EMT Practice Test

1. Question Content...


Question List

Question1: Which reliability aspect of information is compromised when a staff member denies having sent a message?

Question2: What is the name of the system that guarantees the coherence of information security in the organization?

Question3: After a devastating office fire, all staff are moved to other branches of the company. At what moment in the incident management process is this measure effectuated?

Question4: An employee caught temporarily storing an MP3 file in his workstation will not receive an IR.

Question5: Which of the following is not a type of Information Security attack?

Question6: Which measure is a preventive measure?

Question7: What is the difference between a restricted and confidential document?

Question8: Which is not a requirement of HR prior to hiring?

Question9: Which department maintain's contacts with law enforcement authorities, regulatory bodies, information service providers and telecommunications service providers depending on the service required.

Question10: __________ is a software used or created by hackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems.

Question11: The following are purposes of Information Security, except:

Question12: As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an organisational measure to protect laptop computers. What is the first step in a structured approach to come up with this measure?

Question13: A planning process that introduced the concept of planning as a cycle that forms the basis for continuous improvement is called:

Question14: CEO sends a mail giving his views on the status of the company and the company's future strategy and the CEO's vision and the employee's part in it. The mail should be classified as

Question15: A decent visitor is roaming around without visitor's ID. As an employee you should do the following, except:

Question16: Which of the following is an information security management system standard published by the International Organization for Standardization?

Question17: Backup media is kept in the same secure area as the servers. What risk may the organisation be exposed to?

Question18: What is the relationship between data and information?

Question19: Why do we need to test a disaster recovery plan regularly, and keep it up to date?

Question20: In the event of an Information security incident, system users' roles and responsibilities are to be observed, except:

Question21: Who are allowed to access highly confidential files?

Question22: Does the security have the right to ask you to display your ID badges and check your bags?

Question23: A property of Information that has the ability to prove occurrence of a claimed event.

Question24: Implement plan on a test basis - this comes under which section of PDCA

Question25: A couple of years ago you started your company which has now grown from 1 to 20 employees. Your company's information is worth more and more and gone are the days when you could keep control yourself.
You are aware that you have to take measures, but what should they be? You hire a consultant who advises you to start with a qualitative risk analysis.
What is a qualitative risk analysis?

Question26: Phishing is what type of Information Security Incident?

Question27: Access Control System, CCTV and security guards are form of:

Question28: Cabling Security is associated with Power, telecommunication and network cabling carrying information are protected from interception and damage.

Question29: What type of measure involves the stopping of possible consequences of security incidents?

Question30: What is the goal of classification of information?

Question31: Information or data that are classified as ______ do not require labeling.

Question32: What is a definition of compliance?

Question33: What type of system ensures a coherent Information Security organisation?

Question34: What type of compliancy standard, regulation or legislation provides a code of practice for information security?