ECCouncil 512-50 EC-Council Information Security Manager (EISM) Exam Practice Test

Covert government networks

War driving maps

Government networks in Tora

Virtual network tunnels

Baseline the Environment

Maintain and Monitor

Organization Vulnerability

Define Policy

chain of custody.

electronic discovery.

evidence tampering.

electronic review.

The need to change accounting periods on a regular basis.

The requirement to post entries for a closed accounting period.

The need to create and modify the chart of accounts and its allocations.

The lack of policies and procedures for the proper segregation of duties.

Wireless Application Protocol (WAP)

Wifi Protected Access version 2 (WPA2)

Wireless Equivalence Protocol (WEP)

Extensible Authentication Protocol (EAP)

Execute

Read

Administrator

Public

Real-time off-site replication

Daily incremental backup

Daily full backup

Daily differential backup

Comprehensive Log-Files from all servers and network devices affected during the attack

Fully trained network forensic experts to analyze all data right after the attack

Uninterrupted Chain of Custody

Expert forensics witness

It is an IPSec protocol.

It is a text-based communication protocol.

It uses TCP port 22 as the default port and operates at the application layer.

It uses UDP port 22

Cold site

Hot site

Warm site

Mobile backup site

‘ o 1=1 - -

/../../../../

“DROPTABLE USERNAME”

NOPS

Enterprise Risk Assessment

Disaster recovery strategic plan

Business continuity plan

Application mapping document

A substantive test of program library controls

A compliance test of program library controls

A compliance test of the program compiler controls

A substantive test of the program compiler controls

The number of actionable items in the recommendations

How it exposes the risk tolerance of the company

How the recommendations directly support the goals of the company

The number of security controls the company has in use

Confidentiality, Availability, Integrity

Compliance, Effectiveness, Efficiency

Communication, Reliability, Cost

Confidentiality, Compliance, Cost

Validate that security awareness program content includes information about the potential vulnerability

Conduct a thorough risk assessment against the current implementation to determine system functions

Determine program ownership to implement compensating controls

Send a report to executive peers and business unit owners detailing your suspicions

Use within an organization to formulate security requirements and objectives

Implementation of business-enabling information security

Use within an organization to ensure compliance with laws and regulations

To enable organizations that adopt it to obtain certifications

If the findings impact regulatory compliance, try to apply remediation that will address the most findings for the least cost.

If the findings do not impact regulatory compliance, remediate only the high and medium risk findings.

If the findings impact regulatory compliance, remediate the high findings as quickly as possible.

If the findings do not impact regulatory compliance, review current security controls.

Internal Audit

Database Administration

Information Security

Compliance

Determine the annual loss expectancy (ALE)

Create a crisis management plan

Create technology recovery plans

Build a secondary hot site

Nonlinearities in physical security performance metrics

Defense in depth cost enumerated costs

System hardening and patching requirements

Anti-virus for mobile devices

Document the process for the stakeholders

Monitor the effectiveness of the controls

Update the audit findings report

Perform a risk assessment

Procedural control

Organization control

Technical control

Management control

Number of callers who report security issues.

Number of callers who report a lack of customer service from the call center

Number of successful social engineering attempts on the call center

Number of callers who abandon the call before speaking with a representative

assessed by a business impact analysis.

protected under the information classification policy.

analyzed under the data ownership policy.

analyzed under the retention policy

Controlled mitigation effort

Risk impact comparison

Relative likelihood of event

Comparative threat analysis

Threat identification

Risk monitoring

Risk treatment

Risk tolerance

Escalation

Recovery

Eradication

Containment

by stakeholders at least annually

by the CISO when new systems are brought online

by the Incident Response team after an audit

by internal audit semiannually

Susceptibility to attack, mitigation response time, and cost

Attack vectors, controls cost, and investigation staffing needs

Vulnerability exploitation, attack recovery, and mean time to repair

Susceptibility to attack, expected duration of attack, and mitigation availability

Approval from the board of directors

Cost of the mitigation is less than the risk

Metrics of mitigation method success

Mitigation method complies with PCI regulations

When there is a need to develop a more unified incident response capability.

When the enterprise is made up of many business units with diverse business activities, risks profiles and regulatory requirements.

When there is a variety of technologies deployed in the infrastructure.

When it results in an overall lower cost of operating the security program.

National Institute for Standards and Technology 800-50 (NIST 800-50)

International Organization for Standardizations – 27005 (ISO-27005)

Payment Card Industry Data Security Standards (PCI-DSS)

International Organization for Standardizations – 27004 (ISO-27004)

Determine appetite

Evaluate risk avoidance criteria

Perform a risk assessment

Mitigate risk

Lack of a formal security awareness program

Lack of a formal security policy governance process

Lack of formal definition of roles and responsibilities

Lack of a formal risk management policy

Validate the business units’ suggestions as to what should be included in the scoping process

Work with a Qualified Security Assessor (QSA) to determine the scope of the PCI environment

Ensure internal scope validation is completed and that an assessment has been done to discover all credit card data

Complete the self-assessment questionnaire and work with an Approved Scanning Vendor (ASV) to determine scope

Response

Investigation

Recovery

Follow-up

Network connectivity costs

New datacenter to operate from

Upgrade of mainframe

Purchase of new mobile devices to improve operations

1) Information technology strategic planning, 2) Enterprise strategic planning, 3) Cybersecurity or

information security strategic planning

1) Cybersecurity or information security strategic planning, 2) Enterprise strategic planning, 3) Information

technology strategic planning

1) Enterprise strategic planning, 2) Information technology strategic planning, 3) Cybersecurity or

information security strategic planning

1) Enterprise strategic planning, 2) Cybersecurity or information security strategic planning, 3) Information

technology strategic planning

Zero-day attack mitigation

Preventive detection control

Corrective security control

Dynamic blocking control

Review time schedules

Verify budget

Verify resources

Verify constraints

Network based security preventative control

Software segmentation control

Security detective control

User segmentation control

Creates a timeline for purchasing and budgeting

Allows small companies to compete with larger companies

Clearly identifies risks and benefits before funding is spent

Informs suppliers a company is going to make a purchase

Scope

Budget

Resources

Constraints

Easiest regulation or standard to implement

Stricter regulation or standard

Most complex standard to implement

Recommendations of your Legal Staff

Scope of the project

Training of the personnel on the project

Timeline of the project milestones

Vendor for the project

Video surveillance

Mantrap

Bollards

Fence

Verify the scope of the project

Verify the regulatory requirements

Verify technical resources

Verify capacity constraints

monitoring external and internal environment during incident response

ongoing risk assessments of routine operations

continuous vulnerability assessment and vulnerability repair

installation of a new firewall system

The software license expiration is probably out of synchronization with other software licenses

The project was initiated without an effort to get support from impacted business units in the organization

The software is out of date and does not provide for a scalable solution across the enterprise

The security officer should allow time for the organization to get accustomed to her presence before initiating security projects

System testing

Risk assessment

Incident response

Planning

Cost benefit

Risk appetite

Business continuity

Likelihood of impact

Provide clear communication of security requirements throughout the organization

Demonstrate executive support with written mandates for security policy adherence

Create collaborative risk management approaches within the organization

Perform increased audits of security processes and procedures

Risk Management

Risk Assessment

System Testing

Vulnerability Assessment

Distance learning/Web seminars

Formal Class

One-One Training

Self –Study (noncomputerized)

Increase stock value

Complete security

Support business requirements

Implement information security policies

User awareness training for all employees

Installation of new firewalls and intrusion detection systems

Launch an internal awareness campaign

Integrate security requirements into project inception

The Security Systems Development Life Cycle

The Security Project And Management Methodology

Project Management System Methodology

Project Management Body of Knowledge

Terms and Conditions

Service Level Agreements (SLA)

Statement of Work

Key Performance Indicators (KPI)

Customer demand

Cost and time to replace

Insurability tables

Risk of exposure