EMT Practice Test

1. Question Content...


Question List

Question1: The objective of the Customer Environment Protection control is to separate the user's Swift infrastructure which restricts malicious access from the external world and from the General IT environment of the Swift user.

Question2: Which of the following statements best describe valid implementations when implementing control 2.9 Transaction Business Controls? (Choose all that apply.)

Question3: Which ones are Alliance Lite2 key components? (Choose all that apply.)

Question4: A Swift user can only exchange FIN messages via the Swift network.

Question5: As a Swift CSP Certified Assessor, I left the listed provider and started to work independently. Can I continue to perform CSP assessments?

Question6: Can an internal audit department submit and approve their Swift user's attestation on the KYC-SA Swift portal?

Question7: Select the supporting documents to conduct a CSP assessment. (Choose all that apply.)

Question8: What type of control effectiveness needs to be validated for an independent assessment?

Question9: A Swift user uses an application integrating a sFTP client to push files to a service bureau sFTP server What architecture type is the Swift user? (Choose all that apply.)

Question10: Is it necessary to formally explain to the Swift user the testing methodology that will be used for the CSP assessment during the kick-off?

Question11: How are online SwiftNet Security Officers authenticated?

Question12: The Alliance Web Platform Administrator uses both the GUI and command line to perform configuration and monitoring tasks on AWP SE.

Question13: Is the control 2. 11 "RMA Business Controls" only about the process of validating the defined counterparty relationships?

Question14: A Treasury Management System (TMS) application is installed on the same machine as the customer connector (such as MQ server) connecting towards a Service Bureau Are these applications/systems in scope of CSCF?

Question15: Application Hardening basically applies the following principles. (Choose all that apply.)

Question16: In an entity having a small infrastructure and only 2 operators, the HR manager explains in a short interview how the security training is implemented providing one example. Would it be acceptable?

Question17: Using the outsourcing agent diagram. Which components must be placed in a secure zone? (Choose all that apply.)

Question18: Can an assessor re-use an ISAE 3000 report dating back 2 years to support an independent assessment?

Question19: How many Swift Security Officers does an organization need at minimum?

Question20: A Swift user relies on a sFTP server to connect through an externally exposed connection with a service provider or a group hub What architecture type is the Swift user? (Choose all that apply.)

Question21: A detailed CSP assessment report has been provided to the Swift user following the assessment. Is a completion letter also mandated to be supplied?

Question22: When hesitant on the applicability of a CSCF control to a particular component? What steps should you take? (Choose all that apply.)

Question23: A Swift user has remediated an exception reported by the assessor. What are their obligations before updating and submitting an attestation reflecting the new compliance level?

Question24: A Swift user has moved from one Service Bureau to another What are the obligations of the Swift user in the CSP context?

Question25: Which encryption methods are used to secure the communications between the SNL host and HSM boxes?

Question26: The only type of HSM devices offered by Swift are HSM tokens and HSM boxes.

Question27: The Physical Security protection control is also aimed at protecting the "on call" and "working from home" employees' equipment used to access the Swift-related components.

Question28: The cluster of VPN boxes is also called managed-customer premises equipment (M-CPE).