EMT Practice Test

1. Question Content...


Question List

Question1: Which of the following observations would be GREATEST concern to a risk practitioner reviewing the implementation status of management action plans?

Question2: It is MOST appropriate for changes to be promoted to production after they are;

Question3: Which of the following is the MOST important consideration when determining whether to accept residual risk after security controls have been implemented on a critical system?

Question4: Which of the following is the BEST indication of an effective risk management program?

Question5: Which of the following is the BEST indication of a mature organizational risk culture?

Question6: Following a significant change to a business process, a risk practitioner believes the associated risk has been reduced. The risk practitioner should advise the risk owner to FIRST

Question7: Which of the following is MOST important for a risk practitioner to ensure once a risk action plan has been completed?

Question8: A risk practitioner discovers several key documents detailing the design of a product currently in development have been posted on the Internet. What should be the risk practitioner's FIRST course of action?

Question9: Which of the following is MOST important when developing risk scenarios?

Question10: Which of the following would BEST help secure online financial transactions from improper users?

Question11: Which of the following is MOST important to communicate to senior management during the initial implementation of a risk management program?

Question12: A risk practitioner is developing a set of bottom-up IT risk scenarios. The MOST important time to involve business stakeholders is when:

Question13: Mapping open risk issues to an enterprise risk heat map BEST facilitates:

Question14: Which of the following is the BEST approach to use when creating a comprehensive set of IT risk scenarios?

Question15: Which of the following is the MOST effective way to integrate business risk management with IT operations?

Question16: Which of the following would be MOST helpful when estimating the likelihood of negative events?

Question17: Which of the following is MOST important for an organization that wants to reduce IT operational risk?

Question18: Which of the following is the BEST evidence that a user account has been properly authorized?

Question19: In an organization with a mature risk management program, which of the following would provide the BEST evidence that the IT risk profile is up to date?

Question20: An organization has outsourced its lease payment process to a service provider who lacks evidence of compliance with a necessary regulatory standard. Which risk treatment was adopted by the organization?

Question21: Which of the following BEST promotes commitment to controls?

Question22: Which of the following is the GREATEST concern when an organization uses a managed security service provider as a firewall administrator?

Question23: To reduce the risk introduced when conducting penetration tests, the BEST mitigating control would be to:

Question24: Which of the following would provide the MOST objective assessment of the effectiveness of an organization's security controls?

Question25: In an organization dependent on data analytics to drive decision-making, which of the following would BEST help to minimize the risk associated with inaccurate data?

Question26: Risk management strategies are PRIMARILY adopted to:

Question27: Which of the following is the BEST way to validate the results of a vulnerability assessment?

Question28: Which of the following will BEST quantify the risk associated with malicious users in an organization?

Question29: What are the MOST important criteria to consider when developing a data classification scheme to facilitate risk assessment and the prioritization of risk mitigation activities?

Question30: Which of the following is MOST critical when designing controls?

Question31: An upward trend in which of the following metrics should be of MOST concern?

Question32: A risk practitioner has determined that a key control does not meet design expectations. Which of the following should be done NEXT?

Question33: To help ensure all applicable risk scenarios are incorporated into the risk register, it is MOST important to review the:

Question34: The PRIMARY purpose of a maturity model is to compare the:

Question35: Which of the following BEST contributes to the implementation of an effective risk response action plan?

Question36: Which of the following would MOST likely drive the need to review and update key performance indicators (KPIs) for critical IT assets?

Question37: Which of the following is the PRIMARY benefit of identifying and communicating with stakeholders at the onset of an IT risk assessment?

Question38: In addition to the risk register, what should a risk practitioner review to develop an understanding of the organization's risk profile?

Question39: A risk practitioner has learned that an effort to implement a risk mitigation action plan has stalled due to lack of funding. The risk practitioner should report that the associated risk has been:

Question40: An organization has four different projects competing for funding to reduce overall IT risk. Which project should management defer?

Question41: A risk practitioner observes that the fraud detection controls in an online payment system do not perform as expected. Which of the following will MOST likely change as a result?

Question42: Which of the following is MOST important to the integrity of a security log?

Question43: What should a risk practitioner do FIRST upon learning a risk treatment owner has implemented a different control than what was specified in the IT risk action plan?

Question44: Which of the following should be a risk practitioner s MOST important consideration when developing IT risk scenarios?

Question45: The PRIMARY advantage of implementing an IT risk management framework is the:

Question46: The BEST criteria when selecting a risk response is the:

Question47: Which of the following BEST indicates the effectiveness of anti-malware software?

Question48: A new regulator/ requirement imposes severe fines for data leakage involving customers' personally identifiable information (Pll). The risk practitioner has recommended avoiding the risk. Which of the following actions would BEST align with this recommendation?

Question49: A management team is on an aggressive mission to launch a new product to penetrate new markets and overlooks IT risk factors, threats, and vulnerabilities. This scenario BEST demonstrates an organization's risk:

Question50: Which of the following would be MOST useful when measuring the progress of a risk response action plan?

Question51: Which of the following is the BEST way to support communication of emerging risk?

Question52: Which of the following would BEST help to ensure that identified risk is efficiently managed?

Question53: A bank has outsourced its statement printing function to an external service provider. Which of the following is the MOST critical requirement to include in the contract?

Question54: After identifying new risk events during a project, the project manager s NEXT step should be to:

Question55: Which of the following is the BEST method for assessing control effectiveness?

Question56: Which of the following BEST indicates the condition of a risk management program?

Question57: Which of the following is the MOST important characteristic of an effective risk management program?

Question58: Which of the following is MOST important to ensure when continuously monitoring the performance of a client-facing application?

Question59: Which of the following IT key risk indicators (KRIs) provides management with the BEST feedback on IT capacity?

Question60: A company has located its computer center on a moderate earthquake fault. Which of the following is the MOST important consideration when establishing a contingency plan and an alternate processing site?

Question61: A risk owner has accepted a high-impact risk because the control was adversely affecting process efficiency.
Before updating the risk register, it is MOST important for the risk practitioner to:

Question62: All business units within an organization have the same risk response plan for creating local disaster recovery plans. In an effort to achieve cost effectiveness., the BEST course of action would be to:

Question63: When reporting risk assessment results to senior management, which of the following is MOST important to include to enable risk-based decision making?

Question64: An application runs a scheduled job that compiles financial data from multiple business systems and updates the financial reporting system. If this job runs too long, it can delay financial reporting. Which of the following is the risk practitioner's BEST recommendation?

Question65: Which of the following should be the PRIMARY consideration when assessing the automation of control monitoring?

Question66: An audit reveals that several terminated employee accounts maintain access. Which of the following should be the FIRST step to address the risk?

Question67: Which of the following would be MOST beneficial as a key risk indicator (KRI)?

Question68: Which of the following conditions presents the GREATEST risk to an application?

Question69: A risk practitioner is assisting with the preparation of a report on the organization s disaster recovery (DR) capabilities. Which information would have the MOST impact on the overall recovery profile?

Question70: Which of the following is the MOST important consideration for a risk practitioner when making a system implementation go-live recommendation?

Question71: Which of the following is MOST helpful in identifying new risk exposures due to changes in the business environment?

Question72: The risk associated with a high-risk vulnerability in an application is owned by the:

Question73: Which of the following is the PRIMARY role of a data custodian in the risk management process?

Question74: Which of the following is the BEST approach for determining whether a risk action plan is effective?

Question75: It is MOST important for a risk practitioner to have an awareness of an organization s processes in order to:

Question76: Which of the following is the GREATEST advantage of implementing a risk management program?

Question77: Which of the following is the PRIMARY reason to have the risk management process reviewed by a third party?

Question78: Who is MOST likely to be responsible for the coordination between the IT risk strategy and the business risk strategy?

Question79: Which of the following is MOST important for a risk practitioner to consider when evaluating plans for changes to IT services?

Question80: Which of the following activities should be performed FIRST when establishing IT risk management processes?

Question81: Which of the following is the FIRST step in risk assessment?

Question82: Which of the following is the BEST key performance indicator (KPI) to measure the effectiveness of a vulnerability management process?

Question83: To implement the MOST effective monitoring of key risk indicators (KRIs), which of the following needs to be in place?

Question84: Which of the following would be MOST useful to senior management when determining an appropriate risk response?

Question85: A business unit is updating a risk register with assessment results for a key project. Which of the following is MOST important to capture in the register?

Question86: Which of the following is the PRIMARY reason to update a risk register with risk assessment results?

Question87: Which of the following should be the MOST important consideration when performing a vendor risk assessment?

Question88: The PRIMARY goal of a risk management program is to:

Question89: Periodically reviewing and updating a risk register with details on identified risk factors PRIMARILY helps to:

Question90: Which of the following provides the BEST measurement of an organization's risk management maturity level?

Question91: An organization has determined a risk scenario is outside the defined risk tolerance level. What should be the NEXT course of action?

Question92: Which of the following would be the GREATEST concern related to data privacy when implementing an Internet of Things (loT) solution that collects personally identifiable information (Pll)?

Question93: An organization has opened a subsidiary in a foreign country. Which of the following would be the BEST way to measure the effectiveness of the subsidiary's IT systems controls?

Question94: The BEST way to obtain senior management support for investment in a control implementation would be to articulate the reduction in:

Question95: During the initial risk identification process for a business application, it is MOST important to include which of the following stakeholders?

Question96: An organization uses a vendor to destroy hard drives. Which of the following would BEST reduce the risk of data leakage?

Question97: Accountability for a particular risk is BEST represented in a:

Question98: Which of the following presents the GREATEST challenge for an IT risk practitioner who wants to report on trends in historical IT risk levels?

Question99: Which of the following MUST be assessed before considering risk treatment options for a scenario with significant impact?

Question100: An organization has outsourced its IT security operations to a third party. Who is ULTIMATELY accountable for the risk associated with the outsourced operations?

Question101: Which of the following is the BEST indication of the effectiveness of a business continuity program?

Question102: An audit reveals that there are changes in the environment that are not reflected in the risk profile. Which of the following is the BEST course of action?

Question103: Which of the following issues should be of GREATEST concern when evaluating existing controls during a risk assessment?

Question104: Which of the following is a KEY outcome of risk ownership?

Question105: Several network user accounts were recently created without the required management approvals. Which of the following would be the risk practitioner's BEST recommendation to address this situation?

Question106: Which of the following MUST be updated to maintain an IT risk register?

Question107: An organizations chief technology officer (CTO) has decided to accept the risk associated with the potential loss from a denial-of-service (DoS) attack. In this situation, the risk practitioner's BEST course of action is to:

Question108: A risk practitioner has observed that risk owners have approved a high number of exceptions to the information security policy. Which of the following should be the risk practitioner's GREATEST concern?

Question109: Which of the following is the BEST evidence that risk management is driving business decisions in an organization?

Question110: Improvements in the design and implementation of a control will MOST likely result in an update to:

Question111: Which of the following is the MOST important responsibility of a risk owner?

Question112: Which of the following would provide the BEST guidance when selecting an appropriate risk treatment plan?

Question113: When establishing leading indicators for the information security incident response process it is MOST important to consider the percentage of reported incidents:

Question114: Which of the following is the BEST control to detect an advanced persistent threat (APT)?

Question115: It is MOST important to the effectiveness of an IT risk management function that the associated processes are:

Question116: Which of the following BEST measures the efficiency of an incident response process?

Question117: Which of the following BEST enables the identification of trends in risk levels?

Question118: Which of the following is an IT business owner's BEST course of action following an unexpected increase in emergency changes?

Question119: Which of the following is MOST effective against external threats to an organizations confidential information?

Question120: Which of the following is the GREATEST benefit to an organization when updates to the risk register are made promptly after the completion of a risk assessment?

Question121: A risk practitioner recently discovered that sensitive data from the production environment is required for testing purposes in non-production environments. Which of the following i the BEST recommendation to address this situation?

Question122: An organization has decided to outsource a web application, and customer data will be stored in the vendor's public cloud. To protect customer data, it is MOST important to ensure which of the following?

Question123: Which of the following would be a risk practitioners BEST recommendation for preventing cyber intrusion?

Question124: Which of the following tools is MOST effective in identifying trends in the IT risk profile?

Question125: The MOST important characteristic of an organization s policies is to reflect the organization's:

Question126: Which of the following should be an element of the risk appetite of an organization?

Question127: Which of the following is the GREATEST benefit of analyzing logs collected from different systems?

Question128: Which of the following is the MOST important requirement for monitoring key risk indicators (KRls) using log analysis?

Question129: Which of the following provides the BEST evidence that risk mitigation plans have been implemented effectively?

Question130: An organization has raised the risk appetite for technology risk. The MOST likely result would be:

Question131: From a risk management perspective, which of the following is the PRIMARY benefit of using automated system configuration validation tools?

Question132: Which of the following is the MOST critical element to maximize the potential for a successful security implementation?

Question133: Which of the following BEST indicates that an organizations risk management program is effective?

Question134: A peer review of a risk assessment finds that a relevant threat community was not included. Mitigation of the risk will require substantial changes to a software application. Which of the following is the BEST course of action?

Question135: Which of the following would be MOST important for a risk practitioner to provide to the internal audit department during the audit planning process?

Question136: An organization's internal audit department is considering the implementation of robotics process automation (RPA) to automate certain continuous auditing tasks. Who would own the risk associated with ineffective design of the software bots?

Question137: When developing a new risk register, a risk practitioner should focus on which of the following risk management activities?

Question138: Which of the following is the MOST common concern associated with outsourcing to a service provider?

Question139: An identified high probability risk scenario involving a critical, proprietary business function has an annualized cost of control higher than the annual loss expectancy. Which of the following is the BEST risk response?

Question140: Risk mitigation procedures should include:

Question141: Which of the following would be the BEST recommendation if the level of risk in the IT risk profile has decreased and is now below management's risk appetite?

Question142: Which of the following is the MAIN benefit of involving stakeholders in the selection of key risk indicators (KRIs)?

Question143: Prudent business practice requires that risk appetite not exceed:

Question144: Which of the following is the MAIN reason to continuously monitor IT-related risk?

Question145: A risk assessment has identified that an organization may not be in compliance with industry regulations. The BEST course of action would be to:

Question146: Which of the following would BEST help identify the owner for each risk scenario in a risk register?

Question147: Which of the following is the BEST key performance indicator (KPI) to measure the effectiveness of an anti-virus program?

Question148: Which of the following is the BEST indication of an improved risk-aware culture following the implementation of a security awareness training program for all employees?

Question149: Which of the following BEST confirms the existence and operating effectiveness of information systems controls?

Question150: Management has required information security awareness training to reduce the risk associated with credential compromise. What is the BEST way to assess the effectiveness of the training?

Question151: The BEST way to determine the likelihood of a system availability risk scenario is by assessing the:

Question152: Which of the following is the MOST important key performance indicator (KPI) to establish in the service level agreement (SLA) for an outsourced data center?

Question153: Which of the following BEST enables the risk profile to serve as an effective resource to support business objectives?

Question154: The MAIN purpose of having a documented risk profile is to:

Question155: Malware has recently affected an organization, The MOST effective way to resolve this situation and define a comprehensive risk treatment plan would be to perform:

Question156: A risk practitioner shares the results of a vulnerability assessment for a critical business application with the business manager. Which of the following is the NEXT step?

Question157: Which of the following would BEST ensure that identified risk scenarios are addressed?

Question158: The PRIMARY reason for establishing various Threshold levels for a set of key risk indicators (KRIs) is to:

Question159: Which of the following provides the MOST helpful information in identifying risk in an organization?

Question160: A software developer has administrative access to a production application. Which of the following should be of GREATEST concern to a risk practitioner?

Question161: Which of The following should be of GREATEST concern for an organization considering the adoption of a bring your own device (BYOD) initiative?

Question162: While reviewing a contract of a cloud services vendor, it was discovered that the vendor refuses to accept liability for a sensitive data breach. Which of the following controls will BES reduce the risk associated with such a data breach?

Question163: Which of the following is MOST important to understand when determining an appropriate risk assessment approach?

Question164: Which of the following provides the BEST evidence of the effectiveness of an organization's account provisioning process?

Question165: The PRIMARY benefit associated with key risk indicators (KRls) is that they

Question166: A risk practitioner is summarizing the results of a high-profile risk assessment sponsored by senior management. The BEST way to support risk-based decisions by senior management would be to:

Question167: During the control evaluation phase of a risk assessment, it is noted that multiple controls are ineffective.
Which of the following should be the risk practitioner's FIRST course of action?

Question168: A risk practitioner is organizing a training session lo communicate risk assessment methodologies to ensure a consistent risk view within the organization Which of the following i< the MOST important topic to cover in this training?

Question169: A recent internal risk review reveals the majority of core IT application recovery time objectives (RTOs) have exceeded the maximum time defined by the business application owners. Which of the following is MOST likely to change as a result?

Question170: Which of the following will BEST support management repotting on risk?

Question171: An organization has completed a project to implement encryption on all databases that host customer data.
Which of the following elements of the risk register should be updated the reflect this change?

Question172: A risk assessment has identified that departments have installed their own WiFi access points on the enterprise network. Which of the following would be MOST important to include in a report to senior management?

Question173: Which of the following should be the MAIN consideration when validating an organization's risk appetite?

Question174: Which of the following would be of GREATEST concern to a risk practitioner reviewing current key risk indicators (KRIs)?

Question175: Which of the following roles would provide the MOST important input when identifying IT risk scenarios?

Question176: Which of the following resources is MOST helpful when creating a manageable set of IT risk scenarios?

Question177: Which of the following risk scenarios would be the GREATEST concern as a result of a single sign-on implementation?

Question178: An organization has implemented a preventive control to lock user accounts after three unsuccessful login attempts. This practice has been proven to be unproductive, and a change in the control threshold value has been recommended. Who should authorize changing this threshold?

Question179: A risk practitioner is reviewing the status of an action plan to mitigate an emerging IT risk and finds the risk level has increased. The BEST course of action would be to:

Question180: Which of the following should an organization perform to forecast the effects of a disaster?

Question181: A control owner has completed a year-long project To strengthen existing controls. It is MOST important for the risk practitioner to:

Question182: Which of the following provides the MOST important information to facilitate a risk response decision?

Question183: When testing the security of an IT system, il is MOST important to ensure that;

Question184: Which of the following is the PRIMARY reason for a risk practitioner to use global standards related to risk management?

Question185: What can be determined from the risk scenario chart?

Question186: Which of the following should be the PRIMARY focus of a risk owner once a decision is made to mitigate a risk?

Question187: Which of the following roles would be MOST helpful in providing a high-level view of risk related to customer data loss?

Question188: Which of the following would BEST enable mitigation of newly identified risk factors related to internet of Things (loT)?

Question189: An internal audit report reveals that not all IT application databases have encryption in place. Which of the following information would be MOST important for assessing the risk impact?

Question190: Which of the following is the MOST important consideration when selecting either a qualitative or quantitative risk analysis?

Question191: An organization operates in an environment where reduced time-to-market for new software products is a top business priority. Which of the following should be the risk practitioner's GREATEST concern?

Question192: The MOST effective way to increase the likelihood that risk responses will be implemented is to:

Question193: Which of the following BEST enables a risk practitioner to enhance understanding of risk among stakeholders?

Question194: Which of the following attributes of a key risk indicator (KRI) is MOST important?

Question195: Which of the following is the PRIMARY purpose of periodically reviewing an organization's risk profile?

Question196: Which of the following should be the PRIMARY consideration when implementing controls for monitoring user activity logs?

Question197: Which of the following is the BEST indication that an organization's risk management program has not reached the desired maturity level?

Question198: From a business perspective, which of the following is the MOST important objective of a disaster recovery test?

Question199: An organization has initiated a project to launch an IT-based service to customers and take advantage of being the first to market. Which of the following should be of GREATEST concern to senior management?

Question200: Which of the following BEST indicates the efficiency of a process for granting access privileges?

Question201: Which of the following is the MOST important consideration when multiple risk practitioners capture risk scenarios in a single risk register?

Question202: Which of the following is MOST important for an organization to have in place when developing a risk management framework?

Question203: The BEST way to justify the risk mitigation actions recommended in a risk assessment would be to: