EMT Practice Test
1. Question Content...
Question6: Which of the following would BEST mitigate identified vulnerabilities in a timely manner?
Question23: Which of the following is the KST way to align security and business strategies?
Question28: The selection of security controls is PRIMARILY linked to:
Question31: Which of the following is the MOST effective way to detect security incidents?
Question33: The MOST important outcome of information security governance is:
Question35: Information security governance is PRIMARILY a:
Question36: Which of the following is the MOST significant benefit of effective change management?
Question38: The value of information assets relative to the organization is BEST determined by:
Question39: Which of the following BEST enables effective closure of noncompliance issues?
Question52: Which of the following will BEST protect an organization against spear phishing?
Question59: Which of the following is the MOST important outcome from vulnerability scanning?
Question64: The PRIMARY purpose of vulnerability assessments is to:
Question68: Which of the following is the PRIMARY role of a data custodian?
Question80: Which of the following would provide nonrepudiation of electronic transactions?
Question82: Risk management is MOST cost-effective;
Question83: Which of the following is an example of a vulnerability?
Question90: A risk profile supports effective security decisions PRIMARILY because it:
Question95: Which of the following is the PRIMARY purpose of data classification?
Question101: After assessing risk, the decision to treat the risk should be based PRIMARILY on:
Question105: Recovery time objectives (RTOs) are an output of which of the following?
Question106: The MOST effective control to detect fraud inside an organization's network is to:
Question114: Which of the7ager to regularly report to senior management?
Question115: Information classification is a fundamental step in determining:
Question117: Which of the following threats is prevented by using token-based authentication?
Question129: Which of the following is PRIMARILY influenced by a business impact analysis (BIA)?
Question132: Which of the following is an example of a deterrent control?
Question134: Conducting a cost-benefit analysis for a security investment is important because it
Question147: Which of the following elements of risk is MOST difficult to quantify?
Question152: The PRIMARY goal of a security infrastructure design is the:
Question163: The PRIMARY purpose of a risk assessment is to enable business leaders to:
Question170: An information security program should be established PRIMARILY on the basis of:
Question193: Labeling information according to its security classification:
Question202: Which of the following will BEST ensure that risk is evaluated on system level changes?
Question203: The PRIMARY advantage of a network intrusion detection system (IDS) is that it can:
Question204: When developing a classification method for incidents, the categories MUST be:
Question205: Authorization can BEST be accomplished by establishing:
Question209: Calculation of the recovery time objective (RTO) is necessary to determine the:
Question210: Which of the following is the BEST reason to reassess risk following an incident?
Question213: Which of the following is the PRIMARY reason to invoke continuity and recovery plans?