EMT Practice Test

1. Question Content...


Question List

Question1: Which of the following ensures a sender's authenticity and an e-mail's confidentiality?

Question2: What is BEST for an IS auditor to review when assessing the effectiveness of changes recently made to processes and tools related to an organization's business continuity plan (BCP)?

Question3: The FIRST step in managing the risk of a cyber attack is to:

Question4: During an external assessment of network vulnerability which of the following activities should be performed FIRST

Question5: What is BEST for an IS auditor lo review when assessing the effectiveness of changes recently made to processes and tools related to an organization's business continuity plan (BCP)?

Question6: Which of the following is the MOST critical and contributes the greatest to the quality of data in a data
warehouse?

Question7: Which of the following should an IS auditor review to understand project progress in terms of time, budget and deliverables for early detection of possible overruns and for projecting estimates at completion (EACs)?

Question8: When developing metrics to measure the contribution of IT to the achievement of business goals, the MOST important consideration is that the metrics:

Question9: An IS auditor is asked to provide feedback on the systems options analysis for a new project The BEST course of action for the IS auditor would be to:

Question10: Which of the following is the MOST reliable sender authentication method?

Question11: Which of the following is MOST important for the successful establishment of a security vulnerability management program?

Question12: An internal audit department reports directly to the chief financial officer (CFO) of an organization. This MOST likely leads to

Question13: Which of the following attack involves sending forged ICMP Echo Request packets to the broadcast address on multiple gateways in order to illicit responses from the computers behind the gateway where they all respond back with ICMP Echo Reply packets to the source IP address of the ICMP Echo Request packets?

Question14: An IS auditor who is reviewing incident reports discovers that, in one instance, an important document left
on an employee's desk was removed and put in the garbage by the outsourced cleaning staff. Which of the
following should the IS auditor recommend to management?

Question15: Which of the following would help to ensure the portability of an application connected to a database?

Question16: An IS auditor finds out-of-range data in some tables of a database. Which of the following controls should the IS auditor recommend to avoid this situation?

Question17: A team conducting a risk analysis is having difficulty projecting the financial losses that could result from a risk. To evaluate the potential losses, the team should:

Question18: You should know the difference between an exploit and a vulnerability. Which of the following refers to a
weakness in the system?

Question19: Which of the following is a passive attack to a network?

Question20: During a business continuity audit an IS auditor found that the business continuity plan (BCP) covered only critical processes. The IS auditor should:

Question21: Whenever business processes have been re-engineered, the IS auditor attempts to identify and quantify
the impact of any controls that might have been removed, or controls that might not work as effectively
after business process changes. True or false?

Question22: Before concluding that internal controls can be relied upon, the IS auditor should:

Question23: In computer forensics, which of the following is the process that allows bit-for-bit copy of a data to avoid damage of original data or information when multiple analysis may be performed?

Question24: IT best practices for the availability and continuity of IT services should:

Question25: An IS auditor discovers that validation controls in a web application have been moved from the server side into the browser to boost performance. This would MOST likely increase the risk of a successful attack by:

Question26: chain management processes Customer orders are not being fulfilled in a timely manner, and the inventory in the warehouse does not match the quantity of goods in the sales orders. Which of the following is the auditor's BEST recommendation?

Question27: Which of the following is the PRIMARY role of the IS auditor m an organization's information classification process?

Question28: An IS auditor reviewing the implementation of an intrusion detection system (IDS) should be MOST concerned if:

Question29: Which of the following observations should be of concern to an IS auditor performing a review of an organization's IT governance structure?

Question30: Which of the following is an object-oriented technology characteristic that permits an enhanced degree of security over data?

Question31: The risk that the IS auditor will not find an error that has occurred is identified by which of the following
terms?

Question32: To ensure that audit resources deliver the best value to the organization, the FIRST step would be to:

Question33: Which of the following conditions would be of MOST concern to an IS auditor assessing the risk of a successful brute force attack encrypted data at rest?

Question34: Which of the following is MOST likely to result from compliance testing?

Question35: A hub is a device that connects:

Question36: An IS auditor has been asked to audit a complex system with computerized and manual elements. Which of the following should be identified FIRST?

Question37: During an audit of a financial application, it was determined that many terminated users' accounts were not disabled. Which of the following should be the IS auditors NEXT step?

Question38: In the review of a feasibility study for an IS acquisition, the important step is to:

Question39: To enable the alignment of IT staff development plans with IT strategy, which of the following should be done FIRST?

Question40: Default permit is only a good approach in an environment where:

Question41: An organization wants to reuse company-provided smartphones collected from staff leaving the organization.
Which of the following would be the BEST recommendation?

Question42: When conducting a penetration test of an IT system, an organization should be MOST
concerned with:

Question43: To gain a clear understanding of the impact that a new regulatory requirement will have on an organization's information security controls, an information security manager should FIRST:

Question44: The MOST likely explanation for the use of applets in an Internet application is that:

Question45: Which of the following would BEST help prioritize various projects in an organization's IT portfolio?

Question46: An organization is migrating from a legacy system to an enterprise resource planning (ERP) system. While reviewing the data migration activity, the MOST important concern for the IS auditor is to determine that there is a:

Question47: Which of the following should an IS auditor be MOST concerned with during a post-implementation review?

Question48: Which of the following provides nonrepudiation in an electronic communication session without confidentiality?

Question49: An employee has accidentally posted confidential data to the company's social media page. Which of the following is the BEST control to prevent this from recurring?

Question50: Which of the following would BEST support 24/7 availability?

Question51: How do modems (modulation/demodulation) function to facilitate analog transmissions to enter a digital network?

Question52: What is the first step in a business process re-engineering project?

Question53: A company laptop has been stolen and all photos on the laptop have been published on social media. Which of the following is the IS auditor's BEST course of action?

Question54: The MAJOR reason for replacing checks with electronic funds transfer (EFT) systems in the accounts payable area is to:

Question55: During the audit of an acquired software package, an IS auditor learned that the software purchase was
based on information obtained through the Internet, rather than from responses to a request for proposal
(RFP). The IS auditor should FIRST:

Question56: An online retailer is receiving customer complaints about receiving different items from what they ordered on the organization's website. The root cause has been traced to poor data quality. Despite efforts to clean erroneous data from the system, multiple data quality issues continue to occur. Which of the following recommendations would be the BEST way to reduce the likelihood of future occurrences?

Question57: An organization wants to replace its suite of legacy applications with a new, in-house developed solution.
Which of the following is the BEST way to address concerns associated with migration of all mission-critical business functionality?

Question58: An IS auditor reviewing a proposed application software acquisition should ensure that the:

Question59: An online retailer is receiving customer about receiving different items from what they ordered on the
organization's website. The root cause has been traced to poor data quality. Despite efforts to clean
erroneous data from the system, multiple data quality issues continue to occur. Which of the following
recommendations would be the BEST way to reduce the likelihood of future occurrences?

Question60: An internal audit has found that critical patches were not implemented within the timeline established by policy without a valid reason. Which of the following is the BEST course of action to address the audit findings?

Question61: When using an integrated test facility (ITF), an IS auditor should ensure that:

Question62: Which of the following is MOST important for an IS auditor to review when evaluating the effectiveness of an organization's incident response process?

Question63: Which of the following controls would an IS auditor look for in an environment where duties cannot be appropriately segregated?

Question64: What would be the MOST effective control for enforcing accountability among database users accessing sensitive information?

Question65: What is the MOST effective way to ensure information security incidents will be managed effectively and in a timely manner?

Question66: Which of the following term related to network performance refers to the number of corrupted bits
expressed as a percentage or fraction of the total sent?

Question67: Which of the following data validation edits is effective in detecting transposition and transcription errors?

Question68: Which of the following should be the GREATEST concern to an IS auditor evaluating an organization's policies?

Question69: Which of the following functionality is NOT performed by the application layer of a TCP/IP model?

Question70: A company has implemented a new client-server enterprise resource planning (ERP) system. Local branches transmit customer orders to a central manufacturing facility. Which of the following would BEST ensure that the orders are entered accurately and the corresponding products are produced?

Question71: Which of the following is the BEST way to address ongoing concerns with the quality and accuracy of internal audits?

Question72: Which of the following type of honey pot essentially gives a hacker a real environment to attack?

Question73: What is the first step in a business process re-engineering project?

Question74: Which of the following ensures the availability of transactions in the event of a disaster?

Question75: Which of the following statement is NOT true about Voice-Over IP (VoIP)?
VoIP uses circuit switching technology
Lower cost per call or even free calls, especially for long distance call Lower infrastructure cost VoIP is a technology where voice traffic is carried on top of existing data infrastructure

Question76: .What must an IS auditor understand before performing an application audit? Choose the BEST answer.

Question77: Which of the following is the MOST critical and contributes the greatest to the quality of data in a data warehouse?

Question78: Which of the following online auditing techniques is most effective for the early detection of errors or irregularities?

Question79: Company.com has contracted with an external consulting firm to implement a commercial financial system to replace its existing in-house developed system. In reviewing the proposed development approach, which of the following would be of GREATEST concern?

Question80: Which of the following is the BEST way to determine if IT is delivering value to the business?

Question81: A long-term IS employee with a strong technical background and broad managerial experience has applied for a vacant position in the IS audit department. Determining whether to hire this individual for this position should be based on the individual'sexperience and:

Question82: Which of the following BEST limits the impact of server failures in a distributed environment?

Question83: Which of the following is an IS auditor's BEST recommendation to help an organization increase the efficiency of computing resources?

Question84: Which of the following type of network service stores information about the various resources in a central database on a network and help network devices locate services?

Question85: Which of the following controls BEST mitigates the impact of a distributed denial of service (DDoS) attack against the controller in a softwaredefined network (SDN)?

Question86: Which of the following would be MOST useful when analyzing computer performance?

Question87: When using an integrated test facility (ITF), an IS auditor should ensure that:

Question88: Which of the following would a digital signature MOST likely prevent?

Question89: An IS auditor finds that conference rooms have active network ports. Which of the following is MOST important to ensure?

Question90: Which of the following are designed to detect network attacks in progress and assist in post-attack forensics?

Question91: Of the following, who is BEST suited to establish an organization's risk tolerance?

Question92: Which of the following PBX feature supports shared extensions among several devices, ensuring that only one device at a time can use an extension?

Question93: A new regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification. Which of the following is the IS auditor's BEST recommendation to facilitate compliance with the regulation?

Question94: Which of the following are the PRIMARY considerations when determining the timing of remediation testing?

Question95: With respect to the outsourcing of IT services, which of the following conditions should be of GREATEST concern to an IS auditor?

Question96: An IS auditor is analyzing a sample of accesses recorded on the system log of an application. The auditor intends to launch an intensive investigation if one exception is found Which sampling method would be appropriate?

Question97: During the planning stage of an IS audit, the PRIMARY goal of an IS auditor is to:

Question98: Which of the following should be of MOST concern to an IS auditor reviewing the BCP?

Question99: .Which of the following is an effective method for controlling downloading of files via FTP? Choose the BEST answer.

Question100: Which of the following reports should an IS auditor use to check compliance with a service level
agreements (SLA) requirement for uptime?

Question101: Atomicity enforces data integrity by ensuring that a transaction is either completed in its entirely or not at all.
Atomicity is part of the ACID test reference for transaction processing.
True or false?

Question102: After delivering an audit report, the audit manager discovers that evidence was overlooked during the audit This evidence indicates that a procedural control may have failed and could contradict a conclusion of the audit Which of the following risks is MOST affected by this oversight?

Question103: What is the Most critical finding when reviewing an organization's information security management?

Question104: An emergency power-off switch should:

Question105: A web organization is developed in-house by an organization. Which of the following would provide the BEST evidence to an IS auditor that the application is secure from external attack?

Question106: Which of the following should be the PRIMARY audience for a third-party technical security assessment report?

Question107: Which of the following situations would increase the likelihood of fraud?

Question108: In a multinational organization, local security regulations should be implemented over global security policy because:

Question109: Which of the following represents the GREATEST risk created by a reciprocal agreement for disaster recovery made between two companies?

Question110: .Using the OSI reference model, what layer(s) is/are used to encrypt data?

Question111: An IS auditor finds that a DBA has read and write access to production data. The IS auditor should:

Question112: The MOST significant reason for using key performance indicators (KPIs) to track the progress of IT
projects against initial targets is that they:

Question113: Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's information security program?

Question114: The MAIN reason for requiring that all computer clocks across an organization be synchronized is to:

Question115: Which of the following observations should be of GREATEST concern to an IS auditor reviewing a hosted virtualized environment where each guest operating system (OS) is r

Question116: What type of cryptosystem is characterized by data being encrypted by the sender using the recipient's public key, and the data then being decrypted using the recipient's private key?

Question117: Which of the following term related to network performance refers to the delay that packet may experience on their way to reach the destination from the source?

Question118: A comprehensive and effective e-mail policy should address the issues of e-mail structure, policy enforcement, monitoring and:

Question119: During a software acquisition review, an IS auditor should recommend that there be a software escrow agreement when:

Question120: When reviewing a disaster recovery plan (DRP), an IS auditor should examine the:

Question121: Host Based ILD&P primarily addresses the issue of:

Question122: An IS auditor finds that, in accordance with IS policy, IDs of terminated users are deactivated within 90 days of termination. The IS auditor should:

Question123: Which of the following must exist to ensure the viability of a duplicate information processing facility?

Question124: During the review of a biometrics system operation, an IS auditor should FIRST review the stage of:

Question125: A bank has implemented a new accounting system. Which of the following is the BEST lime for an IS auditor to perform a post-implementation review?

Question126: Which of the following should be an IS auditor's GREATEST concern when evaluating a cybersecurity incident response plan?

Question127: Of the following, who should approve a release to a critical application that would make the application inaccessible for 24 hours?

Question128: Which of the following controls is MOST appropriate against brute force attacks at login?

Question129: One advantage of monetary unit sampling is the fact that

Question130: An organization plans to receive an automated data feed into its enterprise data warehouse from a third-party service provider. Which of the following would be the BEST way to prevent accepting bad data?

Question131: After discussing findings with an auditee, an IS auditor is required to obtain approval of the report from the CEO before issuing it to the audit committee. This requirement affects the IS auditor's:

Question132: When is regression testing used to determine whether new application changes have introduced any errors in the remaining unchanged code?

Question133: An organization developed a comprehensive three-year IT strategic plan. Halfway into the plan, a major
legislative change impacting the organization is enacted. Which of the following should be management's
NEXT course of action?

Question134: Which of the following will be the MOST effective method to verify that a service vendor keeps control levels as required by the client?

Question135: Which of the following is an advantage of an integrated test facility (ITF)?

Question136: Identify the correct sequence of Business Process Reengineering (BPR) application steps from the given choices below?

Question137: In a client-server architecture, a domain name service (DNS) is MOST important because it provides the:

Question138: An IS auditor has discovered that unauthorized customer management software was installed on a workstation.
The auditor determines the software has been uploading customer ita to an external party. Which of the following is the IS auditor's BEST course of action?

Question139: During a security audit, an IS auditor is tasked with reviewing log entries obtained from an enterprise intrusion prevention system (IPS). Which type of risk would be associated with the potential for the auditor to miss a sequence of logged events that could indicate an error in the IPS configuration?

Question140: Many organizations require an employee to take a mandatory vacation (holiday) of a week or more to:

Question141: During the design phase of a software development project, the PRIMARY responsibility of an IS auditor is to evaluate the:

Question142: In wireless communication, which of the following controls allows the device receiving the communications to verify that the received communications have not been altered in transit?

Question143: An IS audit manager has been asked to perform a quality review on an audit that the same manager also
supervised. Which of the following is the manager's BEST response to this situation?

Question144: Due to cost restraints, a company defers the replacement of hardware supporting core applications. Which of the following represents the GREATEST risk?

Question145: When reviewing an active project, an IS auditor observed that, because of a reduction in anticipated
benefits and increased costs, the business case was no longer valid. The IS auditor should recommend
that the:

Question146: An efficient use of public key infrastructure (PKI) should encrypt the:

Question147: The PRIMARY purpose of audit trails is to:

Question148: Which of the following would be an auditor's GREATEST concern when reviewing data inputs from spreadsheets into the core finance system?

Question149: Which of the following should be done FIRST when planning a penetration test?

Question150: An IS auditor learns a server administration team regularly applies work arounds to address repeated failures of critical data processing services. Which of the following would BEST enable the organization to resolve the issue?

Question151: Which of the following is the GREATEST threat to Voice-over Internet Protocol (VoIP) related to privacy?

Question152: During an audit of the logical access control of an ERP financial system an IS auditor found some user accounts shared by multiple individuals. The user IDs were based on roles rather than individual identities. These accounts allow access to financial transactions on the ERP. What should the IS auditor do next?

Question153: Establishing data ownership is an important first step for which of the following processes? Choose the BEST answer.

Question154: The use of access control lists (ACLs) is the MOST effective method to mitigate security risk for routers because they: (Identify Correct answer and related explanation/references from CISA Certification - Information Systems Auditor official Manual or book)

Question155: Which of the following is an IS auditor s GREATEST concern when an organization does not regularly update software on individual workstations in the internal environment?

Question156: Which of the following is a detective control?

Question157: An IS auditor reviewing the risk assessment process of an organization should FIRST:

Question158: Who is responsible for ensuring that system controls and supporting processes provides an effective level
of protection, based on the data classification set in accordance with corporate security policies and
procedures?

Question159: Which of the following insurance types provide for a loss arising from fraudulent acts by employees?

Question160: Which of the following internet security threats could compromise integrity?

Question161: .An IS auditor usually places more reliance on evidence directly collected. What is an example of such evidence?

Question162: An IS auditor reviews an organizational chart PRIMARILY for:

Question163: .Processing controls ensure that data is accurate and complete, and is processed only through which of the following? Choose the BEST answer.

Question164: Which of the following statement correctly describes the difference between total flooding and local
application extinguishing agent?

Question165: Which of the following would an IS auditor consider the MOST relevant to short-term planning for an IS department?

Question166: Which of the following is the BEST sampling method to ensure only active users have access to critical systems?

Question167: Which of the following is the BEST indication of effective IT investment management9

Question168: Which of the following presents an inherent risk with no distinct identifiable preventive controls?

Question169: Which of the following is the key benefit of control self-assessment (CSA)?

Question170: Which of the following virus prevention techniques can be implemented through hardware?

Question171: When designing metrics for information security, the MOST important consideration is that the metrics:

Question172: Which of the following is a key success factor for implementing IT governance?

Question173: In order to properly protect against unauthorized disclosure of sensitive data, how should hard disks be sanitized?

Question174: Input/output controls should be implemented for which applications in an integrated systems environment?

Question175: Proper segregation of duties does not prohibit a quality control administrator from also being responsible for change control and problem management. True or false?

Question176: An IS auditor is performing a network security review of a telecom company that provides Internet connection services to shopping malls for their wireless customers. The company uses Wireless Transport Layer Security (WTLS) and Secure Sockets Layer (SSL) technology for protecting their customer's payment information. The IS auditor should be MOST concerned if a hacker:

Question177: During a postimplementation review of an enterprise resource management system, an IS auditor would MOST likely:

Question178: The MOST likely effect of the lack of senior management commitment to IT strategic planning is:

Question179: The ultimate purpose of IT governance is to:

Question180: Which of the following are examples of tools for launching Distributed DoS Attack (choose all that apply):

Question181: An IS auditor has completed an audit on the organization's IT strategic planning process Which of the following findings should be given the HIGHEST priority?

Question182: Which of the following is BEST characterized by unauthorized modification of data before or during systems data entry?

Question183: Identify the network topology from below diagram presented below:

Network Topology

Question184: Identify the INCORRECT statement from below mentioned testing types

Question185: An organization recently implemented a cloud document storage solution and removed the ability for end users to save data to their local workstation hard drives Which of the following findings should be the IS auditor's GREATEST concern?

Question186: Which of the following layer of an enterprise data flow architecture represents subsets of information from the core data warehouse?

Question187: Which of the following is the MOST reliable network connection medium in an environment where there is
strong electromagnetic interference?

Question188: The purpose of a deadman door controlling access to a computer facility is primarily to:

Question189: A purpose of project closure is to determine the:

Question190: An IS auditor needs to consider many factors while evaluating an encryption system. Which of the following
is LEAST important factor to be considered while evaluating an encryption system?

Question191: The PRIMARY goal of a web site certificate is:

Question192: A manufacturing firm wants to automate its invoice payment system. Objectives state that the system should require considerably less time for review and authorization and the system should be capable of identifying errors that require follow up. Which of the following would BEST meet these objectives?

Question193: An organization offers an online information security awareness program to employees on an annual basis. Which of the following findings from an audit of the program should be the IS auditor's GREATEST concern?

Question194: Which of the following would BEST facilitate the detection of internal fraud perpetrated by an individual?

Question195: Which of the following is the MAIN purpose of an information security management system?

Question196: Which of the following IS audit findings should be of GREATEST concern when preparing to migrate to a new core system using a direct cut-over?

Question197: To optimize an organization's business contingency plan (BCP), an IS auditor should recommend conducting a business impact analysis (BlA) in order to determine:

Question198: An IS auditor finds multiple situations where the help desk resolved security incidents without notifying IT security as required by policy. Which of the following is the BEST audit recommendation?

Question199: In which of the following WAN message transmission technique does two network nodes establish a dedicated communications channel through the network before the nodes may communicate?

Question200: Which of the following intrusion detection systems (IDSs) monitors the general patterns of activity and traffic on a network and creates a database?

Question201: Which of the following should be the MOST important consideration when deciding areas of priority for IT governance implementation?

Question202: An IS auditor is reviewing the results of a business process improvement project. Which of the following should be performed FIRST?

Question203: An organization considers implementing a system that uses a technology that is not in line with the organization's IT strategy. Which of the following is the BEST justification for deviating from the IT strategy?

Question204: A vulnerability in which of the following virtual systems would be of GREATEST concern to the IS auditor?

Question205: Which of the following should concern an IS auditor when reviewing security in a client- server environment?

Question206: An IS auditor finds that conference rooms have active network ports. Which of the
following is MOST important to ensure?

Question207: Which of the following should an IS auditor review to determine user permissions that have been granted for a particular resource?

Question208: After initial investigation, an IS auditor has reasons to believe that fraud may be present.
The IS auditor should:

Question209: Which of the following is the MOST important consideration for an organization when strategizing to comply
with privacy regulations?

Question210: An IS auditor performs a follow-up audit and learns the approach taken by the auditee to fix the findings differs from the agreed-upon approach confirmed during the last audit. Which of the following should be the auditor's NEXT course of action?

Question211: An organization has established three IS processing environments: development, test, and production.
The MAJOR reason for separating the development and test environments is to:

Question212: An IS auditor is reviewing the security of a web-based customer relationship management (CRM) system that is directly accessed by customers via the Internet, Which of the following should be a concern for the auditor?

Question213: Which of the following risks could result from inadequate software baselining?

Question214: Which of the following user profiles should be of MOST concern to an IS auditor when performing an audit
of an EFT system?

Question215: Proper segregation of duties does not prohibit a quality control administrator from also being responsible for change control and problem management. True or false?

Question216: An IS auditor is reviewing logical access controls for an organization's financial business application Which of the following findings should be of GREATEST concern to the auditor?

Question217: Which of the following is a method to prevent disclosure of classified documents printed on a shared printer?

Question218: Once an organization has finished the business process reengineering (BPR) of all its critical operations,
an IS auditor would MOST likely focus on a review of:

Question219: When auditing the closing stages of a system development protect which of the following should be the MOST important consideration?

Question220: The use of risk assessment tools for classifying risk factors should be formalized in your IT audit effort through: