512-50試験無料問題集「EC-COUNCIL EC-Council Information Security Manager (E|ISM) 認定」

A. Single Loss Expectancy and Exposure Factor

B. Annual Rate of Occurrence and Single Loss Expectancy

C. Annual Rate of Occurrence and Asset Value

D. Safeguard Value and Annual Rate of Occurrence

A. International encryption restrictions

B. Adherence to local data breach notification laws

C. Compliance to Payment Card Industry (PCI) data security standards

D. Compliance with local government privacy laws

A. Involve internal audit

B. More training of staff members

C. More frequent project milestone meetings

D. Upper management support

A. To make sure the costs of security is included and understood

B. To make sure they are added on after the process is completed

C. To make sure the security process aligns with the vendor's security process

D. To make sure the patching process is included with the costs

A. National Institute of Standards and Technology Special Publication SP 800-26

B. National Institute of Standards and Technology Special Publication SP 800-12

C. Request For Comment 2196

D. International Organization for Standardization 27001

A. The executive summary and vision of the board of directors

B. The risk tolerance of the company and the company mission statement

C. Alignment with the business goals and the vision of the CIO

D. The alignment with the business goals and the risk tolerance

A. The volume of data being transmitted is small

B. The distance to the end node is farthest away

C. The number of unique communication links is large

D. The speed of the encryption / deciphering process is essential

A. Chief Executive Officer

B. Chief Information Officer

C. Chief Legal Counsel

D. Chief Information Security Officer

A. Organization control

B. Technical control

C. Management control

D. Procedural control

A. digital rights management

B. conflict resolution

C. non-repudiation

D. strong authentication

A. Order data hierarchically.

B. Graphically summarize data paths and storage processes.

C. Portray step-by-step details of data generation.

D. Highlight high-level data definitions.

A. An Information Security audit standard

B. An audit guideline for certifying secure systems and controls

C. A set of international regulations for Information Technology governance

D. A framework for Information Technology management and governance

A. Determine the annual loss expectancy (ALE)

B. Build a secondary hot site

C. Create a crisis management plan

D. Create technology recovery plans

A. The Chief Financial Officer (CFO)

B. The internal accounting department

C. The external financial audit service

D. The managers of the accounts payables and accounts receivables teams

A. Latest virus definitions file

B. Patching history

C. Board of directors

D. Risk assessment

A. It provides for a consistent and repeatable staffing model for technology organizations

B. Implementation of it eases an organization's auditing and compliance burden

C. It allows executives to more effectively monitor IT implementation costs

D. Information Security (IS) procedures often require augmentation with other standards

A. Uninterrupted Chain of Custody

B. Expert forensics witness

C. Fully trained network forensic experts to analyze all data right after the attack

D. Comprehensive Log-Files from all servers and network devices affected during the attack

A. Business continuity plan

B. Security program budget

C. Compliance and regulatory analysis

D. Risk assessment

A. The amount of time it takes for a password to activate

B. An expiration date set for passwords

C. A Single Sign-On requirement

D. Time in seconds a user is allocated to change a password