ECCouncil 512-50 Questions Answers

EC-Council Information Security Manager (E|ISM) Questions and Answers

Question 37

During the course of a risk analysis your IT auditor identified threats and potential impacts. Next, your IT auditor should:

Options:

Identify and evaluate the existing controls.

Disclose the threats and impacts to management.

Identify information assets and the underlying systems.

Identify and assess the risk assessment process used by management.

Question 38

An IT auditor has recently discovered that because of a shortage of skilled operations personnel, the security administrator has agreed to work one late night shift a week as the senior computer operator. The most appropriate course of action for the IT auditor is to:

Options:

Inform senior management of the risk involved.

Agree to work with the security officer on these shifts as a form of preventative control.

Develop a computer assisted audit technique to detect instances of abuses of the arrangement.

Review the system log for each of the late night shifts to determine whether any irregular actions occurred.

Question 39

You work as a project manager for TYU project. You are planning for risk mitigation. You need to quickly identify high-level risks that will need a more in-depth analysis. Which of the following activities will help you in this?

Options:

Qualitative analysis

Quantitative analysis

Risk mitigation

Estimate activity duration

Question 40

Which of the following is a term related to risk management that represents the estimated frequency at which a threat is expected to transpire?

Options:

Single Loss Expectancy (SLE)

Exposure Factor (EF)

Annualized Rate of Occurrence (ARO)

Temporal Probability (TP)

Labour Day Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

EC-Council Information Security Manager (E|ISM) Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer: