← Back to exam page

512-50 EC-Council Information Security Manager (E|ISM)

Loading demo links...

Showing 16–18 of 20 questions

Question 16 (Information Security Controls and Audit Management)

Which of the following best represents a calculation for Annual Loss Expectancy (ALE)?

Select an option, then click Submit answer.

  • Single loss expectancy multiplied by the annual rate of occurrence

  • Total loss expectancy multiplied by the total loss frequency

  • Value of the asset multiplied by the loss expectancy

  • Replacement cost multiplied by the single loss expectancy
Question 17 (Governance, Risk, Compliance)

When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?

Select an option, then click Submit answer.

  • When there is a need to develop a more unified incident response capability.

  • When the enterprise is made up of many business units with diverse business activities, risks profiles and regulatory requirements.

  • When there is a variety of technologies deployed in the infrastructure.

  • When it results in an overall lower cost of operating the security program.
Question 18 (Governance, Risk, Compliance)

The PRIMARY objective for information security program development should be:

Select an option, then click Submit answer.

  • Reducing the impact of the risk to the business.

  • Establishing strategic alignment with business continuity requirements

  • Establishing incident response programs.

  • Identifying and implementing the best security solutions.