PDF 512-50 Study Guide

EC-Council Information Security Manager (E|ISM) Questions and Answers

Question 53

Information security policies should be reviewed:

Options:

by stakeholders at least annually

by the CISO when new systems are brought online

by the Incident Response team after an audit

by internal audit semiannually

Question 54

The success of the Chief Information Security Officer is MOST dependent upon:

Options:

favorable audit findings

following the recommendations of consultants and contractors

development of relationships with organization executives

raising awareness of security issues with end users

Question 55

An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?

Options:

Data breach disclosure

Consumer right disclosure

Security incident disclosure

Special circumstance disclosure

Question 56

What is a difference from the list below between quantitative and qualitative Risk Assessment?

Options:

Quantitative risk assessments result in an exact number (in monetary terms)

Qualitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)

Qualitative risk assessments map to business objectives

Quantitative risk assessments result in a quantitative assessment (high, medium, low, red, yellow, green)

Labour Day Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

EC-Council Information Security Manager (E|ISM) Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer: