EMT Practice Test

1. Question Content...


Question List

Question1:

Question2:

Question3:

Question4:

Question5:

Question6:

Question7: The Chief information Security Officer (CISO) of a small locate bank has a compliance requirement that a third-party penetration test of the core banking application must be conducted annually. Which of the following services would fulfill the compliance requirement with the LOWEST resource usage?

Question8:

Question9:

Question10:

Question11:

Question12:

Question13:

Question14:

Question15:

Question16:

Question17:

Question18: A large industrial system's smart generator monitors the system status and sends alerts to third-party maintenance personnel when critical failures occur. While reviewing the network logs, the company's security manager notices the generator's IP is sending packets to an internal file server's IP. Which of the following mitigations would be BEST for the security manager to implement while maintaining alerting capabilities?

Question19:

Question20:

Question21:

Question22:

Question23:

Question24:

Question25:

Question26: A remote user reports the inability to authenticate to the VPN concentrator. During troubleshooting, a security administrate captures an attempted authentication and discovers the following being presented by the user's VPN client:

Which of the following BEST describes the reason the user is unable to connect to the VPN service?

Question27: An organization recently experienced losses caused by users who installed applications from unauthorized sources on their smartphones. The organization wants to reduce the risk of reoccurrence but increase the monitoring and reporting of mobile device security at the enterprise level. Which of the following approaches would BEST meet these objectives?

Question28: An organization based in the United States is planning to expand its operations into the European market later in the year Legal counsel is exploring the additional requirements that must be established as a result of the expansion. The BEST course of action would be to

Question29:

Question30:

Question31:

Question32:

Question33:

Question34:

Question35:

Question36:

Question37:

Question38:

Question39:

Question40: When of the following is the BEST reason to implement a separation of duties policy?

Question41: A corporate forensic investigator has been asked to acquire five forensic images of an employee database application. There are three images to capture in the United States, one in the United Kingdom, and one in Germany. Upon completing the work, the forensics investigator saves the images to a local workstation. Which of the following types of concerns should the forensic investigator have about this work assignment?

Question42:

Question43:

Question44:

Question45:

Question46:

Question47:

Question48:

Question49:

Question50:

Question51:

Question52:

Question53:

Question54:

Question55:

Question56:

Question57:

Question58:

Question59: A security analyst receives an email from a peer that includes a sample of code from a piece of malware found in an application running in the organization's staging environment. During the incident response process, it is determined the code was introduced into the environment as a result of a compromised laptop being used to harvest credentials and access the organization's code repository. While the laptop itself was not used to access the code repository, an attacker was able to leverage the harvested credentials from another system in the development environment to bypass the ACLs limiting access to the repositories. Which of the following controls MOST likely would have interrupted the kill chain in this attack?

Question60:

Question61:

Question62: A cloud architect needs to isolate the most sensitive portion of the network while maintaining hosting in a public cloud Which of the following configurations can be employed to support this effort?

Question63: A small company needs to reduce its operating costs. vendors have proposed solutions, which all focus on management of the company's website and services. The Chief information Security Officer (CISO) insist all available resources in the proposal must be dedicated, but managing a private cloud is not an option. Which of the following is the BEST solution for this company?

Question64:

Question65:

Question66: An infrastructure team is at the end of a procurement process and has selected a vendor. As part of the final negotiations, there are a number of outstanding issues, including:
1. Indemnity clauses have identified the maximum liability
2. The data will be hosted and managed outside of the company's geographical location The number of users accessing the system will be small, and no sensitive data will be hosted in the solution. As the security consultant on the project, which of the following should the project's security consultant recommend as the NEXT step?

Question67:

Question68:

Question69:

Question70:

Question71:

Question72: Which of the following BEST sets expectation between the security team and business units within an organization?

Question73:

Question74: A company's Chief Operating Officer (COO) is concerned about the potential for competitors to infer proprietary information gathered from employees' social media accounts.
Which of the following methods should the company use to gauge its social media threat level without targeting individual employees?

Question75:

Question76:

Question77:

Question78:

Question79:

Question80:

Question81:

Question82:

Question83:

Question84:

Question85:

Question86:

Question87:

Question88: The Chief Information Security Officer (CISO) of an established security department, identifies a customer who has been using a fraudulent credit card. The CISO calls the local authorities, and when they arrive on-site, the authorities ask a security engineer to create a point-in-time copy of the running database in their presence. This is an example of:

Question89:

Question90:

Question91: A company uses an application in its warehouse that works with several commercially available tablets and can only be accessed inside the warehouse. The support department would like the selection of tablets to be limited to three models to provide better support and ensure spares are on hand. Users often keep the tablets after they leave the department, as many of them store personal media items.
Which of the following should the security engineer recommend to meet these requirements?

Question92:

Question93:

Question94:

Question95:

Question96:

Question97:

Question98:

Question99:

Question100:

Question101:

Question102:

Question103:

Question104:

Question105:

Question106:

Question107:

Question108:

Question109: A security administrator is concerned about employees connecting their personal devices to the company network. Doing so is against company policy. The network does not have a NAC solution. The company uses a GPO that disables the firewall on all company-owned devices while they are connected to the internal network Additionally, all company-owned devices implement a standard naming convention that uses the device's serial number. The security administrator wants to identify active personal devices and write a custom script to disconnect them from the network Which of the following should the script use to BEST accomplish this task?

Question110:

Question111:

Question112:

Question113:

Question114:

Question115:

Question116: A network administrator is concerned about a particular server that is attacked occasionally from hosts on the Internet. The server is not critical; however, the attacks impact the rest of the network. While the company's current ISP is cost effective, the ISP is slow to respond to reported issues. The administrator needs to be able to mitigate the effects of an attack immediately without opening a trouble ticket with the ISP. The ISP is willing to accept a very small network route advertised with a particular BGP community string. Which of the following is the BESRT way for the administrator to mitigate the effects of these attacks?

Question117:

Question118: An organization is implementing a virtualized thin-client solution for normal user computing and access. During a review of the architecture, concerns were raised that an attacker could gain access to multiple user environments by simply gaining a foothold on a single one with malware. Which of the following reasons BEST explains this?

Question119:

Question120: An analyst has noticed unusual activities in the SIEM to a .cn domain name. Which of the following should the analyst use to identify the content of the traffic?

Question121:

Question122: A team is at the beginning stages of designing a new enterprise-wide application. The new application will have a large database and require a capital investment in hardware. The Chief Information Officer (CIO) has directed the team to save money and reduce the reliance on the datacenter, and the vendor must specialize in hosting large databases in the cloud. Which of the following cloud-hosting options would BEST meet these needs?

Question123:

Question124:

Question125:

Question126:

Question127:

Question128:

Question129:

Question130:

Question131:

Question132:

Question133:

Question134:

Question135:

Question136:

Question137:

Question138:

Question139:

Question140:

Question141:

Question142: The Chief Executive Officer (CEO) instructed the new Chief Information Security Officer (CISO) to provide a list of enhancements to the company's cybersecurity operation. As a result, the CISO has identified the need to align security operations with industry best practices. Which of the following industry references is appropriate to accomplish this?

Question143: Users have been reporting unusual automated phone calls, including names and phone numbers, that appear to come from devices internal to the company. Which of the following should the systems administrator do to BEST address this problem?

Question144:

Question145:

Question146:

Question147:

Question148:

Question149: A company runs a well -attended, on-premises fitness club for its employees, about 200 of them each day. Employees want to sync center's login and attendance program with their smartphones. Human resources, which manages the contract for the fitness center, has asked the security architecture to help draft security and privacy requirements. Which of the following would BEST address these privacy concerns?

Question150:

Question151:

Question152:

Question153: A software development manager is running a project using agile development methods. The company cybersecurity engineer has noticed a high number of vulnerabilities have been making it into production code on the project.
Which of the following methods could be used in addition to an integrated development environment to reduce the severity of the issue?

Question154:

Question155:

Question156:

Question157:

Question158:

Question159:

Question160:

Question161:

Question162:

Question163:

Question164:

Question165:

Question166:

Question167:

Question168:

Question169: A security analyst is troubleshooting a scenario in which an operator should only be allowed to reboot remote hosts but not perform other activities. The analyst inspects the following portions of different configuration files:
Configuration file 1:
Operator ALL=/sbin/reboot
Configuration file 2:
Command="/sbin/shutdown now", no-x11-forwarding, no-pty, ssh-dss
Configuration file 3:
Operator:x:1000:1000::/home/operator:/bin/bash
Which of the following explains why an intended operator cannot perform the intended action?

Question170:

Question171:

Question172:

Question173:

Question174:

Question175:

Question176:

Question177:

Question178:

Question179: At a meeting, the systems administrator states the security controls a company wishes to implement seem excessive, since all of the information on the company's web servers can be obtained publicly and is not proprietary in any way. The next day the company's website is defaced as part of an SQL injection attack, and the company receives press inquiries about the message the attackers displayed on the website.
Which of the following is the FIRST action the company should take?

Question180:

Question181:

Question182:

Question183:

Question184:

Question185:

Question186: An organization is in the process of integrating its operational technology and information technology areas. As part of the integration, some of the cultural aspects it would like to see include more efficient use of resources during change windows, better protection of critical infrastructure, and the ability to respond to incidents. The following observations have been identified:
The ICS supplier has specified that any software installed will result in lack of support.
There is no documented trust boundary defined between the SCADA and corporate networks.
Operational technology staff have to manage the SCADA equipment via the engineering workstation.
There is a lack of understanding of what is within the SCADA network.
Which of the following capabilities would BEST improve the security position?

Question187:

Question188:

Question189:

Question190:

Question191:

Question192:

Question193:

Question194:

Question195:

Question196: