EMT Practice Test
1. Question Content...
Question6: To confirm integrity for a hashed message, the receiver should use
Question13: Which of the following roles is BEST suited to determine information classification?
Question19: Which of the following is an analytical review procedure for a payroll system?
Question24: The PRIMARY objective of parallel testing an application is to confirm that:
Question40: What should be the PRIMARY basis for scheduling a follow-up audit?
Question44: Which of the following backup methods is MOST appropriate when storage space is limited?
Question68: Which of the following could be used to evaluate the effectiveness of IT operations?
Question77: In a database management system (DBMS) normalization is used to:
Question79: The application systems quality assurance (QA) function should:
Question81: What is the PRIMARY objective of implementing data classification?
Question82: Which of the following is an example of a corrective control?
Question87: Segregation of duties would be compromised if:
Question88: Which of the following reflects inadequate segregation of duties?
Question99: Coding standards provide which of the following?
Question109: An IS auditor should ensure that an application's audit trail:
Question116: The BEST data backup strategy for mobile users is to:
Question147: Which of the following is an advantage of using electronic data interchange (EDI)?
Question160: The IS auditor's PRIMARY role in control self-assessment (CSA) is to:
Question173: Which of the following is found in an audit charter?
Question182: The PRIMARY purpose of a precedence diagramming method in managing IT projects is to:
Question191: What is the BEST strategy to prioritize work when planning a follow-up audit?
Question194: Which of the following is the PRIMARY responsibility of an information owner?
Question203: Information security awareness programs in a large organization should be:
Question214: The BEST reason for implementing a virtual private network (VPN) is that it:
Question216: An advantage of object-oriented system development is that it:
Question218: Which of the following is the MOST important feature of access control software?
Question219: Both statistical and nonstatistical sampling techniques:
Question225: Loss-site scripting (XSS) attacks are BEST prevented through:
Question227: An organization s audit charter PRIMARILY:
Question253: The information security function in a large organization is MOST effective when:
Question258: Of the following, who is BEST suited to establish an organization's risk tolerance?
Question262: A potential risk of executing a program on an Internet site is that it may:
Question264: planning an end-user computing (EUC) audit, it is MO ST important for the IS auditor to
Question278: The purpose of data migration testing is to validate data:
Question295: Invoking a business continuity plan (BCP) is demonstrating which type of control?
Question296: Which of the following Is MOST important for successful Incident response?