Practice Exam Question 2 Flashcards

1
Q

What are the most cost-effective barriers to be applied in a physical security approach?

Barriers made from recycled materials
Those that already exist as part of the site
Any natural barrier
Barriers with low installation costs

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The responsibility of a person or organization to take all reasonable measures necessary to prevent activities that could result in harm to other individuals and/or their company, is known as:

Due diligence
Security by design
Due care
CPTED

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The primary information security control types that can be implemented are:

Supervisory, subordinate, and peer
Personal, procedural, and legal
Operational, technical, and management
Mandatory, discretionary, and permanent

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A user attempting to log on to a workstation for the first time is prompted for the following information before being granted access: username, password, and a four-digit security pin that was mailed to him during account registration.

This is an example of which of the following?

Dual-factor authentication
Multifactor authentication
Single factor authentication
Biometric authentication

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Separation of duties helps prevent an individual from embezzling money from a company.
To successfully embezzle funds, an individual would need to recruit others to commit an act of …… (an agreement between two or more parties established for the purpose of committing deception or fraud).

Misappropriation
Misuse
Collusion
Fraud

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Security professionals can most effectively convince management of the need for security by quantifying and prioritizing the loss potential with presenting which of the following?

A strategic plan that applies to the entire organization
A strategic plan that applies to the security organization
A cost-benefit analysis and return-on-investment assessment
A cost-benefit analysis with business unit endorsement

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following is the best description of tailgating?

Following someone through a door they just unlocked
Figuring out how to unlock a secured area
Sitting close to someone in a meeting
Stealing information from someone’s desk

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following terms refers to the process of establishing a standard for security?

Baselining
Security evaluation
Target hardening
Security by design

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following sensors relies on the Doppler frequency shift between the transmitted and received signal caused by a moving object within the energy field?

Capacitance sensors
Proximity sensors
Microwave sensors
Passive infrared sensors

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The three (3) primary functions of a Physical Protection System (PPS) are:

Detect, delay and response
Deter, detect and response
Deter, delay and response
Detect, deter and response

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The process designed to systematically identify and evaluate an organization’s assets based on the importance of its mission or function, the group of people at risk, or the significance of a disruption on the continuity of the organization.

Qualitative risk assessment
Criticality analysis
Risk identification
Loss event profile

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

An approach to reducing crime or security incidents through the strategic design of the built environment typically employing organizational, mechanical, and natural crime prevention methods to control access.

Security by design
Balanced security
CPTED
Security in depth

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

These are based on the investigative goals but are more specific and may be more short-lived. They are generally measurable and can be used to gauge the progress, success, or achievement of an investigative unit. They are BEST described as:

Metrics
Objectives
Strategies
Ethics

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A joint effort where the local police service’s crime prevention programs bring together local law enforcement and various local security organizations from industry and businesses to focus on specific high-profile crime issues. Such collaboration conserves valuable resources, encourages information sharing, eliminates duplication of effort, and effectively reduces crime.
This type of effort is BEST described as a:

Force multiplier
Crime prevention
Mutual aid
Cooperative policing

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Snowball sampling is an example of _____?

Probability sampling
Non-probability sampling
Random sampling
Systematic sampling

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

In the Plan-Do-Check-Act (PDCA) cycle, this is the most critical stage and calls for identifying and analyzing the organization’s problems and events that could disrupt operations and assets.
This step is referred to as which part of the cycle?

Plan
Do
Check
Act

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What does a barrier’s effectiveness dependent on?

Effectiveness of response force
The type of material
The environmental conditions
How much time the barrier can delay an adversary

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

The following theory asserts that a person’s behavior is driven by basic needs at different levels and is still widely recommended to analyze individual employee motivation. It is referred to which of the following?

Maslow’s Theory
McGregor’s Theory
Hertzberg’s Theory
Motivation-Hygiene Theory

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which light sources have assumed the major market share of exterior lighting?

LED
Incandescent
Fluorescent
Metal Halide

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

A set of criteria, guidelines, and best practices that can be used to enhance the quality and reliability of products, service, or processes, is the definition for which of the following?

Guideline
Standard
Regulation
Code

A

B

21
Q

Ann, an employee, is cleaning out her desk and disposes of paperwork containing confidential customer information in a recycle bin without shredding it first. This is MOST likely to increase the risk of loss from which of the following attacks?

Shoulder surfing
Dumpster diving
Tailgating
Spoofing

A

B

22
Q

The “integration” of traditional physical security functions and information systems & IT security functions is known as:

Security Organization Integration
Security Management Systems
IT and Security Merger
IT and Security Convergence

A

D

23
Q

In which stage of incident response does a team analyze the incident and
determine steps to prevent a future occurrence?

Mitigation
Identification
Preparation
Post-event

A

D

24
Q

The type of glass that is often used for both safety and security purposes because it is three to five times stronger than regular glass and five times as resistant to heat is:

Reflective glass
Coated glass
Wired glass
Tempered glass

A

D

25
Q

The tendency to search for, interpret, favor, and recall information in a way that confirms or supports one’s prior beliefs or value, is known as:

Confirmation bias
Inherent bias
Memory bias
Cultural bias

A

A

26
Q

In an armed workplace violence incident, the program assumes that an effective response by properly trained personnel will occur if the perpetrator is not diverted. This means that one of the best-planned responses should be which of the following?

The quickest responding security force, closest to the incident.
Company security personnel from all posts respond to the scene as soon as possible
Assigned supervisors who are trained to deal with conflict.
Response by correctly trained, armed personnel who will handle the situation.

A

D

27
Q

Consider the following scenario: The asset value of your company’s primary servers is € 2 million, and they are housed in a single office building in Arizona. You have field offices scattered throughout the world, so these servers in the main office account for approximately half the business. Tornados in this part of the world are not uncommon, and it is estimated one will level the building every 60 years.

Only considering asset value, which of the following would be the single loss expectancy (SLE) for this scenario?
€ 2 million
€ 1 million
€ 500.000
€ 33.333

A

A

28
Q

Which of the following is another name for social engineering?

Social disguise
Social hacking
Wetware
Wetfire

A

C

29
Q

Generally speaking, a felony is defined as:

A crime in which there is a clear victim
Any crime that can carry a jail term and a fine
Any crime that can be punishable by a period of imprisonment of greater than 1 year
Any crime involving an injury to persons or theft of something valuable

A

C

30
Q

Which theory suggests that an abandoned building or car can remain unmolested indefinitely, but once the first window is broken, the building or car is quickly vandalized?

Broken windows theory
CPTED
Situational crime
Window and car approach

A

A

31
Q

Which statement BEST describes “non-verbal” responses?

Both spoken words and gestures that serve as word substitutes, such as nodding the head to indicate yes.
Voice characteristics such as tone, pitch, speed and clarity.
Body movements, position changes, gestures, facial expressions and eye contact.
Voice characteristics and body movements that indicate deception.

A

C

32
Q

An assessment approach that is used to evaluate target attractiveness and includes criticality, accessibility, recuperability, vulnerability, effect and recoverability is BEST described as the:

Vulnerability assessment
Risk assessment
CARVER assessment
Security survey

A

C

33
Q

What should be the first step in formulating a physical barrier plan?

Establishing the budget
Do an environmental scan
Performing a risk assessment
Identifying the assets to be protected

A

D

34
Q

An uncertain situation where a number of possible outcomes might occur, one or more of which is undesirable, BEST describes which of the following?

Risk
Threats
Loss
Targets

A

A

35
Q

After a number of highly publicized and embarrassing customer data leaks as a result of social engineering attacks by phone, the Chief Information Officer (CIO) has decided user training will reduce the risk of another data leak. Which of the following would be MOST effective in reducing data leaks in this situation?

Information Security Awareness
Social Media and BYOD
Data Handling and Disposal
Acceptable Use of IT Systems

A

A

36
Q

“The process of establishing a sense of ownership, responsibility and accountability among property owners, managers or occupants to increase vigilance in identifying trespassers.”
Which of the following terms BEST meets this CPTED description?

Target Attractiveness
Natural Territorial Reinforcement
Random Activity Theory
Neighborhood Watch

A

B

37
Q

Where would a sound detector typically be used?

In an airport building
In a datacenter
In a vault
In a control room

A

C

38
Q

This process requires consideration of the threat type, tactics and mode of operations, capabilities, threat level and likelihood of occurrence. The definition can be modified to include all sites, not only utilities. Threats come from malevolent humans, not accidental (safety-related) events.

This process is BEST defined as which of the following?

Design Basis Threats
Loss Event Profiles
Adversarial Sequence Diagrams
Threat Risk Assessment

A

A

39
Q

Which of the following definitions BEST describes a hazard?

Possible source of danger or conditions (physical or operational) that have a capacity to produce a particular type of adverse effect.
Possible risk (physical or operational) that can cause a workplace accident.
Possible source of danger (adversary) that can produce an adverse effect.
Confirmed source of danger (adversary) that can produce an adverse effect.

A

A

40
Q

A protection system’s individual applications and components should be integrated and converged so that they provide an equal level of protection. This concept is known as:

Security in depth
Balanced protection
Convergence
Onion approach

A

B

41
Q

Insurance coverage on an asset is considered the most common form of what type of risk management mitigation approach?

Risk Spreading
Risk Reduction
Risk Transfer
Risk Acceptance

A

C

42
Q

Which of the following BEST describes “Unity of Command”?

Dictates that an individual is accountable for more than one (1) employee.
Dictates that an individual report to only one (1) supervisor.
States how many persons a supervisor may effectively supervise.
States the number of security personnel required to function when guided by incident management situations.

A

B

43
Q

Explanations of why people steal have historically referred to the theft triangle, which consists of which of the following motivations?

Desire, Need and Opportunity
Desire, Motive and Opportunity
Want, Need and Motive
Want, Need and Lack of Controls

A

B

44
Q

Identifying residual risk is MOST important to which of the following concepts?

Risk deterrence
Risk acceptance
Risk mitigation
Risk avoidance

A

B

45
Q

Active intrusion sensors transmit a signal from a transmitter and, with a receiver, detect changes or reflections of that signal. When the transmitter and the receiver are separated, what type of installation would this be called?

Mono-static
Bi-static
Passive
Active

A

B

46
Q

According to most international legal requirements, these are not required to be registered to be protected. Nevertheless, a person can formalize ownership through government registration, which may help in any later enforcement actions.
This applies to which of the following?

Patents
Copyrights
Trade Secrets
Trademark

A

B

47
Q

Which of the following is being tested when a company’s payroll server is powered off for eight hours?

Succession plan
Business impact document
Continuity of operations plan
Risk assessment plan

A

C

48
Q

Three financial reports or statements have become accepted as a standard to make it possible painting a clear picture of a company’s current and prospective financial health. They are:

The income statement, profit and loss and cash flow statements
The income statement, balance sheet and cash flow statements
The balance sheet, profit ratio and cash flow statements
The income sheet, profit ratio and cash flow statements

A

B

49
Q

A company is interested in purchasing property overseas. They decide to conduct an investigation to evaluate the current property owners, the location, finances and operations of the target property.

Which of the following statements is BEST describes this type of investigation?

Compliance
Financial
Background
Due diligence

A

D