EMT Practice Test

1. Question Content...


Question List

Question1: Cloud applications can use virtual networks and other structures, for hyper-segregated environments.

Question2: How is encryption managed on multi-tenant storage?

Question3: What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?

Question4: In volume storage, what method is often used to support resiliency and security?

Question5: What is the newer application development methodology and philosophy focused on automation of application development and deployment?

Question6: An important consideration when performing a remote vulnerability test of a cloud-based application is to

Question7: Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?

Question8: CCM: The following list of controls belong to which domain of the CCM?
GRM 06 - Policy GRM 07 - Policy Enforcement GRM 08 - Policy Impact on Risk Assessments GRM 09 - Policy Reviews GRM 10 - Risk Assessments GRM 11 - Risk Management Framework

Question9: Which data security control is the LEAST likely to be assigned to an IaaS provider?

Question10: Which cloud storage technology is basically a virtual hard drive for instanced or VMs?

Question11: Your cloud and on-premises infrastructures should always use the same network address ranges.

Question12: Which statement best describes the impact of Cloud Computing on business continuity management?

Question13: CCM: In the CCM tool, "Encryption and Key Management" is an example of which of the following?

Question14: What item below allows disparate directory services and independent security domains to be interconnected?

Question15: Why is a service type of network typically isolated on different hardware?

Question16: Which of the following items is NOT an example of Security as a Service (SecaaS)?

Question17: ENISA: "VM hopping" is:

Question18: APIs and web services require extensive hardening and must assume attacks from authenticated and unauthenticated adversaries.

Question19: Select the best definition of "compliance" from the options below.

Question20: Dynamic Application Security Testing (DAST) might be limited or require pre-testing permission from the provider.

Question21: Who is responsible for the security of the physical infrastructure and virtualization platform?