Prep Flashcards
Which of the following is the true about vulnerabilities in a security context
Vulnerabilities can arise from inadequate training and poor access control
Which of the following best describes the role of criticality assessments in risk management
Criticality assessments prioritize asset protection based on their importance to overall business operations
What is the primary function of a criticality assessment in risk management
To measure how dependent the organization is on the asset
Why is it essential to review a terminated employees access to company systems during a workplace violence risk assessment
To prevent retaliation or misuse of sensitive information
Which sensor technology is best suited for detecting slow moving objects at long distances
Microwave sensor
How might adversaries bypass the protections of a network based intrusion detection system (NDS)
By encrypting malicious traffic, which the NDS cannot inspect
Which lock type is the most vulnerable to key duplication attacks
Pin tumbler lock
In an adversary sequence diagram, what does a low Probability of Neutralization (Pn) suggest
The adversary is more likely to escape after detection
Which rating denotes a safes ability to withstand tool based attacks at 60 minutes
TL-60
What is the primary goal of ESRM
Identifying and managing security risks
Which of the following scenarios would not reduce Probability of Neutralization (Pn)
Increased threat deterrence measures
In the context of drug investigations, how does the Controlled Substances Act (CSA) classify Ecstasy/MDMA
As a schedule 1 drug due to its high potential for abuse and no accepted medical use
Which of the following is not considered when assessing asset criticality in a security framework
The likelihood of a successful attack
Which of the following combinations of factors is LEAST likely to reduce an assets risk
High vulnerability but effective detection systems
Which of the following is not a recommended best practice for conducting a polygraph examination
Asking compound of leading questions
Which of the following is not an essential characteristic of a well conducted investigation
Expediency
In what situation would a vibration sensor be the most effective choice
Detecting the breaking of glass in a window
Which of the following is most important for ensuring the admissibility of evidence in court
Proper documentation
Which of the following is a responsibility of the personnel security officer
Investigation security incidents
What is the purpose of access control measures in personnel security
To restrict access to sensitive areas
To prevent unauthorized entry
To protect sensitive information
How might a person with a criminal background exploit a ban the box policy to secure employment
By delaying the disclosure of criminal history until later the hiring process
How can poorly managed crisis communication protocols lead to secondary reputational damage after the initial crisis
Stakeholders may receive inconsistent information leading to mistrust
Delayed post crisis messaging reduced confidence in the organization
In high traffic environment which sensor technology would be most appropriate to avoid false alarms while maintaining security
Dual technology sensor
______ is the ability of an organization to anticipate, prepare for, respond to and adapt to incremental change and sudden disruption in order to survive and prosper
Organizational Resilience
Which combination of factors would most likely reduce the Probability of Neutralization (Pn) in a high security systems
High detection sensitivity but poorly trained security personnel
Which sensor type is least affected by the presence of moving vehicles in the vicinity of a protected area
PIR sensor
In a threat assessment which combination of factors would reduce the over all risk
Low vulnerability and frequent audits
An action of event that could result in a loss; an indication that such an action or event might take place is called _________
Threat
Which type of sensor is often used in vaults and safes to detect unauthorized tampering or drilling
Vibration sensor
What is the primary reason for using electromagnetic lock in high security environment
Resistance to forced entry
Why is it critical to perform a business impact analysis (BIA) before finalizing business continuity plans
To determine the potential operational and financial impacts of different types of disruptions
Which type of top guarding is most effective in preventing intruders from scaling a fence
Inward facing concertina wire
In CPTED, what is the primary goal of access control
To reduce criminal behaviour by influencing movement patterns
Which standard is used to test and rate the security of vault doors in the event of attacks involving explosives
CEN 1143-1
What is the primary operational difference between bistatic and monostatic sensors in physical security systems
Bistatic sensors require separate transmitter and receiver units, whereas monostatic sensors have both components in one unit
Which combination of factors is most likely to reduce the Probability of Detection (Pd) in layered security system
Delayed detection systems and reduced sensor sensitivity
Which of the following is a not a investigative interview principle
Leading Questions
Which international standard sets the grading for safes and vaults to resist specific form of attacks like cutting and explosives
CEN 1143-1
Which investigative techniques is most likely to suffer from confirmation bias
The REID technique
What is the primary benefit of integrating BCMS with risk management
Enhanced organizational resilience
Improved financial performance
Which of the following is a primary limitation of REID techniques when dealing with juvenile suspects
It risks increasing false confessions due to suspects vulnerability
Which of the following type of vault doors typically offers the best composition of fire resistance and security
Composite Door
What is the primary purpose of personnel security investigations
To verify the information provided by job applicants
To identify potential risks associated with employees
To ensure the trustworthiness of individuals in sensitive positions
What is the primary challenge of designing physical security systems for remote or isolated facilities
Delayed response times due to geographic distance from emergency services
Which lamp has the lowest ROI due to frequent replacement and high power consumption
Incandescent
Why is it critical to include terrain following sensors in perimeter security systems for high risk facilities
Terrain following sensors adjust their detection range based on the contours of the landscape, preventing gaps in coverage that adversaries could explicit
In laminated glass, what role does PVB (polyvinyl butyral) interlayer play during a ballistic attack
It prevents the glass from shattering completely and absorbs the energy from the projectile
Which type of lamp experiences the highest energy consumption relative to light output
Incandescent lamp
During disaster recovery planning, why is it important to consider the geographic location of backup facilities
To mitigate the risk of the same disaster affecting both primary and backup sites
What is the primary purpose of installing anti pass back systems in access control
To prevent employees from sharing their access cards
Which of the following best describes a threat in the context of risk management
A potential danger that could cause harm to assets
Which of the following best defines a threat in the context of risk management
A potential danger that could cause harm to assets
In a high security facility, which type of sensor would be best for monitoring areas with frequent foot traffic but requiring detection of unauthorized access
Infrared Beam Sensor
Which type of evidence is most likely to be challenged in court as unreliable
Eyewitness testimony
When assessing the vulnerability of a facility, which methodology is most commonly employed to determine critical points
Fault Tree Analysis (FTA)
Which sensor would be best suited for monitoring entry points in areas prone to significant vibrations, such as near railroads
Microwave sensor
Which of the following is most likely to result in a false positive when using the REID technique
Accusatory questioning without corroborating evidence
Which of the following combinations would reduce overall vulnerability n a critical infrastructure system
Enhancing response protocols and reducing threat likelihood
Which investigative method is most likely to prevent bias
Using multiple sources of evidence
Blind interviewing techniques
______ principle says a single person can supervise only a limited number of staff members effectively
Span of control
Which type of vault door is specifically designed to resist attempts at forced entry using explosives
Blast resistant vault door
Which of the following is not an assumption of McGregor’s Theory X
Employees seek responsiblity
Which of the following is the primary strength of using financial records in a defalcation case
Financial records directly link the suspect in crime
What is the primary vulnerability of high security safes with electronic locks during a power outage
Inability to unlock
In the investigative process, what reflects the mindset of the investigator
Simple statement of abstracts encountered
What makes active infrared sensors particularly effective for perimeter security in a gated community
Active infrared beams form an invisible barrier that, when broken immediately alerts security personnel to a potential intrusion
In a covert surveillance operation, what is the most effective way to maintain a continuous watch on a mobile target
Using both fixed and mobile surveillance teams, coordinated with electronic tracking
In the context of investigative interviewing, which method prioritizes eliciting information rather than extracting confessions
PEACE Model
Cognitive Interview Technique
In a criticality assessment, what is the main factor that determines an assets protection priority
The assets role in maintaining business continuity
In an undercover investigation, how does the progression of interviews typically differ from regular investigation
Undercover investigations work toward those less involved
Which of the following sensors is designed to detect the proximity of a metallic object without direct contact
Magnetic sensor
Which of the following is not a common method of personnel security training
Physical Fitness Training
Which two factors are essential in calculating the Probability of Interruption (Pn)
Time delay and response force readiness
Adversary speed and detection system placement
What is the main purpose of implementing security metrics
To measure security effectiveness
To ensure regulatory compliance
What is the primary reason for installing double concertina wire on a perimeter fence
To create a secondary barrier between two lines of defense
How does the uses of passive sensors in a retail environment benefit the business beyond security
Passive sensors gather data on customer traffic patterns, which can be used for marketing and layout optimization
Which design feature of a high security vault enhances protection against crowbar or prying attacks
Anti-pry lip
What is the primary challenge of providing executive protection in high threat environments
Balancing overt and covert security measures
Which of the following is least likely to be considered indicative evidence in a criminal investigation
A suspects confession
What is the primary disadvantage of relying on eyewitness testimony
Subjectivity
Reliability
Which property of glass ceramic makes it suitable for high security applications where thermal resistance is critical
It has a low coefficient of thermal expansion, making it resistant to extreme temperatures
In what scenario would bistatic sensors outperform monostatic sensors
In large open areas where a separate transmitter and receiver can cover greater distances
What is the main goal of personnel security screening
To protect sensitive information
Which factors are most likely to influence the severity of a vulnerability
The assets criticality and the threats capability to exploit it
Which of the following is a primary difference between active and passive infrared sensor in intrusion detection
Active require both a transmitter and receiver
Which of the following factors would most likely reduce the Probability of Interruption (Pi) for an adversary attack
Enhanced detections but low personnel response readiness
Which lock component engages or disengages the bolt of a vault door
Cam
What is the primary purpose of a root cause analysis in investigation
Preventing future incidents
How might poor lighting in secure areas impact access control systems
It can make biometric scanners and card readers less effective by reducing visibility
What is the main purpose of implementing security metrics
To measure security effectiveness
To ensure regulatory compliance
What is the primary operational advantage of active ultrasonic sensors in detecting intruders in large, empty spaces
Ultrasonic sensors cover a larger volume of space, reducing the number of sensors required
Which business function is primary responsible for managing the flow of goods and services
Operations
Which of the following types of evidence is least likely to be used to prove intent in a criminal investigation
Testimony from expert witness
What is the primary goals of financial management within security operations
Ensuring operational efficiency
What is the primary function of probability of success (Ps) in a security systems adversary sequence diagram
To estimate the likelihood that an adversary will achieve their objective
In which scenario is mobile surveillance most effectively utilized
Following a suspect during their daily activities
What is a key limitation of traditional risk assessments in crisis management planning
They often fail to account for rapidly evolving risks like cybersecurity threats
Which type of glass is most appropriate to use in high traffic public areas where safety and impact resistance are paramount
Tempered glass
Which factor is most likely to increase the probability of detection (Pd) in a high threat environment
Increased sensor sensitivity and response times
Which type of cable is most suitable for perimeter surveillance systems requiring long distance data transmission without signal loss
Fiber Optic
How might an adversary exploit the vulnerabilities of a monostatic sensor in a high traffic facility
By moving in and out of the sensors detection range in quick succession, overwhelming the system and causing gaps in detection
Which factors is most likely to influence the severity of a vulnerability
The assets criticality and the threats capability to exploit it
Which attack method is the most effective against older combination lock safes
Manipulation
Which of the following is not a method for ensuring data integrity
Encryption
Which of the following sensors would be the most appropriate for detecting intrusions through metal doors
Magnetic sensor
Which of the following is a primary benefit of conducting a security audit
Identifying potential security breaches
Ensuring compliance with regulations
Which type of lock is most vulnerable to shimming
Padlock
Which of the following scenarios would reduce the Probability of Neutralization (Pn)
Enhanced threat deterrence but slow response protocols
What is the legal risk of coercive tactics during an interoggation
Coerced confessions may be deemed inadmissible in court due to constitutional violations
In what situation might end to end encryption (E2EE) be less effective for protecting sensitive data
If endpoints themselves are compromised, encrypted data can still be accessed in its decrypted form at the destination
Which of the following would not be considered a motivation according to Herzberg
Job security
What is the primary function of a security badge system
To control access to secure areas
How might adversaries bypass thermal sensors without triggering an alarm
By using heat resistance materials to block their body heat from being detected by the sensor
Which of the following represents a legal constraint on the use of surveillance in private investigations
Video surveillance may not record audio without consent
Which combination of factors would most likely reduce the Probability of Interruption (Pi) in a high security environment
Increasing personnel presence but reducing detection accuracy
Which of the following is true of Herzberg’s hygiene factors
They prevent job dissatisfaction
What is the primary purpose of a crisis management plan
Ensuring effective response to crisis
Which type of sensor is designed to detect intrusion based on pressure variations in the ground or floor
Pressure sensitive volumetric sensor
Why might an organization review a potential hires travel history as part of a background investigation
To identity associations with high risk countries
Which of the following is a common physical barrier in security
Fences
What is the primary goal of ESRM
Identifying and managing security risks
Which of the following is not a core element of the CARVER risk assessment method
Resilience
Which of the following combinations most increases an organizations risk exposure
High criticality and high vulnerability
Which lamp technology is most sensitive to frequent power cycling, resulting in a shorter lifespan if turned on and off regularly
Metal Halide
What is the primary disadvantage of using an active infrared sensor system in outdoor environments
Susceptibility to interference from direct sunlight
What is the biggest challenge in using RFID technology for access control in sensitive areas
RFID signals can be intercepted and cloned by malicious actors
Which fire resistance rating is appropriate for a wall separating a high security vault from an adjacent room in a commercial building
2 hours
What is the primary benefit of using infrared beam sensors in outdoor perimeter security
Ability to detect in total darkness
Which of the following is not a benefit of a virtual private network (VPN)
Enhancing data availability
Which of the following is least likely to be concern during the recovery phase of a natural disaster crisis
Maintaining the chain of custody for evidence
What is the role of consequence criteria when valuing an asset in security risk management
It determines the potential impact on business operations if the asset is compromised
What is the biggest challenge in using RFID technology for access control in sensitive areas
RFID signals can be intercepted and cloned by malicious actors
What is the main advantage of using digital forensics in investigations
Ability to analyze large volumes of data quickly
When conducting a criticality assessment, which of the following questions should be answered
What are the potential consequences of asset loss
How difficult would it be replace the asset
What is the primary benefit of integrating ESRM with business operations
Enhanced organizational resilience
Improved financial performance
Which of the following factors is least relevant when determining the likelihood of a security incident
The cost of asset recovery
Which of the following best describes the chain of custody
Documenting evidence collection
Ensuring evidence integrity
How might criminals exploit weaknesses in perimeter security if there is no redundancy in the design
By disabling a single security measure such as fence or sensor, without triggering alarms
Which of the following combinations would least likely increase risk in a security framwork
Moderate threat likelihood and frequent security audits
Which of the following is not a responsibility of personnel security
None of the below
(Conducting background checks on employees, Implementing physical security measures, Developing security policies and procedures)
How does the design of line detection fiber optic sensors enhance their ability to detect perimeter intrusions in harsh environments
They use light refraction along a continuous fiber to detect disturbances
Which of the following is least likely to be effective in reducing risk of false confessions during a REID interrogation
Offering the suspect a reduced sentence in exchange for cooperation
What is a potential pitfall of relying solely on criminal background checks when assessing personnel risks
They provide no insight into the individuals current behaviour
Which of the following is most likely to hinder effective decision making during the initial phase of crisis
Conflicting information from different sources
What advantage does chemically strengthened glass offer over tempered glass in high security installations
Higher resistance to thermal stress and mechanical impact
What is the main weakness of older combination locks used on vaults and safes
Susceptibility to manipulations
Which of the following is least likely to be considered conclusive evidence in a drug trafficking case
A character witnesses testimony about the suspects prior behaviour
Which of the following is a common challenge in conducting undercover operations
Maintaining the undercover agents cover
What type of safe would be more appropriate for securing digital media again both fire and burglary
Data safe
How might adversaries bypass electromagnetic locks used in high security facilities
By disabling power supply to the locks, rendering them ineffective
Which of the following factors would most effect the accuracy of a PIR sensor in a warehouse environment
Large temperature fluctuations
Which type of sensor is least likely to detect objects moving at slow speeds
Microwave sensor
Which of the following is least probable to enhance the response of a Physical Protection System (PPS)
Installing additional motion detectors
Which of the following types of evidence is most likely to be considered conclusive in a criminal investigations
DNA evidence from the suspect at the crime scene
Which rating does TL-15 safe receive if it can withstand a torch attack for 15 minutes
TRTL-15
Which feature of LED lighting makes it preferred choice in high security environments
Low maintenance requirements
Which factors would most likely increase the overall threat landscape in a critical infrastructure system
Increasing asset visibility and reducing personnel presence
In an investigation involving digital evidence, which of the following would most likely compromise the evidence
Powering down the computer before imaging the drive
Using the original device for analysis instead of a copy
Which sensor type of least affected by the presence of moving vehicles in the vicinity of a protected area
PIR sensor
Which of the following is the most effective early intervention to prevent workplace violence
Offering mental health resources and conflict resolution training
Which of the following is an example of a strategic risk
A change in regulatory requirements
Which lighting system is best suited for security applications in environments with frequent power fluctuations
LED lighting
Why are the fiber optic cables preferred over copper cables for long distance perimeter security installations
Fiber optic cables are immune to electromagnetic interference
Which of the following is not considered in the calculation of Earnings before interest, taxes, depreciation and amortization (EBITA)
Tax obligations
Which of the following is not a standard method used to calculate probability of detection (Pd) in a PPS
Environmental impact analysis
Key for PSIM system
Cost
Scalability
Which of the following is a major risk associated with sting operations
Entrapment of the suspect
Compromising the undercover officers identity
Legal challenges to the operations methods
Which of the following is most likely to be considered a precursor to an organizations theft problem
Substance abuse issues
Which of the following is a key difference between a controlled buy and a buy bust operations
A buy bust focuses on immediate arrest, while a controlled buy gathers long term intelligence
Which of the following is a least likely to influence a company’s ROI on a security project
The length of the project implementation phase
Why is the integration of cybersecurity into business continuity plans essential
Cybersecurity incidents can cause business disruptions similar to physical disasters
Which fence type would be most suitable for a high security installation in an urban area with strict aesthetic regulations
Wielded wire mesh fence
Selection devices in the personnel selection process used by managers to reduce accept and reject errors include
Application form, pencil and paper test, performance simulation test, interviews
Which of the following best explains why asymmetric encryption is typically slower than symmetric encryption
It uses larger key sizes for encryption and decryption
Which of the following is not a characteristic of strong encryption algorithm
Speed of encryption
Which type of glass is most effective in preventing unauthorized access through forced entry
Laminated glass
Which of the following is not typically included in an investigation report
Detailed financial analysis
The term for a strike that occurs when management and unions fail to negotiate an agreement on benefits is
Economic
Which of the following is a not a benefit of using video surveillance in investigation
Privacy protection
What is the main purpose of a forensic interview
Gathering detailed information from witnesses or suspects
Which combination of factors is most likely to improve employee motivation according to Maslow’s theory
Satisfying esteem needs and offering responsiblity
According to Maslow which of the following needs must be satisfied before esteem needs can be addressed
Safety needs
Social needs
In terms of security trends, how does Artificial Intelligence (AI) impact modern security operations
By providing advanced threat detection and predictive analytics capabilities
Which combination of factors would increase the Probability of success (PoS) for an adversary targeting critical infrastructure
Weak detection systems and delayed incident recovery protocols
In the context of security lighting, what is luminance
The perceived brightness of a light source
Which of the following is the most critical factor when selecting a security alarm system
The response time of law enforcement or security personnel
Why might organizations face legal liability if they fail to implement effective emergency response plans
If negligence results in harm to employees or customers
Which of the following is least likely to directly affect a company’s Gross Operating Profit (GOP)
Tax obligations for the current year
Which of the following combinations would most likely result in a higher probability of interruption (PoI)
Increasing physical security measures and enhancing detection systems
Which type of vault door is specifically designed to resist attacks with tools like torches and drills
Blast resistant vault door
Which of the following is not a common type of phishing attack
Ransom phishing
Which of the following is not a typical goal of protection of depth
Ensuring that no vulnerabilities exist within the system
How might an adversary exploit weaknesses in door locking mechanisms in high security environments
By tampering with electronic door locks to disable them
How might adversaries bypass the detection sensors in a perimeter security system
By passing under or over the sensors detection range
Which of the the following is the most critical method for ensuring that a security policy is enforced consistently across the organization
Monitoring employee compliance
Which of the following is not a common method for ensuring the integrity of digital evidence
Immediate analysis
Which of the following is least likely to be common element in crisis communication plan
A financial recovery strategy
What is the main objective of personnel security screening
To ensure the loyalty and trustworthiness of individuals
Which of the following is a not a common vulnerability of CCTV systems in physical security
Inability to detect thermal signatures
How does the identification of a threat vector affect the overall risk equation in a security system
It increased overall risk by highlighting potential weaknesses that could be exploited by external threats
Which of the following is least likely to be a role of the crisis management leader during a large scale evacuation
Making decisions about the financial impact of the crisis
Which of the following is least likely to complicate the recovery phase of crisis management
Lack of media involvement in post crisis reporting
What is the primary goal of a background check
Ensuring candidate suitability
What is the primary disadvantage of using physical surveillance in an investigation
High cost
What is the primary risk of falling to evaluate contractors during a personnel risk assessment
Contractors may have conflicting loyalties that put the company at risk
Which of the following is the best example of a Key Performance Indicator (KPI) for a security program
Employee compliance with security protocols
Which of the following is a significant disadvantage of ultrasonic sensors in outdoor environments
They are sensitive to air turbulence
Which of the following is a key consideration when designing a secure access control system
Reliability and redundancy
User convenience
Which of the following is a most likely to cause an investigator to miss critical evidence during a crime scene search
Lack of proper search training
What is the purpose of personnel security policy
To ensure compliance with legal and regulatory requirements
In the context of risk management, which of the following is the best example of a vulnerability
A lack of sufficient detection systems at the perimeter
Which of the following is most likely to provide justification for actions taken during a crisis response
Detailed records of threat evaluation deliberations
What is the primary function of line detection sensors in perimeter security systems
Detecting vibration along a fence line
Which of the following factors would most likely decrease an assets vilnerability
Frequent security audits and improved detection systems
How might adversaries bypass the protections of a network based intrusion detection system (NDS)
By encrypting malicious traffic, which the NDS cannot impact
Which of the following is not a principle of secure coding
Data encryption
What is the primary goal of encryption in information security
Preventing unauthorized access
Ensuring data integrity
Which of the following is most likely to be the key question in a bomb threat assessment
Could the threatener have done what was claimed
Which component is typically the most susceptible to false alarms in a PIR (Passive Infrared) sensor system
Pyroelectric sensor
What is the primary function of a time delay feature on a safe used in banking environments
To discourage robbery by delaying access
Which of the following is least likely to be an advantage of adopting a risk based approach to ESRM over a purely compliance based approach
Reduced focus on regulatory requirements and compliance audits
Which of the following is not a benefit of personnel security programs
Increasing operational costs
Which of the following is not a benefit of conducting security audits
Reducing operational costs
Which of the following is most likely to enhance the deterrent function of a security system
Installing visible barriers and deterrent signage
Which of the following is a critical consideration when implementing a physical security information management (PSIM) system
Scalability and integration with existing security systems
What is the primary characteristic of a high pressure sodium light in security lighting
Poor color rendition
Which of the following is not considered a strength of a deductive risk assessment
It focuses on general patterns and trends to predict risks
What is the most common weakness in using character witnesses in criminal investigations
They often lack direct knowledge of the crime
Which UL standard covers the testing and certification of high security safes for commercial applications
UL687
How can a suspect use counter surveillance tactics to avoid being tracked
Constantly remain in high populated areas
Use physical disguises to alter their appearance
Avoid using electronic communication devices altogether
Which of the following is not a method of personnel security
Incident response
How does deployment of bistatic radar enhance the security monitoring capabilities at international borders
Bistatic radar systems are most difficult to detect and jam than monostatic systems, making them ideal for covert operations
Which of the following is a key consideration when calculating risk for an organization
The degree of asset vulnerability to various type of threats
The likelihood that internal policies will prevent their escalation
What is the purpose of a personnel security policy
To establish guidelines for hiring employees
To outline the responsibilities of employees
To define the consequences of security violations
Which of the following is least likely to improve a company’s current ratio
Increasing inventory levels
What is the primary purpose of a digital certificate in PKI
Authenticating identity
What is the primary risk of failing to evaluate contractors during a personnel risk assessment
Contractors may have conflicting loyalties that put the company at risk
Which vault rating is required for securing extremely high value assets, offer resistance to both tool and explosive attacks
TRTL-30X6
Which of the following is most likely to increase the complexity of a crisis response
Multiple simultaneous incidents in different locations
Which of the following is not typically a feature of an electronic access control system
Surveillance cameras
Which of the following is most critical factor when selecting a security alarm system
The response time of law enforcement or security personnel
What is the main disadvantage of installing a high tension electrified fence without any physical barrier such as chain link or mesh
The lack of physical barrier allows intruders to bypass the fence with insulation tools
Which of the following is most significant risk of using hostile witness in court
The witnesses’ testimony may be dismissed due to bias
Which of the following is a least likely to affect the calculations of a company’s current ratio
Long term assets
In digital forensics which of the following is most likely to cause the loss of critical evidence during the collection process
Failure to image the drive
Which of the following is a strength of using REID in investigative interviews
It builds a narrative to help the suspect justify their actions
Which of the following principles is most essential when conducting a buy bust operation
Proper documentation of the chain of custody
What makes inductance based sensors suitable for integration into electronic article surveillance (EAS) systems in retail environments
These sensors are highly sensitive to changes in magnetic fields, ideal for tagging and tracking merchandise
Which of the following is most likely to affect the current ratio but not the quick ratio
Change in inventory levels
What are the three general methods for valuing assets
Monetary value, consequence criteria, policy
Which lighting type is best suited for use with security cameras that operate in low light conditions
Infrared lighting
Which of the following is not typically included in due diligence investigation
Psychological evaluations
In a sting operations, which of the following is least likely to contribute to entrapment
To suspect initiating the criminal activity
Which of the following is least likely to be a consequence of conducting an illegal search during a workplace investigation
Termination of the employee being investigated
During disaster recovery planning, why is is important to consider the geographic location of backup facilities
To mitigate the risk of same disaster affecting both primary and backup sites
Which of the following is an example of a physical security vulnerability
Inadequate lighting
In a risk management framework which of the following is false
High threat likelihood always leads to higher risk
Which vault door design offers the highest level of protection against explosives
Concrete line vault door
Which of the following is a key principle of defensible space
Territoriality
Security through obscurity
Hiding Measures
What is the primary goal of security policy
Defining acceptable use of resources
Which of the following is least likely to result from poor session management in web applications
Data integrity issues in stored sessions
Which of the following factors is most likely to lead to security policy failure in a large organizations
Lack of leadership engagement
Which of the following is least likely to be considered one of the three types of emergency operation plans
Focused plan for a specific employee group
In the context of adversary path diagram (ASD), what is the best description of delay points
Locations where physical barriers slow the adversary’s progress
Which of the following is not a common type of forensic analysis
Surveillance Analysis
Which of the following strategies is most effective in reducing the risk of false confessions in REID interrogations
Minimizing confrontational tactics and focusing on open ended questions
Which of the following is least likely to be considered a form of pressure in the context of Cressey’s Fraud Triangle
Weak security controls that allow unauthorized access to sensitive data
What is the primary function of a volumetric sensor in perimeter security
Detect changes in air volume over large areas
A matrix that describes a particular situation with respect to each of the risks identified by relating the risk to an asset is called
Vulnerability matrix
How can terrain following sensors be used to prevent tunnelling in perimeter security systems
By adjusting their detection range to cover underground areas, detecting movement below the surface
What does a mantrap help prevent
Tailgating
Which of the following is least likely to increase EBITA
Increasing depreciation expenses
Which of the following best describes the deter function in a security system
Reducing the desire or motivation to attempt an intrusion
Which of the following is the best way to ensure the integrity of confidential information in a company
Encrypting all sensitive data
What is the correct formula for determining the Probability of Success (Ps) in an adversary sequence diagram
Ps = Probability of detection x Probability of interruption x Probability of neutralization
Which of the following is not a characteristic of a successful risk mitigation strategy
It eliminates the probability of all risk events
What is the primary purpose of a crime scene investigation
Identifying suspects
Collecting evidence
Which of the following best reflects the finding of General Strain Theory when applied to a fraud case involving
The suspect faces financial pressure due to unexpected personal expenses
Which of the following is not a method for achieving data integrity
Data replication
Which of the following factors is most relevant when determining asset vulnerability in a security assessment
The likelihood of attack
According to Herzberg, which of the following would not increase job satisfaction
Job security
In crisis management, what is the significance of the recovery time objective (RTO)
It defines the maximum acceptable downtime for critical operations
Which of the following is not an advantage of Protection in depth
It eliminates the need for other types of security measures
Which of the following is not a factor in calculating the Probability of detection (Pd)
Threat likelihood
What is the primary goals of a business organization
To maximize shareholder value
Which of the following is not a benefit of using thermal imaging sensors in security applications
High cost of implementation
What is the primary disadvantage of using infrared sensors for outdoor security
Susceptibility to environmental factors like sunlight and temperature changes
Which of the following best describes the role of ESRM in a corporate setting
To align security practices with the organizations risk appetite and business objectives
Which of the following is the most significant disadvantage of incandescent lamps in security lighting applications
Short lifespan
In a vault protection scenario, why is it critical to assess both strike and restrike times
To ensure the vault door can withstand multiple forced entry attempts within a specified timeframe
What is the most significant risk when relying on security guards alone for access control
Guards may be bribed or compromised
In the context of the PEACE model, what does the Preparation and planning stage entail
Developing an interview strategy
How can psychological profiling be used in an executive protection context
To assess potential threats based on patterns of behaviour
How might adversaries exploit gaps in an organizations disaster recovery plan during a global crisis event
By targeting critical infrastructure that is left vulnerable due to diversion of resources towards immediate crisis
Which of the following is least likely to be an advantage of adopting a risk based approach to ESRM over a purely compliance based approach
Reduced focus on regulatory requirement and compliance audits
Which of the following is least likely to be characteristic of an effective budget development process
Arbitrary selection of line item values
The ability of an adversary to physical enter and egress from the target in CARVER is called
Accessibility
How does the probability of detection (Pd) relate to time delays in the adversary sequence diagram
Pd decreases as time delay increased due to slower detection rates
Which of the following is not part of the formula to calculate the current ratio
Fixed assets
The management principle that suggests one supervisor can effectively control a limited number of people is
Span of control
What is the primary limitation of encryption as a method of data protection
It does not prevent access but only ensures that the data is unreadable without the correct decryption key
Which of the following best describes the inductive approach to risk assessment
Generalizing from specific incidents to broader security issues
What is the primary limitation of using encrypted messaging services in covert investigation
It can be difficult to establish the authenticity of decrypted messages
Which of the following techniques is most effective in cross examining an expert witness
Confronting the expert with inconsistencies in their testimony
How might criminal organization use shell companies to evade detection in an investigation
By laundering illegal funds through seemingly legitimate businesses
By creating false employment records for investigators to follow
By masking the true ownership of valuable assets
What is the primary goal of an internal audit
Detecting fraud
Evaluating compliance with policies
Which of the following is most likely to affect the calculation of the quick ratio but not the current ratio
Inventory
Which of the following factors is most critical for ensuring the effectiveness of a security policy
Consistent enforcement of the policy
In Business Continuity Planning (BCP) which of the following is least relevant when determining Recovery Time Objectives (RTO)
The cost of new security measures
When it is necessary to question a witness about sexual deviation all of the following should be avoided except
Allowing the witness to frame the testimony in his or her own word
Which of the following is not included in the calculation of the quick ratio
Inventory
Which type of leadership style is characterized by a focus on building strong relationships with team members
Transformational Leadership
What is the primary objective of a forensic interview with a child witness
To gather accurate and reliable information
Which of the following is not a method of ensuring data integrity
Encryption
What is the primary goal of incident planning
Minimizing damage from incidents
What is the main benefit of diversification in a business portfolio
To spread risk across different investments
Which of the following is not a factor to consider when conducting a personal security investigation
Social media activity
Which Security Principle involves using multiple layers of security measures
Defense in depth
What is the primary goal of encryption in information security
Preventing unauthorized access
Ensuring data integrity
What is the purpose of a business continuity policy
To provide guidelines and procedures for maintaining business operations during disruptions
Which of the following is a key benefit of effective risk management
Enhances organizational resilience
What is the goal of emergency preparedness
To ensure a quick and effective response to emergencies
What is the purpose of a risk management strategy
To outline the approach for managing risks
What does CPTED stand for
Crime Prevention Through Environmental Design
Which of the following is an example of a physical security control
Security cameras
Which concept involves identifying potential threats and vulnerabilities
Risk assessment
What is the importance of conducting background checks
To verify the credentials and history of individuals
What is the primary objective of business continuity testing
To ensure the effectiveness of business continuity plans
What is the main purpose of access control
To restrict unauthorized entry
Which of the following is a key principle of defensible space
Territoriality
Which of the following best describes defense in depth
Multiple, overlapping security measures
What is the most critical consideration when designing a layered defense strategy in physical security
Depth and redundancy of security measures
Which of the following best describes chain of custody in evidence handling
Documenting every person who handled the evidence
Ensuring evidence is kept secure
Preventing evidence tampering
What is the common goal of both physical and information security
To protect assets from unauthorized access
What is the of a break even analysis
To determining the point which revenue equals costs
What is the primary function of a security officer
To monitor and protect property and people
Which of the following is not a common type of phishing attack
Ransom phishing
Which of the following is not typically included in the ESRM framework
Marketing strategies
Which of the following is not a method for ensuring the security of investigative files
Allowing unrestricted access
What is a fundamental principle of physical security
Denying access to unauthorized individuals
What is the purpose of a crisis management plan
To outline procedures for handling crisis
What is the main objective of conducting a root cause analysis in an investigation
To identify the underlying reason for an issue
What is the primary purpose of a security policy in ESRM
Defining security roles and responsibilities
Enhancing operational efficiency
Which of the following is not a core component of Business Continuity Management Systems (BCMS)
Marketing Strategy Development
Which of the following best describes the term least privilege
Granting employees with minimum access necessary to perform their duties
What is the role of a project manager
To oversee and manage all aspects of a project to ensure it meets its goals
In the context of access control, what is the time based access control system
A system that allows access based on the time of day
Which of the following best describes security culture
The behavior and attitudes of employees towards security
What is the primary goal of a litigation hold
Preventing evidence destruction
Which of the following is a physical security measure for protecting information
Locked filing cabinets
Which of the following is not a typical component of a comprehensive investigative plan
Making Assumptions
What is the purpose of a security barrier
To obstruct or control movement for security purposes
What is the importance of maintaining confidentiality during investigation
To protect the integrity of the investigation and the privacy of involved parties
Which financial statement summarizes a company’s revenues and expenses over a period of time
Income Statement
Which of the following is not a typically responsibility of a Chief Security Officer
Developing marketing strategies
Which of the following is a potential consequence of a personnel security breach
Financial Loss
Reputation Damage
Legal penalties
Which of the following best describes a brute force attack
Guessing passwords through exhaustive key search
One whose sexual desires are directed to both men and women is know as
Bi sexual
Which of the following is not a common method for testing a business continuity plan
Financial Audits
What is the purpose of a security policy
To outline security goals and procedures
In the context of security, what is the primary purpose a security matrix
In the context of security, what is the primary purpose a security matrix
What is the primary goal of security management?
Loss prevention
Which security model focuses on protecting information based on its sensitivity and the need to know principle?
CIA Triad
Confidentiality
Integrity
Availability
What is the primary objective of an organization’s business continuity plan (BCP)?
Ensuring critical business functions continue during disruptions
What is a key component of a company’s code of conduct?
Compliance with legal requirements
In terms of security management, what does “Due Diligence” refer to?
Exercising care and caution in decision making
What is the primary purpose of a security audit?
Identifying weaknesses in the organization’s security practices
What is the main goal of a workplace investigation?
Fact finding and problem solving
What is the primary purpose of computer forensics in an investigation?
Collecting and analyzing digital evidence
In the context of personnel security, what does “Insider Threat” refer to?
Disgruntled employees or contractors
What does the term “Social Engineering” refer to in personnel security?
Manipulating people to disclose confidential information
Which of the following BEST describes the document that tells how much money an organization generates (revenue), how much it spends (expenses), and the difference between those figures (net income)?
Income statement
Which of the following types of investigations is considered the “most common type of investigation in many business and organizational settings”?
Incident
When dealing with suspected chemical or biological agents that are released from a suspicious package, what should be your FIRST goal?
Limit distribution of the material
“The ability of an organization to resist being affected by an event or the ability to return to an acceptable level of performance in an acceptable period of time after being affected by an event”, is called:
Organizational resilience
“Non-deliberate adverse actions and events, such as hazardous material spills and telecommunications and computer outages, are considered which of the following?
Accidental threats
Relative to organizational objectives, what is “SMART
Specific, measurable, attainable, relevant, time bound
What are the five avenues to address risk?
Acceptance, Spreading, Reduction, Transfer, and Avoidance
Employees who are involved in breaking the law in one way will often find it easy to join the operative in trying to break the law in other ways. This behavior is referred to as
Cognitive consistency
An entry control subsystem is part of the…
Detection system
The abduction of a hostage in order to coerce someone else into committing a crime is known as a…
Tiger kidnapping
What is the primary objective of access control in physical security?
Restricting physical access to authorized personnel only
Which physical security measure is designed to protect a facility from vehicle borne threats?
Bollards
What is the primary purpose of a security risk assessment for a physical facility?
Identifying vulnerabilities and threats
In security planning, what does the term “Vulnerability” refer to
The weakness or exposure that could be exploited
What is the primary goal of a code of ethics in an organization?
Promoting ethical behavior and decision making
What is the concept of “Due Care” in business principles
Taking appropriate steps to protect information/people
What does a financial audit primarily aim to achieve?
Verifying the accuracy of financial statements
What is the primary goal of an interview in the context of investigations?
Collecting relevant information and evidence
What is the role of a private investigator in a corporate investigation?
Gathering information and evidence
Which document typically provides an overview of an employee’s job responsibilities, expectations, and performance standards
Job description
The best prevention of exposure to workplace violence is…
A preemployment background investigation program
What are the three general types of assets
People, property, and information
Which of the following is one of the most cost effective assets protection tools?
Training and awareness
The four elements of emergency management are which of the following?
Mitigation, preparedness, response, and recovery
These need not be registered with any outside agency, so the owner can maintain a greater degree of control over the asset. The owner must be able to prove that the information added value or benefit to the owner, was specifically identified, and the owner provided a reasonable level of protection. This is called which of the following:
Trade Secret
“Employment of services, equipment and techniques designed to locate, identify and neutralize the effectiveness of covert technical surveillance devices.”, is the definition for which of the following?
Technical surveillance countermeasures
What is the primary purpose of an alarm system in physical security?
Detecting and alerting to security breaches or emergencies
What is the primary goal of a firewall in information security?
Manages the secure in flow and out flow of data in a device
In crisis management, what does “Incident Command System (ICS)” refer to?
A system for managing incidents and coordinating emergency response efforts
In information security, what is the primary purpose of a penetration test?
Identifying vulnerabilities in a system through controlled testing
What does the acronym “CPTED” stand for in the context of security principles?
Crime Prevention Through Environmental Design
In business continuity planning (BCP), what is the primary purpose of a business impact analysis (BIA)?
To identify and prioritize critical business functions and the effect of various threats on the business
What is “Reasonable Suspicion” in the context of an investigation
A legally defined standard that justifies further investigation
What is the primary goal of electronic surveillance in an investigation?
Monitoring and recording electronic communications for investigative purposes
What is the purpose of a background check in personnel security?
Verifying the trustworthiness of an individual
In personnel security, what is the main goal of a “Non Disclosure Agreement” (NDA)?
Protecting sensitive information and trade secrets
What does the term “Whistleblower” refer to in personnel security?
An individual who reports unethical or illegal activities within an organization
What is the primary purpose of perimeter security in physical security?
Protecting assets and personnel by controlling access to a defined area
Which type of security measure is designed to prevent tailgating or piggybacking?
Biometric authentication
In information security, what does “Encryption” involve?
Protecting data by converting it into a secure format
What is the main drawback of using mechanical combination locks in high security applications
Susceptibility to brute force attacks
The three basic types of glass are
Sheet, Plate and Float
What is the primary characteristic of a high pressure sodium light in security lighting
Poor color rendition
What is the primary characteristic of a high pressure sodium light in security lighting
Poor color rendition
Which of the following is not a biometric benefit
Low cost
In the context of security lighting, what is meant by color rendition
The ability of a light resource to accurately reproduce colors
Which of the following best describes the principle of operation for a glass break sensor using shock detection
Monitors vibration patterns
Which of the following is not a benefit of using access control systems
Reducing security costs
Which of the following is not an advantage of using IP based surveillance cameras
Lower implementation costs
Which of the following is not typically included in a threat assessment
Historical weather data
What is the primary goal of network segmentation
Limiting the spread of security breaches
Which type of illumination is characterized by a rapid strike time and excellent color rendition
Metal Halide
Which of the following is not a common security protocol for secure communications
HTTP
In the context of sensors, what is the primary function of a bistatic radar sensor
Uses separate location for the transmitter and receiver
What is the primary advantage of using electromagnetic locks in secure facilities
Easy integration with access control systems
In the context of locks, what is the purpose of a relocking device in a high security safe
To automatically relock the safe if an attack is detected
Containers that are rated for both fire and burglary protection offer either one or two hour fire protection and have TL rating of
60
What is the primary characteristic of a mercury vapor light in security lighting
Long strike and restrike times
What is the primary goal of penetration testing
Identifying and exploiting vulnerabilities
Which of the following best describes an active infrared sensor
Emits infrared radiation and defects its reflection from objects
Which of the following is not a benefit of encryption
Enhancing Data availability
In the context of physical security what is the most critical consideration when selecting a security integrator
Experience and expertise in integration complex security systems
What is a key factor to consider when selecting outdoor security lighting to minimize light pollution while maintaining effective surveillance coverage
Implementing full cutoff fixtures to direct the light onward
which type of sensor uses changes in capacitance to detect intrusions
Capacitance based sensor
What is a primary advantage of using microwave sensors in perimeter security
Less affected by weather conditions
What makes active sensors particularly effective for border security applications
Active sensors emit signals that can detect changes in the environment providing earl warnings of potential breaches
In what way does the use of active infrared sensors benefit a complex security system in a prison environment
These sensors trigger alarms if inmates pass certain thresholds even in total darkness, enhancing night time security
what is the primary objective of crisis mitigation
To reduce the impact of a crisis
How often should physical security assessments be conducted
Annually
Which type of lock is designed to be resistant to picking and bumping by using a complex key design
Pin tumbler lock
In the context of access control, what is the time based access control system
A system that allows access based on the time of day
What is the critical consideration when deploying microwave sensors in a corporate campus environment
Ensuring that the frequency of the microwave sensors does not interfere with the campus Wi-Fi and other communication systems
In what scenario is it particularly important to use security lighting with high durability and resistance to environmental factors
In coastal areas where salt spray, wind and moisture can degrade lighting fixtures quickly, affecting their functionality and the overall security of the area
Which of the following is not a benefit of using thermal imaging sensors in security applications
High cost of implementation
what is the key factor to consider when selecting outdoor security lighting to minimize light pollution while maintaining effective surveillance coverage
Implementing full cutoff fixtures to direct the light onward
What is the primary purpose of man trap
To control entry
To provide a barrier”
Which type of locking mechanism is often integrated into time lock systems for vault security
Combination Locking
Which of the following is a typical application for seismic sensor in physical security
Monitoring ground vibrations near sensitive facilities
Which type of lock is least suspectable to lock bumping
Disc detainer lock
Critical in PIDS
Accuracy
Response Time
How does a volumetric sensor provide an advantage over traditional beam sensors in protecting the interior of a warehouse
By creating a three dimensional protection zone that detects movement within the entire covered space
Primary benefit of using intrusion detection systems (IDS) in security operations
Real time threat detection
What is the most effective method for preventing tailgating in high security areas
“Installing additional CCTV cameras
Implementing mantraps or turnstiles
Which of the following is not a typical step in risk management process
Risk enhancement
In the event of security breach which of the following is the most important initial response action
Containing the breach to prevent further damage
What are the operational benefits of using bistatic radar sensors for coastline surveillance
Bistatic readers are particularly effective at low altitude and small object detection which his crucial for spotting small watercraft
What is the primary goal of risk treatment in the ISO 31000 risk management framework
To implement measures that reduce the likelihood and impact or risks to an acceptable level
Which of the following sensors is commonly used for perimeter protection by forming an invisible barrier between two points
Infrared Beam sensor
Which sensor type is commonly used in retail stores to detect when doors are open or closed
Magnetic Contact Sensor
What advantage does a volumetric sensor have over a perimeter sensor in securing a large ware house
Its provides coverage within the entire volume of the space, not just at the entry points
What makes an active sensor preferable for underwater intrusion detection systems compared to passive sensors
Active sensors, such as sonar, emit pulses and measure their echoes, which is effective under water where other signals may not propagate well.
In what situation would an acoustic sensor be more advantageous than a PIR sensor
Detecting glass breakage in secure rooms
Why are LEDs considered most advantageous for use in motion activated security lighting systems
LEDs offer instant on/off capabilities, which is ideal for motion detection scenarios
Which of the following sensor types can detect metallic objects moving in proximity
Magnetic sensor
What is the role of a data loss prevention (DLP) system
To detect and prevent unauthorized transmission of data
Which of the following is the most critical factor in the effectiveness of biometric security systems
False Acceptance Rate (FAR)
Which of the following is not a benefit of using proximity cards in access control systems
Higher level of security compared to biometric systems
Which of the following best describes the principle of operation for a passive infrared (PIR) sensor
Detects changes in thermal radiation
During an emergency, the actual shutdown of equipment should be assigned to
People familiar with the process
Which type of illumination is known for quick strike and restrike times
LED
Which of the following best describes the concept of convergence in physical security
Integration of physical and cyber security measures
Record safes for computer media require better protection than paper records because damage to computer media can occur at
125 Degrees Fahrenheit
In the context of physical security, what is the most significant advantage of using IP based surveillance cameras
Ability to integrate with other network based security systems
Which of the following best describes security through obscurity
High Security Measures
Hiding Measures
Vulnerability assessment purpose
Identify weakness
Which of the following is not a component of a business continuity plan
Marketing strategy
What is the primary objective of access control systems in physical security
To restrict unauthorized access to sensitive areas
Which of the following is not a benefit of using surveillance cameras
Enhancing data confidentiality
What is the main purpose of using a security entry vestibule in a high security building
To act as a security buffer zone that restricts access
Which type of illumination is known for quick strike and restrike times and excellent color rendition
Metal Halide
Which of the following is a significant consideration for a security data center
Transportation routes
Redundant power
Which of the following best describes a brute force attack
Guessing passwords through exhaustive key search
Which of the following is an example of a physical security measure
Security guards
What is the most effective method for preventing tailgating in high security areas
Installing additional CCTV cameras
Implementing mantraps or turnstiles
How does a line detection sensor work in conjunction witch CCTV systems to enhance security at subway station entrance
By triggering the CCTV system to record when someone crosses a specific threshold
What is the primary purpose of security token
Authenticating user identity
What is the primary function of a vibration sensor in a security system
Monitoring structural vibrations
which of the following technologies is commonly used to protect valuable items in museums by detecting touch or proximity
Capacitive sensor
What is the primary advantage of using light emitting diode (LED) in security applications
Greater energy efficiency and longer lifespan
What is a major advantage of using fluorescent lighting in interior security settings
High energy efficiency
What is the primary advantage of using a biometric lock over a traditional mechanical lock
Enhance security through unique user identification
Which of the following sensors is least effective for outdoor perimeter protection in high wind environment
Ultrasonic sensor
What is the most effective method for securing a facility’s perimeter
Using a combination of physical barriers, surveillance and access control
What is a primary function of a hard plate in a vault lock system
To prevent unauthorized access through physical attacks
In terms of security lighting, why is it important to consider both strike time and restrike time when planning the installation of new lighting fixtures
These times impact how quickly areas can be secured and monitored after initial activation or power interruption’s
What are the benefits of integrating adaptive lighting technology in security systems at dynamic environments like airports
It allows the lighting intensity to adjust based on natural light levels, enhancing visibility and reducing energy consumption
Which of the following is not a principle of defense in depth
Single point of failure
How does the implementation of an automated lighting control system, which adjusts based on activity levels enhance a facility’s security during off hours
Automated systems ensure that lighting is optimal only when activity is detected, saving energy and reducing wear while maintaining security
What is the primary function of a capacitance based sensor
To detect variations in capacitance caused by conductive objects
In security what is crash rated barrier
A barrier designed to withstand vehicle impacts
Which type of illumination is known for its high energy efficiency and good color rendition
LED
What considerations should be taken into account when deploying microwave sensors along a border fence in a desert environment
The sensors must be calibrated to ignore small, fast moving sand particles to reduce false alarms
Which of the following is not a principle of information security
Accountability
In the context of security lighting, what is luminance
The perceived brightness of a light source
What is key advantage of a combination lock in high security vaults
It does not require electricity to function
What is the primary function of a security barrier
To obstruct or control the movement of vehicles and people
Which of the following is a physical security measure for protecting information
Encryption software
Firewalls
Locking filling cabinets
Which of the following is the primary purpose of physical security
To prevent unauthorized access
Which of the following best describes the purpose of access control systems
To prevent unauthorized access
Which type of door is typically used for high security areas
Solid core door
Which of the following best describes the term least privilege
Granting employees the minimum access necessary to perform their duties
What is the main advantage of using microwave sensors in security applications
Can detect movement through non metallic barriers
What is the primary function of video analytics in surveillance systems
To automatically analyze and interpret video data for security purposes
Which of the following best describes a crisis communication strategy
A plan to manage communication during a crisis
Which of the following best describes the use of security screening at access points
Checking for prohibited items and verifying identities
What is a primary limitation of using ultrasonic sensors in security applications
Interference from environmental noise
What is the key advantage of using biometric authentication in access control systems
High level of security through unique identification
What is the primary benefit of using thermal imaging sensors in security
Ability to detect intruders in complete darkness
What is a common characteristic of high security fences
Anti climb features
Duress alarm function
Alert emergency
What does a security patrol primarily aim to achieve
To deter and detect security breaches
What is the primary advantage of using multi factor authentication (MFA) in physical security
Increased security by combining multiple authentication methods
What is the role of a security control room
To monitor and manage security systems
Which of the following best describes natural access control
Using natural barriers to control access
What is the primary function of a volumetric sensor in security systems
To detect changes in volume with a defined area
In physical security what is the purpose of a dead zone in surveillance
To prevent unauthorized access by limiting surveillance coverage
Which sensor technology is most effective for detecting motion through walls
Microwave sensors
In physical security what is a mantrap
A vestibule with two sets of interlocking doors to control entry and exit
What is the primary goal of confidentiality in information security
To protect data from unauthorized access
What is the primary purpose of a mantrap in physical security
To control access by trapping intruders
To provide a physical barrier against forced entry
To ensure single person entry
In the context of emergency response planning, which of the following is the most crucial aspect
Detailed evacuation procedures
Comprehensive employee training program
Regular emergency drills and exercises
What is a zero day vulnerability
A vulnerability that is exploited before the developer is aware of it
Record safes for computer media require better protection than paper records because damage to computer media can occur at
125 degrees Fahrenheit
Which of the following is not a primary goal of a security program
Profit Maximization
What is the main advantage of using smart locks in residential security systems
Enhanced key control and monitoring
Which of the following is not a method of risk mitigation
Amplification
In the context of security sensors, what is a false alarm
An alarm triggered without any actual threat or intrusion
What is the importance of adjustable beam angles in security lighting fixtures for a large warehouses
Adjustable angles allow the lighting to be customized to specific areas of interest, enhancing surveillance and detection capabilities
How does the restrike time of HID lamps affect security coverage during temporary power disruptions
Long restrike times may leave areas temporarily dark
Why would an art museum use a capacitance based sensors for individual high value exhibits
To detect any unauthorized contact or proximity to the artwork, which could signal an attempt to tamper with or steal the piece
Which type of illumination has poor color rendition but is highly energy efficient
Low Pressure Sodium
Which of the following is not a common type of sensor used in intrusion detection systems
Biometric sensors
Which type of sensor is most suitable for detecting movement within a confine, indoor space such as a storage room
PIR sensor
How do active infrared sensors improve the security of outdoor concerts or events
They can be used to create a perimeter where anyone breaking the infrared beam can trigger an immediate security response
Which type of lock is most resistant to picking and bumping
Disk detainer Lock
Which of the following best describes a security incident report
A record of security breaches and responses
Which of the following is a key challenge in implementing a security operations center (SOC)
High Initial cost
Difficulty in integrating with existing systems
Limited skilled personnel availability
What is the primary advantage of using thermal imaging sensors in security applications
Ability to detect intruders in complete darkness
In Security lighting, what is color rendition
The ability of a light source to accurately reproduce colors
Which of the following describes the principle that an employee should be under the direct control of one and only one immediate supervisor
Unity of command
Which of the following best describes the role of a security audit
To evaluate the effectiveness of security measures
To identify potential security vulnerabilities
To ensure compliance with security policies
What is the role security training for employees
To ensure employees understand and follow security protocols
Which of the following is not typically included in a security policy
Marketing strategies
Which of the following is not a common feature of high security fence
Wooden posts
Which of the following is a fundamental principle of GDPR (General Date Protection Regulation)
Data minimization
What is the primary advantage of using LED lights in security lighting
Greater energy efficiency and longer lifespan
Which of the following best describes the concept of resilience in crisis management
The ability to recover quickly from crisis
Which of the following best describes an inductance based sensor
Measures changes in inductance caused by metallic objects
What is the primary function of a bollard in perimeter security
To provide barrier against vehicular threats
What is the primary function of a security checkpoint
To detect and prevent unauthorized items from entering
What is the primary advantage of using a multi layered security approach
Increased redundancy and depth
Which of the following best describes a crisis management drill
A practice scenario to test crisis response
What is the primary characteristic of a metal halide light in security building
Excellent color rendition
What is the role of a crisis management team
To manage and respond to crisis
In the context of physical security, what is the primary purpose of implementing security layers
To provide multiple levels of protection to deter, detect and respond to threats
What is the primary goal of incident response planning
Minimizing damage from incidents
Which of the following is not a characteristic of a class III high security safe
Lightweight construction
What is the main purpose of a security incident response plan
To manage and mitigate the impact of security incidents
Which of the following is not a benefit of conducting regular security audits
Reducing operational costs
What is the main purpose of implementing security metrics
To measure security effectiveness
Which type of sensor is most effective for detecting motion in large open spaces
Microwave sensors
Which of the following is not a characteristic of a strong security policy
Profitability
What is the primary benefit of using combination locks in secure facilities
No need for keys
Which of the following is not a benefit of using thermal imaging cameras for perimeter security
Lower cost compared to visible light cameras
Which of the following describes the principle of a operation for a capacitance based sensor
Measure changes to capacitance when a conductive object enters the field
What is the principal function of a double cylinder deadbolt lock
Requiring a key for operation from both sides of the door
What type of sensor is most effective for detecting unauthorized entry through walls
Microwave sensors
Which of the following is not a common type of network security threat
Data encryption
What is the role of security lighting in physical security
To deter criminal activity by increasing visibility
What is the primary purpose of a security breach detection system
To prevent unauthorized access to secure areas
What is the most effective method for preventing tailgating in secure facilities
Implementing mantraps or turnstiles
Which of the following best describes the operation of a mono static radar sensor
Transmitter and receiver are co located
Which type of sensor is not affected by changes in temperature
Capacitance based sensor
What is the purpose of security perimeter
To delay and detect intruders
Which of the following is an example of physical security threat
Unauthorized entry
Which of the following best describes the purpose of a security checkpoint
To control and monitor access to a restricted area
Which of the following is a key consideration for physical security information management system (PSIM)
Cost
Scalability
Which of the following is not a principle of risk management
Risk elimination
What is the primary function of video analytics in security systems
To automatically analyze video data for security purposes
What is the primary purpose of a duress alarm system in a secure facility
To alert security personnel of an emergency situation
What is the most critical factor in the effectiveness of an intrusion detection system (IDS
Detection accuracy
in the context of physical security what is bollard spacing
The distance between bollards to prevent vehicle passage
In physical security what is the purpose of a intrusion detection system
To direct unauthorized entry into a secured areas
Which of the following is a characteristic of a secure password
It contains a mix of letters, numbers, and symbols
Which of the following best describes the primary function of a terrain following radar
To follow the contours of the terrain for low altitude flight
Which of the following best describes the concept of security by design
Integrating security measures into design of facilities from the outset
Which of the following best describes the principle of defense in depth
Using multiple layers of security controls to protect assets
What is the primary advantage of using biometric access control systems in high security environments
Non intrusive and high accuracy identification
What is the primary function of a mortise lock
Providing a secondary locking mechanism
Which of the following best describes the concept of defense in depth
Using multiple layers of security controls
What is the primary objective of crisis prepareness
To ensure readiness to handle crisis effectively
Prevent Loading dock access
Lighting
Controlled access
What is the primary purpose of a vulnerability assessment
To identify weakness in security measures
What is the main disadvantage of a using physical barriers for security
High cost
Complexity of implementation
Reduced flexibility
Which of the following best describes the principle of a mono static radar sensor
Transmitter and receiver are co located
What is the purpose of crisis debriefing
To review and analyse the response to crisis
Which of the following best describes the purpose of a security survey
To assess the effectiveness of existing security measures and identify improvements
Which of the following best describes the concept of layered security
An approach to security that uses multiple levels of protection
Which of the following is an example of multi factor authentication
Password and fingerprint
What is the primary function of a strike plate in a door lock assembly
Providing a surface for the bolt to engage
Which of the following is not a component of a security risk assessment
Market positioning
What is the primary benefit of using security glazing on windows
Enhanced protection against forced entry and breakage
What is the primary objective of a business impact analysis (BIA)
To evaluate the potential effects of disruptions on business operations
What is the purpose of a security risk assessment
To identify and evaluate potential security threats
Which of the following is a primary feature of biometric access control systems
Use of unique biological traits for identification
What is the role of a security barrier in physical security
To obstruct or control the movement of vehicles and people
Which of the following is an example of a physical security measure
Surveillance cameras
Which of the following best describes convergence in security
Physical and cyber integration
Which of the following is not a common objective of a security policy
Maximizing employee productivity
Which of the following is a key component of an effective security strategy
Proactive Measures
Reactive Measures
What is the role of leadership in crisis management
To provide direction and support during a crisis
Which of the following best describes the operation of an inductive proximity sensor
Measures changes in inductance when a metal object approaches
Which of the following is a common physical barrier in security
Fences
Which of the following is key for secure access control
Reliability
Convenience
In Security lighting, what is meant by the term strike time
The time taken for a light to reach full brightness after being switched on
What is the primary function of surveillance cameras
To monitor and record activities for security purpose
Which of the following is a primary goal of physical security
Protecting physical assets and people
Which of the following is typical characteristic of a high security lock
Resistance to picking and drilling
Which of the following is considered the most effective method for securing a high value storage areas with a facility
Implementing biometric access control and CCTV surveillance
What is the main purpose of security awareness programs
To educate employees about security risks
What is the function of a security barrier
To obstruct or control movement for security purposes
Which of the following is not a primary objective of physical security
To monitor employee productivity
What is the primary purpose of a vulnerability assessment in physical security
To identify weakness in security measures
Which of the following best describes a safe room
A secure room to protect individuals during emergencies
What is the role of an escort policy in physical security
A guideline for accompanying visitors within secure areas
In the context of emergency response planning, which of the following is the most crucial aspect to ensure the safety of personnel
Detailed evacuation procedures
Comprehensive employee training programs
Regular emergency drills and exercises
Which type of lock is considered the most secure
Deadbolt lock
Which of the following best describes the role of a security officer during an emergency
To ensure orderly and safe evacuation of personnel
In the context of security sensors, what is a nuisance alarm
An alarm caused by environmental factors or harmless stimuli
The most common types of sensors used with protect vaults are vibration and
Contact
In terms of Crime Prevention Through Environmental Design (CPTED) which of the following strategies is most effective for natural surveillance
Increased lighting in open areas
Which of the following is not a feature typically found in high security padlocks
Wifi Connectivity
What is the purpose of security signage
To provide warnings and instruction to enhance security
In terms of Crime Prevention Through Environmental Design (CPTED) which of the following strategies is most effective for natural surveillance
Increased lighting in open areas
Which of the following is not a primary goal of security risk assessment
Developing new products
What is the primary function of a security information and event management (SIEM) system
To monitor and analyze security events
Which of the following is the most critical factor in selecting a security fence for a high risk facility
Height of the fence
Material of the fence
What is the role of lighting in physical security
To deter criminal activity by increasing visibility
In the context of physical security, what is the most effective method for preventing unauthorized access through a loading dock
Increased lighting
Controlled access points and surveillance
Which of the following is an example of a security measure for protecting physical assets
Security patrols
Which of the following is not a component of a comprehensive security policy
Marketing strategies
In the context of security sensors. What is the probability of neutralization (pn)
The probability of an adversary being neutralized
Which of the following best describes least privilege
Minimum access
What is the primary function of a duress alarm in a security facility
To alert security personnel of an emergency situation
What is the primary function of a duress alarm system
To alert security personnel of an emergency
What is the primary advantage of using thermal imaging cameras for perimeter security
Ability to detect intruders in low visibility conditions
Which of the following is not a primary consideration when selecting a security integrator
Proximity to the facility
Which of the following is an example of a physical security control for protecting assets
Surveillance cameras
What is a common indicator of a phishing attack
An unexpected email asking for personal information
In the context of sensors, what is the primary function of a passive infrared (PIR) sensor
To detect infrared radiation emitted by objects
Which of the following is not a component of the Crime Prevention Through Environmental Design (CPTED) strategy
Data encryption
Which of the following best describes the role of a security officer during an emergency
To ensure orderly and safe evacuation of personnel
In physical security. What is a restricted area
An area where access is limited to authorized personnel only
Which of the following best describes an intrusion detection system (IDS)
A system designed to detect unauthorized access or breaches
What is the purpose of security badges
To identity and control access for employees and visitors
Which of the following best describes the role of a security operations center (SOC) in physical security
To coordinate security efforts and provide real time monitoring and response
What is the primary function of a turnstile in an access control system
To provide a physical barrier that allows only one person to pass at a time
Which of the following best describes a crisis
An unexpected event that threatens the organization
In physical security, what is the purpose of a restricted area
To limit access to authorized personnel only
Which of the following is a key component of a crisis management plan
Response procedures
What is the primary purpose of using a volumetric sensor in security systems
To detect changes in volume within a define area
What is data encryption
To ensure data is only accessible to authorized users
Which of the following best describes anti tailgating devices in access control systems
Devices that prevent unauthorized following into secure areas
What is the primary purpose of a crisis management plan
Ensuring effective response to crisis
What is the primary function of an anti pass back feature in an access control system
To ensure that an individual cannot re enter an without first exiting
What is the main disadvantage of using biometrics for authentication
High Cost
Complexity of implementation
Which of the following is a critical consideration when designing a secure data center
Redundant power and cooling systems
High value storage method
Biometric control
What is the primary role of a Chief Information Security Officer (CISO)
Overseeing the organization information security program
Purpose of mantrap
Control entry
Provide barrier
What is the main disadvantage of using keypad locks in high security environments
Susceptibility to wear patterns revealing the code
In physical security, what is target hardening
Making a facility more resistant to attacks through physical measures
Which of the following is not an effective preventive measure in physical security
Conducting financial audits
What is the primary role a chief security officer (CSO)
Managing the organizations security strategy
What does the term personnel security refer to in the ASIS CPP Doman
Security Measures for employees and contractors
Which of the following is not a feature typically found in high security padlocks
Wi-Fi Connectivity
In access control systems, which of the following is considered a dual factor authentication method
Card reader and finger print scan
Why are strike and restrike times critical factors in the design of high security locks
Strike and restrike times determine how quickly a lock can reset after breach attempt, ensuring that repeated forced entry attempts are less likely to succeed
Which of the following is a primary risk of using narco analysis in legal cases
Inconsistent results under controlled substances
Violations of human rights laws
The potential of coerced or fabricated memories
Which of the following is not an assumption of McGregor’s Theory X
Employees are motivated by financial rewards
What is the main legal consideration when implementing a workplace violence prevention program
Ensuring the program does not violate privacy or discrimination laws
Which of the following is not a key component of risk management
Risk Elimination
What is the main disadvantage of relying solely on physical evidence
Susceptibility to environmental conditions
Which of the following is a physical security measure for protecting information
Locked filing cabinets
what type of sensor would be most effective in detecting an intruder in noisy industrial environment
Seismic Sensor
Which of the following is a critical consideration when choosing a cold site for disaster recovery
To availability of IT resources to rebuild operations
Which of the following is an example of a natural access control
Shrubs
When considering span of control which factors increases complexity
Broader span of control
More sophisticated interactions
Which of the following is not a benefit of encryption
Enhancing data availability
In a biometric vault lock systems, what is the main advantage over mechanical locks
Elimination of physical keys
Why might a security system designer opt for passive sensors in a highly secure data center
They do not emit energy that could potentially interfere with sensitive data equipment
What is the primary goal of financial management within security operations
Ensuring Operational efficiency
What is the primary risk of failing to evaluate contractors during a personnel risk assessment
Contractors may have conflicting loyalties that put the company at risk
In what scenario might a multi tiered incident command structure actually slow down crisis response
When decision making processes become bureaucratic due to excessive layers
What is the fundamental difference between threat assessment and vulnerability assessment in a security context
Threat assessment focuses on the external environment, while vulnerability assessment focuses on internal weakness
What is the main purpose of using a terrain following radar in security applications
To follow the contours of the terrain for low altitude flight
Which of the following is an example of personnel security best practices
Regularly updating passwords
Implementing two factor authentication
Conducting background checks on employees
Combinations should be changed whenever a person who knows it is terminated or not longer requires access or if there has been some form of compromise. At a minimum, combination should be changed
Every 1-2 years
During disaster recovery planning, why is it important to consider the geographic location of backup facilities
To mitigate the risk of the same disaster affecting both primary and backup sites
Which sensor type is least likely to generate false alarms due to movement of small animals
PIR sensor
What is the purpose of a personnel security policy
To ensure compliance with legal and regulatory requirements
What is the primary function of line detection sensors in perimeter security systems
Detecting vibration along a fence line
Why is it important to analyze past incidents of workplace violence in a risk assessment
To identify patterns and contributing factors for future prevention
How can failure to properly train staff for crisis scenarios undermine a well developed continuity plan
Employees may fail to execute their roles effectively, leading to confusion
It increases the potential of human error in communication
In the context of business strategy, what is the purpose of a strategic business unit (SBU)
An SBU operates as a independent entity with its own strategic planning, responsible for managing a specific set of products or markets
What is the primary goal of an incident response plan
Preventing future incidents
Ensuring business continuity
What is the main purpose of BCMS audit
Identifying areas of improvement
Ensuring regulatory compliance
Which of the following is not a common method of access control
Encryption
In risk management context what is the main objective of implementing risk avoidance strategies
To completely eliminate the potential for specific risks to occur
Which of the following is a potential threat to personnel security
Insider threats
Social engineering attacks
Physical security breaches
What advantage does volumetric sensor have over a perimeter sensor in securing large warehouse
It provides coverage within the entire volume of the space, not just at the entry points
Which of the following is not a benefit of using incident response plans in security management
Simplifying user management
What is the main goal of using the alternative question technique in the REID method
To make the suspect choose between two versions of events
What is the main purpose of security
To protect classified information
To ensure employee satisfaction
To maintain a safe work environment
What is the primary purpose of using triangulation in an investigation
To cross check information from multiple sources
Which of the following is a best practice for securing wireless networks
Disabling SSID broadcast
In a high security environment what is the primary advantage of using facial recognition technology
Non intrusive identification
High accuracy
Which of the following is an example of an operational risk
A cybersecurity breach
Which of the following sensors is most likely to be affected by environmental conditions such as rain or fog
Infrared Sensors
What is the primary purpose of conducting a security audit
Identifying security awareness
Which type of lighting has the slowest restrike time after a power outage
Sodium vapor lighting
Which of the following is not a characteristic of strong personnel security program
Lack of security policies and procedures
What is the greatest limitation of microwave sensors in detecting slow moving adversaries
Microwave sensors rely on detecting Doppler shifts, which may not be significant when and adversary moves slowly
Which business function is primarily responsible for managing the flow of goods and services
Operations
Which of the following is the primary goal of buy bust operations in drug investigation
To arrest the dealer and confiscate drugs immediately
What is the greatest risk in relying solely on historical data for future crisis management planning
It may not account for emerging threats like cyber risks or geopolitical shifts
Which of the following is not a typical step in the risk management process
Risk enhancement
In a combination locks, what is the function of the spindle
It transfers movement from the dial to the internal mechanisms
Which of the following is the most critical aspect of a witness interview
Maintaining objectivity
Which of the following is a key concern when conducting a polygraph examination
The emotional state of the subject
The training and expertise of the examiner
The physiological variability between individuals
What is the primary purpose of building rapport in the PEACE model of interviewing
To encourage voluntary cooperation and honesty
What is the greatest challenge in securing multi tenant buildings with shared facilities
Ensuring that each tenants security measures do not conflict with others
Which of the following is a key characteristic of Theory Y as proposed by McGregor
Employees are self directed and seek responsibility
What is the primary function of a terrain following sensor in a multi layered security system
To adapt its detection range and sensitivity based on the natural contours of the landscape, providing seamless coverage in uneven terrain
Which of the following is not a principle of secure coding
Data encryption
How to amphetamines differ from methamphetamines in terms of chemical structure and investigative focus
Methamphetamines contain an additional methyl syrup, making them more potent and more addictive
What is the main goal of a risk assessment in BCMS
Identifying potential threats
How does HIPAA affect healthcare fraud investigation
Investigator must obtain patient consent or legal authorization before accessing medical records, ensuring privacy is protected
Which of the following is not a requirement for obtaining a personnel security clearance
Credit check
Which of the following is not a principle of effective management
a. Planning
b. Delegating
c. Organizing
d. None of the above
None of the above
Which of the following describes the function of a volumetric sensor in physical security
Monitors the presence of objects within a defined value
Which sensor type is least affected by the presence of moving vehicles in the vicinity of a protected area
PIR sensor
Which of the following type of vault doors typically offers the best combination of fire resistance and security
Composite Door
According to Maslow’s Hierarchy of needs, which of the following is considered a basic physiological need
Food and water
Which of the following is an example of a qualitative risk assessment method
Risk Matrix
Which of the following is not a factor to consider when conducting a personnel security investigation
Social media activity
What is the primary goal of an incident response plan
Preventing future incidents
Ensuring Business continuity
Which of the following is not typically included in a threat assessment
Historical weather data
What is the primary purpose of a security risk assessment
To identify potential threats
Which of the following would generally disqualify information form being treated as a trade secret within a company
The information has been published in a technical journal
In the context of interrogation techniques what is the purpose of theme development in the Reid technique
To minimize the suspects perception of moral wrong doing
Which type of intelligence is least likely to be admissible as evidence in a court of law
Signal Intelligence (SIGINT)
Which lighting type has the longest restrike time after a power outage
Sodium vapor lighting
What is the main disadvantage of implementing excessive security measures
Increased complexity
Higher Costs
Reduced Efficiency
Which of the following best describes the concept of data carving in digital forensics
Reconstructing deleted data
What is a major advantage of using active infrared sensors in the security of logistics and shipping yards
Active infrared systems can create a grid of beams, any interruption in the beam pattern by unauthorized entry triggers alarms
What is the primary benefit of regular BCMS training for employees
Increased organization resilience
Which of the following is not a common method of ensuring data availability
Encryption
Which of the following is not a type of security control
Operational
Which of the following lock types provides the highest level of resistance to key bumping
Magnetic lock
What is the purpose of conducting background checks on employees
To assess their suitability for a specific job role
In the context of fire safety, which type of detector is designed to identify a fire in its incipient stage before any smoke is visible
Rate of rise
Which of the following is an example of a qualitative risk assessment method
Risk Matrix
Which of the following is a primary objective of a security policy
To outline acceptable use of resources
To ensure compliance with legal requirements
To establish a framework for security management
What operational principle allows capacitance based sensors to detect intrusions through walls or other barriers
They detect changes in electrical fields caused by the proximity of a person or object to the sensor
The three basic type of glass are
Sheet
Plate
Float
What is the best method for ensuring the effectiveness of surveillance in a corporate environment
Employing a combination of human and technical surveillance methods
Which CPTED principle would most directly involve the strategic placement of shrubbery and hedges
Territorial reinforcement
What is the primary disadvantage of using undercover operations in investigation
Legal and ethical considerations
Which sensor technology is typically least effective in detecting slow moving objects
PIR sensor
What is a key challenge in conducting threat assessments for modern organizations
Accurately predicting emerging threats in an ever changing threat landscape
In a sting operation targeting organized crime, which of the following factors would be most critical to a successful outcome
Security cooperation from lower level members of the organization
Gaining judicial approval for undercover methods
Ensuring all illegal activity is initiated by the suspects
Which of the following is not a benefit of using multi factor authentication (MFA)
Simplifying user experience
In an undercover investigation, what is a primary risk associated with a cold hire
Lack of prior planning
Cost of security losses can be both direct and indirect, Which of the following is not an example of a direct cost
Loss of employees
Which of the following is not a benefit of using thermal imaging cameras for perimeter security
Lower cost compared to visible light cameras
Which of the following is not a common method of detecting tampering in high security locks
Magnetic fields
In a threat and vulnerability assessment, which factor is most likely to increase the likelihood of a threat
The frequency and proximity of similar incidents
How might a suspect use a social engineering to gather intelligence on an ongoing investigation
By manipulating employee or insiders into revealing confidential information
Which of the following best describes the difference between McClelland’s need for achievement and need for power
Need for achievement is driven by success, while need for power is drive by influence
Which of the following best describes the operation of an active infrared sensor
Emits infrared radiation and detect its reflection from objects
What is the purpose of personnel security
To protect classified information
How can organizations failure to include regular testing in its crisis management plan backfire during a real crisis
The plan may be not effective in practice as it seems on paper
Employee may not be familiar with their roles and responsibilities
Communication lines might fall under pressure
In the context of drug investigations, what is the most effective way to ensure the identification of synthetic cannabinoids like spice during testing
Using gas chromatography mass spectrometry (GC-MS) for chemical analysis
In what way does the installation of high CRI lighting near art exhibits enhance security
It improves the ability of surveillance equipment to accurately capture the true colors of the artworks, which is crucial in the event of theft or damage
How can the deployment of honeypots in cybersecurity investigations complicate the evidence collection process
It may collect evidence that is inadmissible due to entrapment concerns
According to McGregor’s Theory which of the following best describes employees motivation
Employees are motivated by intrinsic factors and seek fulfillment
The highest priority in any computer security program is
Careful screening of personnel
What is the purpose of a preemployment screening process in personnel security
To determine an individuals potential for misconduct
What is the key challenge of integrating business continuity and disaster recovery strategies into a single framework
Balancing operational with IT system recovery timelines
Which of the following best describes a zero day vulnerability
A vulnerability that is known to attackers but not yet patched by the vendor
Which of the following is not a principle of secure coding practices
Hard coding credentials
What is the primary risk of not securing maintenance access points such as HVAC or utility rooms in high security facilities
Maintenance areas can provide adversaries with entry points that bypass access control systems
In physical security what is force protection
Measures taken to prevent or mitigate hostile actions against personnel and facilities
What is the primary goal of background checks in personnel security
To verify employment history
To assess an individuals character
To identify potential security risks
Why are passive infrared (PIR) sensors widely used in residential security systems
They are inexpensive compared to other sensor types and effective in detecting human presence through body heat
In Herzberg’s theory, which of the following is considered a hygiene factor that can lead to job dissatisfaction
Work conditions
In the context of financial planning, what is the purpose of a zero based budget
To justify every expense in the budget from scratch without relying on historical data
What is the main objective of personnel security screening
To ensure the loyalty and trustworthiness of individuals
How can failure to properly train staff for crisis scenarios undermine a well developed continuity plan
Employees may fail to execute their roles effectively, leading to confusion
It increases the potential for human error in communication
In the context of security lighting, what is luminance
The perceived brightness of a light source
Which of the following is not a potential threat to personnel security
Workplace accidents
Which of the following is not a potential threat to personnel security
Workplace accidents
Which of the following is a responsibility of the personnel security
Investigating security incident
Which of the following is the best method for verifying the authenticity of a suspects alibi in a digital fraud investigation
Cross referencing financial records
Analyzing IP addresses and digital timestamps
Under ISO 31000 which of the following is considered the first step in the risk management process
Risk identification
What is the primary goal of personnel security
To prevent insider threats
Which of the following is a best practice for securing wireless networks
Disabling SSID broadcast
What is the biggest challenge in implementing a workplace violence prevention program
Monitoring employees behaviour without violating privacy laws
Which vault lock system is most effective at deterring forced entry attempts
Time delay lock
In the context of cybersecurity, what is the greatest risk posed by privilege escalation attacks
Once adversaries gain elevated privileges, they can access modify of destroy critical systems and sensitive data
In CPTED, what is the significance of territorial reinforcement
It uses physical design elements to define boundaries and create a sense of ownership, deterring criminal behaviour
Which of the following is not a advantage of video surveillance
Privacy protection
What is the purpose of security clearances in personnel security
To grant access to classified information
To ensure individuals are trustworthy
To prevent unauthorized disclosure
Which of the following would be the least effective application for a capacitive sensor
Detecting air temperature changes
How might a candidate use a references false identity to mislead an employer during a background investigation
By hiring a professional to impersonate the reference during calls
What is the main benefit of using electromagnetic locks in secure facilities
Easy to integrates with access control systems
The three focus areas required to deal with strikes and labor disputes include all the following except
Post strike intelligence
Which of the following is not a common method of achieving data confidentiality
Data replication
Which of the following is a not a benefit of encryption
Enhancing data availability
Why is conducting a social media audit during a personnel risk assessment important
To identify any potential reputational risks associated with the individual
Which of the following is not a assumption of McGregor’s Theory X
Employees seek responsibility
In digital forensics, which of the following is most likely to cause the loss of critical evidence during the collection
Failure to image the drive
Which of the following lighting types provides the least effective illumination for security cameras
Sodium vapor lighting
What is the main purpose of security policy in ESRM
Defining security roles and responsibilities
Enhancing operational efficiency
What is the role of security awareness training program
To educate employees about security risks and best practices
To enforce compliance with security policies and procedures
To identify potential security vulnerabilities with an organization
Why is THC the primary focus in cannabis related investigations
THC is the psychoactive component responsible for the intoxicating effects of marijuana
Which of the following describes a common vulnerability of electronic locks
Dependency on power sources
Which security feature is most effective at preventing unauthorized duplications of keys
Restricted key system
In which case would a warm site be preferable to a hot site for a disaster recovery
When the organization can tolerate moderate downtime and costs need to be minimized
Which of the following best describes McGregor’s Theory Y
Employees seek fulfillment and are motivated by challenges
Why might organizations experience extended downtime even with an established business continuity plan
Interdependencies between critical systems were not accurately mapped
Why is it critical for organizations to have a workplace violence policy in place
To address potential risks before violent incidents occur
What is the role of security policies and procedures in personnel security
To establish guidelines for employee behaviour
Security awareness supports many important goals. Which of the following is not a goal supported by security awareness
Support the security departments annual budgeting process
What is the primary challenge in using active sensors in densely populated urban environments
Interference from other electronic devices and signals in the environment
Which of the following is not a typical outcome of an effective cognitive interviews
Increased witness stress
Which of the following is a not a method of risk mitigation
Amplification
What is the purpose of a personnel security policy
To ensure compliance with legal and regulatory requirements
Anti-tailgating device function
Prevent Access
What is the key challenge of integrating business continuity and disaster recovery strategies into a single framework
Balancing operational continuity with IT system recovery timelines
Why might recovery point objectives (RPOs) in business continuity plans be unrealistic
Lack of alignment between business and IT recovery priorities
According to McGregor’s Theory X, which of the following management styles is most effective
Authoritative Management
Which type of lamp would a security professional likely avoid for areas where precise color discrimination is necessary under surveillance cameras
Low pressure sodium lamps
Why is it critical to perform a business impact analysis (BIA) before finalizing business continuity plans
To determine the potential operational and financial impacts of different types of disruptions
What is the primary benefit of integrating BCMS with risk management
Enhanced organizational resilience
Improved financial performance
In Maslow’s hierarchy of needs which of the following needs is considered basic survival need
Physiological
In what scenario would an adversary exploit the weakness of a line detection sensor system
By crossing under or over the detection line without triggering the sensor
When dealing with workplace violence what is the mail purpose of conducting a post incident review
To identify security gaps and prevent future incidents
Which of the following is not a common method of achieving data confidentiality
Date replication
Which management function involves setting objectives and determining a course of action for achieving those objectives
Planning
What is the primary goal of a security policy
Defining acceptable use of resources
What is the function of a glass break detector in a security system
Detects changes in sound frequency
Why is business continuity planning increasingly incorporating black swan event scenarios
Black swan events, though rare, have extreme impacts that can severely disrupt operations if not accounted for
What is the purpose of background checks in personnel security
To verify the identity of individuals
To assess the trustworthiness of individuals
To identify potential risk or vulnerabilities
What is the primary goal of penetration testing
Identifying and exploiting vulnerabilities
Which of the following is not typically part of the due diligence
Interviewing all employees
Which sensor is less likely to be triggered by small animals and debris
Microwave sensors are less likely to be triggered by small animals and debris, reducing false alarms
In what scenario might a hot site become ineffective during disaster recovery
If the disaster effects both the primary site and the hot site, redundancy become ineffective
Which of the following is not typically considered a red flag for financial fraud
Frequent travel for business purposes
Which of the following best describes McGregor’s Theory X
Employees are inherently lazy and require strict supervision
In what scenario might perimeter intrusion detection systems (PIDs) be most effective
When monitoring large outdoor areas where access control is difficult to enforce
What is the purpose of security clearance
To grant access to classified information
To assess a persons trustworthiness and loyalty
To determine if a person is eligible for certain positions
What describes security through obscurity
Hiding Measures
Visible Deterrents
When gathering digital evidence from a suspects computer, what is the most critical first step to ensure data integrity
Imaging the entire system without altering any files
Which of the following is not a forensic analysis type
Surveillance Analysis
In physical security systems, why is it important to include redundant alarm systems for high risk areas
A failure in one alarm system can leave facility vulnerable without immediate detection
What is a key limitation of traditional risk assessments in crisis management planning
They often fail to account for rapidly evolving risks like cybersecurity threats
When conducting mobile surveillance, why is the use of multiple vehicles an advantage
It reduces the likelihood of the target detecting surveillance
Which of the following is a critical consideration when choosing cold site for disaster recovery
The availability of IT resources to rebuild operations
How can failure to update business continuity plans lead to operational risk during crisis
Outdated plans may not reflect current risk, technologies or organizational structures
What is the main function of a perimeter intrusion detection system (IDS)
To detect and alert security personnel to breachers at the perimeter
In preventing workplace violence, why might regular behavioral risk assessment be beneficial
They assist in identifying early warning signs of potential violence
In a risk management context, what is the main objective of implementing risk avoidance strategies
To completely eliminate the potential for specific risks to occur
What is the primary function of an intrusion detection system (IDS)
Detecting and alerting on potential security breaches
How does the strike time of a lighting systems influence security measures during a initial power up
Longer strike times can delay the effectiveness of security systems
In a crisis management plan, what is the main advantage of having a hot site for disaster recovery
It reduces recovery significantly since the site is fully operational
How does the implementation of bistatic sensors increase the effectiveness of a security system along a national border
Bistatic sensor can detect low flying or small , slow moving objects that might not trigger monostatic sensors
What is the main disadvantage of using RFID locks in physical security
Susceptibility to electromagnetic interference
What is the most common defense strategy in drug related cased involving controlled buys
Claiming the suspect was entrapped by law enforcement
Which is the most crucial aspect when setting up a proprietary investigative unit
Selection of professional personnel
In Security management, what is the primary goal of a contingency plan
To ensure rapid recovery from incidents
What is the primary role of threat assessment teams in preventing workplace violence
To evaluate potential threats and recommend preventive measures
Which of the following is a primary criticism of Herzberg’s Motivation Hygiene theory
It assumes all employees are motivated by the same factors
In disaster recovery what is the key purpose of the recovery point objective (RPO)
To define the acceptable amount of data loss in terms of time
Which of the following is not a purpose of personnel security
Ensuring physical measures are in place
Which of the following is not a digital evidence integrity method
Encrypting
Why might using biometric access control present a significant vulnerability in high security environments
Biometric data breaches could lead to identify theft with irreversible consequences
What is the most effective method for securing a facility’s perimeter
Using a combination of physical bearers, surveillance and access control
Earnings Before Interest Taxes and Amortization (EBITA) divided by revenue is a formula to calculate
Operating profit margin
What is the main security feature of a safe with TL 15 rating
Resistance to forced entry for 15 minutes
In what scenario would a cold site be preferable over hot site for disaster recovery
When cost is a major constraint and immediate recovery is not critical
In an airport security setting, how can bistatic radar sensors improve the monitoring of unauthorized zone intrusions over monostatic radar sensors
Bistatic radar can cover multiple angles and directions, reducing blind spots and enhancing detection capabilities
Which of the following is not an appropriate technique for conducting effective interviews
Leading the interviewee towards a specific answer
In Herzberg’s theory which of the following is considered a motivator that can lead to job satisfaction
Achievement
Why might a security system designer opt for passive sensors in a highly secure data center
They do not emit energy that could potentially interfere with sensitive data equipment
Which of the following is a significant risk in cold hire operations
The operatives identity being exposed
The operation losing legal standing due to improper procedures
The potential for entrapment claims by the defense
Why is it difficult to calculate return on investment (ROI) for business continuity plans
Calculating prevention benefits is speculative compared to real time disaster recovery costs
What is the primary objective of an asset search in fraud investigation
To identify hidden assets
Vault lock can be considered a potential security risk if not properly managed
Access codes
In the context of legal and regulatory compliance, what is the role of Foreign Corrupt Practice Act (FCPA) in security operations
It prohibits
Which of the following is considered inadmissible in most courts due to reliability concerns
Polygraph results
What is the primary purpose of an incident response plan
To respond effectively to incidents
In a large decentralized organization which factor presents the greatest challenge to standardizing crisis management protocols across multiple locations
Cultural differences influencing risk perception
What is the primary purpose of using surveillance in an investigation
To gather evidence
Which of the following is not a key consideration in designing a physical security plan
Establishing communication protocols
Why is continuous monitoring important in business continuity planning
Continuous monitoring helps identify new threats in real time, allowing the organization to adjust its plans as necessary
A craving for drug is exhibited often by the following
Water running from nose or eyes
Frequent yawning or sneezing
Continual itching of arms and legs
Which lock type typically has the fastest restrike time
Magnetic lock
Which of the following is a critical first step when investigating a cybersecurity breach
Isolating affected systems
What is the main objective of personnel security screening
To ensure the loyalty and trustworthiness of individuals
Which of the following is not a benefit of conducting a security risk assessment
Reducing need for compliance
The statement that best describes the purpose of a scrambler in communications security is
It disguises information so it is unintelligible to those who should not have access to it
How might an employee with a known history of workplace violence bypass traditional risk assessment protocols
By hiding their involvement in past incidents through legal settlements
How does the integration of microwave sensors into an airports security system enhance its capability to detect unauthorized access
These sensors can cover large open areas, such as runways and parking lots, more effectively than other types of sensors
How might a disgruntled employee attempt to by pass workplace security measures to carry out an act of violence
By utilizing insider knowledge of the facility’s layout and security weakness
The highest priority in any computer security program is
Careful screen of personnel
What type of lock is generally used for securing high value items against unauthorized access in both commercial and residential applications
Pin Tumbler Lock
In the context of interviewing, what is the primary purpose of an open minded question
To encourage detailed response
Why might an executive protection team need to coordinate with cybersecurity experts during a high profile event
To prevent the executives devices from being hacked
How does the integration of the line detection sensors along with the PIR sensors enhance the security of a residential community’s perimeter fence
Line detection sensors can trigger lights and cameras, while PIR sensors provide a secondary confirmation of human presence reducing false alarms
In an environment with high airflow and temperature changes which sensor type is least likely to trigger false alarms
Microwave sensor
Which of the following is not a benefit of using incident response plans in security management
Simplifying user management
An accurate assessment of the kinds of threats or risks affecting the assets to be safeguarded is known as
Loss event profile
What is the primary risk of failing to evaluate contractors during a personnel risk assessment
Contractors may have conflicting loyalties that put the company at risk
What is the main advantage of implementing a risk transfer strategy in a security program
It shifts the financial burden of a potential loss to a third party usually through insurance
Which vault door material offers the best protection against both fire and physical intrusion
Composite steel
How does the principle of proportionality apply to the implementation of security measures
Security measures should be direct proportion to the assessment level of threat and risk
In which of the following cases would a cold site be preferred over a hot site
If the company can tolerate longer recovery times to minimize costs
What is the primary goal of encryption in information security
Preventing unauthorized access
Ensuring Data integrity
What is the primary purpose of crisis management plan
Ensuring effective response to crisis
How might adversaries exploit gaps in an organizations disaster recovery plan during a global crisis
By taking advantage of delayed response to secondary risks
What is the significant advantage of using active infrared sensors in warehouse security systems
These sensors can operate in complete darkness, detecting breaches without the need for ambient light
In the context of threat assessment what is the most important factor to consider when identifying potential threats
The likelihood of occurrence and the impact of the threat on organizational assets
Which of the following techniques is designed to allow interviewees to provide their accounts without interruption or pressure
PEACE model
In the context of threat assessment what is the main objective of a consequence analysis
To evaluate the impact that a specific threat could have on the organization
What is the primary goal of financial management within security operations
Ensuring operational efficiency
__________ is used to compare the desirability of different ways of spending
Return on investment
The term for a strike that occurs when management and unions fail to negotiate an agreement on benefits is
Economic
How does a passive infrared (PIR) sensor detect an intruder
By measuring the infrared radiation naturally emitted from objects in its field of view
Which of the following is not a characteristic of a strong encryption algorithm
Speed of encryption
What is the significant advantage of using halogen lighting in terms of color accuracy for security operations
They emit a bright white light that enhances the clarity of recorded images
What is the role of security policies and procedures in personnel security
To establish guidelines for employee behaviour
What is the main advantage of performing vulnerability assessments in an organizations security planning process
It identifies weakness in the current security infrastructure that could be exploited by threats
What is the purpose of background check in personnel security
To verify an individuals identity
To assess an individuals character and trustworthiness
To ensure individual meets the requirements for a specific job
Which of the following is least likely to be factor in determining the patentability of an invention
Whether the invention provides a competitive advantage in its industry
What is the critical purpose of Probability of Interruption (Pi) in the adversary sequence diagram
To calculate the time between detection and the point of adversary neutralization
Which of the following is least likely to be considered a best practice for securing wireless networks in an organization
Using static IP addresses for connected devices
Wired glass is intended to provide resistance to
Shattering and fragmentation
Which of the following is a not a method of employee monitoring
Job performance reviews
What is the primary purpose of physical security
To prevent authorized access
Which of the following is most likely to prevent unauthorized access in a Bring Your Own Device (BYOD) environment
Implementing remote wipe capabilities for lost of stolen devices
Which lighting type is know for its energy efficiency and minimal heat emission, making it deal for long term security use
LED
What is the main purpose of audit trail
To document financial transactions
Which of the following best describes the best way to lower the probability of interruption (Pi) in a perimeter protection system (PPS)
Extend response times
What is the main purpose of a root cause analysis in investigations
Identifying the cause of an incident
Preventing recurrence of incidents
In complex financial fraud investigations, why might investigators analyze corporate board minutes
To establish a timeline of decision making related to fraudulent activitiy
Which factor most significantly affects the performance of ultrasonic sensors in detecting motion through solid objects
The density and composition of the solid material
Which of the following is most likely to reduce the likelihood of fraud by addressing both opportunity and pressure within Cressey’s Fraud Triangle
Strengthening internal controls and offering employee assistance programs for financial stress
How do terrain following microwave sensors adjust their detection patterns when deployed in environments with significant ground elevation changes
They continuously adjust the microwave beam’s angle based on feedback from the ground
Which of the following would not be considered a motivator in Herzberg’s two factor theory
Working conditions
According to McGregor which of the following best describes a Theory Y managers approach to leadership
Empowering and supportive
Which characteristic of Cat6a cables provides better performance in dense networking environments compared to standard Cat6 cables
Higher frequency transmission capabilities
Which of the following is a key element of a security risk management strategy
Implementing effective security controls
Which of the following is the most important factor in determining the Probability of interruption (Pi)
Sensor sensitivity
What is the primary goal of an access control system
To prevent unauthorized access
What is the primary purpose of a firewall in information security
Preventing unauthorized access
Which of the following is a least likely to be an important feature of a threat assessment teams deliberations during a bomb threat
Ensuring all members understand bomb disposal techniques
Which of he following is least likely to be a valid defence in a copyright infringement lawsuit
The copyright holder failed to properly register the work before the infringement occured
Which of the following is most likely to present a security risk when cloud storage solutions for sensitive data
Improper configuration of access permissions
What is the primary objective of an employee background check in an investigation
To verify the accuracy of the employees resume
Which of the following is not typically included in the calculation of EBITA
Taxes
Which sensor is best suited for detecting the movement of vehicles through a perimeter gate
Magnetic loop sensor
Which vault rating indicates that a vault can withstand 60 minutes of attack by sophisticated tools and expert burglars
Class 3
Which of the following combinations would increase the Probability of Loss (PoL) in a security environment
High threat likelihood and slow response times
What is the primary benefit of using network analysis in fraud investigations
Mapping relationships between suspects
Which type of glass provides the best protection against ballistic threats
Bullet resistant glass
In the context of vulnerability assessments, which of the following is least likely to reduce an assets vulnerability
Enhancing asset criticality
Which factor most influences the detection range of passive infrared sensors in areas with large thermal gradients
The emissivity of surrounding surfaces
Which of the following is least likely to be considered a factor in deciding whether to evacuate during a bomb threat
The proximity of high value assets
Which of the following combinations would reduce overall risk in a high criticality system
Delayed detection systems but immediate response capabilities
Which of the following types of evidence is most relevant for establishing intent in an embezzlement case
Financial records showing discrepancies
What is the primary role of threat likelihood in a the overall risk equation
It directly impacts the probability factor, which influences risk
Which of the following is least likely to qualify as copyright infringement
Copying short portions of a copyrighted work for educations purposes under fair use
What is the formula for determining the Expected Annual Loss (EAL) in risk management scenario
EAL = Asset value x Probability of Occurence
Which three factors are essential in calculating annual loss expectancy (ALE) for an asset
Single Loss Expectancy (SLE), frequency of occurrence, control costs
Which of the following technologies is considered the gold standard for trace explosives detection but is hindered by high costs and maintenance
Mass spectrometry
Which type of lighting is most susceptible to failure in high humidity environments
Fluorescent lighting
Which type of laminated glass is most resistant to forced entry, providing a high level of security in access points such as doors and windows
Bullet resistant glass
Which of the following is not a characteristic of Maslow’s self actualization level
Basic physical survival
Which of the following is least likely to be a requirement for trade secret protection
The information must be a public knowledge
Which of the following best describes the impact of a company’s quick ratio when its account receivable collection period increases significantly
The quick ratio will decrease because accounts receivable are counted as liquid assets
Which of the following is least likely to be an effective countermeasure for a denial of service (DoS) attack
Disabling all external network connections
Which of the following is most likely to enhance the burglary resistance of a vault used for high value asset protection
Using composite materials for the vault to resist drilling and cutting
What is the role of security policies and procedures in personnel security
To provide guidelines for employee behaviour
To define the organizations security requirements
To ensure compliance with legal and regulatory requirements
What is the primary factor influencing the energy efficiency of high pressure sodium lamps compared to other lighting technologies
High Lumens per watt
Which of the following is a least likely to be considered an effective security measure when standoff distance is impossible during a bomb threat
Installing blast resistant windows
Which of the following combinations would decrease risk in a high vulnerability system
Low threat likelihood and strong response protocols
Which of the following is the most probable to reduce the overall risk exposure for an organization
Developing contingency plans for high risk assets
Which of the following is least probable to enhance the response function of a physical protection system (PPS)
Installing additional motion detectors
What is the cost benefit formula for determining if a security measure should be implemented
if ALE>Mitigation Cost , Implement the control
Which of the following is not a part of the adversary sequence diagram
Risk Mitigation
In McClelland’s theory of needs, which need is primarily associated with an individuals desire for influence and control over others
Need for power
In a PPS, the delay function is most effective when
It provides enough time for response forces to engage
In a physical security risk assessment, what is the primary purpose of a threat vulnerability matrix
To prioritize mitigation strategies based on the probability of a threat materializing
Which of the following is most likely to lead to the rejection of a patent application
The inventions is considered obvious in light of existing technology
Which of the following is most probable to reduce the effectiveness of a perimeter intrusion detection system (PIDS)
Installing detection systems to close to vegetation
In the context of deter, detect, delay which of the following is most critical factor for effective deterrence
The visibility of security measures to potential adversaries
Which of the following combinations would reduce overall risk in a high criticality system
Delayed detection systems but immediate response capabilities
Which of the following is most likely to pose a challenge when coordinating with external partners during a crisis
Lack of shared communication channels
In crisis communication what is the primary disadvantage of over centralizing authority
It risk slow communication flows during fast moving crisis
Which of the following is least likely to be a focus of ESRM in terms of risk mitigation
Maintaining a purely compliance based approach to security
Which of the following would be most effective in detecting objects approaching at different heights, such as drones or vehicles
Microwave sensor
Which lamp type is known for producing a warm, yellow orange light and is often used for roadway and outdoor security lighting
High pressure sodium
Which of the following is a least probable to contribute to the success of a protection in depth strategy
Reducing the number of patrols within the secure area
Which of the following is most likely to be the most difficult phase of bomb threat evaluation
Review phase
Which factor would least likely increase the overall risk score for high criticality assets
Enhancing access control systems and reducing incident recovery times
Which sensor technology is least affected by weather conditions such as rain and snow
Seisimic sensors
Which sensor type if least likely to be triggered by small animals in outdoor environments
Microwave sensor
What is the purpose of personnel security
To ensure safety of employees
To protect sensitive information
To prevent unauthorized access
How can failure to properly train staff for crisis scenarios under a well developed continuity plan
Employees may fail to execute their roles effectively, leading to confusion
It reduces managements ability to response in real time
Which type of evidence is most likely to be considered suggestive rather than conclusive
An eyewitness identification after a lengthy delay
Which of the following factors is most critical when determining Recovery Time Objectives (RTO) in a disaster recovery plan
The criticality of business functions
Which of the following is the best method for ensuring that security policy is aligned with organizational objectives
Engaging leadership in policy development
In a large decentralized organization, which factor represents the greatest challenge to standardizing crisis management protocols across multiple locations
Cultural differences influencing risk perception
Which of the following is the most effective way to measure the success of a risk transference strategy
Reduction in insurance premiums
Creating employee and management buy in to a security awareness program is not automatic. Security staff may face several obstacles in implementing a security awareness program. Which of the following is not an obstacle to an effective program
Adequate security staffing
Which of the following is most probable to improve the deterrence capabilities of a PPS
Installing highly visible security cameras in public areas
Which of the following combinations would most likely reduce the overall probability vulnerability of critical structure
Increasing detection systems and enhancing physical security measures
In high risk environment, which type of top guarding offers the best resistance to professional intrusion tools like wire cutters
Concertina wire
What is the purpose of security awareness program
To educate employees about security policies
To train employees on security procedures
To promote a culture of society
In the CARVER method, which factor measures how easily and adversary can exploit a targets weakness
Vulnerability
Which of the following combinations would most likely lead to employee motivation according to Maslow
Satisfying esteem and self actualization needs
Which of the following is most likely to influence the design of an organizations crisis communication strategy
The size and complexity of the organization
Which of the following is most critical when conducting Business Impact Analysis (BIA) in disaster recovery planning
Defining Recovery Time Objectives (RTO)
Which force multiplier would be most relevant when gathering intelligence on an organized crime syndicate
Informants within the syndicate
Which type of evidence is most likely to be considered circumstantial
Eyewitness testimony
Which of the following is most likely to affect the timing of an organizations business continuity plan activation
The duration of the crisis event
Which type of lock is most commonly used for high security applications due to its ability to resist physical destruction and picking
Lever lock
Which type of sensor is most effective for detecting unauthorized entry through windows
Acoustic glass break sensors
What is the primary role of identifying hazard frequency in a security risk model
To prioritize risk mitigation strategies based on the likelihood of hazard occurence
What are the four objectives of a vulnerability assessment
Facility characterization, evaluation of the facility’s PPS, a site survey of detection, delay and response, data to estimate performance against specific threats
Which of the following is most likely to result in legal liability for an investigator during the course of an investigation
Collecting evidence without proper documentation of chain of custody
Which of the following is least likely to improve the burglary resistance of a safe used to store sensitive documents
Adding an additional layer of fire resistant insulation to the safe
Which of the following best explains how a company’s trade secrets may be inadvertently disclosed to competitors
Filing for a patent based on a trade secret that requires full disclosure of the invention
Which factor is least likely to increase the Probability of interruption (Pi) for an adversary targeting critical infrastructure
Increased detection sensitivity but poorly trained response personnel
What are the basis functions of a security officer force
Access control, patrol, escort, inspection, monitoring, emergency purpose, dealing with disturbed people, special assignments
According to Herzberg’s theory, which of the following would most likely lead to job dissatisfaction
Poor working conditions
Low salary
Which of the following best describes a major challenge of conducting interviews with children using the cognitive interview technique
Heightened risk of false memories
Which of the following is most likely to improve the ROI (Return on Investment) of a physical security system involving locks and safes
Reducing the frequency of maintenance and replacement of mechanical locks
What is the main reason shielded twisted pair (STP) cables are preferred over unshielded twisted pair (UTP) in high noise environments
STP cables reduce electromagnetic interference
Which of the following is not considered a factor in determining the likelihood of a risk
Asset value
What is the primary role of a business impact analysis (BIA) in BCMS
Identifying critical business functions
Assessing potential business impacts
Why is scalability important when designing access control systems for large organizations
It allows the system to grow and adapt to changes in the organizations security needs
Which of the following is not one of the two primary aspects of recovery after information loss
Implementing forensic investigation to identify the issue
How does the power consumption of LEDs compare to traditional incandescent lamps for equivalent light output
80% Lower
Which of the following is not a common method used to identify a suspect in a digital investigation
Data carving
Which of the following strategies best demonstrates risk mitigation in a security system
Implementing compensatory controls
Why are passive sensors particularly suitable for use in residential security systemss
Passive sensors such as PIR are energy efficient, only activating when needed, which is ideal for home use where energy conservation is important
Which of the following is not a potential risk associated with personnel security
Cybersecurity vulnerabilities
Which type of sensor is commonly used in areas where frequent opening and closing of doors occurs, such as lobbies
PIR Sensor
Which safe rating is required to store high value assets in banking environments where physical security is paramount
TRTL-30X6
In Herzberg’s Hygiene Theory which of the following is an example of a motivator
Recognition
In microwave perimeter sensors, what is the primary disadvantage of using a continuous wave (CW) Doppler radar system
Continuous wave systems are unable to detect stationary objects
What is the purpose of a background check
To verify a persons identity
To assess a persons suitability for a job
To uncover any criminal history
A technique used to disguise digital data information during transmission is
Encryption
In a sting operation ,which of the following techniques is most likely to result in the successful prosecution of a suspect
Allowing the suspect to initiate all illegal activities
What is the primary advantage of using laminated glass in high security applications
Ability to maintain structural integrity after penetration
Which of the following is not true about McGregor’s Theory Y
It requires close supervision and control for employees to be effective
Which type of lock is typically installed on vault doors to protect against unauthorized access by restricting access to the locking mechanism
Electronic time lock
Which of the following is most probable to improve the effectiveness of a risk mitigation strategy
Implementing physical barriers in combination with cyber protections
According to Herzberg, which of the following would not lead to dissatisfaction
Job security
Why is barbed tape more commonly used than barbed wire in modern high security perimeters
Barbed tape cause more damage to intruders, acting as a stronger deterrent
During an interrogation, how might a suspect attempt to manipulate the outcome using false compliance
By pretending to cooperate while subtly altering their statements
Which of the following is a key principle of perimeter security
Deterrence
In terrain following radar systems, which environmental factor is most likely to cause signal attenuation
Vegetation
Which of the following is best example of risk avoidance in a security strategy
Moving high value assets to a location outside the threat zone
Which of the following locks is most resistance to lockpicking
Disc detainer lock
Which of the following is least likely to be considered when determining the risk tolerance level with the ESRM framework
The organizations legal obligations to external regulatory bodies
Which of the following is most likely to be a challenge in bomb threat assessment
Determining the legitimacy of the threat
According to McClelland, which of the following needs is associated with a drive to excel and achieve goals
Need for achievement
Which of the following is an example of indirect evidence
A behaviour pattern
Which of the following metrics is least likely to be used when quantifying security risks in an ESRM framework
Total number of security incidents reported annually
Which of the following best describes the function of a mantrap in a high security environment
To control access by trapping intruders
To provide a physical barrier against forced entry
To ensure single person entry
In the context of personnel security, what is the purpose of a background investigation
To determine an individuals eligibility for a security clearance
Which of the following is most likely to undermine the effectiveness of crisis management training exercises
Failing to involve senior management in drills
Which of the following is not an advantage of using biometric authentication in access control systems
Low cost of implementation
Which of the following combinations would most likely result in an overall decrease in risk
Low threat likelihood and frequent audits
Why is barbed tape often preferred over traditional barbed wire for high security perimeters
Barbed tape is more difficult to cut without specialized tools
Which of the following is most likely to pose a challenge when coordinating with external partners during a crisis
Lack of shared communication channels
Which of the following is most probable to be contributor to the cost of replacement
Freight and shipping charges
Which of the following is an example of personnel security measure
Background checks
Which of the following is not a typical element of a layered security approach
Forensic analysis
Which of the following best defines a provisional patent application
It allows an inventor to establish a filing date while continuing to develop the invention
Which type of lock is least vulnerable to environment wear and tear in outdoor installations
Mechanical combination lock
Which of the following scenarios would result in an increase in the overall threat landscape
Increasing the assets visibility to potential adversaries
Improving access control measures but ignoring detection systems
What is the primary goals of a security policy
Defining acceptable use of resources
Which of the following is a not a guideline for workplace drug purchases during an investigation
Make purchases off company time
What is the primary objective of customer relationship management (CRM)
To manage interactions with current and potential customers
Which of the following best describes corroboration in investigations
Verifying information through multiple sources
In security system design what does response time refer to in the adversary sequence diagram
The time between detection and the neutralization of the adversary
Which of the following is most likely to undermine a company’s ability to protect its trade secrets
Failing to document and label sensitive information as confidential
In risk management what role does asset criticality play in determining risk tolerance
Critical assets have lower risk tolerance due to their importance in business operations
Which of the following is not a typical goal of protection in depth
Ensuring that no vulnerabilities exsit within the system
Which of the following is a passive security measure
Security signage
In evidence collection why is it important to secure biological evidence immediately after it is found
Biological evidence can degrade quickly if not properly stored, reducing its usefulness in forensic analysis
Which combination of factors increase the likelihood of successful exploitation of vulnerabilities
Effective detection but slow response times
High exploitability and delayed recovery protocols
Which of the following is least likely to be a method for controlling physical access to information systems
Multifactor authentication for remote system access
How does CPTED use the concept of territorial reinforcement to deter crime
By using signage and visible security presence to establish a sense of ownership and define the space as private
What is the key element that defines direct evidence in an investigation
It directly links the suspect to the crime without needing inference
Which of the following is most likely to pose a challenge when using cognitive interviewing techniques on witneses
Witnesses recalling peripheral details rather than key events
Which type of safe is best suited to protect valuable items against fire and heat but offers limited protection against burglary
Fire rated safe
What consideration should be given to lighting systems in areas prone to vandalism or tampering
Lighting fixtures should be designed to be tamper proof and resistant to vandalism
In a large decentralized organization, which factor represents the greatest challenge to standardizing crisis management protocols across multiple locations
Cultural differences influencing risk perception
What is the purpose of a personal security policy
To establish rules and guidelines for personnel security
To ensure compliance with legal and regulatory requirements
To protect sensitive information and resources
Which of the following is least likely to affect the quick ratio of a company
Selling off inventory at discounted price
Which of the following scenarios would most likely increase the overall threat landscape
Reducing the number of security personnel on site
In general, the continuum of violent behaviour starts with
General disgruntlement
What is a significant limitation of using barbed wire for top guarding in areas with high foot traffic near the perimeter
Barbed wire can cause injury to authorized personnel accessing the area
What vulnerability is commonly exploited in electronic combination locks
Bypass through manual override
In Business continuity planning (BCP) which of the following is least likely to be considered a critical business function
Employee recreation programs
Which of the following is most likely to decrease the quick ratio of a company
Increasing accounts payable
How do terrain following sensors impact the operational tactics of mobile security patrols in large commercial estates
By optimizing travel routes to avoid natural obstacles, these sensors enable faster response times and more efficient patrolling
How might adversaries exploit gaps in organizations disaster recovery plan during a global crisis
By taking advantage of delayed response to secondary risks
What is the major limitation of using bistatic infrared sensors in narrow corridors or hallways
Alignment of the transmitter and receiver becomes more difficult, leading to false negatives
Which of the following is not a characteristic of a successful risk mitigation strategy
It eliminates the probability of all risk events
Which of the following is not a typical method used to detect insider trading
Analyzing financial statements
What is the biggest risk of relying solely on eyewitness testimony in criminal investigations
The accuracy of human memory is subject to influence and distortion
Which of the following best describes the legal privilege typically granted to properly controlled investigative reports
Qualified privilege
Which of the following is least likely to influence a fraud suspects ability to rationalize their actions within the fraud triangle
The strictness of the organizations internal fraud prevention policies
Which of the following is most likely to present a technical challenge in implementing a centralized ESRM platform for global enterprises
Integrating ESRM data from multiple security management systems
In methamphetamine investigations, what makes clandestine labs particularly dangerous for law enforcement officers
They use high volatile chemicals that can cause explosions and fires
What is the key difference between a cold hire and controlled hire in an undercover investigation
A cold hire involves placing an operative into a suspect organization without prior intelligence, while a controlled hire is based on pre existing information
Which of the following is most likely to increase the difficulty of risk quantification in ESRM
The subjective nature of threat likelihood and business impact assessments
How might terrain following sensors be used to compensate for environmental blind spots in perimeter security
By adjusting their detection range and angle to follow the natural contours of the land, ensuring full coverage
Which of the following is least likely to affect a company’s ability to maintain trade secret protection over time
The company’s employees sign non disclosure agreements
Which of the following is least likely to be considered an inherent vulnerability in a critical infrastructure system
Redundant power supplies
Which of the following is most likely to affect the restrike time of a high intensity discharge (HID) lamp in an outdoor security system
The frequency of on off switching during night time operation
How might organization ensure that contractors pose minimal personnel security risks
By conducting background checks before hiring contractors
What is the main purpose of a security operations center
Monitoring and responding to security incidents
Which lock type typically has the longest strike time
Mechanical comibnation lock
Which of the following is least likely to enhance the response function in a PPS
Relying solely on passive surveillance systems
In a museum setting, how can capacitance based sensors be utilized to enhance the security of displayed items
By creating an invisible barrier around each item that when breached, alters the capacitance and triggers an alarm
In the context of a buy bust operation what is the role the undercover officer
To engage in a fake transaction to confirm the suspects involvement
How might adversaries defeat multi factor authentication (MFA) systems in a physical access control context
By using social engineering to steal authentication factors
Which of the following types of hire is typically used in environments where investigators aim to gathers long term intelligence without making immediate arrests
Cold Hire
What is the main risk of relying on open source intelligence (OSINT) in a criminal investigation
The information may be outdated or inaccurate
What is the primary legal risk in a cold hire operation
The investigation may be deemed unethical if the suspect is unaware
Which of the following is most likely to extend the delay time in a security system designed to protect high value assets
Installing multiple layers of reinforced barriers
Which of the following is most likely to improve the detection of fraud early by addressing the opportunity component in Cressey’s Fraud Triangle
Implementing real time monitoring of financial transactions and data success
Which lighting technology is most susceptible to degradation due to frequent on off cycling
Fluorescent lighting
What is the significance of the term bag head in narcotics investigations
It is a slang for a person addicted to sniffing glue or paint from a bag
How does hazard differ from a vulnerability in a security context
A hazard is an external factor, while vulnerability is an internal weakness
Which of the following is most probable to be considered a violation of privacy laws in a workplace investigation
Collecting personal email information from a company email server
Which of the following is not considered in the calculation of Gross Operating Profit (GOP)
Taxes
What is the primary benefit of using Doppler radar systems in environments with slow moving intruders
The system detects even minimal frequency shifts caused by slow movements
Which of the following is most likely to improve a company’s current ratio
Paying down short term debt
Which of the following types of analysis is most likely to help prioritize the allocation of resources in a security budget
Cost benefit analysis
What is the primary advantage of using a multidisciplinary team in investigations
Broader range of expertise
What is the primary disadvantage of using physical surveillance in investigations
High Cost
Risk of detection
Which of the following is not a rule of thumb for lighting levels in security systems
Deterrence - 1.5 foot candles
What characteristic of concertina wire makes it more effective as a perimeter defense than traditional barbed wire
It is more rigid, making it harder to manipulate
Which factor directly affects the calculation of threat likelihood in risk management
The geographical location of the asset
Which of the following lighting types requires a ballast to regulate the voltage and current supplied to the lamp
Metal Hallide
Which of the following is most likely to affect the valuation of intangible assets such as patents and trademarks in a company’s balance sheet
The company’s ability to enforce its intellectual property rights
Which management concept is most likely to lead confusion if not properly enforced
Unity of command
Which type of sensor is least affected by sudden changes in lighting conditions
Microwave sensor
Which factor is most likely to reduce the probability of detection (Pd) in an adversary sequence
A low number of detection points
Which of the following most directly affects the calculation of risk in a security environment
Vulnerability and criticality of assets
In which environment would an ultrasonic sensor be most effective for detecting movement
Indoors with reflective surfaces
Which sensor would be best suited for monitoring entry points in areas prone to significant vibrations such as near railroads
Microwave sensor
In what environment would a microwave sensor be the most appropriate for detecting intrusions
An outdoor perimeter with significant foliage
Which of the following is best method for reducing the threat level in a security system
Implementing proactive detection measures
Why are shielded twister pair cables typically preferred over unshielded twisted paid cables in outdoor perimeter systems
The shielding provides better resistance to environmental interference
Which of the following vault designs provides the highest resistance to thermal attacks
Composite construction
Which of the following is not consistent with McGregor’s theory X
Employees are motivated by intrinsic rewards
Which of the following is least likely to be legal challenge during sting operations
Misidentification of the primary target
Which of the following is most likely to provide early detection of potential bomb incidents
Canine units specifically trained to detect explosives
Which of the following is most likely to compromise a balanced protection strategy in physical security
Over reliance on a single detection system
What is the purpose of calculating the annualized loss expectancy (ALE) in a security risk analysis
To estimate the financial impact of a specific threat over a year
Which of the following is not a function of a well developed security policy
Guaranteeing total risk elimination
Which of the following combinations would increase the overall risk score for critical infrastructure systems
Strong incident detection systems but delayed recovery protocols
What is the key operational limitation of terrain following microwave sensors when deployed in mountainous regions
The sensors range is reduced by obstructions from high elevation changes
Which vault door rating indicates protection against mechanical and thermal tools for up to 60 minutes
TRTL-60X6
Which lighting technology requires consideration of restrike time when planning security operations
HID
Which of the following is most likely to reduce the Probability of Neutralization (Pn) in a security system
Poor personnel training
Which of the following scenarios illustrates a weakness in the detect function of a PPS
The detection system only activates when the intruder is already inside the asset perimeter
Which of the following types of locks would be the most effective against brute force attacks
Electromechanical lock
In risk management, what is the main objective of calculating the Single Loss Expectancy (SLE)
To estimate the financial impact of a single security incident
How to volumetric sensors differ from the line detection sensors in terms of coverage area in large, open spaces
Volumetric sensors cover three dimensional spaces, while line detection sensors monitor a single axis
Which of the following best describes how the quick ratio differs from the current ratio in financial analysis
The quick ratio excludes inventory from current assets, while the current ratio includes it
Which of the following scenarios would not increase the Probability of Detection (Pd)
Delayed response time
Which of the following is a major limitation of using suggestive evidence in a criminal investigation
It does not conclusively prove guilt or innocence
Which of the following is not a characteristic of passive infrared (PIR) sensor
Emits infrared radiation
Which of the following is most likely to be an effective control in minimizing opportunity within Cressey’s Fraud Triangle
Conducting surprise audits of financial transactions
Which of the following is most probable to reduce the effectiveness of a security audit
Focusing solely on physical security and ignoring cyber risks
For security lighting applications, which lamp type is preferred for its energy efficiency and longer lifespan compared to mercury vapor lamps
High pressure sodium
Which phenomenon is most likely to interfere with the operation of monostatic radar in foggy outdoor conditions
Signal absorption by water droplets
Why is it important to monitor physical security systems for anomalies in usage patterns
Unusual access or use patterns can indicate security breaches or insider threats
Which of the following scenarios would least likely increase the overall threat landscape for critical infrastructure
Improving the strength of access control systems
Which of the following is least likely to complicate communication during a crisis involving a natural disaster
Disruption of power and communication lines
Which of the following is not a step in the personnel security process
Reference check
Which of the following would most likely reduce the effectiveness of a qualitative risk assessment
Overreliance on subjective judgement rather than hard data
Which of the following strategies is least effective in reducing the vulnerability of an asset in a high risk environment
Increasing asset redundancy
Which of the following is not a characteristic of a strong password policy
Mandatory periodic changes
What is the primary difference between a threat and hazard
A threat is an intentional act, while a hazard is often a naturally occurring event
Which of the following fencing strategies would provide the best deterrence in a high crime industrial area
Single layered wielded wire mesh with inward facing razor wire
What type of privilege is most commonly granted to properly controlled investigative reports
Qualified privilege
In risk assessment how does the probability of a hazard differ from the probability of a threat
Hazards are less predictable and often have wider impacts than threats
Which type of sensor is most effective for monitoring the interior of a vault for unauthorized access
PIR sensor
Which safe design feature enhances resistance to punch attacks targeting the locking mechanism
Hard plate protection
What is the biggest challenge when trying to balance personal privacy with the need for comprehensive background investigations
Ensuring that private information is collected ethically and legally
Which of the following is most likely to result in the loss of trade secret protection within a company
Public disclosure of the trade secret through a patent application
Which of the following is least likely to be required for a business to obtain a patent for a new invention
The invention must be kept confidential and not publicly disclosed
Which type of lock system is most appropriate for a facility requiring both physical and electronic security features
Dual control lock
In risk management which of the following factors is least likely to reduce the overall probability of loss
Increasing asset redundancy
How might an organization reduce the potential for workplace violence during high stress company events such as layoffs
By providing access to mental health resources and counselling
How does a terrain following sensor enhance the capabilities of mobile security platforms in uneven geographic areas
By maintaining a constant altitude or distance from the ground to avoid obstacles
Which of the following is least likely to contribute the risk education in a high threat environment
Reducing the assets value
Which of the following is a critical weakness of using informants in drug related investigations
Informants may have ulterior motives that compromise the investigation
Which of the following is most likely to challenge an investigators ability to assess the pressure component of the Fraud Triangle during an interview
The interviewee downplay the financial or emotional strain they are experiencing
In financial investigations what is the primary purpose of the currency transaction report (CTR)
To report large cash transactions to regulatory authorities
Which of the following is least likely to be considered when classifying information as a trade secret
The public availability of information in patent filings
Which of the following is a common technique used in cognitive interviews to enhance recall
Visualization
When conducting surveillance why is it important to regularly rotate personnel monitoring a target
To avoid detection by the target over time
Which of the following factors is most likely to reduce risk in a high impact low vulnerability situation
Improving physical security
Which of the following is the most effective way to reduce the risk of employee theft in a retail environment
Limiting access to high value inventory
What three critical questions should a risk assessment aim to anwer
What can go wrong? What is the likelihood it could go wrong? What are the consequences?
Which of the following is most likely to complicate the use of return on security investment (ROSI) as a key performance indicator in ESRM
Difficulty in predicting non quantifiable risks such as reputational damage
How do environmental considerations affect the selection of security lighting for a wildlife preserve area, where light pollution must be minimized to protect animal habitats
Implementing fully shielded fixtures to direct light downwards and prevent spill into the habitat areas
Which of the following is most likely to result in a breach of trade secret protection
The trade secret is disclosed in a private meeting without a confidentiality agreement
Which principle of investigation emphasizes the need for investigators to avoid personal biases
Objectivity
Why are monostatic infrared sensors less effective in detecting objects at extreme distances in outdoor environments
Atmospheric attenuation reduces the range of infrared signals
Which of the following combinations would most likely reduce the overall vulnerability of critical infrastructure
Increasing detection systems and enhancing physical security measures
Which of the following factors would most likely reduce the probability of detection (Pd) in a critical infrastructure system
Delayed sensor placement and low detection system sensitivity
Which of the following is most likely to cause a company’s intangible assets to be overvalued on its balance sheet
Overestimating goodwill in a business acquisition
What is the primary operational challenge of using vibration sensors for underground intrusion detection in rocky terrain
High false positive rates due to interference from seismic activity
What is the role of continuous monitoring in business continuity planning
To provide early detection of risks that may trigger a crisis
How can executive protection teams mitigate the risk of attacks during public events
By coordinating security efforts with local event organizers
Which of the following is least likely to be considered when assigning occupant roles in an emergency plan
The hierarchy of the organizational structure
Which of the following is the biggest disadvantage of using metal halide lamps in security lighting applications
Long restrike time
Why would a security manager opt for fluorescent lighting in a controlled indoor environment like a data center
Because it emits a lower level of heat compared to other lighting types, reducing cooling requirements
What is the primary role of a continuity plan in BCMS
Ensuring business operations during disruptions
Which of the following best describes the purpose of combining inductive and deductive approaches in risk anaylsis
To create a comprehensive risk profile by evaluating specific causes and potential outcomes
Which of the following is least probable to increase the effectiveness of Protection in depth
Decreasing the number of detection sensors
Which of the following cables is most suitable for use in high humidity environments due to its resistance to moisture
Fiber optic
Why is it critical to involve legal counsel when conducting personnel risk assessments for high level employees
To ensure compliance with local, national and international laws
Which of the following is not a direct measure of liquidity
Gross profit margin
What is the primary function of an outer jacket in outdoor rated Cat6 cables used in perimeter security systems
To provide resistance to ultraviolet (UV) damage
Which of the following best describes the use of security screening at access points
Checking for prohibited items and verifying identities
Which of the following is least likely to appear on an income statement
Quick ratio
How does using security lighting with a variable intensity feature benefit a facility with fluctuating operational hours like a theater or concert hall
It allows for customization of lighting based on the specific security needs at different times, enhancing both safety and energy efficiency
Which of the following theories suggests that individuals are more likely to commit fraud if they are in environment where unethical behaviour is normalized or accepted
Differential association theory
Which of the following is least likely to be challenge in international investigations
Conducting surveillance in real time
Which of the following is the most critical component of an effective response layer in PPS
The speed with which the threat is neutralized
Which of the following is least probable to be an effective method of setting the value of line items in a budget
Setting arbitrary limits on expenditures
Which of the following has the highest strike time, making it less suitable for emergency lighting applications
Metal Halide Lamp
Which type of glass provides the highest resistance to penetration but shatters into small blunt fragments upon impact
Tempered glass
What is the key advantage of using proximity cards in access control systems
Non contact and quick authentication process
Which of the following legal risks is associated with sting operations
The suspect could claim entrapment in court
The suspect could destroy key evidence before prosecution
Investigators may in advertently break local laws
How do environmental considerations affect the selection of security lighting for a wildlife preserve area, where light pollution must be minimized to protect animal habitats
Implementing fully shielded fixtures to direct light downwards and prevent spill into the habitat areas
What is a key disadvantage of using a laser sensor in outdoor perimeter detection
Susceptibility to environmental interference such as rain and fog
How do monostatic infrared sensors compensate for signal degradation caused by environmental factors such as rain or fog
By automatically adjusting the sensors detection threshold
The management principle that suggests one supervisor can effectively control a limited number of people is
Span of control
In an internal investigation which of the following actions could be considered an ethical violation by the investigator
Sharing confidential information with unauthorized individuals
Failing to disclose conflicts of interest
Leading the witness to a particular conclusion
Which of the following is not a characteristic of a thermal imaging sensor
Limited to detecting movement in daylight
How does a lower probability of interruption (Pi) affect an adversary’s timeline in a security breach
It increases the time adversary has to complete their actions
Which of the following is not a benefit of personnel security programs
Increasing operational costs
Which of the following scenarios would most likely reduce the Probability of detection (Pd)
Increasing detection system accuracy but reducing the number of personnel
Which of the following is a critical weakness of using suggestive evidence in court
It is often dismissed as circumstantial
In a logistics warehouse why are inductance based sensors critical for securing loading docks
They can detect unauthorized removal of metal based goods by monitoring changes in the magnetic field
Which of the following is a critical weakness of relying solely on financial records in drug investigations
Financial records do not provide evidence for the physical transaction
Which of the following combinations would reduce overall risk in a high criticality system
Delayed detection systems but immediate response capabilities
Which of the following best describes the concept of separation of duties
Ensuring multiple people are involved in critical tasks
Which of the following is not a common method for verifying the authenticity of a digital signature
Encrypting the signed document
Which type of lock mechanism would be most suitable for a facility requiring high levels of resistance to both physical and electronic attacks
Dual control lock
Why are wielded wire mesh fences often preferred over chain link fences in correctional facility perimeters
They offer higher resistance to cutting and climbing
Which of the following is a weakness of qualitative risk analysis when compared to quantitative methods
It does not account for the financial impact of a risk
Which of the following is most likely to improve a company’s current ratio
Paying off current liabilities
Which of the following weaknesses is most commonly associated with suggestive evidence in court
Suggestive evidence is often used without corroborating physical evidence
Why would a security system in a high traffic public area, like a shopping mall, benefit from integrating volumetric sensors into its surveillance system
Volumetric sensors are particularly effective in detecting abnormal behaviours such as running or sudden movements which might indicate a security event
When conducting mobile surveillance why is the use of multiple vehicles an advantage
It reduces the likelihood of the target detecting surveillance
When providing executive protection why is it essential to regularly rotate security personnel
To reduce the chance of security fatigue and complacency
Which type of sensor would be least effective in detecting intrusions in an area to prone to frequent thunderstorm
Infrared beam sensor
What is the primary function of a security badge system
To control access to secure areas
How does lighting color temperature influence the effectiveness of security equipped with night vision capabilities
Warmer color temperatures enhance night vision capabilities by increasing contrast
What advantages doe the integration of bistatic sensors offer for the detection of UAVs (Unmanned Aerial Vehicles) near critical infrastructure
Bistatic sensors can cover a larger airspace volume and provide more accurate altitude data than monostatic sensors
Which of the following techniques is least likely to be effective in obtaining a confession during a REID interrogation
Asking the suspect to provide their version of events freely
In a sting operation which tactic is most relevant for ensuring the operations success
Recording all conversations between the suspect and the undercover officer
How does DMT differ from other hallucinogens like LSD or psilocybin in forensic investigations
DMT has a much shorter distance of effect, complicating detection in toxicology reports
Which technique is most effective for interviewing witness
Establishing rapport
What is the biggest challenge in conducting personnel risk assessments for employees in remote work environment
Remote employees may have access to sensitive information without direct supervision
Why are fiber optic cables preferred over coaxial cables in high security environments
Fiber optic cables offer higher bandwidth for video surveillance systems
Which lock type is more resistant to covert manipulation techniques, including picking and bumping
Disc detainer lock
What is the primary advantage of using biometric technologies in security systems
High accuracy
Which of the following is most relevant category of evidence in a drug trafficking case involving multiple suspects
Physical evidence such as drugs
In a high risk facility what is the primary advantage of using iris scanning technology for access control over fingerprint scanning
Iris scans are less suspectable to physical wear and environmental factors
Which of the following best describes the purpose of using a controlled buy in a long term investigation
To build a case over time by repeatedly purchasing illegal goods
What is the key consideration when selecting lighting for security purposes in environments where color identification is crucial such as parking lots or warehouses
The highest possible color rendering index to ensure accurate color perception
In an outdoor security system, what is the main drawback of using Cat5e cables compared to fiber optic cables
Cat5e cables have a lower transmission speed over long distances
How do passive sensors differ from active sensors in their method of detecting intrusions
Passive sensors monitor disturbances in the environment without emitting energy, relying on changes caused by intruders
How does the probability of neutralization (Pn) directly affect the probability of success (Ps) in an adversary sequence
A higher Pn decreases Ps reducing the likelihood of adversary success
What is the main objective of ESRM
Identifying and managing security risks
Which of the following best describes the operation of a mono static radar sensor
Transmitter and receiver are located at the same site
Which of the following is not the benefit of using a dual technology sensor in a physical security system
Reduced installation complexity
Which of the following best describes the purpose of ROI (Return on investment) analysis when assessing physical security systems such as locks and vault
ROI analysis measures the financial benefit derived from investing in physical security relative to the cost
Which of the following is the key principle of perimeter security
Deterrence
Which of the following is least likely to be considered when developing a security program for a global organization
The organizations leadership structure
Which of the following factors would most likely reduce the probability of detection in a high criticality system
Low detection system sensitivity and delayed response protocols
What is the primary purpose of using write blocking technology in digital forensic investigations
To main the integrity of the original data
Which of the following cognitive techniques is least likely to be used in high pressure interview setting
Free recall of the events without interruptions
Which of the following strategies is least effective in reducing the vulnerability of an asset in a high risk environment
Increasing asset redundancy
During a sting operation, what is the primary goal of the decoy
To trick the suspect into committing a crime
What is the role of human resources in personnel security
Conducting background checks
Enforcing security policies
Training employees on security procedures
The term due diligence refers to
The effort made by an ordinarily prudent person to prevent harm to another
In the context of fraud detection which financial ratio is most useful for identifying discrepancies in reported revenues
Gross Profit Margin
Which of the following is most likely to compromise the integrity of an encrypted file system
Storing encryption keys on the same device as the encrypted data
Which factor most directly influences the likelihood of a threat exploiting a vulnerability
The alignment between the threats capabilities and the the assets weaknesses
Which of the following is least likely to be considered an effective fraud prevention strategy addressing all three components of Cressey’s Fraud Triangle
Hiring external fraud investigators to monitor employees financial transactions
What is the role of REID technique during the interrogation process
It is used to psychologically coerce confessions from suspects by using a confrontational approach
Which of the following is most likely to pose a challenge when coordinating with external partners during a crisis
Lack of shared communication channels
What is the most significant risk of relying solely on video surveillance in a physical security investigation
It provides only a partial understanding of the suspects activities
Which of the following ratios is least likely to provide insight into a company’s liquidity
Return on equity (ROE)
In a threat assessment which factor would most likely reduce the Probability of loss (Pl)
Strong recovery protocols and low vulnerability
Which of the following types of sensors is typically used to monitor the presence of people within a specific area based on heat signatures
PIR sensor
What is the purpose of security clearance
To grant access to classified information
To assess a persons trustworthiness and loyalty
To determine if a person is eligible for certain positions
Which of the following would most likely enhance the delay function in a physical protection system (PPS)
Adding additional reinforced barriers between the perimeter and the asset
Which of the following is not a benefit of personnel security programs
Increasing operational costs
Which of the following factors is most critical when determining the recovery point objective (RPO) in a disaster recovery plan
The criticality of data being recovered
What is the primary function of an investigative audit
Verifying the accuracy of financial frauds
Which of the following factors is most critical when selecting KPIs for a security program
Alignment with organizational risk tolerance
Which management principle emphasizes the need for each employee to receive orders from only one supervisor
Unity of command
Which of the following is not a factor considered in personnel security
Criminal history
Financial stability
Education background
Why might a security manager opt to integrate terrain following sensors into the security drone systems used for monitoring large agricultural properties
To optimize the flight path for energy efficiency by maintaining a consistent altitude over uneven terrain
What is the purpose a termination process in personnel security
To ensure the return of all company property
To revoke access to sensitive information and systems
To conduct an exit interview with the employee
Which type of evidence is most likely to be classified as indicative rather than conclusive
Financial discrepancies
Which of the following best describes an escalation of privilege attack
A user acquiring more permissions than initially assigned
In the context of laminated glass, how does the interlayer material affect the glass’s performance during ballistic impact
It dissipates the kinetic energy of projectiles, reducing penetration
Which lighting feature is essential in high security areas such as military bases, where rapid response to incidents is critical
Instantaneous strike times to ensure no delays in case of emergency
In the buy bust operations what is the typical sequence of events
An undercover agent buys drugs from a dealer and immediately arrest the dealer
Which of the following is least probable to be an effective method of setting the value of line items in a budget
Setting arbitrary limits on expenditures
What factor is least likely to reduce the probability of interruption (Pi)
Increased detection system accuracy
Which of the following is most likely to provide justification for actions taken during a crisis response
Detailed records of threat evaluation deliberations
What is the primary disadvantage of using mechanical locks in high security environments
Susceptibility to picking and bumping
Which statement about the relationship between threat, hazard and risk is most accurate
Hazards can exist independently or risk, but threats cannot
Which type of light would be most appropriate for a security setting where rapid identification of individuals is necessary such as at a bank entrance
LED lamps
Which type of vault construction material offers the highest level of fire resistance
Reinforced concrete
In CPTED which of the following strategies best represents the principle of maintenance
Keeping fences and barriers in good repair
What role does a microwave sensor play in perimeter security systems and why is it preferred in high security systems
It is less prone to false alarms from small animals and environmental factors due to it operational frequency
Which of the following is least likely to affect the ROI (Return of investment) of an advanced physical security system designed for a financial institution
The speed of the restrike time for the security lighting system
How does the presence of multi luminate polycarbonate layers in bullet resistant glass effect its overall performance in security applications
It provides additional flexibility allowing the glass to absorb more kinetic energy from projectiles
Which of the following is least likely to be considered evidence under strict chain of custody guidelines
A report handwritten by the investigator during the incident
In the context of fault tree analysis which of the following represents an intermediate event
An event that results from one or more basic events
In Herzberg’s Motivation Theory which of the following is considered a hygiene factor rather than a motivator
Job security
Which feature is essential for high security doors
Reinforced construction
How might an organization reduce the potential for workplace violence during high stress company events, such as layoffs
By providing access to mental health resources and counselling
What is the purpose of personnel security
To protect classified information
To ensure employee satisfaction
To maintain a safe work environment
Which of the following is least likely to be impacted by the strike time of a high intensity discharge (HID) lamp in a security lighting system
The overall energy consumption of the lighting system
What is the most common method used by bypass poorly installed vault doors
Penetration through the floor
What is the typical restrike time for a high pressure sodium lamp after a momentary power interruption
3-4 minutes
Which lamp type is best known for its high color rendering index (CRI) making it ideal for indoor applications requiring accurate color distinction
LED
Which of the following is most likely to invalidate the results of a polygraph test
The use of countermeasures by the suspect
In criminal investigations involving organized crime, why is it crucial to use asset forfeiture as a tactic
To disrupt the financial operations of the criminal organization
Which of the following statements is not true regarding narcotics
They tend to intensify vision and increase alertness
Which of the following is least relevant when selecting key metrics to evaluate the performance of a security program
The number of incidents reported
Which of the following is most probable to be considered a violation of privacy laws in a workplace investigation
Collecting personal email information from a company email server
In CPTED which of the following is most likely to deter potential intruders by influencing their behaviour
Clear lines of sight
Which of the following is least probable to be direct outcome of increasing surveillance systems
Improved perimeter protection against cyber threats
Which of the following is least likely to affect the ROI (Return on investment) of an advanced physical security system designed for a financial institution
The speed of the restrike time for the security lighting system
What is the most significant vulnerability of a safe with a mechanical combination lock
Susceptibility to manipulation
Which of the following is least probable to improve the deter function in a security system
Adding covert detection systems
What is the most effective counter measure to avoid being tracked via digital surveillance tools
Avoiding interaction with digital networks entirely
Which of the following is true of Herzberg’s two factor theory
Hygiene factors prevent dissatisfaction but do not increase satisfaction
Which of the following is most likely to reduce the strike time of metal halide lamps in a high security perimeter lighting system
Installing pulse start ballasts for more efficient ignition
Which type of evidence is least reliable when investigating a hostile witness
Character evidence
How can investigators use call detail records (CDRs) during a criminal investigation
To track the location and time of suspect’s phone activity
Security barrier purpose
Obstruct Access
Deterrent
In budgeting, what is the primary benefit of zero based budgeting (ZBB)
ZBB requires that all expenses be justified for each new period, helping organizations eliminate waste and focus on strategic priorities
Which of the following is least probable to be part of an effective deterrent strategy
Covertly monitoring employees activities
Which of the following is the primary goal of a business impact analysis (BIA) in business continuity plan (BCP)
Evaluating the financial impact of potential distruptions
Which of the following best describes the primary item of expense in an investigations budget
Communications
Which of the following is the primary weakness of using an event tree analysis in risk assessments
It only considers a linear progression of events
Which factor most influences the fire rating of a high security safe
Type of insulation material
Which sensor type would be least effective in detecting intruders in a heavily wooded areas
Microwave Sensor
Which of the following is most likely to provide justification for actions taken during a crisis response
Detailed records of threat evaluation deliberations
How can integrating alarm systems with access control improve over all security
By triggering an automatic lockdown when unauthorized access attempts are detected
What is the main function of a perimeter intrusion detection system (PIDS)
To detect and alert security personnel to breaches the perimeter
In the context of vulnerability assessment what is the main purpose of identifying an assets criticality
To evaluate the impact on operations if the asset is compromised
Which of the following is not a common method of ensuring confidentiality
Data replication
What is the purpose of pre employment screening process in personnel security
To determine an individuals potential for misconduct
In CPTED what is the primary goal of access control
To reduce criminal behaviour by influencing movement patterns
Which of the following factors is least likely to reduce risk in a high threat, low impact situation
Increasing the assets value
Which of the following is most relevant when determining the effectiveness of a physical protection system
Probability of detection (Pd)
Which of the following is a key challenge in the implementation of wireless security systems
Signal interference and reliability
Which of the following is most likely to affect the credibility of an investigative report
Accuracy of the details provided
Which of the following is least likely to be considered in calculating a company’s quick ratio
Inventory of raw materials waiting to be used in production
Which of the following techniques is most suitable for evaluating the effectiveness of existing deterrence measures
Qualitative risk analysis
Why might a security team in a high end retail environment prefer capacitance based sensors over traditional surveillance cameras
Capacitance sensors can detect even the slightest touch or proximity useful for high value items that should not be handled
Which of the following factors is most critical for ensuring the effectiveness of a risk mitigation strategy
Alignment with organization risk tolerance
What is the most significant disadvantage of using a time lock system on a high security safe
Reduced access during emergencies
Which of the following is not a step in the personnel security process
Social media monitoring
Which of the following types of witness is least likely to cooperate during an investigation
Hostile witness
Which of the following is not a common method of ensuring data confidentiality
Data replication
Which of the following is least likely to be an advantage of using electronic locks over traditional mechanical locks in physical security applications
The higher level of physical durability and resistance to forced entry
Which combination of factors is most likely to improve employee satisfaction, according to Herzberg’s theory
Improved working conditions and career advancement
According to Herzberg’s two factor theory which of the following is a motivator rather than a hygiene factor
Achievement
Which of the following is most likely to be used as a method to prevent unauthorized data recovery from sanitized electronic media
Degaussing using strong magnetic fields
Which of the following is least likely to be long term consequence of failing to integrate ESRM with overall business strategy
Increased collaboration between security teams and business units
Which type of lamp has a restrike time longer than 10 minutes after power failure
Metal halide lamp
Which of the following is an advantage of time locking mechanisms on safes in high security environments
Prevents access during non programmed hours
Which of the following is not considered on one of the five main ways to classify exterior intrusion sensors
High sensitivity and low sensitivity
In a large decentralized organization which factor presents the greatest challenge to standardizing crisis management protocols across multiple locations
Cultural differences influencing risk perception
Which of the following is most likely to be a challenge in managing both digital and physical security risks under the ESRM framework
Establishing a consistent risk rating methodology for both digital and physical assets
Which of the following factor is most critical when determining asset vulnerability in a risk management framework
The effectiveness of existing security measures
In a fraud investigation which of the following is not a common type of documentary evidence
Eyewitness testimony
Which of the following is most likely to be protected by a design patent
The ornamental design of a product
Which of the following is most likely to be key element in ISO 27002 guidance for information security policies
A statement of management intent and objectives
In laminated glass, how does the thickness of the interlayer affect its ballistic resistance properties
Thicker interlayers improve the glass’s ability to disperse kinetic energy from bullets
Which design feature in a vault door enhances resistance to crowbar attacks
Recessed door
Which of the following is least likely to increase motivation according to Maslow’s hierarchy
Higher pay
In the context of the PEACE model what does the account phase entail
Allowing the suspect to tell their story uninterrupted
What considerations should be made when installing security lighting in areas with high pedestrian traffic, such as city squares or public parks
Lighting should be sufficient to ensure visibility but designed to minimized glare and light spillage to avoid discomfort to pedestrians
When monitoring communications during an investigation, how might investigators detect counter surveillance tactics
Frequent changes in communication devices or platforms
Which material is most commonly used to reinforce vault doors to prevent drilling attacks
Boron carbide
In the context of the PEACE model, what does account refer to
Allowing the suspect to tell their story uninterrupted
What is the main criticism of using narco analysis as an investigative tool
Results are often inconsistent and unreliable
It is not recognized as a legal technique in most countries
Which type of cable is most vulnerable to eavesdropping in high security environments
Coaxial
Which factor is least likely to reduce an assets overall risk
Improving recovery protocols but delaying detection systems
Which safe design is most resistant to prying attacks
Safe with recessed doors
Which of the following management concepts deals with the number of subordinates directly reporting to a supervisor
Span of control
Which type of lock typically requires the least maintenance in outdoor environments
Mechanical combination lock
Which of the following best describes the process of deductive risk assessment
Determining potential consequences of a failure and tracking back to root causes
How might adversaries exploit weakness in multi tenant building security to gain unauthorized access
By using social engineering techniques to gain access through shared entrances
How can failure to property train staff for crisis scenarios undermine a well developed continuity plan
Employees may fail to execute their roles effectively leading to confusion
It increases the potential for human error in communication
Which of the following is most likely to be considered a critical factor in determining whether an asset is classified as tangible or intangible in accounting
Whether the asset can be physically touched or measured
What is the key advantage of a combination lock in high security vaults
It does not required electricity to function
Which of the following is an example of physical deterrent in security systems
Warning signs
The detect function in a PPS is least effective when
The detection system fails to trigger alarms in real time
Which metric best describes the Probability of Interruption (Pi) in and adversary sequence diagram
The chance that security forces will interrupt an adversarys action before harm
Which of the following management theories emphasizes the importance of intrinsic rewards in motivating employees
Herzberg’s two factor theory
Which of the following is a strength of using undercover officers in sting operations
They provide direct access to suspects criminal activities
Which of the following is not a typical indicator of fraudulent activity in financial statements
Regular audit adjustments
Which of the following best reflects the principle of opportunity within Cressey’s fraud triangle when investigating a case involving embezzlement
The suspect had access to financial systems due to a lack of oversight
What is the main risk associated with the use of sting operations in narcotics investigations
They may involve entrapment leading to dismissed cases
Which of the following is not a common method for risk mitigation in ESRM
Conducting financial audits
Which of the following best describes the concept of a honeypot in cybersecurity
A decoy system used to attract and monitor attackers
What is the key outcome of identifying a threat vector in security planning
It highlights potential pathways through which vulnerabilities could be exploited increasing risk
Which of the following factors is most likely to undermine the credibility of a paid informant in a sting operation
The informant is paid for their testimony
Which of the following is not a benefit of using thermal imaging cameras for perimeter security
Lower cost compared to visible light cameras
Which of the following best explains the relationship between vulnerability and criticality in security risk analysis
Criticality determines the priority of mitigating vulnerabilities
What combination of factors would result in the highest overall risk score in a critical infrastructure system
Delayed detection systems and weak recovery protocols
What is the purpose of personnel security
To protect classified information
To ensure the integrity of the organization
To prevent unauthorized access
Which CPTED principle focuses on increasing community involvement to prevent crime
Territorial reinforcement
What is the main disadvantage of using symmetric encryption
Complexity of key management
Which of the following is not one of the five IS infrastructure management countermeasures
Encryption of all data at rest
Which of the following is least likely to complicate the recovery phase of crisis management
Lack of media involvement in post crisis reporting
Which of the following best describes a baghead operation in drug related investigations
Interviewing a suspect while concealing their identity to avoid retaliation
Which of the following is not typically factored into the calculation of Net Operating Profit (NOP)
Interest payments on debt
Which of the following statements is not accurate in the context of criticality in security risk assessments
Criticality is directly related to the likelihood of a threat
Which of the following is most likely to be considered the main application of bistatic microwave sensors in exterior protection
Detecting human beings crawling or rolling on the ground
In inductive risk assessments, the focus is on
Broadly assessing potential outcomes based on specific observed data
Which of the following is not typically in a forensic report
Interviewee list
Which of the following is most likely to pose a challenge in patch management for IS infrastructure
The use of outdated legacy systems in the network
Which of the following is not a benefit of using access control systems
Reducing security costs
In the context of security sensors what is a false alarm
An alarm triggered without any actual threat or intrusion
What is the typical restrike time for a metal halide lamp in security lighting applications
5-10 minutes
What is the primary purpose of a sting operation
Evidence gathering
In a fault tree analysis which of the following best represents a basic event
An event with no further explanation required
Which of the following is most likely to result in a successful buy bust operation
Ensuring the suspect is unaware of the undercover officers identity
Which of the following is not a factor in calculating Net Operating Profit (NOP)
Financing costs
Which of the following factors would decrease the probability of success (PoS) for an adversary targeting high criticality assets
Delayed detection systems but immediate response protocols
Why is single mode fiber optic cable typically used in perimeter security systems requiring long distance coverage
Its offers better signal integrity over long distances
What makes active infrared sensors ideal for boundary protection in rural estates
They can create a invisible fence that when broken by wildlife or humans, triggers and alert
Which of the following factors is least relevant when conducting a cost benefit analysis for security investigation
Increased operational efficiency
Which of the following is not a typical characteristic of a forensic investigation report
Subjectivity
Which sensor type is most effective at detecting slow, deliberate movements in a confined indoor space
PIR sensor
Which of the following is most likely to undermine the credibility of an eyewitness
The eyewitness experienced memory distortion due to high stress
Which combination of factors most directly impacts the Probability of neutralization (Pn) in a layered security system
Adversarys skill level and the time delay
Which of the following is least likely to be trigger for the pressure component in an employee committing fraud
Opportunity presented by weak internal controls
What is the principal benefit of using active infrared sensors for an art gallery’s security system
They ensure continuous monitoring even in total darkness without relying on external light sources
In security risk management which of the following can decrease risk without reducing threat levelss
Implementing more robust physical barriers
Reducing asset exposure by limiting accessibility
How might background investigators verify the legitimacy of a candidates self employment history
By contacting clients or partners listed by the candidate as references
Which of the following environmental factors is most likely to cause interference in a PIR sensors detection capability
Rapid temperature fluctuations
Which sensor technology would be most appropriate for detecting an unauthorized vehicle entering a restricted area
Inductive loop sensor
What is the key purpose of physical surveillance in an investigation
To monitor a suspects activities without their knowledge
In the CARVER method which factor determines how easily an adversary can identify a target
Recognizability
Which of the following is least relevant when analyzing witness credibility in a drug trafficking case
The witness’s criminal history
What is the primary role of a continuity plan in BCMS
Ensuring business operations during disruptions
Enhancing financial performance
Which of the following is least probable to be an effective method of setting the value of line items in a budget
Setting arbitrary limits on expenditures
Which of the following investigative methods is most likely to be used in a covert investigation of internal theft
Undercover operation
Which of the following would not likely reduce an assets vulnerability
Decreasing the assets criticality
How might adversaries exploit from lighting deficiencies around a facility
By using shadows to avoid detection and conceal movement
In risk assessment which factor is most critical when evaluating a hazard
Its potential impact
Which of the following is not considered in the calculation of Earnings before Interest, Taxes, Depreciation and Amortization (EBITDA)
Tax obligations
Which of the following is the best approach for determining the delay time needed in a PPS
The combined time of detection, communication and response
Which of the following is a primary weakness of using physical evidence such as seized drugs in a court case
It may be mishandled leading to contamination
What is the main reason high pressure sodium lamps are often preferred for outdoor security lighting despite their low CRI
Long lifespan
Which of the following is an example of current asset
Accounts receivable
Which combination of factors is most likely to increase overall risk
High threat likelihood and high vulnerability
Which sensor technology is most likely to experience false alarms caused by moving tree branches
PIR Sensor
Which of the following sensor would be most vulnerable to interference from heavy rain or snow
Infrared beam sensor
Which of the following best describes the impact of the quick ratio on a company’s financial strategy
A higher quick ratio indicates better short term liquidity which may allow the company to take on more short term debt
Which type of sensor would be most effective in detecting underwater movements
Ultrasonic sensor
Which of the following is least likely to be a factor in determining the serverity of a crisis
The number of personnel involved in the response
Which of the following types of safes is typically used to protect high value asset in retail environments
Cash drop safe
What is the average lifespan of a low pressure sodium lamp
24000 Hours
Which of the following is most likely to increase the Return on investment (ROI) for a security project
Decreasing operating costs without impacting security performance
Which of the following is least probable to occur during an insider threat incident
Complete destruction of physical infrastructure
What is the main purpose of a sting operation
To gather evidence
To deter future crimes
Which combination of factors would most likely lead to employee motivation according to Herzberg
Recognition and opportunities for growth
How can forensic linguistics assist in the analysis of written or spoken evidence
By comparing communication patterns to known suspects
What is the main difference between the PEACE model and the REID technique
PEACE focus on fact finding while REID focuses on eliciting confessions
REID involves direct accusation while PEACE avoids them
PEACE is more appropriate for witness interviews while REID is designed for suspects
Which of the following best describes the purpose of a forensic analysis
Analyzing evidence in a laboratory setting
Which of the following is most likely to be considered a violation of investigative ethics
Coercing a suspect into confessing by threatening legal action
Which of the following is most likely to invalidate surveillance footage presented in court
The footage contains gaps where the camera lost power
What is the purpose of conducting background checks in personnel security
To identify potential risk or threats
Which of the following is least likely to be a challenge in aligning ESRM with an organizations cybersecurity strategy
Adopting the latest cybersecurity technologies without integrating them with existing systems
Which lamp type has a warm up period that may require 10 minutes before full brightness is achieved
Low pressure sodium
Which of the following sensors is least likely to be affected by high winds
Seismic sensor
What is the primary purpose of a security clearance
To grant access to classified information
Which combination of factors is most likely to improve employee satisfaction according to Herzberg’s two factor theory
Recognition and opportunities for personal growth
In what scenario would a volumetric sensor provide a security advantage over line detection sensors
When monitoring, large, open spaces where intrusions can occur from multiple directions
Which type of sensor would be most effective in detecting the movement of metallic objectives such as vehicles over a defined areas
Magnetic loop sensor
What is the key difference between adversary interruption and neutralization and neutralization in security planning
Interruption refers to detection, while neutralization refers to stopping the adversary
What is the most significant challenge in using smart locks as part of a facilities access control strategy
Smart locks can be susceptible to hacking or signal jamming, compromising access control
Which of the following is most likely to increase the likelihood of fraud occurring in an organization, according to the Fraud Triangle
Weak organization culture and lack of ethical leadership
Which of the following is most likely to provide justification for actions taken during a crisis response
Detailed records of threat evaluation deliberations
Which of the following types of sensors is typically used to detect large, moving metallic objects like vehicles
Inductive loop sensor
Which factor most directly influences the Probability of Interruption (Pi) in a security system
The response time of security personnel after detection
What is a controlled hire in corporate investigations
An undercover employee hired to investigate corporate fraud while remaining covert
Which factor most influences an assets criticality in risk management
The assets contribution to key operations processes
Which of the following is the most significant indicator of a potential workplace violence threat
An employee who isolates themselves and displays sudden changes in behaviour
Which sensor type uses ultrasonic sound waves to detect movement or intrusion
Ultrasonic sensor
How does the installation of razor wire as part of a double barrier perimeter system improve its security
Razor wire is installed between the two barriers, creating a no mans land
Walls, Ceilings, and floors of vaults should never be less than ____ inches thick
10
What is the primary purpose of a chain of custody in an investigation
To document the timeline of the investigation
To ensure evidence integrity
Which of the following is an advantage of microwave sensors over PIR sensors
Fewer false alarms in temperature sensitive environments
Which of the following is not commonly used method for determining the effectiveness of a PPS
Calculating the return on investment (ROI) for security measures
In Herzberg’s motivation hygiene theory, which of the following factors is least likely to result in job dissatisfaction if absent
Personal growth
What is the key advantage of a digital lock over a traditional mechanical lock in vault applications
It requires no physical keys
Which type of witness is least likely to provide reliable information in a high stress situation such as a robbery
Eyewitness
Which investigative technique is most likely to identify previously undetected financial transaction in a fraud cause
Forensic accounting
Which of the following best describes the term volatility in the CARVER method
The likelihood of an assets value fluctuating
Which of the following is least likely to be a challenge in aligning ESRM with an organizations cyberssecurity strategy
Adopting the latest cybersecurity technologies without integrating them with existing systems
What is the primary function of strike times in relation to vault door systems in high security installations
Strike times indicate the resistance of a vault door to multiple forced entry attempts
Which of the following best describes the concept of data at rest
Data currently stores in databases or file systems
What three critical questions should a risk assessment aim to answer
What can go wrong? What is the likelihood it could go wrong? What are the consequences?
Which standard is most commonly used to rate the strength and security of padlocks
BS EN 1303
Which of the following is not a method of employee monitoring
Job performance reviews
Which of the following is the most conclusive type of evidence when proving intent in a drug trafficing case
Financial records
Which of the following is not a principle of Balanced Protection
Ensuring equal levels of protection for all assets
Which of the following is most likely to provide justification for actions taken during a crisis response
Detailed records of threat evaluation deliberations
Which of the following legal defences is most commonly used in response to cold hire investigations
Entrapment
Which of the following is an example of mechanical access control
Deadbolt lock
How do bistatic sensors enhance the security of a large perimeter such as an industrial complex
By allowing for the placement of transmitters and receivers at strategic points, increasing the detection zone
Which type of lock is most commonly used for securing access to vaults in high value facilities, combining ease of use with high security
Electronic combination lock
What is the main challenge when analyzing audio recordings in a noisy environment during an investigation
Audio enhancement software may be unable to filter background noise effectively
Which of the following is least likely to improve the response function in a PPS
Installing advanced intrusion detection systems
Which of the following is most likely to hinder ESRMs effectiveness in a rapidly evolving threat landscape
Lack of flexible risk management processes
Which of the following is most likely to result in the invalidation of a trademark
The trademark is not used in commerce for an extended period
________ is a thorough physical examination of a facility and its systems and procedures conducted to assess the current level of security, locate deficiencies, and gauge the degree of protection required
Security survey
Which of the following security measures is most effective for protecting high value physical assets in a corporate environment
Access control using biometric identification
Which of the following is not a common personnel security control measure
None of the above
(Background checks, Security clearances, Physical access controls)
In narcotics investigations what make methamphetamine labs particularly hazardous
Meth labs often use volatile chemicals that can cause explosions, making them dangerous to approach
Which of the following would most likely reduce the effectiveness of a fault tree analysis
Incorrectly identifying the root cause of analysis
Which of the following is least likely to influence the ROI of a physical security system involving biometric locks
The number of manual override mechanisms for the lock system
Which of the following is least probable to cause nuisance alarms for bistatic microwave sensors
Temperature changes between day and night
Which of the following types of evidence is least likely to be used to prove intent in a criminal investigation
Testimony from an expert witness
Which sensor would be the most appropriate for monitoring activity inside a highly restricted vault
Seismic sensor
In which environment would PIR sensor be least effective
Environments with rapidly changing temperatures
Which of the following is not a potential threat to personnel security
Social engineering
Insider Threats
Physical Security Breaches
How does the adversary sequence diagram help in determining the effectiveness of security response measures
By visualizing potential adversary actions and response timings
Which of the following is least likely to be a critical element in crisis management raining exercises
Updating crisis management plans in real time
What is the primary purpose of a locks cam mechanism
To retract the bolt
What challenge must be considered when deploying microwave sensors in an urban environment
The potential for the microwave signals to interfere with local Wi-Fi networks
Which of the following is not a common financial ratio used to assess a company’s profitability
Quick Ratio
Which of the following is not a benefit of biometric authentication
Low Cost
______ is used to compare the desirable of different ways of spending
Return on investment
Which of the following scenarios represents a deductive approach in a risk assessment
Starting with specific event and tracking all possible outcomes
What is the most significant challenge of using unmanned aerial vehicles (UAVs) for physical security in large facilities
UAVs have limited battery life, reducing their effectiveness for continuous surveillance
In disaster recovery what is the key purpose of the recovery point objective (RPO)
To define the acceptable amount of data loss in terms of time
Which of the following is most likely to be a challenge in executing a business continuity plan (BCP)
Gaps in employee crisis training
What is the purpose of a personnel security risk assessment
To identify vulnerabilities and threats
Which of the following lamps is best suited for environments requiring high intensity, uniform light distribution
Metal Halide
In the formula Risk = Cube root of (Threat x Vulnerability x Impact), which factor can be reduced to have the greatest effect on overall risk
Vulnerability
How does beam divergence in laser sensors affect the accuracy of long range perimeter security systems
Greater divergence increase detection range but reduces precision
Which type of sensor is most effective at detecting an intruder who remains stationary for an extened period
Ultrasonic sensor
What is the primary advantage of using microwave sensors in perimeter security
Less affected by weather conditions
Which of the following sources of information is not typically considered part of the investigative process
A record
A custodian of record
A public official
Which of the following is not a liability
Accounts payable
In a museum setting, how does the use of inductance based sensors complement the security provided by CCTV cameras
Inductance sensors can detect unauthorized removal of metallic artifacts, which may not be visible on camera
Which of the following characteristics is most important in ensuring that a vaults locking mechanism is resistant to tampering
UL 768 compliance
Which of the following is not a recommended feature for effective lighting in perimeter security
Motion sensor activated lighting to minimize operational units
How might an intrusion detection system (IDS) be circumvented in a high security facility
By exploiting areas where sensors have not been installed
Which lock mechanism is least susceptible to impressioning techniques
Disc Detainer lock
When conducting pre employment background checks , the most important information collecting tool is
The interview
Which type of sensor is most effective in detecting intruders in complete darkness
Thermal imaging sensor
Which of the following is not a factor considered in personnel security
None of the above
(Criminal history, Financial stability, Educational background)
Which of the following combinations would increase the likelihood of a successful attack on critical infrastructure
Strong detection capabilities but slow response times
What is the primary purpose of installing anti pass back systems in access control
To prevent employees from sharing their access cards
In physical security design why is it important to conduct a threat analysis specific to the facilitiys industry
Different industries face unique risks and require tailored security measures
Which of the following is most likely to improve the overall detection capability of a physical protection system (PPS)
Installing additional intrusion detection sensors in vulnerable areas
Which of the following factors is most likely to increase the overall threat landscape in an organization
Reducing the number of physical barriers around assets
Which of the following is not considered an advantage of using inductive risk analysis methods
They allow for a detailed assessment of asset vulnerabilities
Which of the following investigative resources is most likely to provide information on regulations of common carriers interstate commerce or railroad accidents
Interstate commerce commission
Which of the following is most likely to be classified as intellectual property under US Law
A software program developed by a company for internal use
Which lamp is known for having poor performance in cold temperatures, making it unsuitable for outdoor security lighting in cold climates
Compressed fluorescent
Which of the following is least likely to be considered conclusive evidence in an embezzlement case
Eyewitness testimony from coworkers
Which of the following components of the REID technique might increase the risk of false confessions
Offering the suspect a moral justification
Presenting false evidence
Which of the following best describes the operation of a thermal imaging sensor
Detects changes in temperature within a defined area
Which of the following is a key component of a security incident response plan
Training employees on communication protocols
What is the primary advantage of using motion activated security lighting in residential areas
It reduces light pollution and energy consumption while maintaining security by illuminating only when needed
In the adversary sequence diagram, what impact does a longer time delay have on the Probability of Success (Ps) of an adversary
It decreases Ps giving security forces more time to neutralize the threat
What is the principal drawback of using keypad lock in high security environments
Susceptibility to wear patterns revealing the code
Which of the following is not a method of digital evidence preservation
Data compression
Which of the following is least likely to be an effective method for handling hostile witnesses
Using confrontational techniques to force answers
Which key component in a pin tumbler prevents the lock from opening without the correct key
Driver pin
Which of the following is a critical consideration when designing a secure access control system for a data center
Reliability and and redundancy of access control mechanisms
How does tempered glass differ from laminated glass in terms of its reaction to impact
Tempered glass breaks into small, blunt fragments, while laminated glass cracks but remains intact
Which of the following is a key principle of information security
Expense
Which of the following sensor types would be most appropriate for detecting vehicles approaching a secured facility
Magnetic sensor
What is the primary goal of a security policy
Defining acceptable use of resources
________ is a set of criteria, guidelines, and best practices that can be used to enhance the quality and reliability of products, services and processes
A standard
Which of the following is a recommended best practice when investigating allegations of workplace misconduct
Document every step of the investigation in detail
In access control systems, which of the following is considered a dual factor authentication method
card reader and fingerprint scan
Which of the following is a key vulnerability of monostatic infrared sensors
Susceptibility to dust and fog interference
Which of the following is most probable to reduce the overall risk exposure for an organization
Developing contingency plan for high risk assets
Which of the following is most likely to be compromised by an advanced persistent threat (APT)
High value targets such as government agencies and financial institutions
Which of the following is least likely to be considered when determining the fair market value of a patent
The cost of acquiring the patent from the original inventor
Which of the following combinations would increase the probability of interruptions (PoI) for an adversary attack on critical infrastructure
Increasing physical barriers and improving detection systems
In a fraud investigation, which tool is most effective for tracing illicit transactions across multiple jurisdictions
Data analytics
In criminal investigations involving organized crime, why is it crucial to use asset forfeiture as a tactic
To disrupt the financial operations of the criminal organization
Which of the following is the most effective method of reducing risk when a high threat asset is involved
Implementing layered physical security
Which of the following is not a benefit of biometric authentication
Low cost
Which type of vault lock is least likely to be affected by mechanical failure
Biometric lock
What is the primary disadvantage of using capacitive sensors in outdoor environments
High sensitivity to moisture
Which business principle involves evaluating the organizations internal and external environments
Strategic management
Which of the following is most likely to lead to a dismissal of evidence collected in an undercover investigation
The undercover agent influencing the suspects actions
Which of the following best describes the operation of an acoustic glass break sensor
Detects specific frequencies associated with breaking glass
Why is it essential to involve both IT and business units in disaster recovery planning
Disaster recovery requires input from IT to address technical issues and from business units to prioritize critical operations for recovery
Which of the following weakness is most likely to arise from using circumstantial evidence in court
Circumstantial evidence is easily refuted by the defense
In physical security assessments why is it important to include employee behaviour as a potential risk factor
Employees may intentionally or unintentionally compromise security protocols
Which of the following is not a typical goal of protection in depth
Ensuring that no vulnerabilities exist within the system
Which of the following is least likely to be an outcome of effective crisis leadership
Removal of crisis management team members
Which of the following is least likely to be an effective protection against escalation of privilege attacks
Encrypting files stored on the network
What is the typical color rendering index (CRI) of a high pressure sodium lamp
20-30
Which of the following best describes the function of a criticality assessment in a security risk model
To prioritize the protection of assets based on their importance to business continuity
Which of the following is most likely to be the first step in a threat evaluation process
Evaluating the credibility of the threat
Which factor is least likely to increase the Probability of detection (Pd)
Reducing detection sensitivity but enhancing response force readiness
Which of the following is least likely to be considered an intangible asset under international financial reporting standards (IFRS)
Inventory held for sale in the ordinary course of business
Which of the following is most likely to increase the delay time in a PPS
Installing reinforced doors and locks at critical entry points
Which of the following is least likely to be used in a secure email transmission protocol
Simple Mail Transfer Protocol (SMTP)
Which of the following is least likely to influence the CRI (Color Rendering Index) of a security lighting system
The ambient temperature in the environment where the lighting is installed
Which of the following is least likely to be useful when assessing the role of opportunity in an employees decision to commit fraud
Investigating the financial pressures experienced by the employee outside of work
What is the primary weakness of physical evidence such as fingerprints in an investigation
Fingerprints alone cannot prove the intent of a suspect
Which of the following is most relevant for determining the credibility of an informant in a narcotics sting operation
The informants previous track record of providing accurate information
What is the primary role of a crisis management team in BCMS
Coordinating emergency response
How might an organization balance the need for physical security with business continuity during a major construction project
By creating alternative access points that maintain security while allowing for operations to continue
Which of the following is a key weakness of relying solely on insurance to manage security risk
It does not prevent the occurrence of risk events
Which of the following is least likely to be considered when assigning occupant roles in an emergency plan
The hierarchy of the organizational structure
Which of the following is not a type of security control
Operational
Which of the following is a key principle of information security
Confidentiality
Which of the following is not a standard component of a forensic investigation
Financial auditing
What is the purpose of a security clearance
To grant access to classified information
To restrict access to sensitive areas
To verify an individuals identity
Which of the following is a key principle of personnel security
Need to know principle
Least privilege principle
Separation of duties principle
In which scenario would physical security rely on active deterrence measures
When the facility depends on visible security to discourage criminal activity
Which of the following are core principles of the PEACE model of investigative interviewing
Planning and preparation
Evaluation of evidence
What is the primary goal of security incident management
Identify security weaknesses
Responding to incidents
Which of the following is least likely to be considered an all hazards approach in crisis management
Focusing exclusively on natural disaster scenarios
Which of the following is not a characteristic of Balanced protection
Every layer of protection is equally effective in preventing threats
Which of the following is most probable to restart after a power outage and take the longest to do so
Metal halide and mercury vapor lamps
Which sensor technology is most effective for detecting sudden impacts on fences or walls
Vibration sensor
Which of the following factors is least relevant to proving the intent in a defalcation case
The suspects past employment history
In a controlled hire what is the main goal of infiltrating the organization
To gather internal documents and evidence
To gain trust and elicit confessions
What is the main advantage of using a monostatic radar sensor over a bistatic sensor in urban environments
More resistant to environmental changes
Which of the following is most likely to complicate the enforcement of a trade secret in a multinational company
The trade secret protection laws vary significantly across different jurisdictions
Which of the following is most probable to result from a failure to conduct regular security audits
Increased risk of undetected vulnerabilities
Which of the following is the most important factor when designing a delay layer in PPS
Extending the time required for an adversary to by pass barriers
How do beam divergence and wavelength affect the performance of laser based perimeter sensors in foggy conditions
Beam divergence and wavelength shifts cause signal attenuation reducing accuracy
What is the primary advantage of using biometric technologies in security systems
High accuracy
Which vault door design is most resistant to both forced entry and fire damage
Composite vault door
Which of the following is not a purpose of personnel security
Ensuring the physical security of facilities
Which of the following is least likely to be classified as an intangible asset on a company’s balance sheet
A leased factory building used for production
Which of the following is least probable to be vulnerability of a loop system in an electronic protection system
The loop can be easily extended to cover additional areas
Which of the following factors is least relevant when conducting a cost benefit analysis for security investments
Increased operational efficiency
How to microwave sensors distinguish between legitimate movement and environmental interference such as blowing leaves or heavy rain
By analyzing the Doppler shift in returned microwave frequencies
Which of the following combinations would most likely increase risk without increasing vulnerability
Increased asset visibility and slow recovery times
Which of the following is not a criterion for evaluating bids for security services
Security personnel training background
Which combination of factors would reduce the likelihood of an adversary successfully exploting vulnerabilities
Increasing access control measures and reducing threat likelihood
What is the most effective way to handle inconsistencies in witness testimony using the PEACE model
Ask open ended questions to clarify discrepancies
Which of the following is not a primary goal of a buy bust operation
Protecting undercover operations
Which of the following is least likely to be a primary goal when responding to chem-bio mail attacks
Protecting assets from potential contamination
Which lamp type is generally the most cost effective for high output ssecurity lighting
LED
Which of the following lock offers the highest protection against lock bumping
High security dimple locks
What is the main disadvantage of a fragmented ESRM approach
Increased coordination complexity
Higher operation costs
Which of the following factors is most relevant when determining the probability of neutralization (Pn) in a security
Response force readiness
Which of the following is not a common method used to detect insider trading
Reviewing employee performance evaluations
Which of the following technologies is most susceptible to environmental conditions like wind and rain
Vibration sensors
Which of the following is primary disadvantage of using barbed wire fencing in highly populated urban areas
Barbed wire can cause injury to unauthorized personnel and wildlife
What is a major drawback of using vibration sensors for perimeter security in areas with high environmental noise
High susceptibility to false alarms
What is the major benefit of using open ended questions during a cognitive interview with a witness
Open ended questions allow the witness to provide detailed, uninterrupted recollections of events
How might adversaries exploit weaknesses in biometric access control systems
By using high quality reproductions of biometric data to gain unauthorized access
What is the primary goal of personnel security
To ensure the safety of employees
How does increasing the probability of interruption (Pi) affect the adversary’s chances of success
It reduces the time an adversary has to act
Why are bistatic microwave sensors preferred over monostatic configurations for security wide area perimeters
They provide improved detection accuracy by separating the transmitter and receiver
Which of the following is least important when conducting a thorough investigation
Ensuring evidence is analyzed within 24 hours
What makes volumetric sensors particularly effective for use in large multi story parking garages
The can detect movements on different levels of the structure, providing comprehensive coverage without the need for sensors on each floor
Which of the following is a common method for mitigating risk
Implementing security controls
Why is annealed glass not recommended for use in high security applications
It shatters into large, sharp pieces upon impact, creating safety hazards
Which of the following is most likely to be considered a major weakness of the Secure Hash Algorithm (SHA) family
Susceptibility to collision attacks
Which of the following features of a vault lock offers the best protection against drilling attacks
Hardened steel plates
In the context of quantitative risk analysis, which of the following formulas is used to calculate Annual Loss Expectancy (ALE)
ALE = Single Loss Expectancy (SLE) x Annual Rate of Occurrence (ARO
Which of the following is an example of a logic bomb
Malware that is triggered by a specific event or date
What is the primary goal of personnel security
To prevent unauthorized access to sensitive information
Which of the following is a key component of a security incident response plan
Training employees on communication protocols
Which of the following factors is most likely to reduce the overall effectiveness of a physical protection system (PPS)
Delayed response times
Which of the following is least likely to be factor when deciding to evacuate or shelter in place during a crisis
The media coverage of the event
Which investigative principle is best supported by timeliness
Efficiency
In a security management plan which of the following best describes the best method for mitigating risk without transferring or avoiding it
Enhancing detection systems
Which of the following is not a benefit of using digital forensics in investigations
Ensuring data privacy
How does the probability of neutralization (Pn) impact the overall responsibility of success (Ps) in an adversary sequence diagram
A high Pn decreases the adversarys probability of success (Ps)
What is the primary goal of personnel security
To prevent unauthorized access to sensitive information
Which of the following is not a typical goal of Protection in depth
Ensuring that no vulnerabilities exist within the system
In security system design, what does the term time delay refer to in an adversary sequence diagram
The period between detection and neutralization of the adversary
Which material is used in high security vault walls to provide enhanced protection against cutting tools
Tungsten carbide
In the context of sting operations what is the term bag head used to describe
An undercover officer used as bait
What is the key advantage of using a magnetic lock of vault security
No moving parts to wear out
How can thermal sensors be compromised in extreme environmental conditions
Extreme temperatures can cause thermal sensors to malfunction or trigger false alarms
What is the most common weakness of fire resistant safes when used for high security burglary protection
Lower resistance to drilling and cutting
Which standard rates the resistance of a safe to attacks by tools, torches and explosives
UL 608
In the context of the adversary path diagram (ASD), which of the following would be considered the most effective delay point
A high fence with surveillance
Which of the following management theories focuses on treating employees as self motivated individuals who thrive on responsiblity
McGregor’s Theory Y
Which of the following factors is most relevant when determining asset vulnerability in a critical infrastructure system
The proximity of the asset to potential threats
In CPTED which of the following strategies best represents the principle of natural access control
Limiting points of entry
Which type of evidence is most vulnerable to tampering during a hire profile corporate investigation
Digital evidence
Which of the following is least likely to be recommended approach when dealing with a high profile public crisis
Limiting communication to senior management only
Which of the following is a common type of malware
Ransomware
What is the expected lifespan of a typical LED lamp used for security lighting
50000 Hours
Which of the following is least likely to be considered a tangible asset on a company’s balance sheet
A patent for a proprietary manufacturing process
Which of the following is least likely to affect the effectiveness of a fence used for perimeter security
The thickness of the fence posts
Which type of lock is considered the most difficult to manipulate
Disc Detainer Lock
Which of the following is least likely to be protected by a trademark
A newly invented process for manufacturing goods
What is the primary challenge in coordinating crisis management for decentralized organization
Ensuring communication consistency across geographically dispersed teams
What is the purpose of security clearances in personnel security
To grant individuals access to classified information
To assess and individuals trustworthiness
To prevent unauthorized disclosure of sensitive information
What is a common tactic used by suspects during interrogation to evade detection
Presenting multiple conflicting version of the story
Which of the following vault materials provides the best balance between cost effectiveness and high security in commercial environments
Composite steel
What is the most significant vulnerability of a safe with a mechanical combination lock
Susceptibility to manipulation
Which combination of factors is most likely to lead to job dissatisfaction according to Herzberg
Poor salary and poor working conditions
Which of the following sensors is most effective at detecting fast moving objects across an open area
Microwave sensor
What is the primary advantage of using LED lighting for security purposes over metal halide lighting
Higher energy efficiency
Which of the following factors is least likely to contribute to reducing asset criticiality in a high security environment
Reducing the assets importance to the organizations goals
What is the purpose of surveillance in an investigation
To gather information
What is the main security feature of a safe with a TL-15 rating
Resistance to forced entry for 15 minutes
Which of the following is least likely to undermine the credibility of a hostile witness
Allowing the witness to express themselves freely
Which of the following is least likely to be a characteristic of a controlled buy operation in drug investigations
The undercover officer intentionally increases the size of the drug buy
Which fire rating would be appropriate for a vault designed to protect high value assets in a facility prone to frequent fires
4 Hours
Which of the following is not an essential factor when selecting bullet resistant glazing for a security facility
The refractive index of the glass
Which phase of the PEACE model focuses on ensuring the interviewer remain neutral and unbiased
Plan and prepare
What is the primary purpose of a physical security information management (PSIM) system
To integrate multiple security applications and devices into a unified platform
To provide real time incident response
What is primary purpose of sting operation
To induce a suspect to commit a crime
Which of the following weaknesses is most likely to arise from using REID techniques in an interview with a suspect with low mental capacity
The suspect may provide false confessions under pressure
Which of the following is least likely to be considered a vulnerability in mobile device management (MDM)
Regularly updating mobile device operating systems
What is the primary advantage of using biometric locks over traditional locks
Unique identification capability
Which type of cable is most effective at preventing signal loss over distances greater than 100 meters in perimeter security systems
Fiber-optic
Which of the following would most likely reduce the effectiveness of a deterrent in a Physical Protection System (PPS)
The deterrent is not visible to potential adversaries
Which of the following is a limitation of using acoustic sensors for detecting intrusions
Inability to differentiate between ambient noise and actual intrusion sounds
What is the primary advantage of using a dual technology sensor in physical security
Reduced false alarms
Why might it be more important to integrate emergency response protocols with physical security systems in high risk facilities
Integrated protocols ensure that security systems do not interfere with emergency response efforts, such as evacuations
Which type of sensor would be most vulnerable to detection failure in environments with a lot of glass or reflective surfaces
Ultrasonic sensor
In the investigative process, what reflects the mindset of the investigator
Simple statement of abstracts encountered
How might personnel risk assessments prevent potential insider threats from emerging
By identifying vulnerabilities before they are exploited
Which of the following factors is least likely to influence an investigators approach
Investigators bias
What is the main challenge of using social engineering techniques in security investigations
Legal implications
How does the twist rate of CAt6 cables affect their performance in high bandwidth security systems
A higher twist rate increases resistance to external interference
In the context of crisis management, which of the following is most important for maintaining business operations during a disaster
Effective communication channels
Which of the following is most likely to undermine the reliability of eyewitness testimony in a high stress environment
The eyewitness’s memory may be distorted by stress
Which of the following is the best method for reducing the threat level in a security system
Implementing proactive detection measures
What is the primary benefit of using mercury vapor lamps in security lighting applications
Long lifespan
Which of the following combinations would most likely increase overall risk in security system
Increasing asset visibility but reducing threat deterrence systems
Which rating denotes that a lock is highly resistant to both physical and covert methods of entry including lock picking and manipulation
UL 437
Which of the following is not a characteristic of an effective security program
Minimal documentation
Which of the following factors is least likely to reduce the Probability of Detection (Pd)
Enhancing detection sensitivity but reducing sensor placement
Which of the following is the primary weakness of using circumstantial evidence in court
It rarely connects the suspect directly to the crime
In a qualitative risk analysis, which of the following factors is most likely to be used to assess risk
The probability of occurrence and impact
Which type of lamp is considered obsolete due to its high energy consumption and low efficiency despite its once widespread use in street lighting
Mercury vapor
Which of the following best describes the concept of saturation in surveillance operations
Ensuring continuous coverage
Overlapping surveillance efforts
Maximizing observer presence
Which feature of high security vault doors enhances their resistance to both physical and explosive attacks
Reinforce concrete one
What is the main disadvantage of using public key encryption
Reduced performance compared to symmetric encryption
How does the refractive index of tempered glass affect the performance of laser sensors used for break detection in windows
It influences how the laser beam penetrates the glass, allowing for more precise detection of fractures
What is the primary benefit of using the Cognitive Interview Technique over more traditional interrogation methods
It helps retrieve more accurate information
Which of the following is most probable to reduce the likelihood of an attack on a high value asset
Implementing visible deterrents such as CCTV cameras
What is the function of the central conductor in a coaxial cable used in perimeter camera systems
It carries the high frequency signal for video transmission
Which of the following is an example of personnel security control
Two factor authentication
In complex financial fraud investigations why is the collection of metadata often essential
It helps to establish the origin of digital communications
Which of the following is least likely to improve a company’s ROI from a new security system
Delaying the implementation timeline to reduce costs
When conducting an investigation why is it important to avoid leading questions during witness interviews
They can inadvertently direct the witness to a specific answer
Which of the following factors would most likely reduce the probability of interruption (Pn) in a hig security environment
Delayed detection systems and slow response times
Which type of safe rating is required for storing sensitive government documents
GSA Class 5
Which type of cable is most vulnerable to interference from nearby high voltage power lines
Unshielded twister pair
Security through obscurity
Hiding measures
Visible deterrents
Which factor would least likely contribute to an increase in an assets vulnerability
Strong physical security barriers but delayed detection systems
Which of the following concepts is associated with the span of control in management
The number of employees reporting directly to one supervisor
In a high security facility which of the following would be preferred locking mechanism for securing access to a vault
Dual Control Lock
What is the role of incident response in personnel security
To quickly and effectively respond to security incidents
To mitigate the impact of security breaches
To identify and address vulnerabilities in the security system
Which of the following is most likely to compromise the availability of a critical business application hosted on a virtual machine
The hypervisor fails to allocate sufficient resources
Why might an investigator use the Reid technique during an interrogation
To encourage the suspect to admit guilt through psychological pressure
Which factor most affects the performance of microwave sensors in detecting metallic objects at close range
The conductivity of the detected metal
Which of the following best explains the difference between Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
TLS be more security successor to SSL providing stronger encryption protocols
What is the primary purpose of implementing an anti passback feature in an access control system
To prevent unauthorized re entry
To ensure single entry exit compliance
Which of the following techniques is most often used in inductive risk assessment
Generalizing from specific incidents to broader risk patterns
Which of the following is not considered a deterrent in physical security design
Passive Infrared Sensors
Which of the following best describes the relationship between criticality and risk tolerance in risk management
Assets with higher criticality generally result in lower risk tolerance
Which type of sensor is most effective in detecting intruders in total darkness
Thermal imaging
Which of the following is not one of the strategies of second generation CPTED
Communication
Which of the following vault designs provides the best protection against electromagnetic interference
Lead lined vault
Which of the following is most likely to help investigators detect early signs of fraud by analyzing the pressure component of the Fraud triangle
Conducting regular interviews with employees to assess their financial and personal stressors
Which of the following is least probable to appear on a company’s income statement
Cash reserves
Which factor is most likely to reduce the Probability of detection (Pd) in a high threat environment
Weak detection sensitivity and delayed sensor placement
Which of the following would be classified as a hygiene factor according to Herzberg
Salary
Which of the following is most likely to improve the accuracy of probability of detection (Pd) in an adversary sequence diagram (ASD)
Calibrating sensors to optimal settings based on environmental factors
Which lock standard specifically addresses the security and durability of padlocks used in high security applications
UL 437
Why might a security system integrate both volumetric and line detection sensors in a layered security approach
To cover different areas, volumetric for interiors and line detection for exits and entrances
Which of the following is least relevant when selecting Key Performance Indicators (KPIs) for a security program
The frequency of incidents reported
Why might physical security measures need to be adjusted in response to changing business operations, such as new workflows or expanded facilities
Changing operations may create new vulnerabilities or access control needs
Which of the following is not included in the calculation of the quick ratio
Inventory
According to Abraham Maslow which of the following needs is least likely to motivate an employee once it is fulfilled
Physiological
What is the primary risk of failing to evaluate contractors during a personnel risk assessment
Contractors may have conflicting loyalties that put the company at risk
How can environmental factors affect the performance of infrared cameras used in physical security systems
Extreme temperatures and humidity can reduce the accuracy of heat signatures
How might criminals attempt to bypass access control systems that use magnetic locks
By tampering with the control panels that regulate the locks
Which of the following is least likely to be a valid form of evidence in an investigation under strict chain of custory rules
Evidence collected by an untrained investigator
Which lock rating standard is globally recognized for testing high security mechanical locks
UL 437
On what conditions should the decision of whether to arm a security officer be based
When the officer may be reasonably expected to use fatal force and life safety is at risk
What is the most significant challenge when presenting digital evidence to a jury
Juries often cannot understand the technical details of digital evidence
Which of the following weaknesses is most likely to arise from relying on eyewitness testimony in a robbery investigation
Eyewitnesses may experience memory distortion due to high stress
Which standard governs the design and rating of vault doors for high security facilities
UL 608
Which of the following is not a benefit of organization
Enhancing data availability
Why is continuous monitoring of personnel security risks important in high turnover industries
High turn over increases the likelihood of insider threats
Security access control key
Reliability
Convenience
What is the critical limitation of using Doppler radar for intrusion detection in areas with heavy vehicular traffic
Heavy traffic creates constant frequency shifts, causing false alarms
What is the primary goal of a background check
Ensuring candidate suitability
Which of the following is not included in the calculation of the quick ratio
Inventory
Which firing rating is commonly required for walls in a high risk data center to prevent fire from spreading
3 Hours
Which of the following is least likely to be required when obtaining a trade license for operating a business in a regulated industry
Filing for copyright protection for company materials
How does high vulnerability score affect the calculation of overall risk
It increase overall risk by making the asset more susceptible to threats
Which of the following is least probable to be a critical factor in selecting sensors for perimeter protection
Availability of backup power systems
Which two factors are critical in determining the Probability of Loss (PoL)
Vulnerability and threat likelihood
Threat likelihood and vulnerability exploitability
Which of the following is a disadvantage of using fiber optic cables in cold weather environments for perimeter security
Fiber optic cables become brittle and more prone leakage
Which of the following interrogation techniques focuses on minimizing confrontation to obtain confessions
The REID technique
Which of the following is least likely to improve the response capability of a Physical Protection System (PPS)
Reducing the number of access points to the facility
What is the primary security benefit of implementing a lighting system with adjustable intensity and color settings in a cultural heritage
Adjustable settings can adapt to the natural light variations throughout the day, ensuring optimal visibility for security cameras
Which of the following is not a key component of personnel security
None of the above
(Background checks, Access control, Physical security measures)
In a monostatic radar system how are objects detected
By measuring the reflection of the transmitted signal from the object
Which type of cable is most suitable for security system requiring the simultaneous transmission of power and data
Cat6 with Power Over Ethernet (PoE)
How does the concept of Hazard fit into the overall security risk equation
A hazard is a potential event that could negatively impact an assets operation
Why is RJ11 typically not used in modern security networks
RJ11 supports only analog communication transmission making it obsolete for high speed data
Which of the following is not a measure to protect against Social engineering attacks
Implementing strong access controls
Conducting regular security awareness training
Verifying the identity of individuals before granting access
Which feature of concertina wire makes it particularly effective for use in military facilities and high security zones
The density of the wire making it difficult to cut or climb
Which of the following factors is least relevant when selecting KPIs for a security program
The cost of security measures
Which of the following theories emphasizes the idea that employees are inherently motivated to achieve their fullest potential
Maslow’s Hierarchy of Needs
Which of the following would be considered a motivator in Herzberg’s theory
Achievement
Which of the following is a key advantage of using the Cognitive Interview over the REID technique
It avoids accusations of coercion by focusing on free recall
Which of the following best describes an event tree analysis
An inductive approach to assess the consequences of a specific event
Which of the following types of sensors is most likely to generate false alarms due to environmental vibrations
Seismic sensor
In an investigation involving intellectual property theft why is it essential to review the suspects communications with competitors
To establish intent and identify co-conspirators
Which of the following is least likely to be a critical element in a crisis simulation exercise
Performing a detailed financial audit
Which of the following is least likely to improve the respond function in a PPS
Installing advances intrusion detection systems
What is the primary limitation of using microwave sensors in a large outdoor environment with varying terrain
Environmental factors such as wind and rain can interfere with detection
In an surveillance operations, what it the primary risk of relying exclusively on one surveillance technique
It limits the ability to collect evidence from diverse perspectives
Which combination of factors would reduce the Probability of Loss (PoL) for a critical infrastructure system
High recovery capability and low threat likelihood
Which of the following factors is most likely to increase the Probability of Detection (Pd) in a security system
Enhancing surveillance coverage
Which of the following is least likely to be a force multiplier in investigations
Increased surveilance personnel
Which type of lamp experiences significant lumen depreciation over its lifespan, leading to reduced light output before the lamp fails
Mercury vapor
Which of the following is most applicable to gambling investigations conducted by a proprietary investigative force
Telephone surveillance
What is the main reason fiber optic cables are immune to electromagnetic interference in high security environments
Fiber optic cables do not emit any electromagnetic radiation
What two values describe sensor effectiveness
Probability of detection and confidence level
What is the primary goal of personnel security screening
To identify potential security risks
Which lighting type has the greatest overall energy efficiency based on lumens per watt
LED
What is the purpose of conducting background checks in personnel security
To verify employment history
To assess criminal records
To evaluate financial stability
In what scenario would the use of glass break sensors be most appropriate as part of an intrusion detection system
When securing areas with large windows or glass doors
Which of the following is not included in the calculation of the quick ratio
Inventory
Which of the following best describes the quick ratios ability to assess a company’s short term financial health
It excludes inventory and prepaid expenses focusing on liquid assets that can be quickly converted into cash
Not a biometric benefit
Convenience
Which of the following factors is least likely to contribute to false confession during a REID interrogation
Using non accusatory language to allow the suspect to provide their narrative
Which of the following factors is most relevant when conducting a cost benefit analysis for security investments
The potential reduction in risk
What is the function of the cladding in a fiber optic cable
To reflect light signals back into the core for signal transmission
How can a suspect used digital dead drops to evade detection in an investigation
By posting seemingly harmless flies in public forums for later retreival
In the Maslow Hierarchy of needs which of the following needs are considered social needs
Love and belonging
Which of the following is least likely to be effective in preventing SQL injection attacks on a web appliciation
Encrypting all data transmitted between the server and client
What is the primary objective of the narco analysis technique
Inducing a trance like state to bypass conscious resistance
________________ examines the outcome of successful adversary attack the likelihood will occur, how it will occur, and how many people will be affected
Risk assessment
Which of the following is least likely to result in a loss of trademark rights
The trademark is used for a different class of goods than that was registered
Which of the following best describes the relationship between probability of detection (Pd) and probability of interruption (Pi)
An increase in Pd enhances the likelihood of Pi
Which of the following is least likely to be a common element in a crisis communication plan
A financial recovery strategy
What is the most effective method for enhancing physical security in a high risk facility
Increased lighting
Biometric access control
How does natural surveillance influence crime deterrence in CPTED design
It reduces the need for physical barriers by increasing visibility
Which combination of factors is most likely to reduce the Probability of interruption (Pi)
Strong access control measures but slow response times
In CPTED which of the following strategies best represents the principle of natural access control
Lilmiting points of entry
What is the most significant vulnerability in most vault designs
Roof or floor penetration
Which of the following is most indicative of a successful buy bust operation
The evidence collected is admissible and directly links the suspect to the crime
What is the main goal of personnel security screening
To protect sensitive information
In what security application would a line detection sensor be particularly effective and why
In securing windows and doorways as it can create an invisible line that when broken by an intruder triggers an alarm
In a corporate fraud investigation, what would be the key benefit of using a sting operation
To gain insight into a suspects methods without them knowing
To gather evidence through voluntary participation of the suspect
Which of the following is most likely to be the consequence of incorrectly classifying an intangible assets as a tangible asset on a company’s financial statements
The company may incorrectly depreciate the assets, affecting profitability reports
Which of the following is not a component of personnel security
None of the below
Background checks
Security awareness training
Physical security measures
How does the frequency of a laser based sensor affect its ability to penetrate through tempered glass in security
Lower frequency lasers pass through tempered glass with minimal signal loss
Which of the following is the least probable impact of high threat low vulnerability scenario
Minimal risk
What is the most significant advantage of integrating physical security systems with building automation systems
It allows security personnel to monitor and control security measures remotely
What factor contributes most to the short lifespan of incandescent lamps compared to other lighting technologies
Fragile filament
Which combination of factors is most likely to increase the overall threat landscape
Increasing detection systems but ignoring response times
Reducing the assets physical security but increasing cybersecurity
Which of the following is not a key element of risk management
Avoiding all risks
Which of the following is the most critical method for ensuring that a security policy is enforced consistently across the organization
Monitoring employee compliance
Which of the following best explains how Rational Choice Theory can be used to assess potential fraud risks in a corporate environment
Individuals commit fraud after weighing the potential gains against the risks of getting caught
Which of the following is least likely to be a factor in determining the severity of a crisis
The number of personnel involved in the response
Which type of cable is best suited for securing a perimeter where frequent power outages occur and why
Fiber optic cables because they do not rely on electrical signals
Which of the following is not a criterion for evaluating bids for security services
Security personnel training background
Which of the following is considered the least secure method of securing classified documents
Locked desk drawers
What is the primary challenge when interviewing a suspect who is a sociopath
Their tendency to lie easily and convincingly
In the context of security sensors what is a false alarm
An alarm triggered without any actual threat or intrusion
Which of the following is least probable to be direct outcome of increasing surveillance systems
Improved perimeter protection against cyber threats
Which standard is most commonly used to rate the strength and security of padlocks
UL 437
Which of the following is a the primary goal of a business impact analysis (BIA) in business continuity planning (BCP)
Evaluating the financial impact of potential disruptions
In a risk management model which combination of factors most directly increases over all risk
High vulnerability and high criticality
Which of the following is not a key performance indicator (KPI) for BCMS
Employee satisfaction scores
Which of the following is least likely to align with the General Strain Theory’s explanation of why individuals commit fraud
The individual is motivated by the opportunity to exploit weak internal controls
Which of the following is not a key feature of a quantitative risk assessment
It provides subjective ratings for potential threats
The main objective of a CCTV system is
Deterrence
Which of the following investigative techniques is the most effective in detecting fraud within an organization
Internal audits
Which of the following sensors is least likely to be affected by temperature fluctuations
Microwave sensor
In a security audit which of the following factors is most likely to influence the effectiveness of a detection system
The level of personnel training
Which of the following is least likely to be a factor in understanding the rationalization component of the Fraud Triangle when investigating white collar crime
The suspects fear of getting caught and facing severe legal consequences
What is the greatest challenge of implementing a robust data classification framework within a large organization
Ensuring consistent classification across departments with differing data access needs
Which factor is least likely to reduce the Probability of Detection (Pd)
Enhanced response time but poorly trained personnel
_________ The most critical stage calls for identifying and analyzing the organizations problems events that could disrupt operations and assets. One identifies the root causes of those problems and begins to rank them in terms of importance
Plan
Which of the following is least likely to contribute the rationalization component of the Fraud Triangle
Assessing the consequences of being caught and prosecuted
What is the key advantage of using a time delay mechanism in a vaults locking system
Reducing risk of forced entry during robberies
In the context of fault tree analysis, the top event refers to
The ultimate failure or breach that analysis seeks to prevent
Which of the following is least likely to be considered a risk in managing trade secret protection
Disclosing the trade secret to third parties under strict confidentiality agreements
Which type of bias is most likely to affect the outcome of an investigation involving a high profile subject
Authority bias
Which of the following factors is not directly involved in determining the Probability of Neutralization (Pn)
Criticality of the event
In what way does the use of bistatic radar enhance airport perimeter security compared to monostatic radar
The use of multiple receiver sites allows for triangulation, improving the accuracy of object location
Which of the following is least likely to be considered a critical success factor for ESRM in a cloud based IT infrastructure
Ensuring continuous on premises monitoring of physical IT assets
How might a disgruntled employee use social engineering tactics to compromise an organizations personnel security
By manipulating coworkers to reveal sensitive information
Which of the following best explains why qualitative risk assessments are often used in conjunction with quantitative assessments
To provide both subjective and objective insights into potential risks
Which of the following is least likely to be considered when assessing security risks within the ESRM framework
The availability of security technologies for risk mitigation
Which of the following evidence types is least likely to be useful in proving motive in robbery investigation
DNA found at the scene
In which type of operation is it critical to ensure that the suspect initiates all illegal actions to avoid claims of entrapment
Sting operation
Which type of lamp has the shortest expected lifespan requiring frequent replacements in security lighting systems
Incandescent
In a disaster planning scenario three of the following factors are considered primary when assessing vulnerabilities which is not one of the three
Insurance factors
Which aspect of polarized light is utilized in some infrared sensors to improve detection in reflective environments
Polarization prevents scattering from rain or dust enhancing detection accuracy
Why is it essential to cross reference an applicants name with known aliases during background investigation
To identify applicants who may have used different identities to evade background checks
Which of the following best describes security through obscurity
Hiding security measures
How might a suspect use smurfing techniques to evade detection in financial investigations
By making multiple small, structured deposits to avoid triggering reporting thresholds
Which of the following is most likely to be challenge in crisis communications during a cyber attack incident
Handling misinformation spread on social media
Which of the following is least probable to be successful strategy for reducing insider threats
Relying solely on background checks for new hires
Which of the following is not an assumption of McGregor’s Theory X
Employees seek responsiblity
What is the primary security concern addressed by a time delay mechanism in a vault
Protecting against unauthorized access during specified times
Which of the following is least likely to be useful strategy in detecting fraud early within the pressure component of Cressey’s Fraud Triangle
Hiring external auditors to review corporate financial statements quarterly
Under the REID technique of interrogation what is a key psychological tactic used to eliciting confessions
Minimizing the moral seriousness of the offense
Which of the following is not a liability
Accounts receivable
Which of the following is most likely to challenge the use of fault tree analysis in the ESRM process
Limitations in modelling security incidents with dynamic, real time variables
What is the primary security risk of using chain link fencing in areas with frequent pedestrian traffic
Chain link fences offer little deterrence to individuals with basic tools
Which of the following is not a benefit of implementing Protection in depth
The elimination of all vulnerabilities within a security system
Which of the following is most likely to complicate the application of the Fraud Triangle when investigating a global organization with diverse cultural backgrounds
The concept of rationalization may vary significantly across different cultural contexts
What is the primary goal of network segmentation
Limiting the spread of security breaches
Which of the following describes the relationship between hazard and vulnerability
Hazards can exist without vulnerabilities
Which of the following is not a primary factor in determining risk
Response capability
Which of the following disaster recovery strategies is most likely to minimize downtime during a large scale cyber attack
Hot site backup
Which formula is used to calculate Single Loss Expectancy (SLE)
SLE=Asset Value X Exposure Factor
When we design a PPS the level of protection for a group of assets must meet the protection needs of the ____ in the group
Most critical asset
Which of the following is most likely to be considered an intangible asset under financial accounting standards
A patent for a new technology developed by the company
Which of the following is the best method for reducing the likelihood of loss in security system
Enhancing detection systems
Which of the following is most likely to reduce false confessions in a REID interrogation
Using Non accusatory questioning techniques
Which type of evidence is typically most reliable in a corporate investigation involving employee misconduct
Documentary evidence
Which factor is least likely to increase the Probability of Detection (Pd) in a layered security system
Weak sensor placement and delayed response protocols
Which of the following is most likely to be an outcome of failing to address the opportunity aspect of the fraud triangle in an organization with a history of financial fraud
Fraudulent activities will increase due to weak internal controls and lack of oversight
What is the primary factors contributing to the long longevity of LED lamps compared to incandescent lamps
Less Heat Generation
Which of the following is the most critical method for ensuring that a security policy is enforced consistently across the organization
Monitoring employee compliance
Which of the following is the most critical element of the respond function in the Physical Protection System (PPS)
The ability to neutralize the threat after detection
Which of the following is least likely to be impacted by the restrike time of mercury vapor lamps used in outdoor security lighting
The color rendering performance of the lighting system
Which of the following sensor technologies is best suited for detecting intrusions in high vibration industrial environments
Seisimic sensor
What is the primary advantage of using biometric authentication in an investigation
It is difficult to forge
Which of the following is not a potential risk associated with personnel security
Physical damage to facilities
Which lock mechanism provides the highest level of resistance to key duplication
Disk Detainer lock
Which of the following best describes the concept of triangulation in investigations
Using multiple sources of information to verify facts
In what scenario would a fence with anti climb features be insufficient for perimeter security
When additional sensors and surveillance are not integrated into the system
Which of the following best describes the principle of corroboration in investigations
Using multiple sources to verify information
______ risk assessments are often based on lists and depend on how analysts feel about the solution
Qualitative
Which of the following factors would most likely reduce the Probability of Interruption (Pi) in a high security environment
Delayed detection systems and slow response times
Which lock mechanism is most susceptible to drilling attacks
Pin tumbler
What is the primary purpose of a crisis management plan
Ensuring effective response form crisis
The mechanical lock longest in use and first developed is the _____ lock
Warded
In the context of security risk management which of the following represents the least desirable outcome
High threat, high criticality assets
Which of the following is most likely to complicate post crisis recovery operations
Incomplete documentation of the crisis event
Which sensor technology would be most suitable for detecting motion in an underground parking garage
Microwave sensor
Which of the following is most likely to be the first stage in Cressey’s Fraud Triangle that leads to the commission of fraud
The individual experiences financial pressure
Which lock mechanism is considered the most secure against both physical and covert attacks
Disc-detainer lock
Which of the following is the best example of a compensatory measure in a security system
Adding security patrols to offset a weak perimeter
Which of the following methods is commonly used to verify the authenticity of digital evidence during an investigation
Hashing algorithms
Which lamp type is most affected by ambient temperature changes, particularly in outdoor installations
Metal Halide
How might adversaries bypass line detection sensors in a perimeter security system
By passing under or over the sensors detection range
Which type of fencing material provides the best protection against forced entry using bolt cutters
Welded wire mesh
Which of the following is the main vulnerability of using concertina wire in low visiblity environments
Intruders can avoid detection by exploiting gaps in the wire
What is the primary disadvantage of using open source intelligence (OSINT)
Legal and ethical issues
Why might a security engineer choose to deploy inductance based sensors along the perimeter of a power utility substation
To detect any large metallic object approaching the perimeter potentially indicating theft or sabotage attempts
Which of the following is the primary disadvantage of a key operated lock system in high security environments
Susceptibility to key duplication
In an adversary sequence diagram what is the primary benefit of increasing the probability of detection
It extends the time available for security personnel to respond
In narcotics investigation what make methamphetamine particularly challenging to combat
It is easily synthesized from legal over the counter chemicals
Which of the following is not a preservation method for digital evidence
Encrypting
In what way does incorporating environmentally friendly lighting technologies, such as low emission LEDs contribute to a facility’s security strategy
Environmentally friendly lighting tends to have higher durability and reliability which is crucial for maintaining constant security coverage
Which of the following is most critical for reducing vulnerability in a physical security environment
Limiting access to high risk areas
Which property of twisted pair cables helps in reducing crosstalk but increases the cables susceptibility to electromagnetic interference
The absense of shield
Which type of lock is most vulnerable to bump key attacks
Pin tumbler
What is the primary vulnerability of Doppler radar systems in detecting small fast moving objects in cluttered environments
The radars signal is scattered by clutter, reducing detection accuracy
According to Herzberg which of the following would not prevent job dissatisfaction
Recognition for achievements
Which of the following is not a high explosive
Nitrocellulose
Which of the following factors most significantly affects the accuracy of a microwave sensor in detecting intrusions
Line of sight obstructions
Which of the following principle is most important for an investigator to main objectivity during an investigation
Avoid making assumptions based on initial evidence
How can active infrared sensors improve the reliability of intrusion detection in high traffic areas
Active infrared sensors emit their own signal allowing for the detection of unauthorized movements even when environmental noise is high
Which of the following is least likely to be an appropriate reason to dismiss a polygraph test as evidence
The test was administered by law enforcement
In the CARVER method, which factor assesses how important a target is to the adversarys overall mission
Criticality
Which of the following is not a step in the adversary sequence diagram
Recovery operation
In what situation would active infrared sensors be preferred over a passive sensors for security purposes
In outdoor environments where rapid detection is needed despite environmental interference
Which of the following is the primary outcome of conducting a criticality assessment
Identifying assets that are essential to maintaining operational continuity
In vulnerability assessments how does the term exploitability relate to risk
The more easily a vulnerability can be exploited the higher the risk
What is the purpose of a personnel security policy
To establish rules and guidelines to personnel security
To ensure compliance with legal and regulatory requirements
To protect sensitive information and resources
Which factor would most likely reduce the Probability of Loss (PoL) in a high risk environment
Increasing threat deterrence systems and reducing asset visiblity
What is the typical power consumption of an LED lamp that produces the same light output as a 100 watt incandescent bulb
10-15 watts
Which of the following best describes the concept of dilution in trademark law
Unauthorized use of a trademark in a way that reduces its distinctiveness or value
Which of the following factors is most likely to decrease the Probability Of Interruption(Pi) in a security system
Slow response times
Which of the following is the most likely weakness of a high frequency low impact threat to an asset
It is often overlooked due to its perceived insignificance
Which of the following is not a liability
Accounts receivable
Which of the following is not a benefit of using inductive risk assessment methods
It is useful in predicting rare events with little data
Which of the following non verbal behaviors is least likely to be reliable indicator of deception during an interrogations
None of the above
(Lack of eye contact, Sweating or nervous fidgeting, Contradictory body language)
What is the relationship between criticality and risk in a risk management framework
Criticality determines the priority of risk mitigating efforts
Which factors would least likely contribute to a reduction in an assets vulnerability
Enhancing detection capabilities but ignoring recovery protocols
How might block chain technology complicate financial investigations involving money laundering
It allows suspects to store funds across multiple encrypted wallets
What is the primary effect of opiates on the human body that makes them a focus of narcotics investigations
The function as depressants often leading to abuse and overdose
Which of the following best describes Subpoena
A legal order to compel testimony or evidence
Which type of malware is designed to spread from one device to another
Virus
Which of the following is least likely to be an effective method for preventing brute force attacks on authentication systems
Encrypting all data transmissions between the client and the server
What is the main characteristic of a high security deadbolt lock compared to a standard deadbolt
It is more resistant to drilling
What is the role of security lighting in physcial security
To deter criminal activity by increasing visibility
What is the primary role of an investigative interview
Gathering information directly from witnesses
What is the primary challenge when assessing personnel risks in multinational organizations
Legal and cultural differences in employee background checks
Which of the following is most likely to challenge a company’s ability to enforce its trade secrets in court
The company failed to document the confidential nature of the trade secret in internal policies
Which of the following would most likely reduce the Probability of Detection (Pd)
Decreased detection system sensitivity
Which of the following best describes the concept of a cold hire in undercover investigations
A suspect is hired without knowing they are under investigation
How does vulnerability directly influence overall risk in security risk assessments
Vulnerability increases the likelihood that threats will successfully exploit weaknesses in the system
What is the biggest legal concern when using informants to gather intelligence during an investigation
Evidence obtained through informants may be challenged for entrapment
In an internal investigation which of the following factors is most likely to invalidate the findings
Conflict of interest by the investigator
A person may affect an arrest without warrant when he/she
Has reasonable grounds to believe that an individual has committed a criminal offense
Finds an individual commiting any offense
Which of the following is an example of a hygiene factor in Herzberg’s theory
Working conditions
IP based camera advantage
Integration
What is the operational principle of a line detection sensor used in securing building entrances
It employs a laser beam that when broken signals an entry or exit event
Which of the following is most likely to increase the risk of credential stuffing attacks on an organizations authentication system
Allowing employees to reuse the same password across multiple systems
Which of the following is the most critical method for ensuring that a security policy is enforced consistently across the organization
Monitoring employee compliance
Which of the following is most likely to cause a bistatic radar system to lose signal coherence
Metallic structures
What is the primary objective of employee monitoring
To ensure compliance with security policies
What is the main benefit of using smart locks in residential security
Remote access and control
Which of the following strategies is the most effective method for reducing risk in a high threat environment
Improving detection systems
Which of the following is least likely to be protected by copyright law
A unique business method for inventory management
In the CARVER risk assessment method how is recoverability defined
The ease with which an asset can recover after an attack
Which lock type is most vulnerable to damage from electrical surges
Electromagnetic lack
Which of the following is not typically considered a security control
Financial Controls
Which of the following is an advantage of using a biometric lock in a vault security system
Reduced need for rekeying
Which sensor type is most effective for detecting intrusions through concrete walls
Seismic sensor
How does implementation of bistatic sensors increase the effectiveness of a security system along a national borer
Bistatic sensors can detect low flying or small moving objects that might not trigger monostatic sensors
Which of the following is not a common method for security digital evidence
Modifying the original evidence
The law prohibiting the use of unlicensed wireless microphones for purposes of eavesdropping is
The federal communications act
Which of the following is not part of Mc Gregor’s theory x
Employees seek responsibility and autonomy
Which of the following is not a type of forensic evidence
Hypothetical evidence
Which of the following best describes the concept of layered security (defense in depth)
Combining multiple, independent security controls to delay and deter threats
Which of the following is most likely to result in a copyright infringement claim
Reproducing large portions of a copyrighted text without the authors permission
What is the primary vulnerability of low cost safes used in residential security applications
High susceptibility to brute force
Which type of lighting provides the best performance in foggy or rainy conditions for outdoor security applications
Infrared lighting
Which of the following is the least important factor when evaluating a hazard in risk management
The ease of threat detection
Which of the following is not a standard procedure for handling digital evidence
Analyzing the evidence on the original evidence
Which of the following techniques is least effective in obtaining a confession during a REID interrogation
Asking the suspect to provide their version of events freely
In a risk management framework which of the following statements is false
High threat likelihood always leads to higher risk
Which of the following is the most effective method for protecting digital evidence from tampering during transport
Sealing it in a tamper evident bag
In CPTED how does the concept of natural access control contribute to crime prevention
By directing the flow of people and vehicles to controlled points of entry
Which of the following is least likely to be a key consideration when selecting a safe for storing high value assets
The strike time of the lighting used in the room where the safe is located
Which of the following strategies is most relevant when interviewing an informant in a narcotics sting operation
Offering protection in exchange for information
Which of the following is least relevant when calculating Annual Loss Expectancy (ALE)
Cost of countermeasures
Which of the following defines an explosion
A flash fire
A sudden , violent, and noisy eruption or discharge by material acted upon the force, which causes material to convert into gas and expand or burst
A detonation
Which strike time is typically required for high security electromagnetic door locks
1 second
What is the primary purpose of a conducting a personnel risk assessment on a high profile employee
To evaluate whether the individual is trustworthy for sensitive roles
Which of the following statements about the CARVER method is false
It focuses on natural hazards and environmental impacts
Which of the following is not a key characteristic of an event tree analysis
It identifies the root causes of specific failure events
Which of the following is the best example of a vulnerability that could lead to increased risk
An outdates cybersecurity framework that does not account for modern threats
What is the most effective method to reduce annual loss expectancy (ALE)
Reducing the probability of loss events
Which of the following is not a part of the adversary sequence diagram
Risk mitigation
What is the purpose of a security clearance
To grant access to classified information
To assess a persons trustworthiness and loyalty
To determine if a person is eligible for certain positions
In the context of a Business Continuity Plan (BCP), which of the following factors is most critical for ensuring organizational resilience
Establishing Recovery Point Objectives (RPOs)
Which of the following combinations would least likely reduce overall risk in a high vulnerability system
Increasing asset visibility but reducing incident recovery times
Which type of lamp is most likely to be used for perimeter lighting where color recognition is not a priority
High pressure sodium
In physical security systems, why is it important to include redundant alarm systems for high risk areas
A failure in one alarm system can leave the facility vulnerable without immediate detection
Which of the following is most probable to cause failure in the delay function of a Physical Protection System (PPS)
Lack of redundant barriers at key entry points
A claimants allegation of invasion of privacy would be appropriately supported in a situation where the alleged perpetrator
Mentioned during a televised interview a rumor about the claimant engaging in criminal activity
_______ refers to the efficient handling of the organization as well as its employees
Organization management
In the cognitive interview Technique what is the purpose of asking witnesses to change their perspective when recalling events
To stimulate new memory pathways
Why might a security system designer opt for passive sensors in a highly secure data center
They do not emit energy that could potentially interfere with sensitive data equipment
What is the primary goal of personnel security measures
To minimize the risk of insider threats
Which of the following sensor types is typically used for detecting physical force applied to doors and windows
Vibration sensor
In a span on control system what is the maximum number of direct reports that one manager should typically oversee
7
Which of the following describes the primary strength of a hostile witness in court
Their statements through contradictory, can expose the weaknesses in the opposing sides case
What is the minimum thickness of steel required for a Class 3 vault door according to UL 608
1 inch
What key information does the Gramm Leach Bliley Act (GLBA) require financial institutions to protect
Customer financial records and information only
In what way does a microwave sensor provide advantages over a traditional PIR sensor for outdoor perimeter security
It is less likely to give false alarms due to small animals or environmental factors like wind and rain
In an investigation what is the role of expert witnesses in court
To provide specialized knowledge and opinions that help the court understand technical aspects of the case
Which of the following factors is most critical when determining the Recovery Point Objective (RPO) in a disaster recovery plan
The criticality of data being recovered
In calculating annual loss expectancy (ALE) what impact does a decrease in the annual rate of occurrence (ARO) have on the ALE
ALE decreases as the ARO reduces the likelihood of incidents
What is the main difference between indirect evidence and circumstantial evidence in an investigation
Circumstantial evidence requires interference to connect it to the crime, while indirect evidence does not
Which type of sensor is typically used to detect attempts to cut or climb fences
Vibration Sensor
What is the main purpose of Probability of Detection (Pd) in security systems
To determine the likelihood that a threat is detected before damage occurs
What is the primary purpose of conducting a forensic audit
Detecting financial fraud
How do bistatic sensors offer and advantage in redundancy over monostatic sensors in a security system
Bistatic configurations inherently include multiple devices, which provides natural redundancy in case one fails
Which of the following technologies can be combined with motion sensors to reduce false alarms
Video surveillance
Which of the following is not considered an element of the common law crime of arson
Commercial Building
What is the first step in conducting an investigation
Establishing objectives
In a security program which of the following is the best method for reducing overall risk
Implementing compensatory controls
Which of the following is the most significant risk of using financial records as primary evidence in a criminal case
They are difficult to connect directly to the crime
What is the most critical factor in the effectiveness of biometric access control system
False acceptance rate (FAR)
Which of the following is an example of a personnel security control
Two factor authentication
Security cameras
Intrusion Detection systems
__________ means that to accomplish the goal, an adversary should be required to avoid or defeat a number of protective devices in sequence, creating additional steps where the adversary may fail or abort the mission
Protection In Depth
Why is it critical to ensure proper grounding of shielded twister pair cables in high noise environments
Grounding improves signal clarity by reducing EMI
Which of the following is not a regulatory requirement of Schedule V controlled substances under the Controlled Substances Act
Use of a secret storage area
In which scenario would the installation of barbed wire be considered less effective in enhancing perimeter security
When installed along the top of an already electrified fence
Which interview technique is most likely to build rapport with a reluctant witness in a non confrontational investigation
The PEACE model
What is the key factor that increases the Probability of interruption (Pi) in a security system
The time available for response once detection occurs
