Prep Flashcards
Which of the following is the true about vulnerabilities in a security context
Vulnerabilities can arise from inadequate training and poor access control
Which of the following best describes the role of criticality assessments in risk management
Criticality assessments prioritize asset protection based on their importance to overall business operations
What is the primary function of a criticality assessment in risk management
To measure how dependent the organization is on the asset
Why is it essential to review a terminated employees access to company systems during a workplace violence risk assessment
To prevent retaliation or misuse of sensitive information
Which sensor technology is best suited for detecting slow moving objects at long distances
Microwave sensor
How might adversaries bypass the protections of a network based intrusion detection system (NDS)
By encrypting malicious traffic, which the NDS cannot inspect
Which lock type is the most vulnerable to key duplication attacks
Pin tumbler lock
In an adversary sequence diagram, what does a low Probability of Neutralization (Pn) suggest
The adversary is more likely to escape after detection
Which rating denotes a safes ability to withstand tool based attacks at 60 minutes
TL-60
What is the primary goal of ESRM
Identifying and managing security risks
Which of the following scenarios would not reduce Probability of Neutralization (Pn)
Increased threat deterrence measures
In the context of drug investigations, how does the Controlled Substances Act (CSA) classify Ecstasy/MDMA
As a schedule 1 drug due to its high potential for abuse and no accepted medical use
Which of the following is not considered when assessing asset criticality in a security framework
The likelihood of a successful attack
Which of the following combinations of factors is LEAST likely to reduce an assets risk
High vulnerability but effective detection systems
Which of the following is not a recommended best practice for conducting a polygraph examination
Asking compound of leading questions
Which of the following is not an essential characteristic of a well conducted investigation
Expediency
In what situation would a vibration sensor be the most effective choice
Detecting the breaking of glass in a window
Which of the following is most important for ensuring the admissibility of evidence in court
Proper documentation
Which of the following is a responsibility of the personnel security officer
Investigation security incidents
What is the purpose of access control measures in personnel security
To restrict access to sensitive areas
To prevent unauthorized entry
To protect sensitive information
How might a person with a criminal background exploit a ban the box policy to secure employment
By delaying the disclosure of criminal history until later the hiring process
How can poorly managed crisis communication protocols lead to secondary reputational damage after the initial crisis
Stakeholders may receive inconsistent information leading to mistrust
Delayed post crisis messaging reduced confidence in the organization
In high traffic environment which sensor technology would be most appropriate to avoid false alarms while maintaining security
Dual technology sensor
______ is the ability of an organization to anticipate, prepare for, respond to and adapt to incremental change and sudden disruption in order to survive and prosper
Organizational Resilience