation

Estimate activity duration

88. A severe security threat has been detected on your corporate network. As CISO you quickly assemble key members of the Information Technology team and business operations to determine a modification to security controls in response to the threat.

This is an example of:

Change management

Business continuity planning

Security Incident Response

Thought leadership

89. A stakeholder is a person or group:

Vested in the success and/or failure of a project or initiative regardless of budget implications.

Vested in the success and/or failure of a project or initiative and is tied to the project budget.

That has budget authority.

That will ultimately use the system.

90. What is the FIRST step in developing the vulnerability management program?

Baseline the Environment

Maintain and Monitor

Organization Vulnerability

Define Policy

Page 10 of 11

91. When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?

ISO 27001

PRINCE2

ISO 27004

ITILv3

92. When analyzing and forecasting a capital expense budget what are not included?

Network connectivity costs

New datacenter to operate from

Upgrade of mainframe

Purchase of new mobile devices to improve operations

93. Which of the following is the MOST important for a CISO to understand when identifying threats?

How vulnerabilities can potentially be exploited in systems that impact the organization

How the security operations team will behave to reported incidents

How the firewall and other security devices are configured to prevent attacks

How the incident management team prepares to handle an attack

94. A global retail company is creating a new compliance management process.

Which of the following regulations is of MOST importance to be tracked and managed by this process?

Information Technology Infrastructure Library (ITIL)

International Organization for Standardization (ISO) standards

Payment Card Industry Data Security Standards (PCI-DSS)

National Institute for Standards and Technology (NIST) standard

95. Which of the following is considered one of the most frequent failures in project management?

Overly restrictive management

Excessive personnel on project

Failure to meet project deadlines

Insufficient resources

96. The newly appointed CISO of an organization is reviewing the IT security strategic plan.

Which of the following is the MOST important component of the strategic plan?

There is integration between IT security and business staffing.

There is a clear definition of the IT security mission and vision.

There is an auditing methodology in place.

The plan requires return on investment for all security projects.

97. Which of the following statements about Encapsulating Security Payload (ESP) is true?

It is an IPSec protocol.

It is a text-based communication protocol.

It uses TCP port 22 as the default port and operates at the application layer.

It uses UDP port 22

98. Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.

Symmetric encryption in general is preferable to asymmetric encryption when:

The number of unique communication links is large

The volume of data being transmitted is small

The speed of the encryption / deciphering process is essential

The distance to the end node is farthest away

99. Which type of physical security control scan a person’s external features through a digital video camera before granting access to a restricted area?

Iris scan

Retinal scan

Facial recognition scan

Signature kinetics scan

100. What type of attack requires the least amount of technical equipment and has the highest success rate?

War driving

Operating system attacks

Social engineering

Shrink wrap attack

Page 11 of 11

101. Which of the following is the MOST important goal of risk management?

Identifying the risk

Finding economic balance between the impact of the risk and the cost of the control

Identifying the victim of any potential exploits.

Assessing the impact of potential threats

102. An international organization is planning a project to implement encryption technologies to protect company confidential information. This organization has data centers on three continents.

Which of the following would be considered a MAJOR constraint for the project?

Time zone differences

Compliance to local hiring laws

Encryption import/export regulations

Local customer privacy laws

103. An organization has a number of Local Area Networks (LANs) linked to form a single Wide Area Network (WAN).

Which of the following would BEST ensure network continuity?

Third-party emergency repair contract

Pre-built servers and routers

Permanent alternative routing

Full off-site backup of every server