Eccouncil 512-50 practice test

Information Security Manager Exam


Question 1

A key cybersecurity feature of a Personal Identification Verification (PIV) Card is:

  • A. Inability to export the private certificate/key
  • B. It can double as physical identification at the DMV
  • C. It has the user's photograph to help ID them
  • D. It can be used as a secure flash drive
Answer:

C

Explanation:
Reference:
https://www.securew2.com/blog/piv-personal-identity-verification

Discussions
0 / 600

Question 2

Which of the following would negatively impact a log analysis of a multinational organization?

  • A. Centralized log management
  • B. Encrypted log files in transit
  • C. Each node set to local time
  • D. Log aggregation agent each node
Answer:

D

Discussions
0 / 600

Question 3

Which regulation or policy governs protection of personally identifiable user data gathered during a
cyber investigation?

  • A. ITIL
  • B. Privacy Act
  • C. Sarbanes Oxley
  • D. PCI-DSS
Answer:

B

Discussions
0 / 600

Question 4

What are the three hierarchically related aspects of strategic planning and in which order should they
be done?

  • A. 1) Information technology strategic planning, 2) Enterprise strategic planning, 3) Cybersecurity or information security strategic planning
  • B. 1) Cybersecurity or information security strategic planning, 2) Enterprise strategic planning, 3) Information technology strategic planning
  • C. 1) Enterprise strategic planning, 2) Information technology strategic planning, 3) Cybersecurity or information security strategic planning
  • D. 1) Enterprise strategic planning, 2) Cybersecurity or information security strategic planning, 3) Information technology strategic planning
Answer:

D

Discussions
0 / 600

Question 5

As the Business Continuity Coordinator of a financial services organization, you are responsible for
ensuring assets are recovered timely in the event of a disaster. Which is the BEST Disaster Recovery
performance indicator to validate that you are prepared for a disaster?

  • A. Recovery Point Objective (RPO)
  • B. Disaster Recovery Plan
  • C. Recovery Time Objective (RTO)
  • D. Business Continuity Plan
Answer:

D

Explanation:
Reference:
https://www.resolver.com/resource/bcdr-metrics-that-matter/

Discussions
0 / 600

Question 6

What process defines the framework of rules and practices by which a board of directors ensure
accountability, fairness and transparency in an organization's relationship with its shareholders?

  • A. Internal Audit
  • B. Corporate governance
  • C. Risk Oversight
  • D. Key Performance Indicators
Answer:

B

Explanation:
Reference:
https://www.igi-global.com/dictionary/corporate-governance/5957

Discussions
0 / 600

Question 7

Which technology can provide a computing environment without requiring a dedicated hardware
backend?

  • A. Mainframe server
  • B. Virtual Desktop
  • C. Thin client
  • D. Virtual Local Area Network
Answer:

B

Discussions
0 / 600

Question 8

Which of the following information would MOST likely be reported at the board-level within an
organization?

  • A. System scanning trends and results as they pertain to insider and external threat sources
  • B. The capabilities of a security program in terms of staffing support
  • C. Significant risks and security incidents that have been discovered since the last assembly of the membership
  • D. The numbers and types of cyberattacks experienced by the organization since the last assembly of the membership
Answer:

C

Discussions
0 / 600

Question 9

What is the difference between encryption and tokenization?

  • A. Tokenization combined with hashing is always better than encryption
  • B. Encryption can be mathematically reversed to provide the original information
  • C. The token contains the all original information
  • D. Tokenization can be mathematically reversed to provide the original information
Answer:

B

Explanation:
Reference:
http://library.ahima.org/doc?oid=104090#.X_dwWolR3eQ

Discussions
0 / 600

Question 10

A CISO wants to change the defense strategy to ward off attackers. To accomplish this the CISO is
looking to a strategy where attackers are lured into a zone of a safe network where attackers can be
monitored, controlled, quarantined, or eradicated.

  • A. Moderate investment
  • B. Passive monitoring
  • C. Integrated security controls
  • D. Dynamic deception
Answer:

D

Discussions
0 / 600
To page 2