512-50 Exam Dumps - EC-Council Information Security Manager (E|ISM)

Go to page:

<< First
Prev
1
2
3
4
5
6
7
8
Next
Last >>

Question # 4

The organization does not have the time to remediate the vulnerability; however it is critical to release the application. Which of the following needs to be further evaluated to help mitigate the risks?

Provide developer security training

Deploy Intrusion Detection Systems

Provide security testing tools

Implement Compensating Controls

Full Access

Question # 5

Which of the following is MOST beneficial in determining an appropriate balance between uncontrolled innovation and excessive caution in an organization?

Define the risk appetite

Determine budget constraints

Review project charters

Collaborate security projects

Full Access

Question # 6

How often should the Statements of Standards for Attestation Engagements-16 (SSAE16)/International Standard on Assurance Engagements 3402 (ISAE3402) report of your vendors be reviewed?

Quarterly

Semi-annually

Bi-annually

Annually

Full Access

Question # 7

Control Objectives for Information and Related Technology (COBIT) is which of the following?

An Information Security audit standard

An audit guideline for certifying secure systems and controls

A framework for Information Technology management and governance

A set of international regulations for Information Technology governance

Full Access