Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 512-50

EC-Council 512-50 Exam Questions
Information Security Manager (Page 9 )

Updated On: 25-Apr-2026
Page 9 of 82
PDF with 404 Questions

Quantitative Risk Assessments have the following advantages over qualitative risk assessments:

  1. They are objective and can express risk / cost in real numbers
  2. They are subjective and can be completed more quickly
  3. They are objective and express risk / cost in approximates
  4. They are subjective and can express risk /cost in real numbers

Answer(s): A



Which of the following is MOST important when dealing with an Information Security Steering committee:

  1. Include a mix of members from different departments and staff levels.
  2. Ensure that security policies and procedures have been vetted and approved.
  3. Review all past audit and compliance reports.
  4. Be briefed about new trends and products at each meeting by a vendor.

Answer(s): C



A business unit within your organization intends to deploy a new technology in a manner that places it in violation of existing information security standards.
What immediate action should the information security manager take?

  1. Enforce the existing security standards and do not allow the deployment of the new technology.
  2. Amend the standard to permit the deployment.
  3. If the risks associated with that technology are not already identified, perform a risk analysis to quantify the risk, and allow the business unit to proceed based on the identified risk level.
  4. Permit a 90-day window to see if an issue occurs and then amend the standard if there are no issues.

Answer(s): C



The PRIMARY objective of security awareness is to:

  1. Ensure that security policies are read.
  2. Encourage security-conscious employee behavior.
  3. Meet legal and regulatory requirements.
  4. Put employees on notice in case follow-up action for noncompliance is necessary

Answer(s): B



Which of the following is MOST likely to be discretionary?

  1. Policies
  2. Procedures
  3. Guidelines
  4. Standards

Answer(s): C



Viewing page 9 of 82
Viewing questions 41 - 45 out of 404 questions
Share your experience with other


512-50 Exam Discussions & Posts

AI Tutor AI Tutor 👋 I’m here to help!