EMT Practice Test

1. Question Content...


Question List

Question1: Which encryption algorithm does S/MIME protocol implement for digital signatures in emails?

Question2: What represents the ability of an organization to respond under emergency in order to minimize the damage to its brand name, business operation, and profit?

Question3: Which category of suspicious traffic signatures includes SYN flood attempts?

Question4: James wants to implement certain control measures to prevent denial-of-service attacks against the organization. Which of the following control measures can help James?

Question5: An employee of a medical service company clicked a malicious link in an email sent by an attacker. Suddenly, employees of the company are not able to access billing information or client record as it is encrypted. The attacker asked the company to pay money for gaining access to their data. Which type of malware attack is described above?

Question6: Which IEEE standard does wireless network use?

Question7: An enterprise recently moved to a new office and the new neighborhood is a little risky. The CEO wants to monitor the physical perimeter and the entrance doors 24 hours. What is the best option to do this job?

Question8: Which of the following helps in viewing account activity and events for supported services made by AWS?

Question9: Which of the following technologies can be used to leverage zero-trust model security?

Question10: Management asked their network administrator to suggest an appropriate backup medium for their backup plan that best suits their organization's need. Which of the following factors will the administrator consider when deciding on the appropriate backup medium?

Question11: Phishing-like attempts that present users a fake usage bill of the cloud provider is an example of a:

Question12: David is working in a mid-sized IT company. Management asks him to suggest a framework that can be used effectively to align the IT goals to the business goals of the company. David suggests the______framework, as it provides a set of controls over IT and consolidates them to form a framework.

Question13: John, a network administrator, is configuring Amazon EC2 cloud service for his organization. Identify the type of cloud service modules his organization adopted.

Question14: Assume that you are working as a network defender at the head office of a bank. One day a bank employee informed you that she is unable to log in to her system. At the same time, you get a call from another network administrator informing you that there is a problem connecting to the main server. How will you prioritize these two incidents?

Question15: Kyle is an IT consultant working on a contract for a large energy company in Houston. Kyle was hired on to do contract work three weeks ago so the company could prepare for an external IT security audit. With suggestions from upper management, Kyle has installed a network-based IDS system. This system checks for abnormal behavior and patterns found in network traffic that appear to be dissimilar from the traffic normally recorded by the IDS. What type of detection is this network-based IDS system using?

Question16: Which of the following is NOT an AWS Shared Responsibility Model devised by AWS?

Question17: Rosa is working as a network defender at Linda Systems. Recently, the company migrated from Windows to MacOS. Rosa wants to view the security related logs of her system, where con she find these logs?

Question18: The--------------protocol works in the network layer and is responsible for handling the error codes during the delivery of packets. This protocol is also responsible for providing communication in the TCP/IP stack.

Question19: The Circuit-level gateway firewall technology functions at which of the following OSI layer?

Question20: Which among the following tools can help in identifying IoEs to evaluate human attack surface?

Question21: Simon had all his systems administrators implement hardware and software firewalls to ensure network security. They implemented IDS/IPS systems throughout the network to check for and stop any unauthorized traffic that may attempt to enter. Although Simon and his administrators believed they were secure, a hacker group was able to get into the network and modify files hosted on the company's website. After searching through the firewall and server logs, no one could find how the attackers were able to get in. He decides that the entire network needs to be monitored for critical and essential file changes. This monitoring tool alerts administrators when a critical file is altered. What tool could Simon and his administrators implement to accomplish this?

Question22: Daniel is monitoring network traffic with the help of a network monitoring tool to detect any abnormalities.
What type of network security approach is Daniel adopting?

Question23: A newly joined network administrator wants to assess the organization against possible risk. He notices the organization doesn't have a________identified which helps measure how risky an activity is.

Question24: Eric is receiving complaints from employees that their systems are very slow and experiencing odd issues including restarting automatically and frequent system hangs. Upon investigating, he is convinced the systems are infected with a virus that forces systems to shut down automatically after period of time. What type of security incident are the employees a victim of?

Question25: Mark is monitoring the network traffic on his organization's network. He wants to detect TCP and UDP ping sweeps on his network. Which type of filter will be used to detect this?

Question26: Which of the following is true regarding any attack surface?

Question27: Which of following are benefits of using loT devices in loT-enabled environments? I. loT device car be connected anytime M. loT device can be connected at any place ill. loT devices connected to anything

Question28: An US-based organization decided to implement a RAID storage technology for their data backup plan. John wants to setup a RAID level that require a minimum of six drives but will meet high fault tolerance and with a high speed for the data read and write operations. What RAID level is John considering to meet this requirement?

Question29: In _______ mechanism, the system or application sends log records either on the local disk or over the network.

Question30: Consider a scenario consisting of a tree network. The root Node N is connected to two man nodes N1 and N2.
N1 is connected to N11 and N12. N2 is connected to N21 and N22. What will happen if any one of the main nodes fail?

Question31: Which type of wireless network attack is characterized by an attacker using a high gain amplifier from a nearby location to drown out the legitimate access point signal?

Question32: Michael decides to view the-----------------to track employee actions on the organization's network.

Question33: Which of the following indicators refers to potential risk exposures that attackers can use to breach the security of an organization?

Question34: Fargo, head of network defense at Globadyne Tech, has discovered an undesirable process in several Linux systems, which causes machines to hang every 1 hour. Fargo would like to eliminate it; what command should he execute?

Question35: Identify the network topology where each computer acts as a repeater and the data passes from one computer to the other in a single direction until it reaches the destination.

Question36: A company wants to implement a data backup method which allows them to encrypt the data ensuring its security as well as access at any time and from any location. What is the appropriate backup method that should be implemented?

Question37: Bryson is the IT manager and sole IT employee working for a federal agency in California. The agency was just given a grant and was able to hire on 30 more employees for a new extended project. Because of this, Bryson has hired on two more IT employees to train up and work. Both of his new hires are straight out of college and do not have any practical IT experience. Bryson has spent the last two weeks teaching the new employees the basics of computers, networking, troubleshooting techniques etc. To see how these two new hires are doing, he asks them at what layer of the OSI model do Network Interface Cards (NIC) work on. What should the new employees answer?

Question38: Which of the following is consumed into SIEM solutions to take control of chaos, gain in-depth knowledge of threats, eliminate false positives, and implement proactive intelligence-driven defense?

Question39: Which biometric technique authenticates people by analyzing the layer of blood vessels at the back of their eyes?

Question40: Identity the method involved in purging technique of data destruction.

Question41: Which among the following filter is used to detect a SYN/FIN attack?

Question42: A stateful multilayer inspection firewall combines the aspects of Application level gateway, Circuit level gateway and Packet filtering firewall. On which layers of the OSI model, does the Stateful multilayer inspection firewall works?

Question43: Which of the following data security technology can ensure information protection by obscuring specific areas of information?

Question44: Heather has been tasked with setting up and implementing VPN tunnels to remote offices. She will most likely be implementing IPsec VPN tunnels to connect the offices. At what layer of the OSI model does an IPsec tunnel function on?

Question45: Match the following NIST security life cycle components with their activities:

Question46: Stephanie is currently setting up email security so all company data is secured when passed through email.
Stephanie first sets up encryption to make sure that a specific user's email is protected. Next, she needs to ensure that the incoming and the outgoing mail has not been modified or altered using digital signatures. What is Stephanie working on?

Question47: You are tasked to perform black hat vulnerability assessment for a client. You received official written permission to work with: company site, forum, Linux server with LAMP, where this site is hosted.
Which vulnerability assessment tool should you consider using?

Question48: HexCom, a leading IT Company in the USA, realized that their employees were having trouble accessing multiple servers with different passwords. Due to this, the centralized server was also being overburdened by avoidable network traffic. To overcome the issue, what type of authentication can be given to the employees?

Question49: Larry is responsible for the company's network consisting of 300 workstations and 25 servers. After using a hosted email service for a year, the company wants to control the email internally. Larry likes this idea because it will give him more control over the email. Larry wants to purchase a server for email but does not want the server to be on the internal network due to the potential to cause security risks. He decides to place the server outside of the company's internal firewall. There is another firewall connected directly to the Internet that will protect traffic from accessing the email server. The server will be placed between the two firewalls. What logical area is Larry putting the new email server into?

Question50: Which wireless networking topology setup requires same channel name and SSID?

Question51: The CEO of Max Rager wants to send a confidential message regarding the new formula for its coveted soft drink, SuperMax, to its manufacturer in Texas. However, he fears the message could be altered in transit. How can he prevent this incident from happening and what element of the message ensures the success of this method?

Question52: Which of the following helps prevent executing untrusted or untested programs or code from untrusted or unverified third-parties?

Question53: Brendan wants to implement a hardware based RAID system in his network. He is thinking of choosing a suitable RAM type for the architectural setup in the system. The type he is interested in provides access times of up to 20 ns. Which type of RAM will he select for his RAID system?

Question54: Frank is a network technician working for a medium-sized law firm in Memphis. Frank and two other IT employees take care of all the technical needs for the firm. The firm's partners have asked that a secure wireless network be implemented in the office so employees can move about freely without being tied to a network cable. While Frank and his colleagues are familiar with wired Ethernet technologies, 802.3, they are not familiar with how to setup wireless in a business environment. What IEEE standard should Frank and the other IT employees follow to become familiar with wireless?

Question55: Jorge has developed a core program for a mobile application and saved it locally on his system. The next day, when he tried to access the file to work on it further, he found it missing from his system.
Upon investigation, it was discovered that someone got into his system since he had not changed his login credentials, and that they were the ones that were given to him by the admin when he had joined the organization. Which of the following network security vulnerabilities can be attributed to Jorge's situation?

Question56: Which OSI layer does a Network Interface Card (NIC) work on?

Question57: Your company is planning to use an uninterruptible power supply (UPS) to avoid damage from power fluctuations. As a network administrator, you need to suggest an appropriate UPS solution suitable for specific resources or conditions. Match the type of UPS with the use and advantage:

Question58: Which component of the data packets is encrypted in Transport mode encryption of an IPsec server?

Question59: Which of the following is a database encryption feature that secures sensitive data by encrypting it in client applications without revealing the encrypted keys to the data engine in MS SQL Server?

Question60: Which of the following statement holds true in terms of containers?

Question61: Frank installed Wireshark at all ingress points in the network. Looking at the logs he notices an odd packet source. The odd source has an address of 1080:0:FF:0:8:800:200C:4171 and is using port 21. What does this source address signify?

Question62: Which firewall technology provides the best of both packet filtering and application-based filtering and is used in Cisco Adaptive Security Appliances?

Question63: Which of the following Event Correlation Approach checks and compares all the fields systematically and intentionally for positive and negative correlation with each other to determine the correlation across one or multiple fields?

Question64: Which protocol would the network administrator choose for the wireless network design. If he needs to satisfy the minimum requirement of 2.4 GHz, 22 MHz of bandwidth, 2 Mbits/s stream for data rate and use DSSS for modulation.

Question65: You are using Wireshark to monitor your network traffic and you see a lot of packages with FIN, PUSH and URG flags activated; what can you infer about this behavior?

Question66: _______________ is a structured and continuous process which integrates information security and risk management activities into the system development life cycle (SDLC).

Question67: Identify the minimum number of drives required to setup RAID level 5.

Question68: James is working as a Network Administrator in a reputed company situated in California. He is monitoring his network traffic with the help of Wireshark. He wants to check and analyze the traffic against a PING sweep attack. Which of the following Wireshark filters will he use?

Question69: Which of the following is an example of MAC model?

Question70: John wants to implement a firewall service that works at the session layer of the OSI model. The firewall must also have the ability to hide the private network information. Which type of firewall service is John thinking of implementing?

Question71: Which of the following Wireshark filters allows an administrator to detect SYN/FIN DDoS attempt on the network?

Question72: To provide optimum security while enabling safe/necessary services, blocking known dangerous services, and making employees accountable for their online activity, what Internet Access policy would Brian, the network administrator, have to choose?

Question73: Daniel is giving training on designing and implementing a security policy in the organization. He is explaining the hierarchy of the security policy which demonstrates how policies are drafted, designed and implemented.
What is the correct hierarchy for a security policy implementation?

Question74: James was inspecting ARP packets in his organization's network traffic with the help of Wireshark. He is checking the volume of traffic containing ARP requests as well as the source IP address from which they are originating. Which type of attack is James analyzing?

Question75: Which of the following is not part of the recommended first response steps for network defenders?

Question76: Ryan, a network security engineer, after a recent attack, is trying to get information about the kind of attack his users were facing. He has decided to put into production one honeypot called Kojoney. He is interested in emulating the network vulnerability, rather than the real vulnerability system, making this probe safer and more flexible. Which type of honeypot is he trying to implement?

Question77: Which risk management phase helps in establishing context and quantifying risks?

Question78: Which of the following network security controls can an administrator use to detect, deflect or study attempts to gain unauthorized access to information systems?

Question79: Hacktivists are threat actors, who can be described as -------------------

Question80: What is the best way to describe a mesh network topology?

Question81: Identify the correct statements regarding a DMZ zone:

Question82: Alex is administrating the firewall in the organization's network. What command will he use to check the ports applications open?

Question83: How is the chip-level security of an IoT device achieved?

Question84: Lyle is the IT director for a medium-sized food service supply company in Nebraska. Lyle's company employs over 300 workers, half of which use computers. He recently came back from a security training seminar on logical security. He now wants to ensure his company is as secure as possible. Lyle has many network nodes and workstation nodes across the network. He does not have much time for implementing a network-wide solution. He is primarily concerned about preventing any external attacks on the network by using a solution that can drop packets if they are found to be malicious. Lyle also wants this solution to be easy to implement and be network-wide. What type of solution would be best for Lyle?

Question85: Who is responsible for executing the policies and plans required for supporting the information technology and computer systems of an organization?

Question86: Henry, head of network security at Gentech, has discovered a general report template that someone has reserved only for the CEO. Since the file has to be editable, viewable, and deletable by everyone, what permission value should he set?

Question87: Which of the following things need to be identified during attack surface visualization?

Question88: Malone is finishing up his incident handling plan for IT before giving it to his boss for review. He is outlining the incident response methodology and the steps that are involved. What is the last step he should list?

Question89: Which mobile-use approach allows an organization's employees to use devices that they are comfortable with and best fits their preferences and work purposes?

Question90: How can one identify the baseline for normal traffic?

Question91: In ______ method, event logs are arranged in the form of a circular buffer.

Question92: A popular e-commerce company has recently received a lot of complaints from its customers. Most of the complaints are about the customers being redirected to some other website when trying to access the e-com site, leading to all their systems being compromised and corrupted. Upon investigation, the network admin of the firm discovered that some adversary had manipulated the company's IP address in the domain name server's cache. What is such an attack called?

Question93: Which of the information below can be gained through network sniffing? (Select all that apply)

Question94: Which RAID level system provides very good data performance but does not offer fault tolerance and data redundancy?

Question95: If an organization has decided to consume PaaS Cloud service model, then identify the organization's responsibility that they need to look after based on shared responsibility model.

Question96: What is Azure Key Vault?

Question97: Which type of information security policy addresses the implementation and configuration of technology and user behavior?

Question98: Which Internet access policy starts with all services blocked and the administrator enables safe and necessary services individually, which provides maximum security and logs everything, such as system and network activities?

Question99: Which RAID level does not provide data redundancy?

Question100: The GMT enterprise is working on their internet and web usage policies. GMT would like to control internet bandwidth consumption by employees. Which group of policies would this belong to?

Question101: Which of the following entities is responsible for cloud security?

Question102: Which of the following intrusion detection techniques observes the network for abnormal usage patterns by determining the performance parameters for regular activities and monitoring for actions beyond the normal parameters?

Question103: Which command list all ports available on a server?

Question104: Chris is a senior network administrator. Chris wants to measure the Key Risk Indicator (KRI) to assess the organization. Why is Chris calculating the KRI for his organization? It helps Chris to:

Question105: George was conducting a recovery drill test as a part of his network operation. Recovery drill tests are conducted on the______________.

Question106: Which authentication technique involves mathematical pattern-recognition of the colored part of the eye behind the cornea?

Question107: As a network administrator, you have implemented WPA2 encryption in your corporate wireless network. The WPA2's_________integrity check mechanism provides security against a replay attack

Question108: What cryptography technique can encrypt small amounts of data and applies it to digital signatures?

Question109: You are responsible for network functions and logical security throughout the corporation. Your company has over 250 servers running Windows Server 2012, 5000 workstations running Windows 10, and 200 mobile users working from laptops on Windows 8. Last week 10 of your company's laptops were stolen from a salesman, while at a conference in Barcelona. These laptops contained proprietary company information.
While
doing a damage assessment, a news story leaks about a blog post containing information about the stolen laptops and the sensitive information. What built-in Windows feature could you have implemented to protect the sensitive information on these laptops?

Question110: Riya bought some clothes and a watch from an online shopping site a few days back. Since then, whenever she accesses any other application (games, browser, etc.) on her mobile, she is spammed with advertisements for clothes and watches similar to the ones she bought. What can be the underlying reason for Riya's situation?

Question111: Which of the following provides a set of voluntary recommended cyber security features to include in network-capable loT devices?

Question112: In Public Key Infrastructure (PKI), which authority is responsible for issuing and verifying the certificates?

Question113: Which of the following defines the extent to which an interruption affects normal business operations and the amount of revenue lost due to that interruption?

Question114: Which firewall technology can filler application-specific commands such as CET and POST requests?

Question115: As a network administrator, you have implemented WPA2 encryption in your corporate wireless network. The WPA2's _________integrity check mechanism provides security against a replay attack

Question116: Byron, a new network administrator at FBI, would like to ensure that Windows PCs there are up-to-date and have less internal security flaws. What can he do?

Question117: Patrick wants to change the file permission of a file with permission value 755 to 744. He used a Linux command chmod [permission Value] [File Name] to make these changes. What will be the change in the file access?

Question118: USB ports enabled on a laptop is an example of____

Question119: Simran is a network administrator at a start-up called Revolution. To ensure that neither party in the company can deny getting email notifications or any other communication, she mandates authentication before a connection establishment or message transfer occurs. What fundamental attribute of network defense is she enforcing?

Question120: Which phase of vulnerability management deals with the actions taken for correcting the discovered vulnerability?

Question121: To secure his company's network, Tim the network admin, installed a security device that inspected all inbound and outbound network traffic for suspicious patterns. The device was configured to alert him if it found any such suspicious activity. Identify the type of network security device installed by Tim?

Question122: Identify the spread spectrum technique that multiplies the original data signal with a pseudo random noise spreading code.

Question123: Which of the following attack signature analysis techniques are implemented to examine the header information and conclude that a packet has been altered?

Question124: Which of the following network monitoring techniques requires extra monitoring software or hardware?

Question125: David, a network and system admin, encrypted all the files in a Windows system that supports NTFS file system using Encrypted File Systems (EFS). He then backed up the same files into another Windows system that supports FAT file system. Later, he found that the backup files were not encrypted. What could be the reason for this?

Question126: Who acts as an intermediary to provide connectivity and transport services between cloud consumers and providers?

Question127: Which of the following examines Recovery Point Objectives (RPOs) and Recovery Time Objectives (RTOs) for a disaster recovery strategy?

Question128: Which among the following control and manage the communication between VNF with computing, storage, and network resources along with virtualization?

Question129: What is the IT security team responsible for effectively managing the security of the organization's IT infrastructure, called?

Question130: Who offers formal experienced testimony in court?

Question131: Elden is working as a network administrator at an IT company. His organization opted for a virtualization technique in which the guest OS is aware of the virtual environment in which it is running and communicates with the host machines for requesting resources. Identify the virtualization technique implemented by Elden's organization.

Question132: Dan and Alex are business partners working together. Their Business-Partner Policy states that they should encrypt their emails before sending to each other. How will they ensure the authenticity of their emails?

Question133: Which of the following network security protocols protects from sniffing attacks by encrypting entire communication between the clients and server including user passwords?

Question134: In MacOS, how can the user implement disk encryption?

Question135: Blake is working on the company's updated disaster and business continuity plan. The last section of the plan covers computer and data incidence response. Blake is outlining the level of severity for each type of incident in the plan. Unsuccessful scans and probes are at what severity level?

Question136: James is a network administrator working at a student loan company in Minnesota. This company processes over 20,000 student loans a year from colleges all over the state. Most communication between the company schools, and lenders is carried out through emails. Much of the email communication used at his company contains sensitive information such as social security numbers. For this reason, James wants to utilize email encryption. Since a server-based PKI is not an option for him, he is looking for a low/no cost solution to encrypt emails. What should James use?

Question137: A CCTV camera, which can be accessed on the smartphone from a remote location, is an example of _____

Question138: Implementing access control mechanisms, such as a firewall, to protect the network is an example of which of the following network defense approach?

Question139: Identify the attack where an attacker manipulates or tricks people into revealing their confidential details like bank account information, credit card details, etc.?

Question140: On which layer of the OSI model does the packet filtering firewalls work?

Question141: Henry needs to design a backup strategy for the organization with no service level downtime. Which backup method will he select?

Question142: Which of the following systems includes an independent NAS Head and multiple storage arrays?

Question143: Kelly is taking backups of the organization's data. Currently, he is taking backups of only those files which are created or modified after the last backup. What type of backup is Kelly using?

Question144: The IR team and the network administrator have successfully handled a malware incident on the network. The team is now preparing countermeasure guideline to avoid a future occurrence of the malware incident.
Which of the following countermeasure(s) should be added to deal with future malware incidents? (Select all that apply)

Question145: What should an administrator do while installing a sniffer on a system to listen to all data transmitted over the network?

Question146: Which BC/DR activity includes action taken toward resuming all services that are dependent on business-critical applications?