EMT Practice Test

1. Question Content...


Question List

Question1: What approach can an organization use to make sure that high consequence, low probability risks are considered during risk analysis?

Question2: How is a WirelessHART enabled device authenticated?

Question3: The head of an IT department sent a directive stating that all company communication must use TLS in order to prevent unauthorized disclosure of information. Which part of the C-l-A model is the head of IT concerned with?

Question4: Which of the following technologies uses Secure Simple Pairing (SSP) to pair devices?

Question5: Which of the following can an attacker gain by obtaining PLC logic project files for a SCADA system?

Question6: What do the following protocols have in common?

Question7: Which type of process is used to manufacture fuels, chemicals, and plastics?

Question8: What should be considered when implementing fieldbus protocols over an Ethernet network?

Question9: An administrator relaxes the password policy during disaster recovery operations. What is the result of this action?

Question10: Which of the following is typically performed during the Recovery phase of incident response?

Question11: Which of the following is located in user mode of a typical realtime OS, but in kernel mode of a typical standard OS?

Question12: What is a characteristic of the Ladder Diagram approach for programming controllers?

Question13: According to the DHS suggested patch decision tree, what should the next step be if there is a vulnerability with an available patch, but without an available workaround?

Question14: Implementing VLANs can provide which of the following?

Question15: How arc general purpose Programmable Logic Controllers (PLC) different than smart field devices?

Question16: Which of the following types of network devices sends traffic only to the intended recipient node?

Question17: Implementation of LDAP to manage and control access to your systems is an outcome of which NIST CSF core function?

Question18: Which control helps prevent threats to Integrity?

Question19: Which command can be used on a Linux system to search a file for a string of data and return the results to the screen?

Question20: An engineer has analyzed a subsystem of a power plant and identified physical and logical inputs that could expose the subsystem to unauthorized access. What has the engineer defined?

Question21: What is a use of Network Address Translation?

Question22: What is a recommended practice for securing historians and databases whose purpose is to feed data back into the control processes?

Question23: Which type of process is described below?

Question24: Martin is writing a document that describes in general terms how to secure embedded operating systems. The document includes issues that are specific to embedded devices vs desktop and laptop operating systems.
However, it does not call out specific flavors and versions of embedded operating systems. Which type of document is Martin writing?

Question25: Which type of process is described below?

Question26: For application-aware firewalls filtering traffic between trust zones, which of the following policies should be applied to a packet that doesn't match an existing rule?

Question27: Which of the following devices would indicate an enforcement boundary?

Question28: Which document should be updated to include incident handling while in the Planning phase of incident response?

Question29: What information can be found by dumping data at rest from a Purdue Enterprise Reference Architecture level 0/1 device?

Question30: What type of physical security control is a procedure that details what to do in the event of a security breach?

Question31: A brewer uses a local HMI to communicate with a controller that opens a pump to move the workfrom the boil kettle to the fermentor. What level of the Purdue model would the controller be considered?

Question32: An organization wants to use Active Directory to manage systems within its Business and Control system networks. Which of the following is the recommended security practice?

Question33: An attacker writes a program that enters a large number of characters into the password field of a website, followed by a command. The website gave him administrative access, even though he did not use a valid username or password.
What is the name of this attack?

Question34: How can virtualization be leveraged in an ICS environment?

Question35: How could Wireshark be utilized in an attack against devices at Purdue levels 0 or 1?

Question36: Which of the following statements best describes how a security policy should be written?