CPP 2022 Domain 5: Physical Security

Question 1

What is the purpose of a security survey?

Answer 1

Determine and document the current security posture,
Identify deficiencies and excesses in existing security measures,

Compare the current posture with a determination of the appropriate level of security or protection needed,
Recommend improvements in the overall situation.

Source: POA, Physical Security, 3.3.1, pages 37-38

Question 2

What are three physical security assessment methodologies?

Answer 2

Outside-Inward Methodology,
Inside-Outward Methodology,

Functional Methodology.

Source: POA, Physical Security, 3.3.2, page 39

Question 3

What are typical areas, items, and issues to consider when conducting a physical security survey?

Answer 3

Barriers,
Doors, windows, and other openings,

Locks, 
Safes and containers, 
Signage, 
Lighting, 
Alarm and electronic security systems, 
Security officer services, 
Vehicle, traffic, and parking controls, 
Protection of utilities, 
Visitor management, 
Package and mail handling. 

Source: POA, Physical Security, 3.4.1, pages 43-48

Question 4

How should areas and items be assessed during a physical security survey?

Answer 4

In terms of appropriateness for the situation, age, operability, maintenance, interoperability, aesthetics, and consistency with the current use of the space.

Source: POA, Physical Security, 3.4.1, page 43

Question 5

What are four tests that should be conducted as part of a physical security survey?

Answer 5

Shipping and receiving,
Alarms,

Computer/server room security,
General access controls.

Source: POA, Physical Security, 3.4.2, page 48

Question 6

What are five criteria of good physical security survey reports?

Answer 6

Accuracy,
Clarity,

Conciseness,
Timeliness,
Slant or pitch.

Source: POA, Physical Security, 3.5, pages 48-49

Question 7

What are the two foundational principles of physical security design?

Answer 7

Four Ds,
Layered security or defense-in-depth.

Source: POA, Physical Security, 5.1, page 78

Question 8

What are the Four Ds?

Answer 8

Deter,
Detect,

Delay,
Deny.

Source: POA, Physical Security, 5.1, page 78

Question 9

What is a defense-in-depth approach?

Answer 9

An adversary must avoid or defeat a number of protective devices or features in sequence.

Source: POA, Physical Security, 5.1, page 78

Question 10

What is the different between point and area security?

Answer 10

Area security features a significant perimeter protection and entry is tightly controlled at a single portal.
Point security features a loosely controlled perimeter and the primary security focus is at the individual buildings.

Source: POA, Physical Security, 5.1.1, page 79

Question 11

What is CPTED?

Answer 11

CPTED, or crime prevention through environmental design, is the design or redesign of a venue to reduce crime opportunity and fear of crime through natural, mechanical, and procedural means.

Source: POA, Physical Security, 10.1, pages 211-212

Question 12

What are the three types of CPTED measures?

Answer 12

Mechanical measures,
Organizational measures,

Natural measures.

Source: POA, Physical Security, 10.1, page 212

Question 13

What are five examples of CPTED tools?

Answer 13

Natural territorial reinforcement,
Natural surveillance,

Natural access control,
Management and maintenance,
Legitimate activity support.

Source: POA, Physical Security, 10.1, pages 212-214

Question 14

This CPTED tool is the process of establishing a sense of ownership, responsibility, and accountability in property owners, manager, or occupants to increase vigilance in identifying trespassers.

Answer 14

Natural territorial reinforcement.

Source: POA, Physical Security, 10.1, page 213

Question 15

This CPTED tool states that increasing visibility by occupants and casual observers increases the detection of trespassers or misconduct at a facility.

Answer 15

Natural surveillance.

Source: POA, Physical Security, 10.1, page 213

Question 16

The idea of this CPTED tool is to employ both real and symbolic barriers - including doors, fences, and shrubbery - to define and limit access to a building or other space

Answer 16

Natural access control.

Source: POA, Physical Security, 10.1, page 213

Question 17

This CPTED tool states that for spaces to look well cared for and crime-free, they must be maintained. This tool is also supported by the “broken windows” theory.

Answer 17

Management and maintenance.

Source: POA, Physical Security, 10.1, page 213

Question 18

This CPTED tool states that some places are difficult to protect by nature of their location or other geographic feature and space may need to be occupied to prevent it.

Answer 18

Legitimate activity support.

Source: POA, Physical Security, 10.1, page 213

Question 19

What is the capable guardian concept?

Answer 19

The presence of a capable guardian may deter crime by reducing the site’s perceived vulnerability and make it less attractive to offenders.

Source: POA, Physical Security, 10.1.1, page 216

Question 20

What are the four main strategies of second generation CPTED (the Four Cs)?

Answer 20

Cohesion,
Capacity threshold (tipping point),

Community culture,
Connectivity.

Source: POA, Physical Security, 10.1.2, page 217

Question 21

What lenses are added in third generation CPTED and CPTED 3-D?

Answer 21

Third generation CPTED introduces environmental sustainability and green technology.
CPTED 3-D incorporates designation of a space, its definition in terms of management and identity, and design as it relates to desired function.

Source: POA, Physical Security, 10.1.2, page 217

Question 22

What are the six tasks of technical security projects?

Answer 22

Risk analysis,
Conceptual (schematic),

Design development,
Construction documents,
Bidding,
Construction.

Source: POA, Physical Security, 14.1, page 481

Question 23

What are two important outcomes of the initial phases of a design project?

Answer 23

A security basis of design, focusing on the specific project requirements and a conceptual design solution based on those requirements;
A business case to support the project.

Source: POA, Physical Security, 14.2, pages 481-482

Question 24

The level of protection for a group of assets must meet the protection needs of what?

Answer 24

The most critical asset in the group.

Source: POA, Physical Security, 14.2, page 483

Question 25

What are nine design criteria?

Answer 25

Codes and standards,
Quality,

Capacity, 
Performance, 
Features, 
Cost, 
Operations, 
Culture and image, 
Monitoring and response. 

Source: POA, Physical Security, 14.3.1, pages 485-488

Question 26

What is the purpose of the design concept?

Answer 26

The design concept incorporates the basis of design; documents the findings, conclusions, and recommendations from any initial surveys, and is the first opportunity to document the project’s design.

Source: POA, Physical Security, 14.3.3, page 489

Question 27

What is included in the typical construction documents (CD) phase package?

Answer 27

CD drawings,
Specifications,

Bill of quantities,
Refined system budgets,
Contract terms and conditions.

Source: POA, Physical Security, 14.3.4, page 493

Question 28

System security drawings usually consist of what 5 items?

Answer 28

Plans,
Elevations,

Details,
Risers,
Hardware schedules.

Source: POA, Physical Security, 14.3.6, page 495

Question 29

What two types of costs should be considered in the estimate?

Answer 29

Capital projects and service projects and recurring costs.

Source: POA, Physical Security, 14.4.2, page 503

Question 30

What are three types of cost estimates?

Answer 30

Budgetary estimates,
Preliminary design estimates,

Final design estimates.

Source: POA, Physical Security, 14.4.3, pages 504-506

Question 31

This types of cost estimate is prepared during the initial planning phase and the goal is to arrive at a cost figure that can be used for getting the new security system into the budget cycle.

Answer 31

Budgetary estimate.

Source: POA, Physical Security, 14.4.3, page 504

Question 32

This type of cost estimate is prepared when the security system is part of a larger construction project and should include a contingency of plus or minus 10%.

Answer 32

Preliminary design estimate.

Source: POA, Physical Security, 14.4.3, page 504

Question 33

This type of cost estimate is developed using the completed documents, drawings, and schedules and should have a contingency of plus or minus 5%.

Answer 33

Final design estimate.

Source: POA, Physical Security, 14.4.3, page 506

Question 34

What are components of life-cycle cost?

Answer 34

Engineering and design costs,
Hardware,

Software, 
Installation costs, 
Operating costs, 
Maintenance costs, 
Other costs, 
Adjustments. 

Source: POA, Physical Security, 14.4.4, page 506

Question 35

What are three forms of security systems procurement?

Answer 35

Sole source,
Request for proposal (RFP),

Invitation to bid (IFB).

Source: POA, Physical Security, 14.8.1, page 529

Question 36

In this procurement method, the organization prequalifies a reputable security system contracts, works with the contractor to design the system, and negotiates the cost of the equipment, installation, and service.

Answer 36

Sole source procurement.

Source: POA, Physical Security, 14.8.1, page 530

Question 37

This procurement method is the most common and is based on a set of detailed design and construction documents that form the basis of the organization’s functional requirements.

Answer 37

Request for proposal.

Source: POA, Physical Security, 14.8.1, page 530

Question 38

This procurement method is commonly used by government agencies and other organizations whose procedures require that projects be competitively bid and that the award be given to the lowest qualified, responsive bidder.

Answer 38

Invitation for bid.

Source: POA, Physical Security, 14.8.1, page 531

Question 39

The type of procurement process has a direct impact on what preparation?

Answer 39

The procurement affects the level of detail required in the construction documents.

Source: POA, Physical Security, 14.8.1, page 529

Question 40

What is a pre-bid conference?

Answer 40

Each contractor is invited to meet with the owner or the owner’s consulting engineer for a complete review of the bid documents and a walk-through of the site.

Source: POA, Physical Security, 14.8.2, page 531

Question 41

Why should life-cycle and warranty costs be calculated during proposal review?

Answer 41

Calculating those figures can reveal whether the low bidder has priced the system at a low profit margin but plans to make up the difference in high charges for maintenance.

Source: POA, Physical Security, 14.8.2, page 532

Question 42

What three things should be determined when checking references for contractors?

Answer 42

Is there good chemistry with the contractor’s representatives?
Do they have the experience and power of personality to work well with the other trades on the project?

How have they resolved problems that occurred on other projects?

Source: POA, Physical Security, 14.8.2, pages 532-533

Question 43

What is the challenge of project management?

Answer 43

To achieve all the project goals and objectives while living within the project’s time and budget constraints.

Source: POA, Physical Security, Chapter 13, page 471

Question 44

What are four constraints of all security projects?

Answer 44

Scope,
Schedule,

Budget,
Quality.

Source: POA, Physical Security, Chapter 13, page 472

Question 45

What are the five phases of a project?

Answer 45

Conception,
Planning,

Design management,
Bid process management (or participation),
Construction (or construction review).

Source: POA, Physical Security, Chapter 13, page 474

Question 46

What are seven types of barriers?

Answer 46

Walls,
Floors,

Ceilings, 
Roofs, 
Doors, 
Windows, 
Other structures, such as symbolic and natural barriers. 

Source: POA, Physical Security, 9.1, page 135

Question 47

What are two categories of safes?

Answer 47

Safes designed for fire protection,
Safes designed for protection of valuables against forcible penetration.

Source: POA, Physical Security, 9.2.1, page 163

Question 48

What is a vault?

Answer 48

Specially constructed rooms or areas intended to limit access and provide protection to the assets in the space.
The term vault also applies to specially constructed rooms or areas that are designed to protect the contents from fire, but not necessarily theft.

Source: POA, Physical Security, 9.2.2, page 171

Question 49

What are two general classes of locks?

Answer 49

Mechanical,
Electrical.

Source: POA, Physical Security, 9.3.1, page 177

Question 50

This type of lock uses an arrangement of physical parts to prevent the opening of a bolt or latch.

Answer 50

Mechanical lock.

Source: POA, Physical Security, 9.3.1, page 177

Question 51

This type of lock can be locked or unlocked by a remote device.

Answer 51

Electrical lock.

Source: POA, Physical Security, 9.3.2, page 181

Question 52

What are common design or planning criteria for lock systems?

Answer 52

Total number of locks,
Major categories of sectors of the system,

Security objectives,
Size and turnover of the population,
Related or supportive security subsystems,
Intelligence or information requirements,
Criticality of asset exposure.

Source: POA, Physical Security, 9.3.3, page 189

Question 53

What are five categories of general security lighting equipment?

Answer 53

Streetlight,
Searchlight,

Floodlight,
Fresnel,
High mast lighting.

Source: POA, Physical Security, 9.4.1, page 191

Question 54

What are the three major security purposes of lighting?

Answer 54

To create a psychological deterrent,
To enable detection,

To enhance the capabilities of video surveillance systems.

Source: POA, Physical Security, 9.4.2, page 195

Question 55

What are the four components of lighting systems?

Answer 55

Lamp,
Luminaire,

Mounting hardware,
Electrical power.

Source: POA, Physical Security, 9.4.4, pages 201-202

Question 56

What is intrusion detection?

Answer 56

The process of detecting a person or vehicle attempting to gain unauthorized entry into an area.

Source: POA, Physical Security, 11.3, page 294

Question 57

What are the basic building blocks of an intrusion detection system?

Answer 57

Sensors.

Source: POA, Physical Security, 11.3, page 294

Question 58

What are the three main characteristics of intrusion sensor performance?

Answer 58

Probability of detection,
Nuisance alarm rate,

Vulnerability to defeat.

Source: POA, Physical Security, 11.3.1, page 294

Question 59

What are three ways to defeat a sensor?

Answer 59

Bypass,
Adversary path exploitation,

Spoof.

Source: POA, Physical Security, 11.3, page 297

Question 60

What are five ways to classify intrusion sensors?

Answer 60

Passive or active,
Covert or visible,

Line-of-sight or terrain-following (for exterior sensors only),
Volumetric or line detection,
Application.

Source: POA, Physical Security, 11.3.3, page 304

Question 61

What are the seven main elements of a video surveillance system?

Answer 61

Field of view,
Scene,

Lens, 
Camera, 
Transmission medium, 
Workstation, 
Recording equipment. 

Source: POA, Physical Security, 11.4, page 344

Question 62

What questions can be asked to determine a camera system’s functional requirements?

Answer 62

What is the purpose of the system?
What specifically is each camera supposed to view?

What are the requirements for proactive risk reduction, real-time monitoring, or recorded video?

Source: POA, Physical Security, 11.4.1, page 346

Question 63

What are four reasons to have cameras in security applications?

Answer 63

To obtain visual information about something that is happening,
To obtain visual information about something that has happened,

To deter or discourage undesirable activities,
To use video analytics tools.

Source: POA, Physical Security, 11.4.2, page 347

Question 64

For which three components of a physical security program can metrics be produced?

Answer 64

Systems,
Personnel,

Compliance.

Source: POA, Physical Security, 4.2, page 58

Question 65

What is the goal of establishing metrics for physical security systems?

Answer 65

To reduce the amount of noise on the operator’s screen, thereby enabling the systems to operate efficiently.

Source: POA, Physical Security, 4.2.1, page 59

Question 66

What are common types of alarms reported in physical security system metrics?

Answer 66

Forced door,
Door held open,

Unauthorized access attempts,
User-defined actions/alarms,
Communications failure.

Source: POA, Physical Security, 4.2.1, pages 59 - 61

Question 67

What is the purpose of tracking metrics for physical security personnel?

Answer 67

Provides an understanding of the appropriate expenditures and number and type of personnel required for effective physical security operations.

Source: POA, Physical Security, 4.2.2, page 65

Question 68

What are two measurable performance categories for physical security personnel?

Answer 68

Response,
Training.

Source: POA, Physical Security, 4.2.2, page 65

Question 69

What is the purpose of equipment performance testing?

Answer 69

Determine whether equipment is functional, has adequate sensitivity, and will meet its design and performance objectives.

Source: POA, Physical Security, 15.4, page 550

Question 70

What is the purpose of personnel performance testing?

Answer 70

Determine whether procedures are effective, whether personnel know and follow procedures, and whether personnel and equipment interact effectively.

Source: POA, Physical Security, 15.4, page 550

Question 71

What are four types of equipment tests?

Answer 71

Predelivery or factory acceptance tests,
Site acceptance tests,

Reliability or availability tests,
Post-implementation tests.

Source: POA, Physical Security, 15.4, page 550

Question 72

This type of testing is conducted to demonstrate that system performance complies with specified requirements in accordance with approved factory test procedures.

Answer 72

Predelivery or factory acceptance testing.

Source: POA, Physical Security, 15.4.1, page 551

Question 73

This type of test tests all components and verifies data transmission system operation after the system has been installed and placed into service.

Answer 73

Site acceptance testing.

Source: POA, Physical Security, 15.4.2, page 552

Question 74

This type of test is conducted in alternating phases of testing and evaluation to allow for validation of the tests and corrective actions.

Answer 74

Reliability or availability testing.

Source: POA, Physical Security, 15.4.3, page 554

Question 75

What are six types of post-implementation tests?

Answer 75

Operational tests,
Performance tests,

Post-maintenance tests,
Subsystem tests,
Limited scope tests,
Evaluation tests.

Source: POA, Physical Security, 15.4.4, pages 555-556

Question 76

What requirements should be outlined in a warranty?

Answer 76

The contractor should be required to repair, correct, or replace any defect for a period of 12 months from the date of issue of the certificate of practical completion.

Source: POA, Physical Security, 15.4.5, page 556

Question 77

What are two main types of physical protection system maintenance?

Answer 77

Remedial maintenance or service contracts,
Preventative maintenance.

Source: POA, Physical Security, 16.1, pages 562-563

Question 78

This type of maintenance corrects faults and returns the system to operation in the event that a hardware or software component fails.

Answer 78

Remedial maintenance.

Source: POA, Physical Security, 16.1, page 562

Question 79

This type of maintenance is scheduled to keep the hardware and software in good operating condition.

Answer 79

Preventative maintenance.

Source: POA, Physical Security, 16.1, page 563

Question 80

What factors should be considered when justifying the cost of a replacement physical security system?

Answer 80

Cost of maintenance,
Lack of spare parts,

Obsoleteness of hardware and software,
Operating costs,
Unreliability.

Source: POA, Physical Security, 16.2, page 571