Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

PSP Flashcards Deck 1 > Cards 41-80 > Flashcards

Cards 41-80 Flashcards

1
Q
  1. Two reasons to collect physical security program metrics:.
A

-provide assurance of program effectiveness

and

-facilitate improvements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. Commonly provides management with a snapshot of the effectiveness and efficiency of a physical security program?
A

A metrics summary chart

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. The purpose of a business impact analysis (BIA)?
A

ID and evaluate the potential impact of a disruptive event to operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The purpose of a business continuity management system (BCMS)….?

A

Enable a company to address Disruptive events by identifying, developing and implementing …C….O….P, P and P…..capabilities, objectives, policies, processes and programs within legal bounds.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. What two things are the foundation for setting up business continuity objectives, targets, programs and plans?
A

The business impact analysis and the risk assessment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. Name 3 inter-related management response steps that require pre-emptive planning and implementation in case of a disruptive or crisis event?
A

Emergency response;

Continuity planning; and

Recovery planning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. What is the basis for setting recovery time objectives?
A

-The results of the business impact analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. What is a disruptive event?
A

An event that is planned or not planned that interrupts activities, operations or functions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. What is a threat?
A

-The potential cause of an unwanted incident which may harm…
Individuals;
Assets;
A system
An organization
The environment or
The community

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. What is a loss event profile?
A

-a list of the kind of threats affecting the assets to be safeguarded.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. What is a hazard?
A

A source of potential danger or adverse condition. They are generally associated with nature.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. Threats or loss risk events fall into three categories:
A

-Crimes
-non-criminal man-made incidents or Natural disasters
- events caused by an org’s relationship with other orgs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. Examples of non-criminal threats?
A

Natural threats - hurricane, tornado, storm;

Man-made threats and disasters…..like a plane crash….labor strike or power failure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. Six examples of peripheral systems and interfaces?
A

Life safety systems and policies and procedures;
Building controls and IT Infrastructure;
Liaison relationships and outsourced services;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. What is a consequential event?
A

-An event that occurs b/c of a relationship between events or between two organizations. The company suffers a loss b/c of that event or relationship.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. How is the probability of a threat occurring decided?
A

-by considering the likelihood that a loss risk event may occur in the future.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q
  1. What factors determine the probability of a threat?
A

Historical data;
history of Similar events at similar companies
the Neighborhood and vicinity
Geographical location
Politicial and social conditions
Changes in the economy

18
Q
  1. What is a vulnerability?
A

Any weakness that can be exploited by an aggressor/terrorist or criminal that makes an asset susceptible to damage from Natural hazards or consequential events.

19
Q
  1. Factors to consider in assessing asset vulnerability?
A

-lack of backup;
-single point of failure;
- co-location of key systems;
- inadequate response capability from attacks
-Ease of aggressor access to a facility;
-inadequate security measures;;
-presence of hazardous materials;
-potential for collateral damage from other companies.

20
Q
  1. Four levels of risk?
A

Catastrophic;
High’
Moderate; and
Low

21
Q
  1. What level of risk requires treatment at any cost?
A

Catastrophic

22
Q
  1. The level of risk that cannot be further reduced w/o an expenditure of costs disproportionate to benefits is?
A

High

23
Q
  1. The level of risk that is negligible or can be managed with routine procedures?
A

Moderate

24
Q
  1. The level of risk where the org is prepared to pursue/ retain or take based on informed decisions?
A

Low

25
Q
  1. What should occur in relation to a regular review of the physical security assessment report?
A

-Monitor and follow up on the assessment findings, observations and recommendations.

26
Q
  1. Two categories of threats?
A

Man-made threats and

Natural threats

27
Q
  1. This metric measures external dependencies responsiveness in meeting a security department request?
A

External dependency responsiveness

28
Q
  1. Physical security design attributes include:
A

-type of adversary
-time required for an adversary to get to inside assets;
-# and type of detectors inside and outside a facility;
-delays that slow down the attack; and
- Size, strength, and Equipment of the response force

29
Q
  1. Risk assessment is….?.
A

-The overall and systematic process for evaluating the effects of uncertainty on achieving an enterprise’s objectives

30
Q
  1. The goal of a cost benefit analysis?
A

-To identify the optimum levels of risk reduction at the best available value.

31
Q
  1. The analysis method that uses comparative values and not numbers?
A

Qualitative

32
Q
  1. An analysis method that uses numeric measures to describe value of assets, level of threats, vulnerabilities, impact or loss events?
A

Quantitative

33
Q
  1. Qualitative analysis is most suited to …..?
A

-evaluating basic security applications

34
Q
  1. What is a SWOT analysis/
A

-a business analysis method that involves strategic evaluation of key internal and external factors.

35
Q
  1. SWOT stands for?
A

Strengths
Weaknesses
Opportunities and
Threats

36
Q
  1. External factors in a SWOT analysis include:
A

Opportunities and threats

37
Q
  1. Internal factors in a SWOT analysis include:
A

Strengths and weaknesses

38
Q
  1. What is the annual loss expectancy?
A

-the product of the cost of incident impact and the frequency of occurrence

39
Q
  1. What state and local requirements should be considered for security projects?
A

Code regulations;
Trade and industry best practices
Standards;
Permitting requirements;
Contracting requirements

40
Q
  1. What conditions affect the likelihood of occurrence?
A

Physical environment;
Social “ “
Political. “ “
Procedures and processes;
Criminal capabilities

PSP Flashcards Deck 1 (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions