EMT Practice Test

1. Question Content...


Question List

Question1: The BEST way to avoid session hijacking is to use:

Question2: The PRIMARY goal of a post-incident review should be to

Question3: An information security manager has identified that security risks are not being treated in a timely manner. Which of the following is the BEST way to address this situation?

Question4: Which of the following provides the MOST relevant information to determine the overall effectiveness of an information security program and underlying business processes?

Question5: What is the PRIMARY objective of implementing standard security configurations?

Question6: An organization's security policy is to disable access to USB storage devices on laptops and desklops. Which of the following is the STRONGEST justification for granting an exception to the policy?

Question7: The BEST way to avoid session hijacking is to use:

Question8: An organization finds unauthorized software has been installed on a number of workstations. The software was found to contain a Trojan which had been uploading data to an unknown external party. Which of the following would have BEST prevented the installation of the unauthorized software?

Question9: Which of the following roles is BEST suited to validate user access requirements during an annual user access review?

Question10: Which of the following is the BEST strategy to implement an effective operational security posture?

Question11: Which of the following information BEST supports risk management decision making?

Question12: Which of the following is MOST important to ensure when an organization is moving portions of its sensitive database to the cloud?

Question13: When defining and communicating roles and responsibilities between an organization and cloud service provider, which of the following situations would present the GREATEST risk to the organization's ability to ensure information risk is managed appropriately?

Question14: For an enterprise implementing a bring your own device (BYOD) program, which of the following would provide the BEST security of corporate data residing on unsecured mobile devices?

Question15: Which of the following is MOST important when selecting an information security matric?

Question16: Which of the following is the MOST important step when establishing guidelines for the use of social networking sites in an organization?

Question17: Which of the following is the BEST course of action if the business activity residual risk is lower than the acceptable risk level?

Question18: A security review identifies that confidential information on the file server has been accessed by unauthorized users in following should the information security manager do FIRST?

Question19: Human resources (HR) is evaluating potential Software as a Service (SaaS) cloud services. Which of the following should the information security manager do FIRST to support this effort?

Question20: Which of the following is the BEST method to protect consumer private information for an online public website?

Question21: A measure of the effectiveness of the incident response capabilities of an organization is the:

Question22: Which of the following is the MOST effective approach to ensure IT processes are performed in compliance with the information security policies?

Question23: Which of the following would BEST enable effective decision-making?

Question24: Which of the following would be an information security manager's PRIMARY challenge when deploying a bring your own device (BYOD) mobile program in an enterprise?

Question25: In a cloud technology environment, which of the following would pose the GREATEST challenge to the investigation of security incidents?

Question26: Which of the following is the MOST important output from a post-incident review?

Question27: An organization has implemented a new security control in response to a recently discovered vulnerability. Several employees have voiced concerns that the control disrupts their ability to work. Which of the following is the information security manager's BEST course of action?

Question28: Which of the following is the GREATEST benefit of integrating information security program requirements into vendor management?

Question29: Which of the following provides the MOST essential input for the development of an information security strategy?

Question30: Which of the following is the MOST important consideration when selecting members for an information security steering committee?

Question31: Which of the following is MOST important to include in an information security status report to senior management?

Question32: Which of the following clauses would represent the MOST significant potential exposure tf included in a contract with a third-party service provider?

Question33: Which of the following would BEST help to ensure an organization's security program is aligned with business objectives?

Question34: Which of the following is the MOST important reason to involve external forensics experts in evidence collection when responding to a major security breach?

Question35: Management has announced the acquisition of a new company. The information security manager of the parent company is concerned that conflicting access rights may cause critical information to be exposed during the integration of the two companies. To BEST address this concern, the information security manager should:

Question36: Which of the following is the MOST important consideration when developing information security objectives?

Question37: An, organization's senior management is encouraging employees to use social media for promotional purposes. Which of the following should be the information security manager's FIRST step to support this strategy?

Question38: The business advantage of implementing authentication tokens is that they:

Question39: What is the PRIMARY purpose of an unannounced disaster recovery exercise?

Question40: Which of the following would provide the BEST evidence to senior management that security control performance has improved?

Question41: The PRIMARY purpose of establishing an information security governance framework should be to:

Question42: Senior management wants to provide mobile devices to its sales force.
Which of the following should the information security manager do FIRST to support this objective?

Question43: In a multinational organization, local security regulations should be implemented over global security policy because:

Question44: Which of the following would MOST effectively communicate the benefits of an information security program to executive management?

Question45: Which of the following is the PRIMARY benefit of implementing a maturity model for information security management?

Question46: Which of the following is the BEST way for an organization to determine the maturity level of its information security program?

Question47: Which of the following is MOST effective in reducing the financial I

Question48: Who should determine data access requirements for an application hosted at an organization's data center?

Question49: An organization's operations have been significantly impacted by a cyber attack resulting in data loss Once the attack has been contained, what should the security team do NEXT?

Question50: An organization implemented a number of technical and administrative controls to mitigate risk associated with ransomware. Which of the following is MOST important to present to senior management when reporting on the performance of this initiative?

Question51: If an organization does not have an information security governance framework in place, which of the following would BEST facilitate the adoption of a future governance program?

Question52: Mitigating technology risks to acceptable levels should be based PRIMARILY upon

Question53: An information security manager wants to improve the ability to identify changes in risk levels affecting the organization's systems. Which of the following is the BEST method to achieve this objective?

Question54: When implementing a security policy for an organization handling personally identifiable information (PlI). the MOST important objective should be:

Question55: Recovery time objectives (RTOs) are an output of which of the following?

Question56: An intrusion has been detected and contained. Which of the following steps represents the BEST practice for ensuring the system?

Question57: Which of the following is the MOST important consideration in a bring your own device (BYOD) program to protect company data in the event of a loss?

Question58: An organization's operations have been significantly impacted by a cyber attack resulting in data loss Once the attack has been contained, what should the security team do NEXT?

Question59: The authorization to transfer the handling of an internal security incident to a third-party support provider is PRIMARILY defined by the:

Question60: Which of the following should be the PRIMARY consideration when implementing a data loss prevention (DLP) solution?

Question61: Which of the following is MOST important to include in a contract with a critical service provider to help ensure alignment with the organization's information security program?

Question62: For an organization that is experiencing outages due to malicious code, which of the following is the BEST index of the effectiveness of countermeasures?

Question63: Which of the following is PRIMARILY influenced by a business impact analysis (BIA)?

Question64: A legacy application does not comply with new regulatory requirements to encrypt sensitive data at rest, and remediating this issue would require significant investment. What should the information security manager do FIRST?

Question65: Which of the following is the MOST effective method of determining security priorities?

Question66: An organization is concerned with the potential for exploitation of vulnerabilities in its server systems. Which of the following is the BEST control to mitigate the associated risk?

Question67: Which is the MOST important requirement when establishing a process for responding to zero-day vulnerabilities?

Question68: An information security manager wants to document requirements detailing the minimum security controls required for user workstations.
Which of the following resources would be MOST appropriate for this purpose'?

Question69: Which of the following is the PRIMARY objective of a business impact analysis (BIA)?

Question70: Which of the following BEST indicates an effective vulnerability management program?

Question71: Which of the following should an information security manager do FIRST to address complaints that a newly implemented security control has slowed business operations?

Question72: Which of the following is the BEST method for determining whether a firewall has been configured to provide a comprehensive perimeter defense?

Question73: When designing security controls, it is MOST important to:

Question74: The MOST important reason for an information security manager to be involved in the change management process is to ensure that:

Question75: Which of the following would be the MOST effective countermeasure against malicious programming that rounds down transaction amounts and transfers them to the perpetrator's account?

Question76: An information security manager has identified the organization is not in compliance with new legislation that will soon be in effect. Which of the following is MOST important to consider when determining additional controls to be implemented?

Question77: What is the PRIMARY benefit of effective configuration management?

Question78: Recovery time objectives (RTOs) are BEST determined by

Question79: The MAIN purpose of documenting information security guidelines for use within a large, international organization is to:

Question80: During which of the following development phases is it MOST challenging to implement security controls?

Question81: Which of the following is the MOST important requirement for a successful security program?

Question82: The MOST important objective of security awareness training for business staff is to:

Question83: When scoping a risk assessment, assets need to be classified by:

Question84: Which of the following external entities would provide the BEST guidance to an organization facing advanced attacks?

Question85: Threat and vulnerability assessments are important PRIMARILY because they are:

Question86: The BEST way to avoid session hijacking is to use:

Question87: Which of the following is MOST likely to be a component of a security incident escalation policy?

Question88: During which stage of the software development life cycle (SDLC) should application security controls FIRST be addressed?

Question89: Who should an information security manager contact FIRST upon discovering that a cloud-based payment system used by the organization may be infected with malware?

Question90: Which of the following is the MOST effective way to address an organization's security concerns during contract negotiations with a third party?

Question91: An organization wants to integrate information security into its human resource management processes. Which of the following should be the FIRST step?

Question92: The BEST way to avoid session hijacking is to use:

Question93: Which of the following is MOST important to the successful implementation of an information security program?

Question94: Labeling information according to its security classification:

Question95: Which of the following is MOST important to the successful implementation of an information security program?

Question96: Which of the following is the BEST way for an information security
manager to justify ongoing annual maintenance fees associated with an
intrusion prevention system (IPS)?

Question97: The security baselines of an organization should be based on:

Question98: An organization has established a bring your own device (BYOD) program. Which of the following is the MOST important security consideration when allowing employees to use personal devices for corporate applications remotely?

Question99: What is the BEST way for an information security manager to ensure critical assets are prioritized in a new information security program?

Question100: Which of the following BEST enables effective information security governance?

Question101: Over the last year, an information security manager has performed risk assessments on multiple third-party vendors. Which of the following criteria would be MOST helpful in determining the associated level of risk applied to each vendor?

Question102: A financial company executive is concerned about recently increasing cyberattacks and needs to take action to reduce risk. The organization would BEST respond by:

Question103: The PRIMARY goal of the eradication phase in an incident response process is to:

Question104: Which of the following would be MOST useful to help senior management understand the status of information security compliance?

Question105: Which of the following would be the GREATEST threat posed by a distributed denial of service (DDoS) attack on a public-facing web server?

Question106: The information security manager of a multinational organization has been asked to consolidate the information security policies of its regional locations. Which of the following would be of GREATEST concern?

Question107: To inform a risk treatment decision, which of the following should the information security manager compare with the organization's risk appetite?

Question108: It is MOST important for an information security manager to ensure that security risk assessments are performed:

Question109: Which of the following is MOST important for an information security manager to consider when identifying information security resource requirements?

Question110: Which of the following is the MAIN benefit of performing an assessment of existing incident response processes?

Question111: Which of the following BEST protects against phishing attacks?

Question112: Which of the following is the MOST important security consideration when developing an incident response strategy with a cloud provider?

Question113: A risk was identified during a risk assessment. The business process owner has chosen to accept the risk because the cost of remediation is greater than the projected cost of a worst-case scenario. What should be the information security manager's NEXT course of action?

Question114: A critical vulnerability is found on a server hosting multiple applications owned by different business units. One of the business units finds its hosted application will not function with the patch applied and chooses to accept the risk. Which of the following should be the information security manager's NEXT course of action?

Question115: The PRIMARY advantage of single sign-on (SSO) is that it will:

Question116: Which of the following analyses will BEST identify the external influences to an organization's information security?

Question117: Which of the following BEST prepares a computer incident response team for a variety of information security scenarios?

Question118: Which of the following is MOST important for an information security manager to communicate to stakeholders when approving exceptions to the information security policy?

Question119: Which of the following would provide the HIGHEST level of confidence in the integrity of data when sent from one party to another?

Question120: When establishing escalation processes for an organization's computer security incident response team, the organization's procedures should:

Question121: During the response to a serious security breach, who is the BEST organizational staff member to communicate with external entities?

Question122: The MOST important reason to use a centralized mechanism to identify information security incidents is to:

Question123: Which of the following would provide the MOST value to senior management when presenting the results of a risk assessment?

Question124: Which of the following would be MOST helpful when determining appropriate access controls for an application?

Question125: Which of the following is an information security manager's FIRST priority after a high-profile system has been compromised?

Question126: Which of the following is the MOST essential element of an information security program?

Question127: Which of the following should be the PRIMARY driver for selecting and implementing appropriate controls to address the risk associated with weal user passwords?

Question128: Which of the following is the MOST important element in the evaluation of inherent security risks?

Question129: Which of the following processes can be used to remediate identified technical vulnerabilities?

Question130: An organization that uses external cloud services extensively is concerned with risk monitoring and timely response. The BEST way to address this concern is to ensure:

Question131: Which of the following should be the MOST important consideration of business continuity management?