EMT Practice Test

1. Question Content...


Question List

Question1: During audit framework. an IS auditor teams that employees are allowed to connect their personal devices to company-owned computers. How can the auditor BEST validate that appropriate security controls are in place to prevent data loss?

Question2: Which of the following is a detective control?

Question3: Which of the following activities would allow an IS auditor to maintain independence while facilitating a control sell-assessment (CSA)?

Question4: During the discussion of a draft audit report. IT management provided suitable evidence fiat a process has been implemented for a control that had been concluded by the IS auditor as Ineffective. Which of the following is the auditor's BEST action?

Question5: Which of the following should be done FIRST when planning a penetration test?

Question6: What is the PRIMARY benefit of an audit approach which requires reported findings to be issued together with related action plans, owners, and target dates?

Question7: Which of the following presents the GREATEST challenge to the alignment of business and IT?

Question8: An auditee disagrees with a recommendation for corrective action that appears in the draft engagement report. Which of the following is the IS auditor's BEST course of action when preparing the final report?

Question9: An organization has outsourced the development of a core application. However, the organization plans to bring the support and future maintenance of the application back in-house. Which of the following findings should be the IS auditor's GREATEST concern?

Question10: A data breach has occurred due lo malware. Which of the following should be the FIRST course of action?

Question11: Which of the following is an advantage of using agile software development methodology over the waterfall methodology?

Question12: An IS auditor is examining a front-end sub ledger and a main ledger Which of the following would be the GREATEST concern if there are flaws in the mapping of accounts between the two systems?

Question13: When testing the adequacy of tape backup procedures, which step BEST verifies that regularly scheduled Backups are timely and run to completion?

Question14: During an incident management audit, an IS auditor finds that several similar incidents were logged during the audit period Which of the following is the auditor's MOST important course of action?

Question15: Which of the following should an IS auditor consider FIRST when evaluating firewall rules?

Question16: An IS auditor reviewing the throat assessment for a data cantor would be MOST concerned if:

Question17: Which of the following is MOST important when planning a network audit?

Question18: Which of the following should be the FRST step when developing a data toes prevention (DIP) solution for a large organization?

Question19: An organization's security policy mandates that all new employees must receive appropriate security awareness training. Which of the following metrics would BEST assure compliance with this policy?

Question20: Which of the following should be an IS auditor's GREATEST consideration when scheduling follow-up activities for agreed-upon management responses to remediate audit observations?

Question21: During an audit of a financial application, it was determined that many terminated users' accounts were not disabled. Which of the following should be the IS auditor's NEXT step?

Question22: Which of the following is the MOST appropriate indicator of change management effectiveness?

Question23: Stress testing should ideally be earned out under a:

Question24: Which of the following is the MOST effective way to maintain network integrity when using mobile devices?

Question25: Which of the following findings should be of GREATEST concern to an IS auditor assessing the risk associated with end-user computing (EUC) in an organization?

Question26: Which of the following is MOST important for an IS auditor to examine when reviewing an organization's privacy policy?

Question27: While executing follow-up activities, an IS auditor is concerned that management has implemented corrective actions that are different from those originally discussed and agreed with the audit function. In order to resolve the situation, the IS auditor's BEST course of action would be to:

Question28: An IS auditor Is reviewing a recent security incident and is seeking information about me approval of a recent modification to a database system's security settings Where would the auditor MOST likely find this information?

Question29: Which of the following are used in a firewall to protect the entity's internal resources?

Question30: Which of the following is the BEST compensating control when segregation of duties is lacking in a small IS department?

Question31: An organization has developed mature risk management practices that are followed across all departments What is the MOST effective way for the audit team to leverage this risk management maturity?

Question32: The use of which of the following is an inherent risk in the application container infrastructure?

Question33: Which of the following would be an appropriate role of internal audit in helping to establish an organization's privacy program?

Question34: What should an IS auditor do FIRST when management responses
to an in-person internal control questionnaire indicate a key internal
control is no longer effective?

Question35: When implementing Internet Protocol security (IPsec) architecture, the servers involved in application delivery:

Question36: Which of the following is the BEST control to minimize the risk of unauthorized access to lost company-owned mobile devices?

Question37: Which of the following is the BEST source of information for an IS auditor to use as a baseline to assess the adequacy of an organization's privacy policy?

Question38: Which of the following is the BEST justification for deferring remediation testing until the next audit?

Question39: A company has implemented an IT segregation of duties policy In a role-based environment, which of the following roles may be assigned to an application developer?

Question40: An IS auditor notes that IT and the business have different opinions on the availability of their application servers Which of the following should the IS auditor review FIRST in order to understand the problem?

Question41: Which of the following is the MOST appropriate and effective fire suppression method for an unstaffed computer room?

Question42: What is the PRIMARY purpose of documenting audit objectives when preparing for an engagement?

Question43: What should an IS auditor do FIRST upon discovering that a service provider did not notify its customers of a security breach?

Question44: Which of the following is the BEST recommendation to prevent fraudulent electronic funds transfers by accounts payable employees?

Question45: Which of the following is the MOST important determining factor when establishing appropriate timeframes for follow-up activities related to audit findings?

Question46: Which of the following is MOST effective for controlling visitor access to a data center?

Question47: Which of the following is MOST important for an IS auditor to review when evaluating the accuracy of a spreadsheet that contains several macros?

Question48: Which of the following is the PRIMARY advantage of using visualization technology for corporate applications?

Question49: Which of the following provides a new IS auditor with the MOST useful information to evaluate overall IT performance?

Question50: Which of following is MOST important to determine when conducing a post-implementation review?

Question51: Following a security breach in which a hacker exploited a well-known vulnerability in the domain controller, an IS audit has been asked to conduct a control assessment. the auditor's BEST course of action would be to determine if:

Question52: After the merger of two organizations, which of the following is the MOST important task for an IS auditor to perform?

Question53: An IS auditor is reviewing an organization's information asset management process. Which of the following would be of GREATEST concern to the auditor'?

Question54: Which of the following is the BEST data integrity check?

Question55: An IS auditor is analyzing a sample of accesses recorded on the system log of an application. The auditor intends to launch an intensive investigation if one exception is found Which sampling method would be appropriate?

Question56: Which of the following BEST Indicates that an incident management process Is effective?

Question57: Which of the following is MOST important for an effective control self-assessment (CSA) program?

Question58: An organization has recently acquired and implemented intelligent-agent software for granting loans to customers. During the post-implementation review, which of the following is the MOST important procedure for the IS auditor to perform?

Question59: Which of the following is the BEST indicator of the effectiveness of signature-based intrusion detection systems (lDS)?

Question60: Management has requested a post-implementation review of a newly implemented purchasing package to determine to what extent business requirements are being met. Which of the following is MOST likely to be assessed?

Question61: During a follow-up audit, an IS auditor learns that some key management personnel have been replaced since the original audit, and current management has decided not to implement some previously accepted recommendations. What is the auditor's BEST course of action?

Question62: Which of the following is the PRIMARY reason to follow a configuration management process to maintain application?

Question63: Which of the following BEST demonstrates that IT strategy is aligned with organizational goals and objectives?

Question64: An IS auditor plans to review all access attempts to a video-monitored and proximity card-controlled communications room. Which of the following would be MOST useful to the auditor?

Question65: An IS auditor is evaluating an organization's IT strategy and plans. Which of the following would be of GREATEST concern?

Question66: Which of the following is the BEST source of information to determine the required level of data protection on a file server?

Question67: Which of the following must be in place before an IS auditor initiates audit follow-up activities?

Question68: Which of the following will be the MOST effective method to verify that a service vendor keeps control levels as required by the client?

Question69: Which of the following should be GREATEST concern to an IS auditor reviewing data conversion and migration during the implementation of a new application system?

Question70: An organization has virtualized its server environment without making any other changes to the network or security infrastructure. Which of the following is the MOST significant risk?

Question71: An IS auditor notes that the previous year's disaster recovery test was not completed within the scheduled time frame due to insufficient hardware allocated by a third-party vendor. Which of the following provides the BEST evidence that adequate resources are now allocated to successfully recover the systems?

Question72: Which of the following is an audit reviewer's PRIMARY role with regard to evidence?

Question73: Which of the following is the BEST way to enforce the principle of least privilege on a server containing data with different security classifications?

Question74: The PRIMARY purpose of requiring source code escrow in a contractual agreement is to:

Question75: Which of the following should be of GREATEST concern to an |$ auditor reviewing data conversion and migration during the implementation of a new application system?

Question76: Which of the following is a PRIMARY responsibility of an IT steering committee?

Question77: What Is the BEST method to determine if IT resource spending is aligned with planned project spending?

Question78: An information systems security officer's PRIMARY responsibility for business process applications is to:

Question79: An IS auditor has been asked to assess the security of a recently migrated database system that contains personal and financial data for a bank's customers. Which of the following controls is MOST important for the auditor to confirm is in place?

Question80: Which of the following attack techniques will succeed because of an inherent security weakness in an Internet firewall?

Question81: During a follow-up audit, an IS auditor finds that some critical recommendations have the IS auditor's BEST course of action?

Question82: A review of an organization's IT portfolio revealed several applications that are not in use. The BEST way to prevent this situation from recurring would be to implement.

Question83: Documentation of workaround processes to keep a business function operational during recovery of IT systems is a core part of a:

Question84: An IS auditor is evaluating the risk associated with moving from one database management system (DBMS) to another. Which of the following would be MOST helpful to ensure the integrity of the system throughout the change?

Question85: Which of the following is MOST important to determine during the planning phase of a cloud-based messaging and collaboration platform acquisition?

Question86: Which of the following should be the FIRST step when conducting an IT risk assessment?

Question87: During a review of a production schedule, an IS auditor observes that a staff member is not complying with mandatory operational procedures. The auditor's NEXT step should be to:

Question88: A post-implementation review was conducted by issuing a survey to users. Which of the following should be of GREATEST concern to an IS auditor?

Question89: The PRIMARY benefit of information asset classification is that it:

Question90: When auditing the alignment of IT to the business strategy, it is MOST Important for the IS auditor to:

Question91: Which of the following documents should specify roles and responsibilities within an IT audit organization?

Question92: An organization is planning an acquisition and has engaged an IS auditor lo evaluate the IT governance framework of the target company. Which of the following would be MOST helpful In determining the effectiveness of the framework?

Question93: Which of the following is MOST important for an IS auditor to consider when performing the risk assessment poor to an audit engagement?

Question94: Which of the following audit procedures would be MOST conclusive in evaluating the effectiveness of an e-commerce application system's edit routine?

Question95: Which of the following should be an IS auditor's GREATEST concern when an international organization intends to roll out a global data privacy policy?

Question96: An organization is planning to implement a work-from-home policy that allows users to work remotely as needed. Which of the following is the BEST solution for ensuring secure remote access to corporate resources?

Question97: Which of the following is MOST important for an IS auditor to determine during the detailed design phase of a system development project?

Question98: Which of the following is the BEST source of information for assessing the effectiveness of IT process monitoring?

Question99: Which of the following is the MOST significant risk that IS auditors are required to consider for each engagement?

Question100: Which of the following would be an IS auditor's GREATEST concern when reviewing the early stages of a software development project?

Question101: Which of the following would be a result of utilizing a top-down maturity model process?

Question102: Which of the following is the MOST effective control to mitigate unintentional misuse of authorized access?

Question103: An organizations audit charier PRIMARILY:

Question104: Which of the following is the MOST important activity in the data classification process?

Question105: An IS auditor concludes that an organization has a quality security policy. Which of the following is MOST important to determine next? The policy must be:

Question106: What is the Most critical finding when reviewing an organization's information security management?

Question107: An externally facing system containing sensitive data is configured such that users have either read-only or administrator rights. Most users of the system have administrator access. Which of the following is the GREATEST risk associated with this situation?

Question108: An organization is considering allowing users to connect personal devices to the corporate network. Which of the following should be done FIRST?

Question109: An organization has outsourced its data processing function to a service provider. Which of the following would BEST determine whether the service provider continues to meet the organization s objectives?

Question110: The BEST way to determine whether programmers have permission to alter data in the production environment is by reviewing:

Question111: The PRIMARY objective of value delivery in reference to IT governance is to:

Question112: Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's business continuity plan (BCP)?

Question113: Which of the following are BEST suited for continuous auditing?

Question114: What is MOST important to verify during an external assessment of network vulnerability?

Question115: Which of the following is me GREATE ST impact as a result of the ongoing deterioration of a detective control?

Question116: Which of the following BEST guards against the risk of attack by hackers?

Question117: In a 24/7 processing environment, a database contains several privileged application accounts with passwords set to "never expire.' Which of the following recommendations would BEST address the risk with minimal disruption to the business?

Question118: Which of the following is MOST important for an IS auditor to confirm when reviewing an organization's plans to implement robotic process automation (RPA> to automate routine business tasks?

Question119: Which of the following is the PRIMARY role of the IS auditor m an organization's information classification process?

Question120: A warehouse employee of a retail company has been able to conceal the theft of inventory items by entering adjustments of either damaged or lost stock items lo the inventory system. Which control would have BEST prevented this type of fraud in a retail environment?

Question121: An IS auditor is reviewing documentation of application systems change control and identifies several patches that were not tested before being put into production. Which of the following is the MOST significant risk from this situation?

Question122: Which of the following is the BEST indication to an IS auditor that management's post-implementation review was effective?

Question123: Which of the following should be the FIRST step to successfully implement a corporate data classification program?

Question124: Which of the following would BEST facilitate the successful implementation of an IT-related framework?

Question125: Which of the following is the BEST way to mitigate the impact of ransomware attacks?

Question126: During the evaluation of controls over a major application development project, the MOST effective use of an IS auditor's time would be to review and evaluate:

Question127: An organization is disposing of a system containing sensitive data and has deleted all files from the hard disk. An IS auditor should be concerned because:

Question128: An IS auditor has discovered that a software system still in regular use is years out of date and no longer supported The auditee has stated that it will take six months until the software is running on the current version. Which of the following is the BEST way to reduce the immediate risk associated with using an unsupported version of the software?

Question129: Which of the following is the MOST effective method of destroying sensitive data stored on electronic media?

Question130: During a security audit, an IS auditor is tasked with reviewing log entries obtained from an enterprise intrusion prevention system (IPS). Which type of risk would be associated with the potential for the auditor to miss a sequence of logged events that could indicate an error in the IPS configuration?

Question131: A disaster recovery plan (DRP) should include steps for:

Question132: An IS auditor is reviewing an organization's primary router access control list. Which of the following should result in a finding?

Question133: An IS auditor discovers that validation controls m a web application have been moved from the server side Into the browser to boost performance This would MOST likely increase the risk of a successful attack by.

Question134: An IS auditor Is renewing the deployment of a new automated system Which of the following findings presents the MOST significant risk?

Question135: Which of the following access rights presents the GREATEST risk when granted to a new member of the system development staff?

Question136: When verifying the accuracy and completeness of migrated data for a new application system replacing a legacy system. It is MOST effective for an IS auditor to review;

Question137: Which of the following would provide an IS auditor with the GREATEST assurance that data disposal controls support business strategic objectives?

Question138: An organization's enterprise architecture (EA) department decides to change a legacy system's components while maintaining its original functionality Which of the following is MOST important for an IS auditor to understand when reviewing this decision?

Question139: An incorrect version of source code was amended by a development team, This MOST likely indicates a weakness in:

Question140: A new regulation in one country of a global organization has recently prohibited cross-border transfer of personal data. An IS auditor has been asked to determine the organization's level of exposure in the affected country. Which of the following would be MOST helpful in making this assessment?

Question141: An audit has identified that business units have purchased cloud-based applications without IPs support. What is the GREATEST risk associated with this situation?

Question142: Which of the following should be the MOST important consideration when conducting a review of IT portfolio management?

Question143: In which phase of the internal audit process is contact established with the individuals responsible for the business processes in scope for review?

Question144: Which of the following is MOST important to include in forensic data collection and preservation procedures?

Question145: Which of the following is necessary for effective risk management in IT governance?

Question146: Which of the following should be the PRIMARY basis for prioritizing follow-up audits?

Question147: In the development of a new financial application, the IS auditor's FIRST involvement should be in the:

Question148: Management has learned the implementation of a new IT system will not be completed on time and has requested an audit. Which of the following audit findings should be of GREATEST concern?

Question149: An IS auditor finds that firewalls are outdated and not supported by vendors. Which of the following should be the auditor's NEXT course of action?

Question150: Which of the following BEST enables an organization to improve the visibility of end-user computing (EUC) applications that support regulatory reporting?

Question151: The PRIMARY benefit of automating application testing is to:

Question152: An IS auditor has discovered that a software system still in regular use is years out of date and no longer supported. The auditee has slated that it will take six months until the software is running on the current version. Which of the following is the BEST way to reduce the immediate risk associated with using an unsupported version of the software?

Question153: An IS auditor has completed the fieldwork phase of a network security review and is preparing the initial following findings should be ranked as the HIGHEST risk?

Question154: In order to be useful, a key performance indicator (KPI) MUST

Question155: Which of the following is the BEST way to determine whether a test of a disaster recovery plan (DRP) was successful?