EMT Practice Test

1. Question Content...


Question List

Question1: What is the PRIMARY benefit of effective configuration management?

Question2: The Information security manager and senior management of a global financial institution have been notified of a potential breach to its database containing a large volume of sensitive information Which of the following should be done FIRST?

Question3: Which of the following should be the PRIMARY consideration when developing a security governance framework for an enterprise?

Question4: Which of the following is the PRIMARY objective of an incident response plan?

Question5: Which of the following is the BEST method to protect consumer private information for an online public website?

Question6: Which of the following is the MOST reliable way to ensure network security incidents are Identified as soon as possible'

Question7: Which of the following metrics is the MOST appropriate for measuring how well information security is performing in dealing with outside attacks?

Question8: Which of the following is the BEST approach for governing noncompliance with security requirements?

Question9: The MAIN reason for an information security manager to monitor industry level changes in the business and IT is to:

Question10: An organization has selected an internationally recognized information security framework. Which of the following should be the PRIMARY basis for prioritizing the creation of related policies?

Question11: An organization has acquired a company in a foreign country to gain an advantage in a new market Which of the following is the FIRST step the information security manager should take?

Question12: Which of the following is the MOST effective method of determining security priorities?

Question13: An information security manager is reviewing the organization's incident response policy affected by a proposed public cloud integration. Which of the following will be the MOST difficult to resolve with the cloud service provider?

Question14: Which of the following is MOST useful when prioritizing information security initiatives?

Question15: Which of the following is the MOST important consideration when selecting members for an information security steering committee?

Question16: Which of the following would BEST enable an effective response to a network-based attack?

Question17: The PRIMARY reason for using information security metrics is to:

Question18: When building a corporate-wide business continuity plan {BCP), it is discovered there are two separate lines of business systems that could be impacted by the same threat. Which of the following is the BEST method to determine the priority of system recovery in the event of a disaster?

Question19: An incident response team has determined there is a need to isolate a system that is communicating with a known malicious host on the Internet, following stakeholders should be contacted FIRST?

Question20: Which of the following BEST facilitates the monitoring of risk across an organization?

Question21: Risk identification, analysis, and mitigation activities can BCST be integrated into business life cycle processes by linking them to:

Question22: When designing security controls, it is MOST important to:

Question23: An information security manager has identified and implemented mitigating controls according to industry best practices. Which of the following is the GREATEST risk associated with this approach?

Question24: An information security manager is planning to purchase a mobile device management (MDM) system to manage personal devices used by employees to access corpor Which of the following is MOST important to include in the business case?

Question25: An intrusion prevention system (IPS) has reported a significant increase in the number of hacking attempts over the past month, though no systems have actually been compromised. Which of the following should the information security manager do FIRST?

Question26: An information security manager has been tasked with implementing a security awareness training program Which of this ..... have the MOST influence on the effectiveness of this program?

Question27: Which of the following is the MOST important reason for performing a cost-benefit analysis when implementing a security control?

Question28: Which of the following would be MOST important to include in a bring your own device (BYOD) policy with regard to lost or stolen devices? The need for employees to:

Question29: For event logs to be acceptable for incident investigation, which of the following is MOST important to implement on all systems to establish a proper trail of evidence?

Question30: Which of the following is MOST effective in the strategic alignment of security initiatives?

Question31: An email digital signature will:

Question32: Which of the following BEST supports the incident management process for attacks on an organization' s supply chain?

Question33: Which of the following would be MOST helpful to an information security manager tasked with enforcing enhanced password standards?

Question34: The BEST way to avoid session hijacking is to use:

Question35: Which of the following is the MOST significant security risk in IT asset management?

Question36: Which of the following is the BEST evidence of an effectively designed key risk indicator (KRI)?

Question37: Which of the following processes BEST supports the evaluation of incident response effectiveness?

Question38: Which of the following is MOST important lo track for determining the effectiveness of an information security program?

Question39: Which of the following is the FIRST step in developing a business continuity plan (BCPY}?

Question40: Which of the following is the BEST method to obtain senior management buy-in for an information security investment?

Question41: Which of the following is the MOST important consideration when updating procedures for managing security devices?

Question42: The BEST way to establish a security baseline is by documenting:

Question43: When developing an incident response plan, the information security manager should:

Question44: What information is MOST helpful in demonstrating to senior management how information security governance aligns with business objectives?

Question45: The BEST way to identify the risk associated with a social engineering attack is to

Question46: Which of the following approaches would MOST likely ensure that risk management is integrated into the business life cycle processes?

Question47: Which of the following would BEST ensure that security risk assessment is integrated into the life cycle of major IT projects?

Question48: Which of the following is MOST important when developing a security strategy?

Question49: The FIRST step in a risk assessment for a business application is to:

Question50: When reporting on the effectiveness of the information security program, which of the following is the BEST way lo demonstrate improvement m security performance?

Question51: What is the FIRST line of defense against criminal insider activities?

Question52: Which of the following BEST demonstrates that the objectives of an information security governance framework are being met?

Question53: When selecting metrics to monitor the risks associated with an information security program, it is MOST important for an information security manager to:

Question54: Which of the following is MOST helpful to an information security manager when determining service level requirements for an outsourced application?

Question55: Which of the following should an information security manager perform FIRST when an organization's residual risk has increased?

Question56: When the inherent risk of a business activity is lower than the acceptable risk level, the BEST course of action would be to:

Question57: Which of the following reports would provide the BEST overview of the progress of an information security program to senior management?

Question58: Which of the following is the BEST indicator that an organization is appropriately managing risk?

Question59: Which of the following is the MOST relevant risk factor to an organization when employees use social media?

Question60: An organization is considering a self-service solution for the deployment of virtualized development servers.
Which of the following should be information security manager's PRIMARY concern?

Question61: Which of the following is the GREATEST benefit of a centralized approach to coordinating information security?

Question62: Which of the following is the MOST likely outcome from the implementation of a security governance framework?

Question63: A new key business application has gone to production. What is the Most important reason to classify and determine the sensitivity of the data used by this application?

Question64: Which of the following is the GREATEST risk associated with the installation of an intrusion prevention system (IPS)?

Question65: The effectiveness of an information security governance framework will BEST be enhanced if:

Question66: An organization is adopting a standardized corporate chat messaging technology to help facilitate communication among business units. Which of the following is an ESSENTIAL task associated with this initiative?

Question67: An organization engages 4 third-party vendor to monitor and support a financial application under scrutiny by regulators. Maintaining strict data integrity and confidentiality for this application is critical to the business. Which of the following controls would MOST effectively manage risk to the organization?

Question68: What should be the FIRST step when developing an asset management program?

Question69: An information security manager has discovered that a business unit is planning on implementing a new application and has not engaged anyone from the information security department. Which of the following is the BEST course of action?

Question70: Which of the following BEST enables effective information security governance9

Question71: In a large organization requesting outsourced services, which of the following contract clauses is MOST important to the information security manager?

Question72: Which of the following is the GREATEST benefit of integrating a security information and event management (SIEM) solution with traditional security tools such as IDS, anti-malware. and email screening solutions?

Question73: An organization has decided to conduct a postmortem analysis after experiencing a loss from an information security attack. The PRIMARY purpose of this analysis should be to:

Question74: Which of the following is the BEST way for an information security manager to justify ongoing annual maintenance fees associated with an intrusion prevention system (IPS)*?

Question75: Who should be responsible for determining the classification of data within a database used in conjunction with an enterprise application?

Question76: What would be an information security manager's BEST recommendation upon learning that an existing contract with a third party does not clearly identify requirements for safeguarding the organization's critical data?

Question77: Which of the following has the MOST influence on an organization's adoption of information security policies?

Question78: Which of the following should an information security manager consider when reviewing an existing security investment plan?

Question79: Which of the following BEST protects against phishing attacks?

Question80: Which of the following would BEST enable effective decision-making?

Question81: Which aspect of an incident response plan will MOST effectively help to limit reputational damage when multiple media services are seeking a response following a major security breach?

Question82: Which of the following is the BEST option for addressing regulations that will adversely affect the allocation of information security program resources?

Question83: Which of the following tasks should be performed once a disaster recovery plan (DRP) has been developed?

Question84: An information security manager has determined that the mean time to prioritize information security incidents has increased to an unacceptable level. Which of the following processes would BEST enable the information security manager to address this concern?

Question85: Which of the following would be MOST helpful in gaming support for a business case for an Information security initiative9

Question86: An organization is considering moving lo a cloud service provider for the storage of sensitive data Which of the following .... consideration FIRST?

Question87: Information security can BEST be enforced by making security:

Question88: A business manager has decided not to implement a control based on the risk assessment of a mission-critical business application because of its impact on performance. What is the information security manager's BEST course of action'?

Question89: An organization wants to enable digital forensics for a business-critical application. Which of the following will BEST help to support this objective?

Question90: Which of the following should an information security manager do FIRST when a recent internal audit reveals a security risk is more severe than previously assessed?

Question91: Which of the following is necessary to determine what would constitute a disaster for an organization?

Question92: A risk was identified during a risk assessment. The business process owner has chosen to accept the risk because the cost of remediation is greater than the projected cost of a worst-case scenario. What should be the information security manager's NEXT course of action?

Question93: For computer forensics evidence to be admissible in a court of law, the evidence MUST:

Question94: Which of the following architectures for e-business BEST ensures high availability?

Question95: An organization has announced new initiatives to establish a big data platform and develop mobile apps. What is the FIRST step when defining new human resource requirements?

Question96: An organization is considering the deployment of encryption software and systems organization-wide. The MOST important consideration should be whether:

Question97: To help users apply appropriate controls related to data privacy regulation, what is MOST important to communicate to the users?

Question98: Which of the following is MOST important to consider when determining the effectiveness of the Information security governance program?

Question99: Which of the following is MOST helpful to developing a comprehensive Information security strategy?

Question100: An information security manager has recently been notified of potential security risks associated with a thirdparty service provider. What should be done NEXT to address this concern?

Question101: The PRIMARY responsibility to communicate with legal authorities regarding unauthorized disclosure of customer information should be defined in the:

Question102: Which of the following is the GREATEST benefit of information asset classification?

Question103: Which of the following should be the PRIMARY input when defining the desired state of security within an organization?

Question104: When monitoring the security of a web-based application, which of the following is MOST frequently reviewed?

Question105: The business advantage of implementing authentication tokens is that they:

Question106: The PRIMARY reason to classify information assets should be to ensure

Question107: Which of the following is the BEST course of action for an information security manager to align security and business goals?

Question108: Which of the following is MOST important to include in contracts with key third-party providers?

Question109: Which of the following factors are the MAIN reasons why large networks are vulnerable?

Question110: Senior management is alarmed by recent media reports of severe security incidents at competing organizations Which of the following would provide the BEST assurance that the organization's current security measures are performing adequately?

Question111: Which of the following provides the MOST essential input for the development of an information security strategy?

Question112: Which of the following is the BEST method to protect against data exposure when a mobile device is stolen?

Question113: Segregation of duties is a security control PRIMARILY used to:

Question114: During which process is regression testing MOST commonly used?

Question115: The responsibility for approving access to data according to the organization's data classification policy belongs to the:

Question116: The PRIMARY purpose of establishing an information security governance framework should be to:

Question117: Which of the following metrics would BEST monitor how well information security requirements are incorporated into the change management process?

Question118: Which of the following activities would BEST incorporate security into the software development life cycle
{SOLO7

Question119: Which of the following would BEST enable an information security manager to identify the risk associated with cloud-based solutions?

Question120: What is the PRIMARY objective of triage within the incident response process?

Question121: A regulatory organization sends an email to an information security manager warning of an Impending cyber attack. What should the information security manager do FIRST?

Question122: Which of the following presents the MOST significant challenge when classifying IT assets?

Question123: What should an information security manager do FIRST when made aware of a new regulation which may require the redesign of existing information security processes?

Question124: Which of the following is MOST important to the effectiveness of an information security steering committee?

Question125: Management has expressed concerns to the information security manager that shadow IT may be a risk to the organization. What is the FIRST step the information security manager should take?

Question126: Which of the following should be done FIRST when considering a new security initiative?

Question127: Which of the following is a potential indicator of inappropriate Internet use by staff?

Question128: Which of the following BEST enables successful identification of a potential IT security incident?

Question129: An incident was detected where customer records were altered without authorization. The GREATEST concern for forensic analysis would be that the log data:

Question130: An information security manager discovers that newly hired privileged users are not taking necessary steps to protect critical information at their workstations. Which of the following is the BEST way to address this situation?

Question131: Which of the following should cause the GREATEST concern for an information security manager reviewing the effectiveness of an intrusion prevention system (IDS)?

Question132: Which of the following is the PRIMARY reason for conducting post-incident reviews?

Question133: In a large organization, defining recovery time objectives (RTOs) is PRIMARILY the responsibility of;

Question134: Which of the following is an information security manager's BEST course of action when a threat intelligence report indicates a large number of ransomware attacks targeting the industry?

Question135: Which of the following will BEST enable an effective information asset classification process?

Question136: Which of the following is the BEST way to measure the effectiveness of a newly implemented social engineering training program?

Question137: Which of the following is the MOST important factor of a successful information security program?

Question138: Which of the following BEST demonstrates return on investment (ROI) for an information security initiative?

Question139: Which of the following BEST supports the alignment of information security with business functions?

Question140: Which of the following should be the PRIMARY outcome of an information security program'?

Question141: Which of the following is the BEST way to ensure that organizational security policies comply with data security regulatory requirements?

Question142: Which of the following roles should be separated?

Question143: Which of the following is the MOST important consideration during a forensics investigation?

Question144: Which of the following is the PRIMARY reason to include message templates for communications with external parties in an incident response plan?

Question145: A CEO requires that information security risk management is practiced at the organizational level through a central risk register. Which of the following is the MOST important reason to report a summary of this risk register to the board?

Question146: Which of the following is the GREATEST benefit of integrating information security program requirements into vendor management?

Question147: Which of the following should be done FIRST when implementing an information security strategy?

Question148: Information security awareness programs are MOST effective when they are:

Question149: Which of the following is an important criterion for developing effective key risk indicators (KRIs) to monitor information security risk?

Question150: An organization has decided to implement a security information and event management (SIEM) system. It is MOST important for the organization to consider:

Question151: Which of the following is the GREATEST concern with employees investigating and responding to security breaches they report'?

Question152: Which of the following is MOST important for the alignment of an information security program with the information security strategy?

Question153: Which of the following is the MOST effective way to mitigate the risk of confidential data leakage to unauthorized stakeholders?

Question154: An information security manager recently received funding for a vulnerability scanning tool to replace manual assessment techniques and needs to justify the expense of the tool going forward. Which of the following metrics would BEST indicate the tool is effective?

Question155: Which of the following is the MOST important reason to have documented security procedures and guidelines?

Question156: Which of the following provides the GREATEST assurance that existing controls meet compliance requirements?

Question157: What is the MOST effective way to ensure information security incidents will be managed effectively and in a timely manner?

Question158: Which of the following would provide the BEST evidence to senior management that security control performance has improved?

Question159: What is the BEST way for a customer to authenticate an e-commerce vendor?

Question160: What should an information security manager do FIRST upon learning of a significant regulatory change that impacts how the organization should safeguard critical data?

Question161: Which of the following should be determined FIRST when preparing a risk communication plan?

Question162: Which of the following provides the GREATEST assurance that information security is addressed in change management?

Question163: Which of the following is MOST helpful in identifying external and internal factors that could influence the organization's future information security posture?

Question164: Following a highly sensitive data breach at a large company, all servers and workstations were patched. The information security manager s NEXT step should be to:

Question165: After isolating a system compromised in a security incident, which of the following should be the PRIMARY objective of the information security team?

Question166: Which of the following should an information security manager do FIRST upon learning that a data loss prevention (DLP) scanner has identified payment card information (PCI) stored in cleartext within accounting file shares?

Question167: Which of the following is a PRIMARY goal of an information security program?

Question168: In the development of an information security strategy, recovery time objectives (RTOs) will serve as indicators of:

Question169: In a multinational organization, local security regulations should be implemented over global security policy because:

Question170: An information security manager has researched several options for handling ongoing security concerns and will be presenting these solutions to business managers. Which of the following with BEST enable business managers to make an informed decision?

Question171: Which of the following is the PRIMARY reason to conduct a post-incident review?

Question172: Which of the following types of controls would be MOST important to implement when digitizing human resource (HR) records?

Question173: For an organization that provides web-based services, which of the following security events would MOST likely initiate an incident response plan and be escalated to management?

Question174: Which activity is MOST important when identifying the appropriate security controls for a new business application?

Question175: Which of the following is MOST relevant for an information security manager to communicate to IT operations?

Question176: Which of the following is the PRIMARY responsibility of an information security manager in an organization that is implementing the use of company-owned mobile devices in its operations?

Question177: When creating a bring your own device (BYOD) program, it is MOST important to:

Question178: A core business unit relies on an effective legacy system that does not meet the current security standards and threatens that enterprise network. Which of the following is the BEST course of action to address the situation?

Question179: Which of the following would provide the MOST effective security outcome in an organization?

Question180: Which of the following is the MOST important driver when developing an effective information security strategy?

Question181: The PRIMARY goal of conducting a business impact analysis (BIA) as part of an overall continuity planning process Is to:

Question182: Which of the following is the MOST important consideration to provide meaningful information security reporting to senior management?

Question183: Which of the following is the BEST methodology to manage access rights?

Question184: An organization has announced company-wide budget cuts due to poor financial performance, impacting delivery of the information security program. What should the information security manager do FIRST?

Question185: Which of the following is the MOST effective way to help ensure information security programs are aligned with business objectives?

Question186: An organization must meet rigorous breach reporting standards in order to comply with regulatory requirements. Which of the following is the BEST way to minimize the organization's financial exposure if a service provider experiences a breach?

Question187: To ensure IT equipment meets organizational security standards, the MOST efficient approach is to:

Question188: An awareness program is implemented to mitigate the risk of infections introduced through the use of social media Which of the following will BEST determine the effectiveness of the awareness program''

Question189: Which of the following is the MOST important factor to be considered when reviewing an information security strategy?

Question190: What is the GREATEST benefit of classifying assets based on sensitivity?

Question191: After implementing an information security governance framework, which of the following would provide the BEST information to develop an information security project plan?

Question192: An information security manager is concerned about the risk of fire at its data processing center To address this concern, an automatic fire suppression system has been installed Which of the following risk treatments has been applied?

Question193: Noncompliance issues were identified through audit. Which of the following is the BEST approach for the information security manager to ensure that issues are resolved in a timely manner?

Question194: An organization's security was compromised by outside attackers. The organization believed that the incident was resolved. After a few days, the IT staff is still noticing unusual network traffic. Which of the following is the BEST course of action to address this situation?

Question195: Which of the following will BEST enable the identification of appropriate controls to prevent repeated occurrences of similar types of information...........

Question196: A validated patch to address a new vulnerability that may affect a mission-critical server has been released.
What should be done immediately?

Question197: The PRIMARY reason for defining the information security roles and responsibilities of staff throughout an organization is to:

Question198: Which of the following BEST enables senior management to monitor the organization's risk exposure?

Question199: Which of the following factors is MOST likely to increase the chances of a successful social engineering attack?

Question200: Who should have PRIMARY responsibility for authorizing access to data residing in an enterprise resource application?

Question201: A company is considering a new automated system that requires implementation of wireless devices for data capture. Even though wireless is not an approved technology, senior management has accepted the risk and approved a Proof-of-Concept (POC) to evaluate the technology and proposed solution. Which of the following is the information security manager s BEST course of action?

Question202: During which stage of the software development life cycle (SDLC) should application security controls FIRST be addressed?

Question203: An information security manager has been made aware that implementing a control would have an adverse impact to the business. The business manager has suggested accepting the risk. The BEST course of action by the information security manager would be to:

Question204: The BEST way to report to the board on the effectiveness of the Information security program is to present:

Question205: An organization Is storing accounting data in an external cloud environment. Which of the following is the MOST important riskrelated consideration?

Question206: When scoping a risk assessment, assets need lo be classified by

Question207: What is the BEST way to determine the level of risk associated with information assets processed by an IT application?

Question208: Which of the following is the MAIN reason for integrating an organization's incident response plan with its business continuity process?

Question209: Which of the following trends BEST indicates that the maturity level of an information security program is improving?

Question210: Senior management wants to provide mobile devices to its sales force. Which of the following should the Information security manager do FIRST to support this objective?

Question211: An organization has implemented a bring your own device (BYOD)} program. Which of the following is the GREATEST risk to the organization?

Question212: Which of the following is MOST important to the successful development of an information security strategy?

Question213: In which cloud model does the cloud service buyer assume the MOST security responsibility?

Question214: An organization has acquired a new system with strict maintenance instructions and schedules. Where should this information be documented?

Question215: Which of the following is MOST important for an information security manager to ensure when evaluating change requests?

Question216: Which of the following will provide the MOST accurate test results for a disaster recovery plan (DRP)?

Question217: A recent comprehensive vulnerability assessment identified emerging threats to the continuity of critical business services. What should be the information security manager s FIRST course of action?