EMT Practice Test

1. Question Content...


Question List

Question1: An IT manager informs the entire help desk staff that only the IT manager and the help desk lead will have access to the administrator console of the help desk software. Which of the following security techniques is the IT manager setting up?

Question2: The management team notices that new accounts that are set up manually do not always have correct access or permissions.
Which of the following automation techniques should a systems administrator use to streamline account creation?

Question3: A company needs to provide administrative access to internal resources while minimizing the traffic allowed through the security boundary. Which of the following methods ismostsecure?

Question4: During a security incident, the security operations team identified sustained network traffic from a malicious IP address:
10.1.4.9. A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization's network. Which of the following fulfills this request?

Question5: A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?

Question6: After a company was compromised, customers initiated a lawsuit. The company's attorneys have requested that the security team initiate a legal hold in response to the lawsuit. Which of the following describes the action the security team will most likely be required to take?

Question7: Which of the following vulnerabilities is exploited when an attacker overwrites a register with a malicious address?

Question8: Which of the following is a hardware-specific vulnerability?

Question9: A technician wants to improve the situational and environmental awareness of existing users as they transition from remote to in-office work. Which of the following is thebestoption?

Question10: Which of the following is themostlikely to be included as an element of communication in a security awareness program?

Question11: Which of the following allows for the attribution of messages to individuals?

Question12: Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation.
INSTRUCTIONS
Not all attacks and remediation actions will be used.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Question13: A company's legal department drafted sensitive documents in a SaaS application and wants to ensure the documents cannot be accessed by individuals in high-risk countries. Which of the following is themosteffective way to limit this access?

Question14: Which of the following describes the process of concealing code or text inside a graphical image?

Question15: A systems administrator works for a local hospital and needs to ensure patient data is protected and secure.
Which of the following data classifications should be used to secure patient data?

Question16: A company hired a consultant to perform an offensive security assessment covering penetration testing and social engineering.
Which of the following teams will conduct this assessment activity?

Question17: Which of the following can be used to identify potential attacker activities without affecting production servers?

Question18: Employees in the research and development business unit receive extensive training to ensure they understand how to best protect company data. Which of the following is the type of data these employees aremostlikely to use in day-to-day work activities?

Question19: A security analyst and the management team are reviewing the organizational performance of a recent phishing campaign. The user click-through rate exceeded the acceptable risk threshold, and the management team wants to reduce the impact when a user clicks on a link in a phishing message. Which of the following should the analyst do?

Question20: Which of the following tools can assist with detecting an employee who has accidentally emailed a file containing a customer's PII?

Question21: An organization recently updated its security policy to include the following statement:
Regular expressions are included in source code to remove special characters such as $, |, ;. &, `, and ? from variables set by forms in a web application.
Which of the following best explains the security technique the organization adopted by making this addition to the policy?

Question22: An administrator notices that several users are logging in from suspicious IP addresses. After speaking with the users, the administrator determines that the employees were not logging in from those IP addresses and resets the affected users' passwords. Which of the following should the administrator implement to prevent this type of attack from succeeding in the future?

Question23: A security administrator would like to protect data on employees' laptops. Which of the following encryption techniques should the security administrator use?

Question24: A technician needs to apply a high-priority patch to a production system. Which of the following steps should be takenfirst?

Question25: Which of the following provides the details about the terms of a test with a third-party penetration tester?

Question26: A security analyst is reviewing alerts in the SIEM related to potential malicious network traffic coming from an employee's corporate laptop. The security analyst has determined that additional data about the executable running on the machine is necessary to continue the investigation. Which of the following logs should the analyst use as a data source?

Question27: A network manager wants to protect the company's VPN by implementing multifactor authentication that uses:
. Something you know
. Something you have
. Something you are
Which of the following would accomplish the manager's goal?

Question28: A company's web filter is configured to scan the URL for strings and deny access when matches are found.
Which of the following search strings should an analyst employ to prohibit access to non-encrypted websites?

Question29: A penetration tester begins an engagement by performing port and service scans against the client environment according to the rules of engagement. Which of the following reconnaissance types is the tester performing?

Question30: You are security administrator investigating a potential infection on a network.
Click on each host and firewall. Review all logs to determine which host originated the Infecton and then deny each remaining hosts clean or infected.






Question31: A systems administrator is looking for a low-cost application-hosting solution that is cloud-based. Which of the following meets these requirements?