EMT Practice Test

1. Question Content...


Question List

Question1: Risk maps can help to develop common profiles in order to identify which of the following?

Question2: Which of the following MUST be established in order to manage l&T-related risk throughout the enterprise?

Question3: Which of the following is an example of a preventive control?

Question4: Potential losses resulting from employee errors and system failures are examples of:

Question5: What is the FIRST step in the risk response process?

Question6: An enterprise that uses a two-factor authentication login method for accessing sensitive data has implemented which type of control?

Question7: Which of the following is the BEST indication of a good risk culture?

Question8: Which of the following is the MOST important information for determining the critical path of a project?

Question9: Which of the following is an example of an inductive method to gather information?

Question10: Which of the following is a valid source or basis for selecting key risk indicators (KRIs)?

Question11: Which of the following is MOST likely to promote ethical and open communication of risk management activities at the executive level?

Question12: Which of the following is considered an exploit event?

Question13: One of the PRIMARY purposes of threat intelligence is to understand:

Question14: Which of the following is the MOST important aspect of key performance indicators (KPIs)?

Question15: Which of the following is the PRIMARY concern with vulnerability assessments?

Question16: An enterprise has moved its data center from a flood-prone area where it had experienced significant service disruptions to one that is not a flood zone. Which risk response strategy has the organization selected?

Question17: A key risk indicator (KRI) is PRIMARILY used for which of the following purposes?

Question18: Which of the following risk response strategies involves the implementation of new controls?

Question19: For risk reporting to adequately reflect current risk management capabilities, the risk report should be based on the enterprise:

Question20: Which of the following is the PRIMARY outcome of a risk scoping activity?

Question21: Which of the following is of GREATEST concern when aggregating risk information in management reports?

Question22: Which of the following occurs earliest in the risk response process?

Question23: What is the purpose of a control objective?

Question24: Which of the following is MOST likely to expose an organization to adverse threats?

Question25: When analyzing l&T-related risk, an enterprise defines likelihood and impact on a scale from 1 to 5, and the scale of impact also defines a range expressed in monetary terms. Which of the following risk analysis approaches has been adopted?

Question26: The PRIMARY reason for the implementation of additional security controls is to:

Question27: Which of the following is MOST important for the determination of I&T-related risk?

Question28: A risk practitioner has been asked to prepare a risk report by the end of the day that includes an analysis of the most significant risk events facing the organization. Which of the following would BEST enable the risk practitioner to meet the report deadline?

Question29: Which of the following is the PRIMARY reason for an organization to monitor and review l&T-related risk periodically?

Question30: Risk monitoring is MOST effective when it is conducted:

Question31: Publishing l&T risk-related policies and procedures BEST enables an enterprise to:

Question32: Which of the following includes potential risk events and the associated impact?

Question33: A business impact analysis (BIA) generates the MOST benefit when: