EMT Practice Test

1. Question Content...


Question List

Question1: An organization has detected potential risk emerging from noncompliance with new regulations in its industry.
Which of the following is the MOST important reason to report this situation to senior management?

Question2: A risk management program will be MOST effective when:

Question3: As part of an international expansion plan, an organization has acquired a company located in another jurisdiction. Which of the following would be the BEST way to maintain an effective information security program?

Question4: The PRIMARY benefit of integrating information security risk into enterprise risk management is to:

Question5: Information classification is a fundamental step in determining:

Question6: An internal audit has found that critical patches were not implemented within the timeline established by policy without a valid reason. Which of the following is the BEST course of action to address the audit findings?

Question7: Meeting which of the following security objectives BEST ensures that information is protected against unauthorized modification?

Question8: What would be an information security manager's BEST course of action when notified that the implementation of some security controls is being delayed due to budget constraints?

Question9: Which of the following is MOST important when prioritizing an information security incident?

Question10: The BEST way to improve the effectiveness of responding to and communicating security incidents is to ensure:

Question11: Which of the following is the MOST important step in risk ranking?

Question12: An information security manager is evaluating the key risk indicators (KRls) for an organization s information security program. Which of the following would be the information security manager s GREATEST concern?

Question13: What is the MOST effective way to ensure information security incidents will be managed effectively and in a timely manner?

Question14: Which of the following is the BEST approach for determining the maturity level of an information security program?

Question15: Which of the following control type is the FIRST consideration for aligning employee behavior with an organization's information security objectives?

Question16: An organization has implemented an enhanced password policy for business applications which requires significantly more business resource to support clients. The BEST approach to obtain the support of business management would be to:

Question17: For a business operating in a competitive and evolving online market, it is MOST important for a security policy to focus on:

Question18: Which of the following should be of MOST influence to an information security manager when developing IT security policies?

Question19: A risk has been formally accepted and documented. Which of the following is the MOST important action for an information security manager?

Question20: Which of the following should be the PRIMARY input when defining the desired state of security within an organization?

Question21: Which of the following is the BKT approach for an information security manager when developing new information security policies?

Question22: The success of a computer forensic investigation depends on the concept of:

Question23: Which of the following would BEST enhance firewall security?

Question24: Senior management learns of several web application security incidents and wants to know the exposure risk to the organization. What is the information security manager's BEST course of action?

Question25: Which of the following is the MOST important incident management consideration for an organization subscribing to a cloud service?

Question26: To ensure appropriate control of information processed in IT systems, security safeguards should be based PRIMARILY on:

Question27: An organization wants to integrate information security into its human resource management processes. Which of the following should be the FWST step?

Question28: Which of the following would provide nonrepudiation of electronic transactions?

Question29: BEST way to isolate corporate data stored on employee-owned mobile devices would be to implement:

Question30: An information security manager is developing a new information security strategy. Which of the following functions would serve as the BEST resource to review the strategy and provide guidance for business alignment?

Question31: After a risk has been mitigated, which of the following is the BEST way to help ensure residual risk remains within an organization's established risk tolerance?

Question32: Which of the following would provide the MOST useful input when creating an information security program?

Question33: The PRIMARY reason an organization would require that users sign an acknowledgment of their system access responsibilities is to:

Question34: A third-party service provider is developing a mobile app for an organization's customers. Which of the following issues should be of GREATEST concern to the information security management.

Question35: Which of the following is the MOST effective way to ensure security policies are relevant to organizational business practices?

Question36: Which of the following should be the FIRST step of incident response procedures?

Question37: Which of the following is the MOST effective way for senior management to support the integration of information security governance into corporate governance?

Question38: The MOST important objective of monitoring key risk indicators (KRIs) related to information security is to:

Question39: What is the MOST important factor for determining prioritization of incident response?

Question40: The PRIMARY goal of a post-incident review should be to

Question41: Which of the following BEST indicates that an information security strategy is aligned to the business strategy?

Question42: An information security manager reads a media report of a new type of malware attack. Who should be notified FIRST"

Question43: Which of the following is the MOST important reason to document information security incidents that are reported across the organization?

Question44: Which of the following is an information security manager's BEST course of action when informed of decision to reduce funding for the information security program?

Question45: Senior management has allocated funding to each of the organization s divisions to address information security vulnerabilities The funding is based on each division's technology budget from the previous fiscal year. Which of the following should be of GREATEST concern to the information security manager?

Question46: When supporting a large corporation's board of directors in the development of governance, which of the following is the PRIMARY function of the information security manager?

Question47: Which of the following is the MOST effective way to mitigate the risk of confidential data leakage to unauthorized stakeholders?

Question48: Which of the following is the PRIMARY objective of a business impact analysis (BIA)?

Question49: Which of the following is the MOST important consideration when deciding whether to continue outsourcing to a managed security service provider?

Question50: The MOST effective control to detect fraud inside an organization's network is to:

Question51: Following a successful and well-publicized hacking incident, an organization alias plans to improve application security. Which of the following is a security project risk?

Question52: The MOST important reason that security risk assesements should be conducted frequently through an organization is because:

Question53: Which of the following is the MOST effective method to prevent a SQL injection in an employee portal?

Question54: Before final acceptance of residual risk, what is the BEST way for an information security manager to address risk factors determined to be lower than acceptable risk levels?

Question55: Who is MOST important to include when establishing the response process for a significant security breach that would impact the IT infrastructure and cause customer data toss?

Question56: A global organization is developing an incident response team (IRT). The organization wants to keep headquarters informed of aP incidents and wants to be able to present a unified response to widely dispersed events. Which of the following IRT models BEST supports these objectives?

Question57: Which of the following would BEST mitigate identified vulnerabilities in a timely manner?

Question58: What should an information security manager do NEXT when management does not accept control recommendations resulting from a risk assessment?

Question59: The MAIN reason for an information security manager to monitor industry level changes in the business and FT is to:

Question60: Which of the following provides the MOST relevant evidence of incident response maturity?

Question61: A risk analysis for a new system is being performed. For which of the following is business knowledge MORE important than IT knowledge?

Question62: Which of the following should be the PRIMARY factor in prioritizing responses to a security incident?

Question63: With limited resources in the information security department which of the following is the BEST approach for managing security risk?

Question64: Which of the following would BEST support a business case to implement a data leakage prevention (DLP) solution?

Question65: Which of the following BEST enables an effective escalation process within an incident response program?

Question66: When an organization and its IT-hosting service provider are establishing a contract with each other, it is MOST important that the contract includes:

Question67: An organization involved in e-commerce activities operating from its home country opened a new office in another country wit! stringent security laws. In this scenario, the overall security strategy should be based on:

Question68: Which of the following recovery approaches generally has the LOWEST periodic cost?

Question69: Which of the following is an example of a deterrent control?

Question70: An organization implemented a mandatory information security awareness training program a year ago. What is the BEST way to determine its effectiveness?

Question71: Which of the following would BEST fulfill a board of directors' request for a concise

Question72: The BEST way to establish a recovery time objective (RTO) that balances cost with a realistic recovery time frame is to:

Question73: Which of the following is the BEST way to demonstrate to senior management that organizational security practices comply with industry standards?

Question74: After a server has been attacked, which of the following is the BEST course of action?

Question75: Which of the following is a PRIMARY responsibility of an information security governance committee'

Question76: Which of the following should be the information security manager's NEXT step following senior management approval of the information security strategy?

Question77: Which of the following BEST demonstrates alignment between information security governance and corporate governance?

Question78: The BEST way to obtain funding from senior management for a security awareness program is to:

Question79: When developing a classification method for incidents, the categories MUST be:

Question80: Which of the following is the MOST important factor when determining the frequency of information security risk reassessment?

Question81: To gain a clear+ understanding of the impact that a new regulatory requirement will have on an organization s information security controls, an information security manager should FIRST:

Question82: The MAIN reason for internal certification of web-based business applications is to ensure:

Question83: A newly hired information security manager discovers that the cleanup of accounts for terminated employees happens only once a year. Which of the following should be the information security manager's FIRST course of action?

Question84: When preparing a business case for the implementation of a security information and event management (SIEM) system, which of the following should be a PRIMARY driver in the feasibility study?

Question85: Which of the following is the MOST useful input for an information security manager when refreshing the organizations security strategy?

Question86: Which of the following would be MOST effective when justifying the cost of adding security controls to an existing web application?

Question87: For a user of commercial software downloaded from the Internet, which of the following is the MOST effective means of ensuring authenticity?

Question88: The MOST effective way to continuously monitor an organization's cybersecurity posture is to evaluate its

Question89: An information security manager is concerned that executive management does not su the following is the BEST way to address this situation?

Question90: In which of the following ways can an information security manager BEST ensure that security controls are adequate for supporting business goals and objectives?

Question91: Which of the following would be MOST helpful in gaining support for a business case for an information security initiative?

Question92: Which of the following is the MOST effective defense against spear phishing attacks?

Question93: Which of the following is a PRIMARY objective of incident classification?

Question94: Which is MOST important when contracting an external party to perform a penetration test?

Question95: In an organization where IT is critical to its business strategy and where there is a high level of operational dependence on IT, senior management commitment to security is BEST demonstrated by the:

Question96: Which of the following will BEST help to ensure security is addressed when developing a custom application?

Question97: The use of a business case to obtain funding for an information security investment is MOST effective when the business case:

Question98: An organization's security policy is to disable access to USB storage devices on laptops and desktops. Which of the following is the STRONGEST justification foi granting an exception to the policy?

Question99: Which of the following BEST measures the effectiveness of an organization's information security strategy?

Question100: When a critical incident cannot be contained in a timely manner and the affected system needs to be taken offline, which of the following stakeholders MUST receive priority communication?