EMT Practice Test

1. Question Content...


Question List

Question1: A financial institution's privacy department has requested the implementation of multi-factor authentication to comply with regulations for providing services over the Internet. Which of the following authentication schemes would BEST meet this compliance requirement?

Question2: An organization has implemented an enhanced password policy for business applications which requires significantly more business resource to support clients. The BEST approach to obtain the support of business management would be to:

Question3: Penetration testing is MOST appropriate when a:

Question4: What is the MOST important factor for determining prioritization of incident response?

Question5: What is the MOST effective way to ensure information security incidents will be managed effectively and in a timely manner?

Question6: Which of the following provides the MOST comprehensive understanding of an organization's information security posture?

Question7: Which of the following is the MOST important prerequisite to performing an information security risk assessment?

Question8: A potential security breach has been reported to an organization s help desk. Which of the following would be the PRIMARY role of the help desk in the incident response process?

Question9: Who is MOST important to include when establishing the response process for a significant security breach that would impact the IT infrastructure and cause customer data toss?

Question10: An organization's security policy is to disable access to USB storage devices on laptops and desktops. Which of the following is the STRONGEST justification foi granting an exception to the policy?

Question11: When developing an incident response plan, which of the following is the MOST -effective way to ensure incidents common to the organization are handled properly?

Question12: An organization with a maturing incident response program conducts post-incident reviews for all major information security incidents. The PRIMARY goal of these reviews should be to:

Question13: Meeting which of the following security objectives BEST ensures that information is protected against unauthorized modification?

Question14: A third-party contract signed by a business unit manager failed to specify information security requirements Which of the following is the BEST way for an information security manager to prevent this situation from reoccurring?

Question15: Which of the following is the PRIMARY objective of a business impact analysis (BIA)?

Question16: Which of the following is the MOST important incident management consideration for an organization subscribing to a cloud service?

Question17: When the inherent risk of a business activity is lower than the acceptable risk level, the BEST course of action would be to:

Question18: The MAIN reason for internal certification of web-based business applications is to ensure:

Question19: What is the MAIN reason for an organization to develop an incident response plan?
Identify training requirements for the incident response team.
Priorities treatment based on incident critically.
What is the MAIN reason for an organization to develop an incident response plan'

Question20: A core business unit relies on an effective legacy system that does not meet the current security standards and threatens that enterprise network. Which of the following is the BEST course of action to address the situation?

Question21: Which of the following is the MOST important consideration when determining the approach for gaining organization-wide acceptance of an information security plan?

Question22: Which of the following is the PRIMARY responsibility of the information security steering committee?

Question23: What should be an organization's. MAIN concern when evaluating an Infrastructure as a Service (laaS) cloud computing model for an e-commerce application?

Question24: Which of the following metrics is the BEST indicator of an abuse of the change management process that could compromise information security?

Question25: Which of the following is the MOST important factor when determining the frequency of information security risk reassessment?

Question26: An information security manager is concerned that executive management does not su the following is the BEST way to address this situation?

Question27: Which of the following BIST validates that security controls are implemented in a new business process?

Question28: Which of the following is the MOST important consideration for designing an effective information security governance framework?

Question29: Which of the following would BEST support a business case to implement a data leakage prevention (DLP) solution?

Question30: An information security manager is developing evidence preservation procedures for an incident response plan. Which of the following would be the BEST source of guidance for requirements associated with the procedures?

Question31: Which of the following would BEST help an information security manager prioritize remediation activities to meet regulatory requirements?

Question32: An information security manager learns of a new international standard related to information security. Which of the following would be the BEST course of action?

Question33: An external security audit has reported multiple instances of control noncompliance. Which of the following is MOST important for the information security manager to communicate to senior managements.

Question34: The PRIMARY disadvantage of using a cold-site recovery facility is that it is:

Question35: Which of the following is MOST important for an information security manager to communicate to senior management regarding the security program?

Question36: Which of the following provides the GREATEST assurance that an organization allocates appropriate resources to respond to information security events?

Question37: It is suspected that key emails have been viewed by unauthorized parties The email administrator conducted an investigation but it has not returned any information relating to the incident, and leaks are continuing. Which of the following is the BEST recommended course of action to senior management?

Question38: A risk has been formally accepted and documented. Which of the following is the MOST important action for an information security manager?

Question39: Which of the following is the MOST effective approach for integrating security into application development?

Question40: Which of the following would be MOST important to consider when implementing security settings for a new system'

Question41: Which of the following should be of GREATEST concern to an information security manager when establishing a set of key risk indicators (KRIs)?

Question42: What is the BEST way for a customer to authenticate an e-commerce vendor?

Question43: Which of the following is the GREATEST benefit of information asset classification to an organization?

Question44: Which of the following is the BIST course of action for the information security manager when residual risk is above the acceptable level of risk?

Question45: Which of the following is the PRIMARY reason social media has become a popular target for attack?

Question46: With limited resources in the information security department which of the following is the BEST approach for managing security risk?

Question47: An information security manager has been informed of a new vulnerability in an online banking application, and a patch to resolve this issue is expected to be released in the next 72 hours. The information security manager s MOST important course of action is to:

Question48: An information security manager determines the organizations critical systems may be vulnerable to a new zero-day attack. The FIRST course of action is to:

Question49: An information security manager has researched several options for handling ongoing security concerns and will be presenting these solutions to business managers. Which of the following with BEST enable business managers to make an informed decision?

Question50: Which of the following would MOST likely require a business continuity plan to be invoked'

Question51: Which of the following is the BEST reason to reassess risk following an incident?

Question52: Utilizing external resources for highly technical information security tasks allows an information security manager to:

Question53: An access rights review revealed that some former employees' access is still active. Once the access is revoked, which of the following is the BEST course of action to help prevent recurrence?

Question54: A third-party service provider has proposed a data loss prevention (DLP) solution. Which of the following MUST be in place for this solution to be relevant to the organization?

Question55: Which of the following is the BEST way to identify the potential impact of a successful attack on an organization's mission critical applications?

Question56: Which of the following is the MOST effective mitigation strategy to protect confident information from inside threats?

Question57: The decision to escalate an incident should be based PRIMARILY on:

Question58: An organization is considering whether to allow employees to use personal computing devices for business purposes To BEST facilitate senior management's decision, the information security manager should:

Question59: Which of the following is a PRIMARY responsibility of an information security governance committee'

Question60: In an organization implementing a data classification program, ultimate responsibility for the data on the database server lies with the:

Question61: Which of the following provides the BEST indication that the information security program is in alignment with enterprise requirements?

Question62: Which of the following will BEST provide an organization with ongoing assurance of the information security services provided by a cloud provider?

Question63: Which of the following is MOST effective against system intrusions?

Question64: Knowing which of the following is MOST important when the information security manager is seeking senior management commitment?

Question65: Recovery time objectives (RTOs) are an output of which of the following?

Question66: Which of the following would provide the MOST useful input when creating an information security program?

Question67: Which of the following is the PRIMARY objective of implementing an information security strategy?

Question68: Which of the following is MOST likely to result from a properly conducted post-incident review?

Question69: Which is MOST important when contracting an external party to perform a penetration test?

Question70: The MOST likely cause of a security information event monitoring (SIEM) solution failing to identify a serious incident is that the system:

Question71: The PRIMARY goal of a post-incident review should be to

Question72: The success of a computer forensic investigation depends on the concept of:

Question73: Which of the following processes would BEST help to ensure that information security risks will be evaluated when implementing a new payroll system?

Question74: Which of the following will BEST enable an effective information asset classification process?

Question75: When reporting to senior management on an information security vulnerability that could lead to a potential breach, what information is MOST likely to facilitate the decision-making process?

Question76: An organization has an approved bring your own device (BYOD) program. Which of the following is the MOST effective method to enforce application control on personal devices?

Question77: Which of the following would be MOST helpful to reduce the amount of time needed by an incident response team to determine appropriate actions?

Question78: Which of the following provides the BEST justification for an information security investment when creating a business case

Question79: Which of the following needs to be established between an IT service provider and its clients to BEST enable adequate continuity of service in preparation for an outage?

Question80: Which of the following is the MOST effective way to mitigate the risk of confidential data leakage to unauthorized stakeholders?

Question81: Due lo budget constraints, an internal IT application does not include the necessary controls to meet a client service level agreement (SLA). Which of the following is the information security manager's BEST course of action?

Question82: A validated patch to address a new vulnerability that may affect a mission-critical server has been released.
What should be done immediately?

Question83: The PRIMARY benefit of integrating information security activities into change management processes is to:

Question84: An emergency change was made to an IT system as a result of a failure. Which of the following should be of GREATEST concern to the organizations information security manager?

Question85: Which of the following would provide the BEST justification for a new information security investment?

Question86: The GREATEST benefit of choosing a private cloud over a public cloud would be:

Question87: Which of the following would present the GREATEST need to revise information security poll'

Question88: Which of the following statements indicates that a previously failing security program is becoming successful?

Question89: The BEST time to ensure that a corporation acquires secure software products when outsourcing software development is during:

Question90: Which of the following is MOST likely to result from a properly conducted post-incident review?

Question91: Which of the following is MOST important to consider when determining asset valuation?

Question92: Establishing which of the following is the BEST way of ensuring that the emergence of new risk is promptly identified?

Question93: Which of the following is the MOST important element of a response plan for IT security incidents?

Question94: Which of the following is the- PRIMARY objective of an incident communication plan?

Question95: When a critical incident cannot be contained in a timely manner and the affected system needs to be taken offline, which of the following stakeholders MUST receive priority communication?

Question96: Which of the following is MOST important when prioritizing an information security incident?

Question97: Which of the following would provide the MOST comprehensive view of the effectiveness of the information security function within an organization?

Question98: An organization is in the process of adopting a hybrid data infrastructure, transferring all non-core applications to cloud service providers and maintaining all core business functions in-house. The information security manager has determined a defense in depth strategy should be used. Which of the following BEST describes this strategy?

Question99: Which of the following is MOST effective in the strategic alignment of security initiatives?

Question100: Which of the following is the BEST approach to identify noncompliance issues with legal, regulatory, and contractual requirements?