EMT Practice Test

1. Question Content...


Question List

Question1: When preventative controls to appropriately mitigate risk are not feasible, which of the following is the MOST important action for the information security manager to perform?

Question2: Which of the following BEST describes an intrusion detection system (IDS) that learns the system behaviors prior to detecting potential intrusions?

Question3: Which of the following is MOST effective in the strategic alignment of security initiatives?

Question4: Which of the following activities BEST enables executive management to ensure value delivery within an information security program?

Question5: An IT department has given a vendor remote access to the internal network for troubleshooting network performance problems. After discovering the remote activity during a firewall log review, which of the following is the FIRST course of action for an information security manager?

Question6: A validated patch to address a new vulnerability that may affect a mission-critical server has been released.
What should be done immediately?

Question7: Which of the following is the BEST strategy to implement an effective operational security posture?

Question8: Which of the following is MOST likely to drive an update to the information security strategy?

Question9: Which of the following would BEST mitigate identified vulnerabilities in a timely manner?

Question10: To prevent computers on the corporate network from being used as part of a distributed denial of service (DDoS) attack, the information security manager should use:

Question11: Which of the following is the BEST resource for evaluating the strengths and weaknesses of an incident response plan5

Question12: When reporting to senior management on an information security vulnerability that could lead to a potential breach, what information is MOST likely to facilitate the decision-making process?

Question13: Which of the following BEST demonstrates alignment between information security governance and corporate governance?

Question14: Which of the following would provide the BEST justification for a new information security investment?

Question15: Which of the following is the MOST important reason to consider the role of the IT service desk when developing incident handling procedures?

Question16: An organization wants to integrate information security into its human resource management processes. Which of the following should be the FWST step?

Question17: During the due diligence phase of an acquisition, the MOST important course of action for an information security manager is to:

Question18: Which is MOST important to enable a timely response to a security breach?

Question19: Several significant risks have been identified after a centralized risk register was compiled and prioritized. The information security manager s MOST important action is to:

Question20: An information security program should be established PRIMARILY on the basis of:

Question21: Which of the following is MOST important to consider when developing a security awareness program in an organization?

Question22: Due lo budget constraints, an internal IT application does not include the necessary controls to meet a client service level agreement (SLA). Which of the following is the information security manager's BEST course of action?

Question23: Which of the following will BEST provide an organization with ongoing assurance of the information security services provided by a cloud provider?

Question24: The BEST way to identify the criticality of systems to the business is through:

Question25: Which of the following is the PRIMARY benefit of using agentless endpoint security solutions?

Question26: The MOST likely cause of a security information event monitoring (SIEM) solution failing to identify a serious incident is that the system:

Question27: In an organization where IT is critical to its business strategy and where there is a high level of operational dependence on IT, senior management commitment to security is BEST demonstrated by the:

Question28: In a resource-restricted security program, which of the following approaches will provide the BEST use of the limited resources?

Question29: The BEST time to ensure that a corporation acquires secure software products when outsourcing software development is during:

Question30: Which of the following should an information security manager establish FIRST to ensure security-related activities are adequately monitored?

Question31: Which of the following provides the GREATEST assurance that an organization allocates appropriate resources to respond to information security events?

Question32: Which of the following is the BEST method to defend against social engineering attacks?

Question33: When facilitating the alignment of corporate governance and information security governance, which of the following is the MOST important role of an organizations security steering committee?

Question34: An information security manager learns users of an application are frequently using emergency elevated access privileges to process transactions Which of the following should be done FIRST?

Question35: An information security manager is developing a new information security strategy. Which of the following functions would serve as the BEST resource to review the strategy and provide guidance for business alignment?

Question36: An information security manager s PRIMARY objective for presenting key risks to the board of directors is to:

Question37: In a large organization requesting outsourced services, which of the following contract clauses is MOST important to the information security manager?

Question38: Within the confidentiality, integrity, and availability (CIA) triad, which of the following activities BEST supports the concept of integrity?

Question39: Which of the following is MOST helpful to review to gain an understanding of the effectiveness of an organization s information security program?

Question40: There are concerns that security events are not reported to management in a timely manner. To address this situation which of the following is MOST important to review?

Question41: Which of the following is MOST important when selecting a third-party security operations center?

Question42: Deciding the level of protection a particular asset should be given is BEST determined by:

Question43: A third-party service provider is developing a mobile app for an organization's customers. Which of the following issues should be of GREATEST concern to the information security management.

Question44: Which of the following metrics BEST evaluates the completeness of disaster-recovery preparations?

Question45: Which of the following is the MOST effective method to prevent a SQL injection in an employee portal?

Question46: The FIRST step in establishing an information security program is to:

Question47: The PRIMARY goal of a post-incident review should be to

Question48: Which of the following is the MOST effective way to identify changes in an information security environment?

Question49: The PRIMARY purpose of asset valuation for the management of information security is to:

Question50: An employee is found to be using an external cloud storage service to share corporate information with a third-party consultant, which is against company policy. Which of the following should be the information security manager s FIRST course of action?

Question51: Which of the following defines the triggers within a business continuity plan (BCP)?

Question52: Which of the following is the MOST effective way to detect social engineering attacks?

Question53: When using a newly implemented security information and event management (SIEM) infrastructure, which of the following should be considered FIRST?

Question54: It is suspected that key emails have been viewed by unauthorized parties The email administrator conducted an investigation but it has not returned any information relating to the incident, and leaks are continuing. Which of the following is the BEST recommended course of action to senior management?

Question55: Labeling information according to its security classification:

Question56: Which of the following is the MOST important consideration when determining the approach for gaining organization-wide acceptance of an information security plan?

Question57: Which of the following MOST effectively prevents internal users from modifying sensitive data?

Question58: Which of the following should be used to attain sustainable and continuous information security process improvement?