EMT Practice Test

1. Question Content...


Question List

Question1: The maturity level of an organization s problem management support function is optimized when the function

Question2: A PRIMARY benefit derived by an organization employing control self-assessment (CSA) techniques s that CSA.

Question3: The MAIN reason an organization's incident management procedures should include a post-incident review is to:

Question4: Which of the following is MOST important for an IS auditor to consider when evaluating an organization's effectiveness in mitigating Internal fraud risk?

Question5: When responding to an ongoing denial of service (DoS) attack, an organization's FIRST course of action should be to

Question6: Which of the following is the MOST effective way for an IS auditor to evaluate the creation and deletion of administrative accounts in a virtual environment?

Question7: Which should be reviewed FIRST by an IS auditor To ensure that data Is being secured appropriately for an application?

Question8: An IS auditor is planning on utilizing attribute sampling to determine the error rate for health care claims processed. Which of the following factors will cause the sample size to decrease?

Question9: Which of the following would BEST help to ensure that an incident receives attention from appropriate personnel in a timely manner?

Question10: Which of the following Is MOST important for successful Incident response?

Question11: Which of the following is the MAIN purpose of implementing an incident response process?

Question12: Which of the following would BEST indicate a mature information security program within an organization?

Question13: Which of the following is the BEST point in time to conduct a post-implementation review (PIR)?

Question14: Which of the following documents would be MOST useful in detecting a weakness in segregation of duties?

Question15: Which of the following is the BEST way to transmit documents classified as confidential over the Internet?

Question16: The recovery time objective (RTO) is normally determined on the basis of the:

Question17: Which of the following BEST helps to ensure data integrity across system interfaces?

Question18: When creating a new risk management program, it is CRITICAL to consider

Question19: An organization's software developers need access to personally identifiable information (Pll) stored in a particular data format. Which of the following is the BEST way to protect this sensitive information while allowing the developers to use it in development and test environments?

Question20: When reviewing a disaster recovery plan (DRP) an IS auditor should examine the:

Question21: Which of the following BEST indicates to an IS auditor that an IT-related project will deliver value to the organization?

Question22: An IS auditor concludes that a local area network (LAN) access security satisfactory. In reviewing the work, the audit manager should

Question23: To mitigate the risk of exposing data through application programming interface (API) queries, which of the following design considerations is MOST important?

Question24: An IT department installed critical patches provided by the vendor to HR production servers. Immediately after the installation was completed, the HR department called to report that none of its users could access the system, what should be the IT department's FIRST step in addressing this issue?

Question25: An IS auditor finds that an employee lost a mobile device containing sensitive company data. Which of the following would have BEST prevented data leakage?

Question26: An IT balanced scorecard is MOST useful in determining the effectiveness of which of the following?

Question27: What is the BEST way for an IS auditor to address the risk associated with over-retention of personal data after identifying a large number of customer records retained beyond the retention period defined by law?

Question28: Assurance tasks required to support security accreditation/certification should be identified:

Question29: To create a digital signature in a message using asymmetric encryption, it is necessary to:

Question30: Which of the following BEST demonstrates to an IS auditor that an organization has implemented effective risk management processes?

Question31: An IS auditor determines that a business impact analysis (BIA) was not conducted during the development of a business continuity plan (BCP). What is the significant risk that could result from this situation?

Question32: Which of the following presents the GREATEST security risk in a virtualized computing environment?

Question33: What is the PRIMARY reason for conducting a risk assessment when developing an annual IS audit plan?

Question34: For an organization that has plans to implement web-based trading, it would be MOST important for an IS auditor to verify the organization's information security plan includes:

Question35: An organization has begun using social media to communicate with current and potential clients. Which of the following should be of PRIMARY concern to the auditor?

Question36: A CIO has asked an IS to implement several security controls for an organization's IT process and system. The auditor should:

Question37: What is an IS auditor's BEST recommendation to strengthen security guidelines in order to prevent data leakage from the use of smart devices?

Question38: An IS auditor discovers trial a security information and event management (SIEM) system is not monitored outside of business hours. Which of the following is the auditors BEST course of action?

Question39: Which of the following is MOST important for the successful completion of a new application system?

Question40: The BEST data backup strategy for mobile users is to:

Question41: An IS auditor testing the user access management process for a critical financial application identifies active users who have left the organization Which ot the following should the auditor do NEXT?

Question42: An IS auditor should ensure that an application's audit trail:

Question43: An IS auditor finds that confidential company data has been inadvertently leaked through social engineering.
The MOST effective way to help prevent a recurrence of this issue is to implement:

Question44: Which of the following security mechanisms should be used to prevent disclosures of personally identifiable information (PH) when performing data analytics?

Question45: When removing a financial application system from production, which of the following is MOST important?
D18912E1457D5D1DDCBD40AB3BF70D5D

Question46: An IT governance framework provides an organization with:

Question47: Which of the following is MOST influential when defining disaster recovery strategies?

Question48: Which of the following is the MOST important feature of access control software?

Question49: Which of the following IT processes is likely to have the inherent regulatory risk?

Question50: A system was recently promoted to the production environment. An IS auditor has been asked by senior management to update the annual IT audit plan. Which of the following should be the auditor's NEXT course of action?

Question51: Which of the following is the BEST indication that an organization's vulnerability identification capability has achieved a high level of maturity?

Question52: A configuration management audit identified that predefined automated procedures are used when deploying and configuring application infrastructure in a cloud-based environment. Which of the following is MOST important for the IS auditor to review?

Question53: An IS auditor is following upon a finding that determined elevated administrator accounts for servers were not being properly checked out and then back in after each use. Which of the following is the MOST appropriate sampling technique to determine the scope of the problem?

Question54: An organization is developing a web portal using some external components. Which of the following should be of MOST concern to an IS auditor?

Question55: Which of the following is MOST important to the effective management of an end user developed application?

Question56: An auditor is creating an audit program in which the objective is to establish the adequacy of personal data privacy controls in a payroll process. Which of the following would be MOST important to include?

Question57: An organization has performance metrics to track how well IT resources are being used, but there has been little progress on meeting the organization's goals. Which of the following would be MOST helpful to determine the underlying reason?

Question58: While following up on a prior audit report, an IS auditor determines that a number of recommendations to address critical findings have not been implemented as agreed. What is the BEST course of action for the auditor?

Question59: What should be of MOST concern to an IS auditor reviewing an organization's proposal to combine its online transaction processing (OLTP) data and data warehouse in the same database environment?

Question60: During an audit, it is discovered that several suppliers with standing orders have been deleted from the supplier master file. Which of the following controls would have BEST prevented such an occurrence?

Question61: Which of the following should be performed immediately after a computer security incident has been detected and analyzed by an incident response team?

Question62: Which of the following user actions constitutes the GREATEST risk for introducing viruses into a local network?

Question63: An organization is planning to outsource its customer relationship management (CRM) system to a software as a service (SaaS) provider. Which of the following is most important to include in the contract?

Question64: The PRIMARY objective of parallel testing an application is to confirm that:

Question65: Which of the following would be of concern when determining if information assets are adequately safeguard during transport and disposal?

Question66: Which of the following should be restricted from a network administrator's privileges in an adequately segregated H" environment?

Question67: During the evaluation of a firm's newly established whistleblower system, an auditor notes several findings.
Which of the following should be the
auditor's GREATEST concern?

Question68: Which of the following is an effective way to ensure the integrity of file transfers in a peer-to-peer (P2P) computing environment?

Question69: An organization has suffered a number of incidents in which USB flash drives with sensitive data have been lost. Which of the following would be MOST effective in preventing loss of sensitive data?

Question70: An IT organization has found that the effectiveness of its Internal processes seems to degrade over time Implementing which of the following would be MOST helpful in addressing this problem?

Question71: IS audit is asked 10 explain how local area network (LAN) servers can contribute to a rapid dissemination of viruses. The IS auditor's BEST response is that:

Question72: An IS auditor has identified that some IT staff have administrative access to the enterprise resource planning (ERP) application, database, and server. IT management has responded that due to limited resources, the same IT staff members have to support all three layers of the ERP application. Which of the following would be the auditor's BEST recommendation to management?

Question73: Which of the following is MOST essential to quality management?

Question74: Which of the following cloud deployment models would BEST meet the needs of a startup software development organization with limited initial capital?

Question75: Which of the following application input controls would MOST likely detect data input errors in the customer account number field during the processing of an accounts receivable transaction?

Question76: An IS auditor submitted audit reports and scheduled a follow-up audit engagement with a client The client has requested to engage the services of the same auditor to develop enhanced controls. What Is the GREATEST concern with this request?

Question77: When implementing a software product (middleware) to pass data between local area network (LAN) servers and the mainframe, the MOST critical control consideration is:

Question78: An IT steering committee assists the board of directors to fulfill IT governance duties by:

Question79: Which of the following is the BEST control to prevent the transfer of files to external parties through instant messaging (IM) applications?

Question80: An IS auditor is reviewing environmental controls and finds extremely high levels of humidity in the data center. Which of the following is the PRIMARY risk to computer equipment from this condition?

Question81: Which of the following is the BEST way for an IS auditor to assess the effectiveness of backup procedures?

Question82: Which of the following is MOST important for the successful establishment of a security vulnerability management program?

Question83: As part of a follow-up of a previous year's audit, an IS auditor has increased the expected error rate for a sample. The impact will be:

Question84: Which of the following is the GREATEST risk associated with end-user computing used in financial statement reporting?

Question85: The PRIMARY reason an IS department should analyze past incidents and problems is to:

Question86: During a vulnerability assessment, an IS auditor finds a high-risk vulnerability in a public-facing web server used to process online customer orders via credit card. The IS auditor could FIRST:

Question87: An IS auditor is conducting a pre-implementation review to determine a new system's production readiness.
The auditor's PRIMARY concern should be whether:

Question88: A small organization does not have enough employees to implement adequate segregation of duties in accounts payable. Which of the following is the BEST compensating control to mitigate the risk associated with this situation?

Question89: An organization with high security requirements is evaluating the effectiveness of biometric systems. Which of the following performance indicators is MOST important?

Question90: Which of the following is MOST important to helping incident response managers quickly and accurately estimate the overall business impact of security incidents?

Question91: An organization is designing an application programming interface (API) for business-to-business data sharing with a vendor. Which of the following is the way to reduce the potential risk of data leakage?

Question92: An IS auditor Is asked to review an organization's data backup and storage Infrastructure after a recent business outage Which of the following is the BEST "@commendation to ensure data is continuously and instantly replicated?

Question93: Two servers are deployed in a cluster to run a mission-critical application. To determine whether the system has been designed for optimal efficiency, the IS auditor should verify that:

Question94: An organization has recently acquired and implemented intelligent-agent software for granting loans to customers. During the post implementation review, which of the following would be the KEY procedure for the IS auditor to perform?

Question95: An IS auditor is assessing an organization's implementation of a virtual network. Which of the following observations should be considered the MOST significant risk?

Question96: Which of the following is the BEST example of a data analytics use case during the planning phase of an IS audite

Question97: Which of the following is MOST important for an IS auditor to verify after finding repeated unauthorized access attempts were recorded on a security report?

Question98: An organization is planning to develop a system using rapid application development (RAD) in order to meet quick turnaround times. Which of the following is the GREATEST potential risk associated with this type of application development?

Question99: Which of the following is the MOST effective way to minimize the risk of a SQL injection attack?

Question100: Which of the following should be reviewed FIRST when planning an IS audit?

Question101: When assessing a business case as part of a post-implementation review, the IS auditor MUST ensure that the:

Question102: Which of the following would BEST help in classifying an organization s data?

Question103: Which of the following will BEST ensure that a proper cutoff has been established to reinstate transactions and records to their condition just prior to a computer system failure?

Question104: Which of the following tasks would cause the GREATEST segregation of duties (SoD) concern if performed by the person who reconciles the organization's device inventory?

Question105: Which of the following is the MOST likely cause of a successful firewall penetration?

Question106: Audit management has just completed the annual audit plan for the upcoming year, which consists entirely of high-risk processor. However it is determined that there are insufficient resources to execute the plan. What should be done NEXT?

Question107: An IS auditor notes that a number of application plug-ins currently in use are no longer supported. Which of the following is the auditor's BEST recommendation to management?

Question108: A company is using a software developer for a project. At which of the following points should the software quality assurance (QA) plan be developed?

Question109: An organization has implemented an automated match between purchase orders, goods receipts, and invoices.
Which of the following risks will this control BEST mitigate?

Question110: During a project meeting for the Implementation of an Enterprise resource planning (ERP). a new requirement Is requested by the finance department. Which of the following would BEST Indicate to an IS auditor that the resulting risk to the project has been assessed?

Question111: An IS auditor notes that several of a client's servers are vulnerable to attack due to open unused ports and protocols. The auditor recommends management implement minimum security requirements. Which type of control has been recommended?

Question112: An IS auditor is evaluating networked devices at one of the organization's branch locations. Which of the following observations should be of GREATEST concern?

Question113: When reviewing a database supported by a third-party service provider, an IS auditor found minor control deficiencies. The auditor should FIRST

Question114: Which of the following is the BEST way to evaluate the effectiveness of access controls to an internal network?

Question115: Which the following is MOST critical for the effective implementation of IT governance?

Question116: An IS auditor found that a company executive is encouraging employee use of social networking sites for business purposes. Which of the following recommendations would BEST help to reduce the risk of data leakage?

Question117: The results of an IS audit indicating the need to strengthen controls has oeen communicated to the appropriate stakeholders Which of the following is the BEST way for management to enforce Implementation of the recommendations?

Question118: Which of the following is the BEST indication that an information security program is effective?

Question119: Which type of risk has materialized when an internal IS auditor discovers an issue that external auditors missed due to improperly applied audit procedures?

Question120: When migrating critical systems to a cloud provider, the GREATEST data security concern for an organization would be that data from different clients may be:

Question121: A detailed audit of user access rights results In many high-risk findings Once management reports that all recommendations have been implemented, which of the following is the IS auditor's BEST course of action?

Question122: Which of the following would be MOST time and cost efficient when performing a control self-assessment (CSA) for an organization with a large number of widely dispersed employees?

Question123: Which of the following controls would BEST decrease the exposure if a password is compromised?

Question124: Which of the following is the GREATEST risk resulting from conducting periodic reviews of IT over several years based on the same audit program?

Question125: Which of the following is MOST

Question126: Which of the following group is MOST likely responsible for the implementation of IT projects?

Question127: Which of the following should an IS auditor recommend to reduce the likelihood of potential intruders using social engineering?

Question128: The MOST important reason for documenting all aspects of a digital forensic investigation is that documentation:

Question129: What is the PRIMARY advantage of prototyping as part of systems development?

Question130: What is BEST for an IS auditor to review when assessing the effectiveness of changes recently made to processes and tools related to an organization's business continuity plan (BCP)?

Question131: An IS auditor is evaluating a virtual server environment and learns that the production server, development server, and management console are housed in the same physical host. What should be the auditor's PRIMARY concern?

Question132: Which of the following ensures components of an IT system are identified and baselined, and that changes to them are implemented in a controlled manner?

Question133: An IS auditor is reviewing an organization's implementation of a bring your own device (BYOD) program.
Which of the following would be the BEST recommendation to help ensure sensitive data is protected if a device is in the possession of an unauthorized individual?

Question134: To preserve chain-of-custody following an internal server compromise, which of the following should be the FIRST step?

Question135: While performing a risk-based audit, which of the following would BEST enable an IS auditor to identify and category risk?

Question136: Which of the following is the BEST indication of control maturity in an organization's systems development and implementation processes?

Question137: An IS auditor Is reviewing a complete population of incidents to assess an organization's incident management process. Which of the following observations should be the IS auditor's GREATEST concern?

Question138: Which of the following would represent an acceptable test of an organization s business continuity plan?

Question139: With a properly implemented public key infrastructure (PKI) In use, person A wishes to ensure that an outgoing message can be read only by person B.
To achieve this, the message should be encrypted using which of the following?

Question140: After discussing findings with an auditee, an IS auditor is required to obtain approval of the report from the CEO before issuing it to the audit committee. This requirement PRIMARILY affects the IS auditor's:

Question141: The IS security group is planning to implement single sign-on. What is the IS auditor's PRIMARY concern?

Question142: Which of the following would BEST deter the theft of corporate information from a laptop?

Question143: A database audit reveals an issue with the way data ownership for client data is defined. Which of the following roles should be accountable for this finding?

Question144: Which of the following risk scenarios is BEST addressed by implementing policies and procedures related to full disk encryption?

Question145: The MAIN objective of incident management is to:

Question146: Which of the following would help to ensure the completeness of batch file transfers?

Question147: What is the PRIMARY reason for including a clause requiring source code escrow in an application vendor agreement?

Question148: What is an IS auditor's BEST course of action if informed by a business unit's representatives that they are too busy to cooperate with a scheduled audit?

Question149: A new regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification. Which of the following is the IS auditor s BEST recommendation to facilitate compliance with the regulation?

Question150: the An IS auditor is planning to review an organization's information security program and wants to determine the minimum standards for securing the IT technical infrastructure. Which of the following Is the BEST source for the auditor to consult?

Question151: Which of the following controls will BEST ensure that the board of directors receives sufficient information about IT?

Question152: Which of the following is the BEST control to detect errors in an accounts payable system?

Question153: Which of the following roles is ULTIMATELY accountable for the protection of an organization s information?

Question154: Which of the following should be an IS auditor's consideration when scheduling follow-up activities for agreed-upon management responses to remediate audit observations?

Question155: A retirement system verifies that the field for employee status has either a value of A (for active) or R (for retired). This is an example of which type of check?

Question156: Which of the following will enable a customer to authenticate an online Internet vendor?

Question157: To confirm integrity for a hashed message, the receiver should use

Question158: Which of the following is the BEST development methodology to help manage project requirements in a rapidly changing environment?

Question159: The information security function in a large organization is MOST effective when:

Question160: Which of the following is the BEST control to reduce the likelihood that a spear phishing attack will be successful?

Question161: What is the FIRST step an auditor should take when beginning a follow-up audit?

Question162: Following an unauthorized disclosure of data, an organization needs to implement data loss prevention (DLP) measures The IS auditor's BEST recommendation should be to:

Question163: The lack of which of the following represents the GREATEST risk to the quality of developed software?

Question164: Which of the following would BEST demonstrate that an effective disaster recovery plan (DRP)is In place?

Question165: Which of the following would BEST provide executive management with current information on IT related costs and IT performance indicators?

Question166: To restore service at a large processing facility after a disaster, which of the following tasks should be performed FIRST?

Question167: Which of the following should be of GREATEST concern to an IS auditor assessing the effectiveness of an organization's vulnerability scanning program?

Question168: Which of the following observations should be of concern to an IS auditor performing a review of an organization's IT governance structure?

Question169: Which of the following has the GREATEST influence on the success of IT governance?

Question170: Adopting a service-oriented architecture would MOST likely:

Question171: Which of the following is the BEST audit technique to identify fraudulent activity in a transaction processing system?

Question172: Which of the following helps to ensure the integrity of data for an interface between a new billing system and an accounts receivable system?

Question173: Which of the following requirements in a document control standard would provide nonrepudiation to digitally signed legal documents?

Question174: Which of the following Is MOST appropriate to prevent unauthorized retrieval of confidential information stored in a business application system?

Question175: Which of the following is the BEST indication that an organization has achieved legal and regulatory compliance?

Question176: Which of the following is the BEST approach to verify that internal help desk procedures are executed in compliance with policies?

Question177: Which of the following would BEST assist senior management in evaluating IT performance as well as the alignment between corporate and IT strategic objectives?

Question178: An audit report that specifies responsibility for the closure of noncompliance issues is BEST enhanced by including:

Question179: A transaction processing system interfaces with the general ledger. Data analytics has identified that some transactions are being recorded twice in the general ledger. While management states a system fix has been implemented, what should the IS auditor recommend to validate the interface is working in the future?

Question180: Which of the following tools are MOST helpful for benchmarking an existing IT capability?

Question181: What is the BEST strategy to prioritize work when planning a follow-up audit?

Question182: An IS auditor is performing a routine procedure to test for the possible existence of fraudulent transactions.
Given there is no reason to suspect the existence of fraudulent transactions, which of the following data analytics techniques should be employed?

Question183: An IT management group has developed a standardized security control checklist and distributed it to the control self-assessors in each organizational unit. Which of the following would be the GREATEST risk m this approach?

Question184: An IS auditor identified hard-coded credentials within the source code of recently developed software when evaluating its readiness for implementation. Which of following would be the auditor's BEST recommendation?

Question185: The drives of a tile server are backed up at a hot site. Which of the following is the BEST way to duplicate the files stored on the server for forensic analysis?

Question186: Which of the following BEST describes an audit risk?

Question187: The results of a feasibility study for acquiring a new system should provide management with a clear understanding of:

Question188: Which of the following is the KST source of information for assessing the effectiveness of IT process monitoring?

Question189: Which of the following should be an IS auditor's PRIMARY consideration when reviewing a project to outsource data center hosting services?

Question190: Which of the following IT resource management practices is MOST Important for an IS auditor to verify when evaluating third-party outsourcing relationships?

Question191: A legacy application is running on an operating system that is no longer supported by the vendor. If the organization continues to use the current application, which of the following should be the IS auditor's GREATEST concern?

Question192: Which of the following should an IS auditor expect to see in a network vulnerability assessment?

Question193: Which of the following would BEST detect that a distributed-denial-of-service attack (DDoS) is occurring?

Question194: The purpose of data migration testing is to validate data:

Question195: An audit of the quality management system (QMS) begins with an evaluation of the:

Question196: An organization's information security department is creating procedures for handling digital evidence that may be used in court Which of the following is MOST Important to ensure from a risk standpoint?

Question197: The PRIMARY purpose for an IS auditor to review previous audit reports during the planning phase of a current audit is to:

Question198: Which of the following is the PRIMARY responsibility of an information owner?

Question199: An IS auditor reviewing the acquisition of new equipment would consider which of the following to be a significant weakness?

Question200: Which of the following is the BEST way to achieve high availability and fault tolerance for an e-business system?

Question201: Which of the following is an example of a corrective control?

Question202: Which of the following is the BEST indication that an organization's security incident and event monitoring (SIEM) capability is operating effectively?

Question203: Which of the following is the PRIMARY responsibility of an organizations information security function?

Question204: After an employee termination, a network account was removed, but the application account remained active.
To keep this issue from recurring, which of the following is the BEST recommendation?

Question205: During an audit of a mission-critical system hosted in an outsourced data center, an IS auditor discovers that contracted routine maintenance for the alternate power generator was not performed. Which of the following should be the auditor's MAIN concern?

Question206: Which of the following could provide an organization with the fastest resumption of processing following a disk failure?

Question207: An IS auditor notes that several recent incidents related to server overload were not anticipated early enough by IT operations to prevent outages. Which of the (lowing is the auditor's BEST recommendation?

Question208: The BEST access strategy while configuring a firewall would be to:

Question209: Which of the following activities should occur after a business impact analysis (BIA)?

Question210: An organization has contracted with a third party to implement and configure a new accounting application.
Once the application is implemented, in-house staff will provide all application support and maintenance.
Which of the following is MOST important to the success of this initiative?

Question211: An organization recently implemented a cloud document storage solution and removed the ability for end users to save data to their local workstation hard drives Which of the following findings should be the IS auditor's GREATEST concern?

Question212: An IS auditor is reviewing IT policies and found that most policies have not been reviewed in over 3 years.
The MOST significant risk is that the policies do not reflect.

Question213: Which of the following is MOST likely to be included in a post-implementation review?

Question214: Who is PRIMARILY responsible for data integrity and security when implementing a new application?

Question215: A legacy application is running on an operating system that is no longer supported by vendor, if the organization continues to use the current application, which of the application should be the IS auditor's GREATEST concern?

Question216: Which of the following is the GREATEST risk of using a reciprocal site for disaster recovery?

Question217: Which of the following is a benefit of using symmetric cryptography instead of asymmetric cryptography?

Question218: An organization s data retention policy states that all data will be backed up, retained for 10 years, and then destroyed. When conducting an audit of the long-term offsite backup program, an IS auditor should: