EMT Practice Test
1. Question Content...
Question1: Which of the following is the MOST likely reason to perform a qualitative risk analysis?
Question2: Which of the following is the PRIMARY objective of vulnerability assessments?
Question3: When defining the risk monitoring process, management should also define the:
Question4: Of the following, who is BEST suited to be responsible for continuous monitoring of risk?
Question5: The PRIMARY reason for the implementation of additional security controls is to:
Question6: Which of the following is MOST important for the determination of I&T-related risk?
Question10: An enterprise's risk policy should be aligned with its:
Question11: Which of the following is the PRIMARY concern with vulnerability assessments?
Question12: The MOST important reason to monitor implemented controls is to ensure the controls:
Question14: To establish an enterprise risk appetite, an organization should:
Question17: Which of the following occurs earliest in the risk response process?
Question19: An l&T-related risk assessment enables individuals responsible for risk governance to:
Question20: To be effective, risk reporting and communication should provide:
Question21: Which of the following is the PRIMARY outcome of a risk scoping activity?
Question25: Which of the following BEST supports a risk-aware culture within an enterprise?
Question27: To establish an enterprise risk appetite, an organization should:
Question28: Which of the following is the FIRST step in an advanced persistent threat (APT) attack?
Question32: Risk monitoring is MOST effective when it is conducted:
Question33: What is the FIRST step in the risk response process?
Question34: Risk analysis makes it easier to communicate impact in terms of:
Question37: Key risk indicators (KRIs) are metrics designed to:
Question39: A key risk indicator (KRI) is PRIMARILY used for which of the following purposes?
Question42: A business continuity plan (BCP) is:
Question46: Applying statistical analysis methods to I&T risk scenarios is MOST appropriate when:
Question47: Potential losses resulting from employee errors and system failures are examples of:
Question49: Publishing l&T risk-related policies and procedures BEST enables an enterprise to:
Question51: Which of the following is the MAIN reason to conduct a penetration test?