EMT Practice Test

1. Question Content...


Question List

Question1: From an Information security perspective, legal issues associated with a transborder flow of technology-related items are MOST often related to

Question2: Which of the following is the MOST important consideration when deciding whether to continue outsourcing to a managed security service provider?

Question3: Which of the following is MOST important lo track for determining the effectiveness of an information security program?

Question4: Management is questioning the need for several items in the information security budget proposal. Which of the following would have been MOST helpful prior to budget submission?

Question5: When integrating information security requirements into software development, which of the following practices should be FIRST in the development lifecycle?

Question6: Which of the following is the BEST evidence of an effectively designed key risk indicator (KRI)?

Question7: When trying to integrate information security across an organization, the MOST important goal for a governing body should be to ensure:

Question8: When considering whether to adopt bring your own device (BYOD). it is MOST important for the information security manager to ensure that

Question9: Which of the following is the BEST way for an information security manager to justify ongoing annual maintenance fees associated with an intrusion prevention system (IPS)*?

Question10: When establishing an information security strategy, which of the following activities Is MOST helpful in Identifying critical areas to be protected?

Question11: Which of the following would BEST demonstrate the maturity level of an organization's security incident response program?

Question12: What should be an information security manager's BEST course of action if funding for a security-related initiative is denied by a steering committee?

Question13: If the inherent risk of a business activity is higher than the acceptable risk level, the information security manager should FIRST

Question14: Which of the following BEST helps to identify vulnerabilities introduced by changes to an organization's technical infrastructure?

Question15: Which of the following is the PRIMARY reason an information security strategy should be deployed across an organization?

Question16: What would be an information security manager's BEST recommendation upon learning that an existing contract with a third party does not clearly identify requirements for safeguarding the organization's critical data?

Question17: Vulnerability scanning has detected a critical risk in a vital business application. Which of the following should the information security manager do FIRST?

Question18: Which of the following is the MOST effective preventive control?

Question19: Which of the following provides the GREATEST assurance that existing controls meet compliance requirements?

Question20: The PRIMARY reason for classifying assets is to:

Question21: Which of the following should an information security manager do FIRST after learning about a new regulation that affects the organization?

Question22: An attacker was able to gain access to an organizations perimeter firewall and made changes to allow wider external access and to steal dat a. Which of the following would have BEST provided timely identification of this incident?

Question23: An organizations ability to prevent a security incident In a Software as a Service (SaaS) cloud-com puling environment is MOST dependent on the:

Question24: Which of the following is MOST helpful to developing a comprehensive Information security strategy?

Question25: The PRIMARY purpose of a periodic threat and risk assessment report to senior management is to communicate the:

Question26: An incident was detected where customer records were altered without authorization. The GREATEST concern for forensic analysis would be that the log data:

Question27: When facilitating the alignment of corporate governance and information security governance, which of the following is the MOST important role of an organizations security steering committee?

Question28: Which of the following is the MOST important reason for an organization to develop an information security governance program?

Question29: When a critical incident cannot be contained in a timely manner and the affected system needs to be taken offline, which of the following stakeholders MUST receive priority communication?

Question30: Which of the following should be the MOST important consideration when implementing an information security framework?

Question31: The MOST important objective of monitoring key risk indicators (KRIs) related to information security is to:

Question32: Which of the following is the BEST way for an information security manager to protect against a zero-day attack?

Question33: An information security manager is reviewing the organization's incident response policy affected by a proposed public cloud integration. Which of the following will be the MOST difficult to resolve with the cloud service provider?

Question34: Which of the following is the BEST way to prevent recurrence of a security incident?

Question35: Communicating which of the following would be MOST helpful to gain senior management support for risk treatment options?

Question36: An organization has identified an increased threat of external brute force attacks in its environment. Which of the following is the MOST effective way to mitigate this risk to the organization's critical systems?

Question37: Which of the following would be an information security manager's PRIMARY challenge when deploying a bring your own device (BYOD) mobile program in an enterprise?

Question38: Which of the following is MOST important to help ensure an intrusion prevention system (IPS) can view all traffic in a demilitarized zone (DMZ)?

Question39: The criticality of an information asset is derived from its:

Question40: Several identified risks have been mitigated to an acceptable level with appropriate controls Which of the following activities would BEST help to maintain acceptable risk levels?

Question41: The PRIMARY focus of a training curriculum for members of an incident response team should be:

Question42: In a large organization, which of the following is the BEST source for identifying ownership of a PC?

Question43: A risk has been formally accepted and documented. Which of the following is the MOST important action for an information security manager?

Question44: Senior management is concerned a security solution may not adequately protect its multiple global data centers following recent industry breaches. What should be done NEXT?

Question45: Which of the following provides a sound basis for effective security change management?

Question46: An organization has established information security policies, but the information security the MOST likely reason for this situation?

Question47: Which of the following would be MOST effective in preventing malware from being launched through an email attachment?

Question48: Which of the following BEST determines an information asset's classification?

Question49: What is the MOST effective way to ensure information security incidents will be managed effectively and in a timely manner?

Question50: An organization has purchased a security Information and event management (SIEM) tool. Which of the following is MOST important lo consider before implementation?

Question51: An internal security audit has reported several control weaknesses. The information security manager's BEST course of action should be to:

Question52: The MAIN consideration when designing an incident escalation plan should be ensuring that:

Question53: Which of the following BEST ensures timely and reliable access to services?

Question54: Which of the following is the MAIN concern when securing emerging technologies?

Question55: Following a significant change to the underlying code of an application, it is MOST important for the information security manager to:

Question56: Which of the following is MOST important in the development of metrics for the effectiveness of information security?

Question57: Which of the following provides the BEST indication that the information security program is in alignment with enterprise requirements?

Question58: Which of the following is MOST appropriate to include in an information security policy?

Question59: When monitoring the security of a web-based application, which of the following is MOST frequently reviewed?

Question60: The BEST way to ensure information security efforts and initiatives continue to support corporate strategy is by:

Question61: Which of the following should be of MOST influence to an information security manager when developing IT security policies?

Question62: When considering whether to adopt a new information security framework, an organization's information security manager should FIRST:

Question63: The use of digital signatures ensures that a message:

Question64: Which of the following would BEST help an information security manager prioritize remediation activities to meet regulatory requirements?

Question65: A corporate web site has become compromised as a result of a malicious attack. Which of the following should the information security manager do FIRST?

Question66: What should an information security manager do FIRST when a service provider that stores the organization's confidential customer data experiences a breach in its data center?

Question67: Which of the following should provide the PRIMARY justification to approve the implementation of a disaster recovery (DR) site on the recommendation of an external audit report?

Question68: The effectiveness of an information security governance framework will BEST be enhanced if:

Question69: An organization has detected potential risk emerging from noncompliance with new regulations in its industry. Which of the following is the MOST important reason to report this situation to senior management?

Question70: Which of the following is MOST effective in reducing the financial impact following a security breach leading to data disclosure9?

Question71: The MOST important objective of security awareness training for business staff is to:

Question72: Which of the following should be an information security manager's PRIMARY role when an organization initiates a data classification process?

Question73: Which of the following is the MOST important criterion when deciding whether to accept residual risk?

Question74: In a resource-restricted security program, which of the following approaches will provide the BEST use of the limited resources?

Question75: The MOST effective way to communicate the level of impact of information security risks on organizational objectives is to present

Question76: Which of the following is the MOST important function of information security?

Question77: The BEST way for an information security manager to understand the critically of an online application is to perform a

Question78: When two different controls are available to mitigate a risk, an information security manager's recommendation should be based on the results of a:

Question79: Which of the following is the MOST important reason for logging firewall activity?

Question80: Which of the following is MOST helpful for aligning security operations with the IT governance framework?

Question81: Which of the following should cause the GREATEST concern for an information security manager reviewing the effectiveness of an intrusion prevention system (IDS)?

Question82: An information security manager has researched several options for handling ongoing security concerns and will be presenting these solutions to business managers. Which of the following with BEST enable business managers to make an informed decision?

Question83: An information security manager wants to document requirements detailing the minimum security controls required for user workstations. Which of the following resources would be MOST appropriate for this purpose?

Question84: An organization has announced new initiatives to establish a big data platform and develop mobile apps. What is the FIRST step when defining new human resource requirements?

Question85: Which of the following would BEST enable effective decision-making?

Question86: When scoping a risk assessment, assets need lo be classified by

Question87: For an organization with operations in different parts of the world, the BEST approach for ensuring that security policies do not conflict with local laws and regulations is to:

Question88: A core business unit relies on an effective legacy system that does not meet the current security standards and threatens that enterprise network. Which of the following is the BEST course of action to address the situation?

Question89: Which of the following is the BEST method to protect against data exposure when a mobile device is stolen?

Question90: An information security manager learns that a departmental system is out of compliance with the information security policy's authentication requirements. Which of the following should be the information security manager's FIRST course of action?

Question91: Which is MOST important when contracting an external party to perform a penetration test?

Question92: Which of the following should be an information security manager's PRIMARY focus during the development of a critical system storing highly confidential data?

Question93: Which of the following is the BEST way to determine if an information security program aligns with corporate governance?

Question94: When conducting a post-incident review, the GREATEST benefit of collecting mean time to resolution (MTTR) data is the ability to:

Question95: In which of the following ways can an information security manager BEST ensure that security controls are adequate for supporting business goals and objectives?

Question96: Segregation of duties is a security control PRIMARILY used to:

Question97: Risk identification, analysis, and mitigation activities can BCST be integrated into business life cycle processes by linking them to:

Question98: The MAIN purpose of documenting information security guidelines for use within a large, international organization is to:

Question99: An information security manager finds that corporate information has been stored on a public cloud storage site for business collaboration purposes. Which of the following should be the manager's FIRST action?

Question100: An organization has detected sensitive data leakage caused by an employee of a third-party contractor. What is the BEST course of action to address this issue?

Question101: Which of the following provides the MOST essential input for the development of an information security strategy?

Question102: Which of the following would provide the BEST justification for a new information security investment?

Question103: When reporting on the effectiveness of the information security program, which of the following is the BEST way lo demonstrate improvement m security performance?

Question104: A risk assessment has been conducted following a data owner's decision to outsource an application to a cloud provider Which of the following should be the information security manager's NEXT course of action?

Question105: Which of the following should be the PRIMARY basis for determining risk appetite?

Question106: Which of the following is the MOST effective approach of delivering security incident response training?

Question107: An organization with a strict need-to-know information access policy is about to launch a knowledge management intranet. Which of the following is the MOST important activity to ensure compliance with existing security policies?

Question108: Which of the following is MOST important to the successful implementation of an information security program?

Question109: A core business function has created a significant risk. Budget constraints do not allow for effective remediation. Who should be accountable for selecting the appropriate risk treatment?

Question110: The BEST way to establish a security baseline is by documenting:

Question111: Which of the following would BEST protect against web-based cross-domain attacks?

Question112: Which of the following would be MOST helpful in gaming support for a business case for an Information security initiative9

Question113: Senior management has allocated funding to each of the organization s divisions to address information security vulnerabilities The funding is based on each division's technology budget from the previous fiscal year. Which of the following should be of GREATEST concern to the information security manager?

Question114: Which of the following is the BEST option for addressing regulations that will adversely affect the allocation of information security program resources?

Question115: What is the MOST important role of an organization's data custodian in support of the information security function?

Question116: An information security manager has determined that the mean time to prioritize information security incidents has increased to an unacceptable level. Which of the following processes would BEST enable the information security manager to address this concern?

Question117: An organization is considering moving lo a cloud service provider for the storage of sensitive data Which of the following .... consideration FIRST?

Question118: Which of the following is the MOST important reason to document information security incidents that are reported across the organization?

Question119: An application system stores customer confidential data and encryption is not practical. The BEST measure to protect against data disclosure is:

Question120: Which of the following would BEST demonstrate the status of an organization's information security program to the board of directors?

Question121: Ensuring that an organization can conduct security reviews within third-party facilities is PRIMARILY enabled by:

Question122: Which of the following defines the triggers within a business continuity plan (BCP)?

Question123: An inexperienced information security manager is relying on its internal audit department to design and implement key security controls. Which of the following is the GREATEST risk?

Question124: Which of the following is a PRIMARY goal of an information security program?

Question125: Which of the following approaches would MOST likely ensure that risk management is integrated into the business life cycle processes?

Question126: Which of the following should be the FIRST step of incident response procedures?

Question127: Which of the following should be the MOST important consideration when reporting sensitive risk-related information to stakeholders?

Question128: Which of the following is MOST important when establishing a successful information security governance framework?

Question129: When preparing a risk treatment plan, which of the following is the MOST important consideration when reviewing options for mitigating risk?

Question130: Which of the following is the MOST important security consideration when using Infrastructure as a Service (laaS)?

Question131: A data leakage prevention (DLP) solution has identified that several employees are sending confidential company data to their personal email addresses in violation of company policy. The information security manager should FIRST.

Question132: Which of the following MOST effectively helps an organization to align information security governance with corporate governance?

Question133: Which of the following is MOST critical when creating an incident response plan?

Question134: A security team is conducting its annual disaster recovery test. Post-restoration testing shows the system response time is significantly slower due to insufficient bandwidth for Internet connectivity at the recovery center. Which of the following is the security manager's BEST course of action?

Question135: The use of a business case to obtain funding for an information security investment is MOST effective when the business case:

Question136: Which of the following is the MOST important reason to identify and classify the sensitivity of assets?

Question137: Which of the following will BEST facilitate the development of appropriate incident response procedures?

Question138: Which of the following metrics would BEST monitor how well information security requirements are incorporated into the change management process?

Question139: An information security manager has been made aware that implementing a control would have an adverse impact to the business. The business manager has suggested accepting the risk. The BEST course of action by the information security manager would be to:

Question140: An organization is planning to create a website that will collect site-visitor details from around the world and use them as marketing lists for operations in several countries. Which of the following should be of MOST concern to the information security manager?

Question141: The MOST important reason to maintain metrics for incident response activities is to

Question142: Which of the following is an indicator of improvement in the ability to identify security risks?

Question143: Which of the following trends BEST indicates that the maturity level of an information security program is improving?

Question144: Which of the following is the BEST reason to separate short-term from long-term plans within an information security roadmap?

Question145: A third-party service provider is developing a mobile app for an organization's customers. Which of the following issues should be of GREATEST concern to the information security management.

Question146: Which of the following is the MOST effective way to mitigate the risk of data loss in the event of a stolen laptop?

Question147: Which of the following is the BEST reason to develop comprehensive information security policies?

Question148: Which of the following is the MOST relevant risk factor to an organization when employees use social media?

Question149: After adopting an information security framework, an information security manager is working with senior management to change the organization-wide perception that information security is solely the responsibility of the information security department. To achieve this objective, what should be the information security manager's FIRST initiative?

Question150: In a large organization requesting outsourced services, which of the following contract clauses is MOST important to the information security manager?

Question151: Which of the following models provides a client organization with the MOST administrative control over a cloud-hosted environment?