Domain 1 - Security P&P

Question 1

What is PODSCORB

Answer 1

Fayol’s Management Principles: Planning, Organizing, Deciding, Staffing, Directing, Coordinating, Reporting, and Budgeting

Question 2

ESRM is a ___ not a ___

Answer 2

ESRM is an approach/methodology, not a program

Question 3

what is observability?

Answer 3

the ability of an adversary to see and identify a vulnerability (or for security to be aware of incoming natural threat)

Question 4

what is exploitability?

Answer 4

the ability of the adversary to take advantage of the vulnerability (or natural threat’s ability to damage the facility)

Question 5

What is one mathematical way of calculating risk?

Answer 5

Risk = (threat * vulnerability * impact)^(1/3)

Question 6

what are requirements for copyrights to be protected

Answer 6

Under international law, copyrights do not have to be registered to be protected

Question 7

What is the best way to protect a trademark internationally?

Answer 7

Registration of trademarks before the product enters the stream of commerce in any country is the primary means of ensuring that the mark is eligible for protection under that country’s law

Question 8

How long do patents last?

Answer 8

20 years

Question 9

What are the criminal laws surrounging trade secrets and patend infringements

Answer 9

Stealing a trade secret may violate criminal laws, but there are no criminal laws regarding patent infringement (US)

Question 10

What are 10 types of insurance?

Answer 10

commerical general liability
workers compensation
commercial auto
commercial property
excess and umbrella liability - extends limits of primary policies
fidelity coverage - for losses caused by employee’s fraudulent or dishonest actions
Business Interruption Insurance
Directors and Officers insurance - protects individuals from personal losses if sued as a result of these jobs
Cyber Insurance - covers financial loses from data breaches and other cyber events
employment practices liability insurance

Question 11

what is a captive carrier

Answer 11

writes insurance for the owning company, easier to insure risks not acceptable to conventional carriers (expensive/large firms only)

Question 12

What is admitted vs non-admitted insurer

Answer 12

For a policy to be admitted, it must be filed and approved with state’s insurance department to ensure the policy meets the rquirements of that state (backed by state’s guaranty fund in event of carrier insolvency.

Non-admitted is for risks not covered by typical policies

Question 13

What are the three management styles

Answer 13

authoritatian, deomcratic, and laissez-faire

Question 14

Cost of Loss Formula

Answer 14

K=Cp+Ct+Cr+Ci-I
K=cost of loss; Cp=cost of permanent replacement; Ct=cost of temporary substitute; Cr=total related costs (remove old asset, install new, etc); Ci=lost income cost; I=available insurance or indemnity