EMT Practice Test

1. Question Content...


Question List

Question1: A risk analysis for a new system is being performed. For which of the following is business knowledge MORE important than IT knowledge?

Question2: Which of the following would BEST address the risk of data leakage?

Question3: Which of the following change management activities would be a clear indicator that normal operational procedures require examination? A high percentage of:

Question4: The PRIMARY purpose of performing an internal attack and penetration test as part of an incident response program is to identify:

Question5: Which of the following is the BEST way to improve the timely reporting of information security incidents?

Question6: A company's mail server allows anonymous file transfer protocol (FTP) access which could be exploited.
What process should the information security manager deploy to determine the necessity for remedial action?

Question7: Senior management has allocated funding to each of the organization's divisions to address information security vulnerabilities. The funding is based on each division's technology budget from the previous fiscal year. Which of the following should be of GREATEST concern to the information security manager?

Question8: What should an information security manager do FIRST upon learning of a significant regulatory change that impacts how the organization should safeguard critical data?

Question9: Which of the following is the BEST approach for improving information security management processes?

Question10: A CEO requests access to corporate documents from a mobile device that does not comply with organizational policy. The information security manager should FIRST:

Question11: What is the BEST way to ensure users comply with organizational security requirements for password complexity?

Question12: Which of the following authentication methods prevents authentication replay?

Question13: When conducting a post-incident review, the benefit of collecting mean time to resolution (MTTR) data is the ability to:

Question14: Which of the following is the MOST reliable source of information about emerging information security threats and vulnerabilities?

Question15: An organization which uses external cloud services extensively is concerned with risk monitoring and timely response. The BEST way to address this concern is to ensure:

Question16: A business unit manager wants to adopt an emerging technology that may affect the organization. Which of the following would be the information security manager's BEST course of action?

Question17: Which of the following would be the BEST way for a company to reduce the risk of data loss resulting from employee-owned devices accessing the corporate email system?

Question18: Which of the following is the BEST way to demonstrate to senior management that organizational security practices comply with industry standards?

Question19: Who in an organization has the responsibility for classifying information?

Question20: The PRIMARY purpose of installing an intrusion detection system (IDS) is to identify:

Question21: When an information security manager is developing a strategic plan for information security, the timeline for the plan should be:

Question22: Which of the following BEST reflects the maturity of an information security program?

Question23: To justify the establishment of an incident management team, an information security manager would find which of the following to be the MOST effective?

Question24: An employee used network logon credentials on a personal shopping site. The site was breached, resulting in an unauthorized person logging onto the network with the employee's credentials via remote access. What is the BEST recommendation to prevent recurrence of similar unauthorized logins?

Question25: A contract bid is digitally signed and electronically mailed. The PRIMARY advantage to using a digital signature is that:

Question26: A critical device is delivered with a single user and password that is required to be shared for multiple users to access the device. An information security manager has been tasked with ensuring all access to the device is authorized. Which of the following would be the MOST efficient means to accomplish this?

Question27: Which of the following is the PRIMARY responsibility of the designated spokesperson during incident response testing?

Question28: Which of the following devices, when placed in a demilitarized zone (DMZ), would be considered a significant exposure?

Question29: To gain a clear understanding of the impact that a new regulatory will have on an organization's security control, an information manager should FIRST.

Question30: An intrusion detection system (IDS) should:

Question31: Which of the following would contribute MOST to employees' understanding of data handling responsibilities?

Question32: Which of the following is the MOST important requirement for the successful implementation of security governance?

Question33: Which of the following BEST indicates an effective vulnerability management program?

Question34: As part of an international expansion plan, an organization has acquired a company located in another jurisdiction. Which of the following would be the BEST way to maintain any effective information security program?

Question35: The MOST important reason for conducting periodic risk assessments is because:

Question36: Which of the following is the MOST effective method of preventing deliberate internal security breaches?

Question37: Which of the following BEST ensures that security risks will be reevaluated when modifications in application developments are made?

Question38: Deciding the level of protection a particular asset should be given in BEST determined by:

Question39: Risk assessment is MOST effective when performed:

Question40: Application data integrity risk would be MOST directly addressed by a design that includes:

Question41: To justify the need to invest in a forensic analysis tool, an information security manager should FIRST:

Question42: Which of the following is MOST effective in preventing weaknesses from being introduced into existing production systems?

Question43: Which of the following has the PRIMARY responsibility of ensuring an organizations information security strategy supports business goals?

Question44: The data access requirements for an application should be determined by the:

Question45: An organization's information security processes are currently defined as ad hoc. In seeking to improve their performance level, the next step for the organization should be to:

Question46: The PRIMARY purpose of using risk analysis within a security program is to:

Question47: Which of the following security activities should be implemented in the change management process to identify key vulnerabilities introduced by changes?

Question48: An incident response team has determined there is a need to isolate a system that is communicating with a known malicious host on the Internet, following stakeholders should be contacted FIRST?

Question49: Which of the following is MOST useful when prioritizing information security initiatives?

Question50: When contracting with an outsourcer to provide security administration, the MOST important contractual element is the:

Question51: Which of the following should be done FIRST when handling multiple confirmed incidents raised at the same time?

Question52: An organization is implementing an information security governance framework. To communicate the program's effectiveness to stakeholders^ it is MOST important to establish:

Question53: What is the PRIMARY role of the information security program?

Question54: Which of the following would BEST demonstrate the maturity level of an organization's security incident response program?

Question55: Which of the following is MOST appropriate for inclusion in an information security strategy?

Question56: Which of the following is the PRIMARY responsibility of the designated spokesperson during incident response testing?

Question57: What is the MOS T cost-effective means of improving security awareness of staff personnel?

Question58: Isolation and containment measures for a compromised computer has been taken and information security management is now investigating. What is the MOST appropriate next step?

Question59: Quantitative risk analysis is MOST appropriate when assessment data:

Question60: An information security manager learns that a departmental system is out of compliance with the information security policy's authentication requirements. Which of the following should be the information security manager's FIRST course of action?

Question61: An organization shares customer information across its globally dispersed branches. Which of the following should be the GREATEST concern to information security management?

Question62: An information security manager has completed a risk assessment and has determined the residual risk. Which of the following should be the NEXT step?

Question63: Which of the following is the BEST indicator that an organization is appropriately managing risk?

Question64: Which of the following represents the MAJOR focus of privacy regulations?

Question65: Which of the following is the BEST indicator that an effective security control is built into an organization?

Question66: The main mail server of a financial institution has been compromised at the superuser level; the only way to ensure the system is secure would be to:

Question67: Which of the following is the MOST effective way to help ensure information security programs are aligned with business objectives?

Question68: Which of the following would BEST help an information security manager prioritize remediation activities to meet regulatory requirements?

Question69: An organization must meet rigorous breach reporting standards in order to comply with regulatory requirements. Which of the following is the BEST way to minimize the organization's financial exposure if a service provider experiences a breach?

Question70: Which of the following is the PRIMARY objective of reporting security metrics to stakeholders?

Question71: Which of the following is an inherent weakness of signature-based intrusion detection systems?

Question72: An organization is going through a digital transformation process, which places the IT organization in an unfamiliar risk landscape. The information security manager has been tasked with leading the IT risk management process. Which of the following should be given the HIGHEST priority?

Question73: Which of the following is the MOST important issue in a penetration test?

Question74: When developing metrics related to an organization's information security program, what information will provide the MOST value to enable strategic decision-making?

Question75: An organization involved in e-commerce activities operating from its home country opened a new office in another country wit! stringent security laws. In this scenario, the overall security strategy should be based on:

Question76: Which of the following would BEST help to ensure an organization's information security strategy is aligned with business objectives?

Question77: Which of the following would provide senior management with the BEST information to better understand the organization's information security risk profile?

Question78: When an organization hires a new information security manager, which of the following goals should this individual pursue FIRST?

Question79: When developing an information security governance framework, which of the following should be the FIRST activity?

Question80: Planning for the implementation of an information security program is MOST effective when it:

Question81: The MOST important success factor to design an effective IT security awareness program is to:

Question82: The MOST important objective of monitoring key risk indicators (KRIs) related to information security is to:

Question83: Which of the following would BEST protect against web-based cross-domain attacks?

Question84: What is the FIRST action an information security manager should take when a company laptop is reported stolen?

Question85: Which of the following is the MOST effective way to ensure the development of an application system will align with organizational security standards?

Question86: It is MOST important that information security architecture be aligned with which of the following?

Question87: Which of the following is the BEST evidence of the maturity of an organization's information security program?

Question88: All risk management activities are PRIMARILY designed to reduce impacts to:

Question89: The MOST important characteristic of good security policies is that they:

Question90: Which of the following attacks is BEST mitigated by utilizing strong passwords?

Question91: Which of the following should be done FIRST when establishing security measures for personal data stored and processed on a human resources....system?

Question92: Change management procedures to ensure that disaster recovery/business continuity plans are kept up-to- date can be BEST achieved through which of the following?

Question93: An operating system (OS) noncritical patch to enhance system security cannot be applied because a critical application is not compatible with the change. Which of the following is the BEST solution?

Question94: A multinational organization wants to ensure its privacy program appropriately addresses privacy risk throughout its operations. Which of the following would be of MOST concern to senior management?

Question95: Ongoing tracking of remediation efforts to mitigate identified risks can BEST be accomplished through the use of which of the following?

Question96: Which of the following is the MOST effective data loss control when connecting a personally owned mobile device to the corporate email system?

Question97: An IS manager has decided to implement a security system to monitor access to the Internet and prevent access to numerous sites. Immediately upon installation, employees Hood the IT helpdesk with complaints of being unable to perform business functions on Internet sites. This is an example of:

Question98: Which of the following is the BEST

Question99: Which of the following will MOST likely reduce the chances of an unauthorized individual gaining access to computing resources by pretending to be an authorized individual needing to have his, her password reset?

Question100: Which of the following reduces the potential impact of social engineering attacks?

Question101: When segregation of duties concerns exists between IT support staff and end users, what would be a suitable compensating control?

Question102: An organization plans to outsource its customer relationship management (CRM) to a third-party service provider. Which of the following should the organization do FIRST?

Question103: Which of the following would BEST protect an organization's confidential data stored on a laptop computer from unauthorized access?

Question104: Which of the following would be the MOST important goal of an information security governance program?

Question105: Which of the following is MOST important to consider when developing a security awareness program in an organization?

Question106: Which of the following is the BEST way to prevent employees from making unauthorized comments to the media about security incidents in progress?

Question107: Which of the following BEST enables an information security manager to determine the comprehensiveness of an organization's information security strategy?

Question108: Which of the following activities MUST be performed by an information security manager for change requests?

Question109: What is the BEST way to ensure users comply with organizational security requirements for password complexity?

Question110: In a business impact analysis, the value of an information system should be based on the overall cost:

Question111: Which of the following is the BEST approach to mitigate online brute-force attacks on user accounts?

Question112: Which of the following is the MOST important outcome of monitoring and reporting on information security processes?

Question113: When developing security standards, which of the following would be MOST appropriate to include?

Question114: Which of the following is MOST helpful in protecting against hacking attempts on the production network?

Question115: The business continuity policy should contain which of the following?

Question116: When establishing an information security strategy, which of the following activities Is MOST helpful in Identifying critical areas to be protected?

Question117: Which of the following steps in conducting a risk assessment should be performed FIRST?

Question118: What should be an information security manager's BEST course of action if funding for a security-related initiative is denied by a steering committee?

Question119: Which of the following is the GREATEST benefit of integrating information security program requirements into vendor management?

Question120: Which of the following is the MOST critical security risk to consider for a start-up company in an emerging field?

Question121: Which of the following statements indicates that a previously failing security program is becoming successful?

Question122: An organization has experienced a ransomware attack. Which of the following is the BEST course of action to prevent further attacks?

Question123: Which of the following is the MAIN objective in contracting with an external company to perform penetration testing?

Question124: Which of the following is the MOST effective method of determining security priorities?

Question125: Recovery point objectives (RPOs) can be used to determine which of the following?

Question126: Risk acceptance is a component of which of the following?

Question127: Which of the following provides the BEST evidence that a control is being applied effectively?

Question128: Ensuring that an organization can conduct security reviews within third-party facilities is PRIMARILY enabled by:

Question129: Which of the following would BEST protect an organization's confidential data stored on a laptop computer from unauthorized access?

Question130: Which of the following should be performed FIRST in the aftermath of a denial-of-service attack?

Question131: Which of the following measures is the MOST effective deterrent against disgruntled stall abusing their privileges?

Question132: Which of the following is the MOST important consideration when implementing an intrusion detection system (IDS)?

Question133: Which of the following is the MOST critical activity to ensure the ongoing security of outsourced IT services?

Question134: In the course of responding 10 an information security incident, the BEST way to treat evidence for possible legal action is defined by:

Question135: An internal review of a web-based application system finds the ability to gain access to all employees' accounts by changing the employee's ID on the URL used for accessing the account. The vulnerability identified is:

Question136: The chief information security officer (CISO) should ideally have a direct reporting relationship to the:

Question137: Which of the following would BEST assist an information security manager in measuring the existing level of development of security processes against their desired state?

Question138: An organization has a policy in which all criminal activity is prosecuted. What is MOST important for the information security manager to ensure when an employee is suspected of using a company computer to commit fraud?

Question139: Which of the following is the MOST important requirement for the successful implementation of security governance?

Question140: When multiple Internet intrusions on a server are detected, the PRIMARY concern of the information security manager should be to ensure that the:

Question141: The MOST effective way to ensure that outsourced service providers comply with the organization's information security policy would be:

Question142: Which of the following is the MOST important information to include in a strategic plan for information security?

Question143: Which of the following, using public key cryptography, ensures authentication, confidentiality and nonrepudiation of a message?

Question144: The impact of losing frame relay network connectivity for 18-24 hours should be calculated using the:

Question145: Which of the following is MOST likely to result from a properly conducted post-incident review?

Question146: During the security review of organizational servers, it was found that a file server containing confidential human resources (HR) data was accessible to all user IDs. As a FIRST step, the security manager should:

Question147: After adopting an information security framework, an information security manager is working with senior management to change the organization-wide perception that information security is solely the responsibility of the information security department. To achieve this objective, what should be the information security manager's FIRST initiative?

Question148: In an organization that has undergone an expansion through an acquisition, which of the following would BEST secure the enterprise network?

Question149: Which of the following is the PRIMARY advantage of desk checking a business continuity plan (BCP)?

Question150: Which of the following steps in conducting a risk assessment should be performed FIRST?

Question151: A business impact analysis (BIA) is the BEST tool for calculating:

Question152: Which of the following is the PRIMARY prerequisite to implementing data classification within an organization?

Question153: Which two components PRIMARILY must be assessed in an effective risk analysis?

Question154: Which of the following is the PRIMARY responsibility of the information security manager when an organization implements the use of personally-owned devices on the corporate network?

Question155: An information security manager reviewing firewall rules will be MOST concerned if the firewall allows:

Question156: Which of the7ager to regularly report to senior management?

Question157: Which of the following activities would BEST incorporate security into the software development life cycle
{SOLO7

Question158: When implementing effective security governance within the requirements of the company's security strategy, which of the following is the MOST important factor to consider?

Question159: Which of the following is the BEST way to increase the visibility of information security within an organization's culture?

Question160: Which of the following is the MOST important to ensure a successful recovery?

Question161: Which of the following would BEST help to ensure the alignment between information security and business functions?

Question162: Which of the following BEST determines an information asset's classification?

Question163: Which of the following is the information security manager's PRIMARY role in the information assets classification process?

Question164: Which of the following is MOST important for an information security manager to highlight when presenting the organization s security posture to an executive audience?

Question165: Which of the following practices is BEST to remove system access for contractors and other temporary users when it is no longer required?

Question166: Which of the following roles is PRIMARILY responsible for determining the information classification levels for a given information asset?

Question167: Which of the following helps to ensure that the appropriate resources are applied in a timely manner after an incident has occurred?

Question168: When a significant security breach occurs, what should be reported FIRST to senior management?

Question169: When an emergency security patch is received via electronic mail, the patch should FIRST be:

Question170: When considering the value of assets, which of the following would give the information security manager the MOST objective basis for measurement of value delivery in information security governance?

Question171: The recovery point objective (RPO) is required in which of the following?

Question172: Which of the following is the BEST control to minimize the risk associated with loss of information as a result of ransomware exploiting a zero-day vulnerability?

Question173: An organization is in the process of adopting a hybrid data infrastructure, transferring all non-core applications to cloud service providers and maintaining all core business functions house. The information security manager has determined a defense in depth strategy should be used. Which of the following BEST describes this strategy?

Question174: Which of the following is the MOST important item to include when developing web hosting agreements with third-party providers?

Question175: When outsourcing information security administration, it is MOST important for an organization to include:

Question176: Web-server security can BEST be enhanced by:

Question177: Which of the following will BEST facilitate informed decision making when presenting an information security risk assessment report to senior management?

Question178: Which of the following should be in place before a black box penetration test begins?

Question179: Which of the following measures BEST indicates an improvement in the information security program to stakeholders?

Question180: Which of the following is the MAIN concern when securing emerging technologies?

Question181: The MOST effective way to communicate the level of impact of information security risks on organizational objectives is to present:

Question182: Which of the following change management procedures is MOST likely to cause concern to the information security manager?

Question183: Which of the following is the BEST way to define responsibility for information security throughout an organization?

Question184: For risk management purposes, the value of an asset should be based on:

Question185: The BEST reason for an organization to have two discrete firewalls connected directly to the Internet and to the same DMZ would be to:

Question186: Which of the following is the BEST way to ensure the effectiveness of a role-based access scheme?

Question187: When a proposed system change violates an existing security standard, the conflict would be BEST resolved by:

Question188: Which of the following is the BEST method to provide a new user with their initial password for e-mail system access?

Question189: The PRIMARY driver to obtain external resources to execute the information security program is that external resources can:

Question190: When developing an information security program, what is the MOST useful source of information for determining available resources?

Question191: Senior management commitment and support for information security can BEST be enhanced through: