EMT Practice Test

1. Question Content...


Question List

Question1: A risk practitioner is summarizing the results of a high-profile risk assessment sponsored by senior management. The BEST way to support risk-based decisions by senior management would be to:

Question2: Which of the following is MOST important to understand when determining an appropriate risk assessment approach?

Question3: Which of the following is MOST critical when designing controls?

Question4: Which of the following is the BEST way to promote adherence to the risk tolerance level set by management?

Question5: During an IT department reorganization, the manager of a risk mitigation action plan was replaced. The new manager has begun implementing a new control after identifying a more effective option. Which of the following is the risk practitioner's BEST course of action?

Question6: Risk management strategies are PRIMARILY adopted to:

Question7: A control owner responsible for the access management process has developed a machine learning model to automatically identify excessive access privileges. What is the risk practitioner's BEST course of action?

Question8: The risk associated with data loss from a website which contains sensitive customer information is BEST owned by:

Question9: Which stakeholders are PRIMARILY responsible for determining enterprise IT risk appetite?

Question10: Which of the following should be the PRIMARY objective of a risk awareness training program?

Question11: Which of the following is the BEST way to validate the results of a vulnerability assessment?

Question12: Which of the following is the MOST important consideration when selecting either a qualitative or quantitative risk analysis?

Question13: Which of the following is the MOST important key performance indicator (KPI) to establish in the service level agreement (SLA) for an outsourced data center?

Question14: Which of the following would be a risk practitioners BEST recommendation for preventing cyber intrusion?

Question15: What can be determined from the risk scenario chart?

Question16: When reviewing a risk response strategy, senior management's PRIMARY focus should be placed on the:

Question17: Which of the following provides the MOST helpful information in identifying risk in an organization?

Question18: Numerous media reports indicate a recently discovered technical vulnerability is being actively exploited.
Which of the following would be the BEST response to this scenario?

Question19: What is the BEST information to present to business control owners when justifying costs related to controls?

Question20: An IT license audit has revealed that there are several unlicensed copies of co be to:

Question21: An organization has been notified that a disgruntled, terminated IT administrator has tried to break into the corporate network. Which of the following discoveries should be of GREATEST concern to the organization?

Question22: Which of the following would be MOST helpful when estimating the likelihood of negative events?

Question23: A control for mitigating risk in a key business area cannot be implemented immediately. Which of the following is the risk practitioner's BEST course of action when a compensating control needs to be applied?

Question24: Which of the following key risk indicators (KRIs) is MOST effective for monitoring risk related to a bring your own device (BYOD) program?

Question25: Which of the following is the MAIN reason for documenting the performance of controls?

Question26: An organization's risk tolerance should be defined and approved by which of the following?

Question27: A risk practitioner discovers several key documents detailing the design of a product currently in development have been posted on the Internet. What should be the risk practitioner's FIRST course of action?

Question28: Which of the following is the BEST method to identify unnecessary controls?

Question29: All business units within an organization have the same risk response plan for creating local disaster recovery plans. In an effort to achieve cost effectiveness., the BEST course of action would be to:

Question30: The MOST significant benefit of using a consistent risk ranking methodology across an organization is that it enables:

Question31: Which of the following approaches BEST identifies information systems control deficiencies?

Question32: An effective control environment is BEST indicated by controls that:

Question33: Which of the following BEST provides an early warning that network access of terminated employees is not being revoked in accordance with the service level agreement (SLA)?

Question34: An audit reveals that several terminated employee accounts maintain access. Which of the following should be the FIRST step to address the risk?

Question35: The MOST important characteristic of an organization s policies is to reflect the organization's:

Question36: Which of the following can be interpreted from a single data point on a risk heat map?

Question37: Which of the following attributes of a key risk indicator (KRI) is MOST important?

Question38: Which of the following is the MAIN reason to continuously monitor IT-related risk?

Question39: Which of the following provides the BEST measurement of an organization's risk management maturity level?

Question40: Which of the following will BEST help an organization select a recovery strategy for critical systems?

Question41: After identifying new risk events during a project, the project manager s NEXT step should be to:

Question42: Which of the following would BEST help to ensure that identified risk is efficiently managed?

Question43: Which of the following is the MOST important input when developing risk scenarios?

Question44: The BEST key performance indicator (KPI) for monitoring adherence to an organization's user accounts provisioning practices is the percentage of:

Question45: Which of the following is the MOST important consideration when multiple risk practitioners capture risk scenarios in a single risk register?

Question46: To help ensure all applicable risk scenarios are incorporated into the risk register, it is MOST important to review the:

Question47: Which of the following is MOST important to review when determining whether a potential IT service provider s control environment is effective?

Question48: An organization is planning to engage a cloud-based service provider for some of its data-intensive business processes. Which of the following is MOST important to help define the IT risk associated with this outsourcing activity?

Question49: Controls should be defined during the design phase of system development because:

Question50: Which of the following statements BEST describes risk appetite?

Question51: Which of the following should management consider when selecting a risk mitigation option?

Question52: Which of the following attributes of a key risk indicator (KRI) is MOST important?

Question53: Which of the following IT controls is MOST useful in mitigating the risk associated with inaccurate data?

Question54: The MAIN purpose of having a documented risk profile is to:

Question55: To reduce the risk introduced when conducting penetration tests, the BEST mitigating control would be to:

Question56: Establishing ao organizational code of conduct is an example of which type of control?

Question57: A risk manager has determined there is excessive risk with a particular technology. Who is the BEST person to own the unmitigated risk of the technology?

Question58: Which of the following helps ensure compliance with a nonrepudiation policy requirement for electronic transactions?

Question59: Deviation from a mitigation action plan's completion date should be determined by which of the following?

Question60: After the review of a risk record, internal audit questioned why the risk was lowered from medium to low.
Which of the following is the BEST course of action in responding to this inquiry?

Question61: Which of the following is the MOST important factor affecting risk management in an organization?

Question62: Which of the following is the GREATEST advantage of implementing a risk management program?

Question63: Which of the following roles would provide the MOST important input when identifying IT risk scenarios?

Question64: Which of the following should be the risk practitioner s PRIMARY focus when determining whether controls are adequate to mitigate risk?

Question65: Which of the following is the GREATEST concern associated with the transmission of healthcare data across the internet?

Question66: When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?

Question67: When a high-risk security breach occurs, which of the following would be MOST important to the person responsible for managing the incident?

Question68: Which of the following risk register elements is MOST likely to be updated if the attack surface or exposure of an asset is reduced?

Question69: During a routine check, a system administrator identifies unusual activity indicating an intruder within a firewall. Which of the following controls has MOST likely been compromised?

Question70: Improvements in the design and implementation of a control will MOST likely result in an update to:

Question71: Accountability for a particular risk is BEST represented in a:

Question72: When collecting information to identify IT-related risk, a risk practitioner should FIRST focus on IT:

Question73: The FIRST task when developing a business continuity plan should be to:

Question74: Which of the following is the MAIN benefit of involving stakeholders in the selection of key risk indicators (KRIs)?

Question75: A risk practitioners PRIMARY focus when validating a risk response action plan should be that risk response:

Question76: The MAIN goal of the risk analysis process is to determine the:

Question77: A risk practitioner observes that hardware failure incidents have been increasing over the last few months.
However, due to built-in redundancy and fault-tolerant architecture, there have been no interruptions to business operations. The risk practitioner should conclude that:

Question78: Which of the following BEST indicates the effectiveness of anti-malware software?

Question79: It is MOST important for a risk practitioner to have an awareness of an organization s processes in order to:

Question80: Which of the following will BEST mitigate the risk associated with IT and business misalignment?

Question81: When assessing the maturity level of an organization's risk management framework, which of the following deficiencies should be of GREATEST concern to a risk practitioner?

Question82: Which of the following is the BEST method for assessing control effectiveness?

Question83: Who is BEST suited to determine whether a new control properly mitigates data loss risk within a system?

Question84: Malware has recently affected an organization, The MOST effective way to resolve this situation and define a comprehensive risk treatment plan would be to perform:

Question85: Which of the following would be MOST useful when measuring the progress of a risk response action plan?

Question86: Which of the following BEST confirms the existence and operating effectiveness of information systems controls?

Question87: A review of an organization s controls has determined its data loss prevention {DLP) system is currently failing to detect outgoing emails containing credit card data. Which of the following would be MOST impacted?

Question88: A newly enacted information privacy law significantly increases financial penalties for breaches of personally identifiable information (Pll). Which of the following will MOST likely outcome for an organization affected by the new law?

Question89: To implement the MOST effective monitoring of key risk indicators (KRIs), which of the following needs to be in place?

Question90: Which of The following should be of GREATEST concern for an organization considering the adoption of a bring your own device (BYOD) initiative?

Question91: An organization delegates its data processing to the internal IT team to manage information through its applications. Which of the following is the role of the internal IT team in this situation?

Question92: After mapping generic risk scenarios to organizational security policies, the NEXT course of action should be to:

Question93: Which of the following is the BEST method to ensure a terminated employee's access to IT systems is revoked upon departure from the organization?

Question94: Which of the following issues should be of GREATEST concern when evaluating existing controls during a risk assessment?

Question95: The PRIMARY basis for selecting a security control is:

Question96: Which of the following is the PRIMARY reason to update a risk register with risk assessment results?

Question97: Which of the following is the FIRST step in managing the security risk associated with wearable technology in the workplace?

Question98: Which of the following observations would be GREATEST concern to a risk practitioner reviewing the implementation status of management action plans?

Question99: Which of the following elements of a risk register is MOST likely to change as a result of change in management's risk appetite?

Question100: Which of the following is a PRIMARY benefit of engaging the risk owner during the risk assessment process?

Question101: Which of the following is the GREATEST benefit of analyzing logs collected from different systems?

Question102: The PRIMARY objective of The board of directors periodically reviewing the risk profile is to help ensure:

Question103: Which of the following is the BEST measure of the effectiveness of an employee deprovisioning process?

Question104: After undertaking a risk assessment of a production system, the MOST appropriate action is for the risk manager to:

Question105: A new regulator/ requirement imposes severe fines for data leakage involving customers' personally identifiable information (Pll). The risk practitioner has recommended avoiding the risk. Which of the following actions would BEST align with this recommendation?

Question106: A risk practitioner observes that the fraud detection controls in an online payment system do not perform as expected. Which of the following will MOST likely change as a result?

Question107: Which of the following is the MOST cost-effective way to test a business continuity plan?

Question108: Sensitive data has been lost after an employee inadvertently removed a file from the premises, in violation of organizational policy. Which of the following controls MOST likely failed?

Question109: An application owner has specified the acceptable downtime in the event of an incident to be much lower than the actual time required for the response team to recover the application. Which of the following should be the NEXT course of action?

Question110: Which of the following should be the MOST important consideration when performing a vendor risk assessment?

Question111: Which of the following should be the PRIMARY consideration when assessing the automation of control monitoring?

Question112: Which of the following is the FIRST step in managing the risk associated with the leakage of confidential data?

Question113: Which of the following is the MOST important characteristic of an effective risk management program?

Question114: A business unit is updating a risk register with assessment results for a key project. Which of the following is MOST important to capture in the register?

Question115: When communicating changes in the IT risk profile, which of the following should be included to BEST enable stakeholder decision making?

Question116: Which of the following provides The MOST useful information when determining a risk management program's maturity level?

Question117: When reporting risk assessment results to senior management, which of the following is MOST important to include to enable risk-based decision making?

Question118: Participants in a risk workshop have become focused on the financial cost to mitigate risk rather than choosing the most appropriate response. Which of the following is the BEST way to address this type of issue in the long term?

Question119: Which of the following is the BEST course of action to reduce risk impact?

Question120: A risk practitioner has identified that the organization's secondary data center does not provide redundancy for a critical application. Who should have the authority to accept the associated risk?

Question121: A risk practitioner is organizing risk awareness training for senior management. Which of the following is the MOST important topic to cover in the training session?

Question122: An organization has completed a project to implement encryption on all databases that host customer data.
Which of the following elements of the risk register should be updated the reflect this change?

Question123: Which of the following is the GREATEST concern associated with redundant data in an organization's inventory system?

Question124: A bank has outsourced its statement printing function to an external service provider. Which of the following is the MOST critical requirement to include in the contract?

Question125: When presenting risk, the BEST method to ensure that the risk is measurable against the organization's risk appetite is through the use of a:

Question126: A risk practitioner has observed that there is an increasing trend of users sending sensitive information by email without using encryption. Which of the following would be the MOST effective approach to mitigate the risk associated with data loss?

Question127: Which of the following would be MOST relevant to stakeholders regarding ineffective control implementation?

Question128: An organization has procured a managed hosting service and just discovered the location is likely to be flooded every 20 years. Of the following, who should be notified of this new information FIRST.

Question129: Which of the following is the BEST way to determine whether new controls mitigate security gaps in a business system?

Question130: Who is MOST likely to be responsible for the coordination between the IT risk strategy and the business risk strategy?

Question131: Which of the following is MOST useful when communicating risk to management?

Question132: A risk assessment has identified that an organization may not be in compliance with industry regulations. The BEST course of action would be to:

Question133: A web-based service provider with a low risk appetite for system outages is reviewing its current risk profile for online security. Which of the following observations would be MOST relevant to escalate to senior management?

Question134: The BEST way to justify the risk mitigation actions recommended in a risk assessment would be to:

Question135: An organizations chief technology officer (CTO) has decided to accept the risk associated with the potential loss from a denial-of-service (DoS) attack. In this situation, the risk practitioner's BEST course of action is to:

Question136: The BEST metric to monitor the risk associated with changes deployed to production is the percentage of:

Question137: Which of the following would BEST help an enterprise prioritize risk scenarios?

Question138: A large organization is replacing its enterprise resource planning (ERP) system and has decided not to deploy the payroll module of the new system. Instead, the current payroll system will continue to be used. Of the following, who should own the risk if the ERP and payroll system fail to operate as expected?

Question139: Which of the following will provide the BEST measure of compliance with IT policies?

Question140: Which of the following tools is MOST effective in identifying trends in the IT risk profile?

Question141: Which of the following BEST confirms the existence and operating effectiveness of information systems controls?

Question142: Which of the following would be of GREATEST concern to a risk practitioner reviewing current key risk indicators (KRIs)?

Question143: Which of the following would be MOST useful to senior management when determining an appropriate risk response?

Question144: An organization is planning to acquire a new financial system. Which of the following stakeholders would provide the MOST relevant information for analyzing the risk associated with the new IT solution?

Question145: The MAIN purpose of conducting a control self-assessment (CSA) is to:

Question146: Which of the following is the GREATEST concern when an organization uses a managed security service provider as a firewall administrator?

Question147: During a risk assessment, the risk practitioner finds a new risk scenario without controls has been entered into the risk register. Which of the following is the MOST appropriate action?

Question148: Which of the following BEST indicates the efficiency of a process for granting access privileges?