EMT Practice Test
1. Question Content...
Question4: Secure code reviews as part of a conbnuous deployment program are which type of control?
Question7: Which of the following is an example of a corrective control?
Question28: The PRIMARY objective of value delivery in reference to IT governance is to:
Question30: Which of the following is an objective of data transfer controls?
Question47: What is the MAIN purpose of an organization's internal IS audit function?
Question60: Which of the following is the MAIN purpose of an information security management system?
Question72: Which of the following are BEST suited for continuous auditing?
Question81: Which of the following is the GREATEST benefit of utilizing data analytics?
Question82: When is the BEST time to commence continuity planning for a new application system?
Question94: Which of the following is a preventive control related to change management?
Question95: At what point in software development should the user acceptance test plan be prepared?
Question98: Which control type would provide the MOST useful input to a root cause analysis?
Question104: When conducting a requirements analysis for a project the BEST approach would be to
Question106: Which of the following BEST facilitates detection of zero-day exploits?
Question108: Which of the following should be the PRIMARY basis for prioritizing follow-up audits?
Question125: The information security function in a large organization is MOST effective when:
Question126: Data anonymizabon helps to prevent which types of attacks in a big data environment?
Question128: During a business process re-engineering (BPR) program, IT can assist with:
Question132: Which of the following is MOST likely to result from compliance testing?
Question137: Coding standards provide which of the following?
Question142: Which of the following is the BEST way to mitigate the impact of ransomware attacks?
Question145: The PRIMARY benefit of information asset classification is that it:
Question151: Which of the following provides for the GREATEST cost reduction in a large data center?
Question153: Which of the following should be the PRIMARY objective of a migration audit?
Question163: Which of the following should be defined in an audit charter?
Question165: Which of the following is MOST effective in detecting an intrusion attempt?
Question166: An IS auditor should ensure that an application's audit trail:
Question168: What should be the PRIMARY basis for scheduling a follow-up audit?
Question173: A client/server configuration will:
Question179: What is the PRIMARY benefit of prototyping as a method of system development?
Question186: The PRIMARY reason an IS department should analyze past incidents and problems is to:
Question198: Which of the following is the BEST incident of an effective problem management process?
Question214: Which of the following BEST enables alignment of IT with business objectives?
Question220: Which of the following should be defined in an audit chatter?
Question222: The members of an emergency incident response team should be:
Question224: The PRIMARY reason to follow up on prior-year audit reports is to determine if
Question228: In a database management system (DBMS) normalization is used to:
Question233: Data analytics Tools are BEST suited for which of the following purposes?
Question238: Which of the following controls is BEST implemented through system configuration?
Question239: Which of the following is a directive control?
Question240: An IS auditor s role in privacy and security is to:
Question246: Which of the following should be included in a business impact analysis (BIA)
Question251: Which of the following is the GREATEST concern when using a cold backup site?
Question270: Which type of attack poses the GREATEST risk to an organization's most sensitive data?
Question282: Which of the following features can be provided only by asymmetric encryption?
Question295: Which of the following is a concern associated with virtualization?
Question306: In the risk assessment process, which of the following should be identified FIRST?