Eccouncil 512-50 practice test

Information Security Manager Exam

Last exam update: Oct 07 ,2024
Page 1 out of 27. Viewing questions 1-15 out of 404

Question 1

A key cybersecurity feature of a Personal Identification Verification (PIV) Card is:

  • A. Inability to export the private certificate/key
  • B. It can double as physical identification at the DMV
  • C. It has the user's photograph to help ID them
  • D. It can be used as a secure flash drive
Mark Question:
Answer:

C


Explanation:
Reference:
https://www.securew2.com/blog/piv-personal-identity-verification

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

Which of the following would negatively impact a log analysis of a multinational organization?

  • A. Centralized log management
  • B. Encrypted log files in transit
  • C. Each node set to local time
  • D. Log aggregation agent each node
Mark Question:
Answer:

D


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Which regulation or policy governs protection of personally identifiable user data gathered during a
cyber investigation?

  • A. ITIL
  • B. Privacy Act
  • C. Sarbanes Oxley
  • D. PCI-DSS
Mark Question:
Answer:

B


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

What are the three hierarchically related aspects of strategic planning and in which order should they
be done?

  • A. 1) Information technology strategic planning, 2) Enterprise strategic planning, 3) Cybersecurity or information security strategic planning
  • B. 1) Cybersecurity or information security strategic planning, 2) Enterprise strategic planning, 3) Information technology strategic planning
  • C. 1) Enterprise strategic planning, 2) Information technology strategic planning, 3) Cybersecurity or information security strategic planning
  • D. 1) Enterprise strategic planning, 2) Cybersecurity or information security strategic planning, 3) Information technology strategic planning
Mark Question:
Answer:

D


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

As the Business Continuity Coordinator of a financial services organization, you are responsible for
ensuring assets are recovered timely in the event of a disaster. Which is the BEST Disaster Recovery
performance indicator to validate that you are prepared for a disaster?

  • A. Recovery Point Objective (RPO)
  • B. Disaster Recovery Plan
  • C. Recovery Time Objective (RTO)
  • D. Business Continuity Plan
Mark Question:
Answer:

D


Explanation:
Reference:
https://www.resolver.com/resource/bcdr-metrics-that-matter/

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

What process defines the framework of rules and practices by which a board of directors ensure
accountability, fairness and transparency in an organization's relationship with its shareholders?

  • A. Internal Audit
  • B. Corporate governance
  • C. Risk Oversight
  • D. Key Performance Indicators
Mark Question:
Answer:

B


Explanation:
Reference:
https://www.igi-global.com/dictionary/corporate-governance/5957

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Which technology can provide a computing environment without requiring a dedicated hardware
backend?

  • A. Mainframe server
  • B. Virtual Desktop
  • C. Thin client
  • D. Virtual Local Area Network
Mark Question:
Answer:

B


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which of the following information would MOST likely be reported at the board-level within an
organization?

  • A. System scanning trends and results as they pertain to insider and external threat sources
  • B. The capabilities of a security program in terms of staffing support
  • C. Significant risks and security incidents that have been discovered since the last assembly of the membership
  • D. The numbers and types of cyberattacks experienced by the organization since the last assembly of the membership
Mark Question:
Answer:

C


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

What is the difference between encryption and tokenization?

  • A. Tokenization combined with hashing is always better than encryption
  • B. Encryption can be mathematically reversed to provide the original information
  • C. The token contains the all original information
  • D. Tokenization can be mathematically reversed to provide the original information
Mark Question:
Answer:

B


Explanation:
Reference:
http://library.ahima.org/doc?oid=104090#.X_dwWolR3eQ

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

A CISO wants to change the defense strategy to ward off attackers. To accomplish this the CISO is
looking to a strategy where attackers are lured into a zone of a safe network where attackers can be
monitored, controlled, quarantined, or eradicated.

  • A. Moderate investment
  • B. Passive monitoring
  • C. Integrated security controls
  • D. Dynamic deception
Mark Question:
Answer:

D


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

Which of the following is an accurate description of a balance sheet?

  • A. The percentage of earnings that are retained by the organization for reinvestment in the business
  • B. The details of expenses and revenue over a long period of time
  • C. A summarized statement of all assets and liabilities at a specific point in time
  • D. A review of regulations and requirements impacting the business from a financial perspective
Mark Question:
Answer:

C


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

Which of the following is used to lure attackers into false environments so they can be monitored,
contained, or blocked from reaching critical systems?

  • A. Segmentation controls.
  • B. Shadow applications.
  • C. Deception technology.
  • D. Vulnerability management.
Mark Question:
Answer:

B


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

What is one key difference between Capital expenditures and Operating expenditures?

  • A. Operating expense cannot be written off while Capital expense can
  • B. Operating expenses can be depreciated over time and Capital expenses cannot
  • C. Capital expenses cannot include salaries and Operating expenses can
  • D. Capital expenditures allow for the cost to be depreciated over time and Operating does not
Mark Question:
Answer:

C


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

As the CISO, you have been tasked with the execution of the companys key management program.
You
MUST ensure the integrity of encryption keys at the point of generation. Which principal of
encryption key
control will ensure no single individual can constitute or re-constitute a key?

  • A. Dual Control
  • B. Separation of Duties
  • C. Split Knowledge
  • D. Least Privilege
Mark Question:
Answer:

A


Explanation:
Reference:
https://info.townsendsecurity.com/bid/23881/PCI-DSS-2-0-and-Encryption-Key-
Management

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

As the Chief Information Security Officer, you want to ensure data shared securely, especially when
shared with
third parties outside the organization. What protocol provides the ability to extend the network
perimeter with
the use of encapsulation and encryption?

  • A. File Transfer Protocol (FTP)
  • B. Virtual Local Area Network (VLAN)
  • C. Simple Mail Transfer Protocol
  • D. Virtual Private Network (VPN)
Mark Question:
Answer:

D


Explanation:
Reference:
https://searchnetworking.techtarget.com/definition/virtual-private-network

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2