EMT Practice Test
1. Question Content...
Question3: What is a critical role of end-user device policies within an organization?
Question4: Which of these is a core component of application security design standards?
Question8: What is the primary function of application whitelisting in cybersecurity?
Question9: Why is it important to include multiple layers of access control in sensitive areas?
Question17: Remote wipe is typically utilized to ensure no company data remains on a _______.
Question26: How does criticality differ from risk in the assessment of service providers?
Question30: How often should vendor classification be updated in TPRM?
Question32: Which factor is NOT typically used in multi-factor authentication?
Question41: What are the primary components of an Information Security Incident Management Program?
Question42: What does "impact on regulatory compliance" measure in the context of vendor management?
Question49: Describe a scenario where a vendor's inadequate patch management leads to a data breach.
Question52: Effective management of performance risk ensures third parties meet their _________.
Question58: What is implied by a high impact on revenue from a vendor's service disruption?
Question62: What is the main purpose of the GDPR in relation to third-party risk management?
Question65: The primary factors determining an IT asset's EOL status include ____________.
Question75: How does a risk register facilitate communication within an organization?
Question80: How does the GDPR suggest handling data breaches in terms of data volume?
Question82: What is NOT a responsibility of an asset owner?
Question84: What is the primary purpose of testing patches before deployment in patch management?
Question86: What characterizes a strong risk culture within an organization?
Question92: What is a critical contractual requirement when managing Fourth-Nth party risks?
Question99: What is the primary purpose of data anonymization?
Question101: What is the primary role of the third line of defense in risk management?
Question109: What is a key reason why remote access increases vendor risk classification?
Question113: Encryption may protect data from unauthorized access but not from ________.
Question119: What is the primary purpose of analyzing responses from a vendor questionnaire?
Question126: What are asset controls primarily designed to protect assets from?
Question128: Proper disposal procedures for outdated equipment help to mitigate __________.
Question131: Periodic reporting to management is crucial in TPRM to ________.
Question143: What should be the primary focus when a vendor introduces a new fourth party?
Question148: Which of the following best describes the purpose of a Business Impact Analysis (BIA)?
Question153: What is the primary purpose of the offboarding statement in end-user device policies?
Question157: SaaS stands for ______ as a Service.
Question169: What does the assignment of a confidentiality level to personal data entail under GDPR?
Question171: The level of exposure and complexity of an application is influenced by its ________.