Practice Exam Question 1 Flashcards
The ASIS/ANSI ORM Security & Resilience in Organizations and Their Supply Chains (2017) Standard outlines a risk assessment process. Which of the following describes this process?
A. Threat identification; vulnerability assessment; risk analysis and risk evaluation
B. Threat identification; vulnerability assessment; risk assessment and risk evaluation
C. Asset identification; risk identification; risk analysis and risk evaluation
D. Asset identification; vulnerability assessment; threat assessment and risk evaluation
C
This assessment is performed to establish a baseline of PPS effectiveness in meeting goals and objectives. The process is a method of identifying the weak points of a facility, entity, venue or person. This is BEST described as a:
A. Risk analysis
B. Risk assessment
C. Threat analysis
D. Vulnerability assessment
D
Which type of question is intended to help the person being asked the question to think more deeply about a subject or specific issue?
Probing question
Open question
Closed question
Leading question
A
Which strategy allows the investigator to re-evaluate and, if necessary, modify his/her opening hypothesis as new evidence is uncovered?
Stockholm strategy
Variable hypothesis strategy
Pygmalion strategy
Floating point strategy
D
- You are the senior administrator for a bank. A user calls and says he was notified to contact you but couldn’t find your information on the company website. Two days ago, he received an email stating that there was something wrong with his account and he needed to click a link in the email to fix the problem. He clicked the link and filled in the information, but now his account is showing a large number of transactions that he did not authorize. The user was likely the victim of what type of attack?
Spoofing
Spamming
Phishing
BEC
C
When dealing with suspected chemical or biological agents that are released from a suspicious package, what should be your FIRST goal?
Look after any staff exposed to the materials
Call security
Limit distribution of the material
Call the police
C
Sally would like to forward some Personally Identifiable Information to her HR department by email, but she is worried about the confidentiality of the information. Which of the following will accomplish this task securely?
Encryption
Secret Key
Hashing
Digital Signatures
A
Which approach examines the linkages and interactions between the elements that compose the entirety of a system?
Systems approach
PDCA
Convergence
Security in depth
A
There are three information security system control objectives. Which of the following are these objectives?
Deterrence, detection and response
Deterrence, detection and recovery
Detection, response and recovery
Detection, recovery and compliance
D
Which CPTED measures would employ good space planning to reduce inhabitant conflicts by considering compatible circulation patterns, including a well-defined building entrance and arranging courtyards, patios and porches for unobstructed lines of sight?
Human Measures
Natural Measures
Mechanical Measures
Organizational Measures
B
Which person on an incident scene has the overall incident management responsibility?
Incident commander
Chief Security Officer
Most senior member of staff
Emergency responder
A
The total exposed amount that an organization wishes to undertake on the basis of risk-return trade-offs for one or more desired and expected outcomes, is known as:
Cost-benefit
Risk appetite
Vulnerability
Risk acceptance
B
These are based on the investigative goals but are more specific and may be more short-lived. They are generally measurable and can be used to gauge the progress, success, or achievement of an investigative unit. They are BEST described as:
Ethics
Strategies
Objectives
Metrics
C
Which of the following strategies is accomplished anytime you take steps to reduce the risk?
Risk avoidance
Risk acceptance
Risk deterrence
Risk mitigation
D
Which of the following is NOT a characteristic of morphine?
Its legal use is restricted primarily to hospitals
It is the principal constituent of opium
A significant part of the morphine obtained from opium is used medically
It is odorless, bitter tasting, and darkens with age
C
The hallucinogen “mescaline” is derived from:
The peyote cactus
The coca plant
Mushrooms
The sage bush
A
Which type of alarms should be regarded as the highest priority level?
Duress alarm
Intruder alarm
Fire alarm
Proprietary alarm
A
The main source of non-synthetic narcotics is:
Peyote
The laboratory
Papaver somniferum
The coca plant
C
Which terms would you associate with civil liabilities?
Administrative and criminal
Tort and Contract
Intent and Act
Res judicata and precedence
B