EMT Practice Test
1. Question Content...
Question2: The exposure factor of a threat to your organization is defined by?
Question3: Which of the following is considered a project versus a managed process?
Question6: Which of the following is the MOST effective method to counter phishing attacks?
Question12: What is a Statement of Objectives (SOA)?
Question13: An organization's Information Security Policy is of MOST importance because
Question14: Which of the following backup sites takes the longest recovery time?
Question15: Your incident response plan should include which of the following?
Question16: A stakeholder is a person or group:
Question21: Human resource planning for security professionals in your organization is a:
Question22: Information security policies should be reviewed:
Question23: A bastion host should be placed:
Question29: Which of the following best describes a portfolio?
Question30: Which of the following provides an audit framework?
Question31: Which of the following is the BEST indicator of a successful project?
Question47: Which of the following best represents a calculation for Annual Loss Expectancy (ALE)?
Question48: The total cost of security controls should:
Question54: What is the primary reason for performing a return on investment analysis?
Question56: Who is responsible for securing networks during a security incident?
Question58: When analyzing and forecasting an operating expense budget what are not included?
Question62: The PRIMARY objective of security awareness is to:
Question65: Regulatory requirements typically force organizations to implement
Question83: Which of the following is considered the MOST effective tool against social engineering?
Question86: Who is responsible for verifying that audit directives are implemented?
Question94: When updating the security strategic planning document what two items must be included?
Question106: Which of the following is true regarding expenditures?
Question109: Which of the following activities results in change requests?
Question111: What are the common data hiding techniques used by criminals?
Question112: File Integrity Monitoring (FIM) is considered a
Question114: One of the MAIN goals of a Business Continuity Plan is to
Question115: Why is it vitally important that senior management endorse a security policy?
Question116: If your organization operates under a model of "assumption of breach", you should:
Question122: The Information Security Management program MUST protect:
Question128: What are the three stages of an identity and access management system?
Question136: The FIRST step in establishing a security governance program is to?
Question138: What is the primary reason for performing vendor management?
Question141: Dataflow diagrams are used by IT auditors to:
Question145: What is meant by password aging?
Question148: Risk is defined as:
Question149: Which of the following is a symmetric encryption algorithm?
Question153: When is an application security development project complete?
Question156: What is the main purpose of the Incident Response Team?
Question161: What is the relationship between information protection and regulatory compliance?
Question163: Which of the following are necessary to formulate responses to external audit findings?
Question168: Risk that remains after risk mitigation is known as
Question177: The rate of change in technology increases the importance of:
Question181: The primary purpose of a risk register is to:
Question186: Which of the following are not stakeholders of IT security projects?
Question187: When you develop your audit remediation plan what is the MOST important criteria?
Question188: How often should the SSAE16 report of your vendors be reviewed?
Question189: What is the MOST critical output of the incident response process?
Question192: Which of the following activities is the MAIN purpose of the risk assessment process?
Question199: Which of the following best describes revenue?
Question200: Which represents PROPER separation of duties in the corporate environment?
Question201: Developing effective security controls is a balance between: