Sample Questions Flashcards
This type of ethics is most relevant to business, is active and applies ethical concepts in specific business situations. This form of ethics makes specific judgements about right and wrong and prescribes types of behaviour as ethical in the context of an activity. It makes claims about what should be done and what may not be done. This is best described as:
Applied ethics
This aspect of emergency management encompasses actions taken before an event to plan, organize, equip, train and exercise in order to deal with emergencies that cannot be avoided or entirely mitigated. This is called
Preparedness
This ASIS/ANSI ORM Security and Resilience in Organizations and Their Supply Chains (2017) outlines a risk assessment process. Which of the following describes the process?
Asset identification, risk identification, risk analysis and risk evaluation
When presenting a business case, this should tell the complete story of the case as it may be the only part of the document that some senior managers read, providing general information on the issues surrounding the business problem or project. The part of the business case that BEST describes this is which of the following?
Executive Summary
The plan do act check cycle has a step which looks at the planning analysis, then devises a solution, prioritizes the next steps and develops a detailed action plan. This step is referred to as which part of the cycle?
Do
The integration of traditional security functions and information (systems), IT security functions is known as
Convergence
Which of the following statements is true when interviewing a stuspect for a company internal theft?
The suspect should be made to be uncomfortable as possible in the interview room.
An audio or video recording of the interview is a valuable tool for confirming statements made by all persons present.
An audio or video recording of the interview is obstructive and may be contrary to law.
The interview is conducted in any location, preferably not at the workplace.
An audio or video recording of the interview is a valuable tool for confirming statements made by all persons present.
Scams and phishing schemes are used to infect victims with ransomware, a process of encrypting a user’s files and then demanding payment to decrypt them. This type of cyber attack is also know as
Cryptography
Email compromise scheme
Social engineering attack
Cryptoware
Cryptoware
Which of the following statements concerning interviewing and deception is true?
Deceptive persons answer questions in a direct, straghtforward, spontaneous and sincere manner
Some behavioural characteristics that suggest deception may also be displayed by truthful subject.
The assessment of a subject’s truthfulness is based on a single bahviour pattern
A single word or behaviour characteristics automatically means a person is lying or telling the truth.
Some behavioural characteristics that suggest deception may also be displayed by truthful subject.
There are three main characteristics of intrusion sensor performance. They are probability of detection, vulnerability to defeat and which of the following?
Detection capability
Bypass capability
Detection technology
Nuisance alarm rates
Nuisance alarm rates
The practice of borrowing capital to purchase assets that can increase revenue is called which of the following?
Banking
Leveraging
Loaning
Averaging
Leveraging
This maneragial task involves connecting different people and functions to achieve cooperation to enable a stated goal to be achieved. A good manager must have a broader view and understanding of what is happening and what needs to be done to synchronise different deparments working to bring them together with the right end goal in mind. This statement defines which of the following?
Planning
Organizing
Directing
Coordinating
Coordinating
These specifications make it easier to design systems and sell equipment across borders. Which of the following help establish design requirements for devices, systems and infrastructure to withstand threats?
Analysis
Standards
Specifications
Assessments
Standards
When using a third party investigator to conduct pre employment background investigations, which of the following statements is correct?
The accountability for the final evaluation of the background investigation remains with the employer
Person’s with any form of criminal history should never be recommended for hiring.
The age of any adverse information and the age of the applicant at the time of the adverse incident is not relevant.
The third party’s judgment of the background investigation is considered final.
The accountability for the final evaluation of the background investigation remains with the employer
A company is interested in purchasing property overseas. They decide to conduct an investigation to evaluate the current property owners, the location, the finances, and operations of the target property. Which of the following best describes this type of investigation?
Background
Compliance
Due Diligence
Financial
Due diligence
Which of the following BEST describes the following?
The equipment is primarily used to
Detect activities that call for a security response
Collect images of an incident for later review
Assist with incident assessment
Video surveillance
Access control
Incident detection
CCTV surveillance
Video surveillance
Which statement BEST describes non verbal responses?
Voice characteristics such as tone, pitch, speed and clarity
Body movements and position changes, gestures, facial expressions and eye contact.
Both spoken words and gestures that serve as word substitutes, such as nodding the head to indicate yes.
Voice characteristics and body movements that indicate deception.
Body movements and position changes, gestures, facial expressions and eye contact.
If an executive from the organization is kidnapped and made incapable of running the company, the organization can expect three types of financial losses. One of these is:
The government finding the organization for failing to provide adequate security.
The subsequent lawsuit for the executive’s family for the loss of the executive
The executive’s services will be lost either temporarily or permanently. which can be costly.
The costly loss of corporate revenue
The executive’s services will be lost either temporarily or permanently. which can be costly.
Which describes an investigative interview’s attentiveness, concentration, acceptance, detachment and patience. this best decribes which of the following skills?
Active listening
Objective demeanour
Non verbal attention
Interviewer attentiveness
Active listening
ABC corporagtion has a management style where managers and supervisors guide their employees towards achieving organization’s obectives. The workers enjoy a higher workplace morale and are happy they work with management towards success. This type of management is known as which of the following?
Employee driven
Autocratic
Laissez Faire
Democratic
Democratic
Which of the following BEST describes the document that tells how much money an organization generates (revenue), how much it spends (expenses) and the difference between those figures (net income)?
Income statement
Expense sheet
Cash flow statement
Balance sheet
Income statement
DEF Company is an electronics hardware receiving, storing, and shipping consumer electronics. The company’s security director conducted a vulnerability analysis and reported that a lack of physical security controls exist to control thefts. Additionally, the company has no data on product losses, nor does a fraud or theft prevention program exist. These vulnerabilities are best described as?
A perceived opportunity to commit theft or fraud
Employees with previous criminal convictions will be tempted to steal
Employees with a lifestyle that is beyond their financial obligation.
A perceived need to steal electronics
A perceived opportunity to commit theft or fraud
A security weakness or practice that may faciliate or allow a threat to occur defines which of the following?
Vulnerability
Risk
Loss event
Criticality
Vulnerability
Three financial reports or statements have become accepted as standard and they make it possible to paint a clear picture of a company’s current and prospective financial health. They are:
the balance sheet, portfolio ratio and cash flow statement
The income statement, profit and loss and cash flow statement
The income sheet, profit ratio and cash flow statement
The income statement, balance sheet and cash flow statement
The income statement, balance sheet and cash flow statement
Which of the following statements best describes ISO industry standards?
ISO standards address training, employee competencies, products, rpocesses and quality control
ISO standards often become recognized as industry best practices and becomes market requirements
ISO regulates, legislates and enforces compliances to standards.
ISO is governmental organization
ISO standards often become recognized as industry best practices and becomes market requirements
Information warrenting protection must be appropriately identified and marked using various levels to distinguish the degree of sensitivity, confidentiality, restricted, limited, non public etc. Who in the organization is best suited to define the security level?
The originator of the information
The IT security manager
The security manager
The IT manager
The originator of the information
Documented security instructions or standard operating procedures useed as an essnetial reference for security personnel to know what is expected of them is also called
Security training manual
Security department policy and procedures
Corporate policy and procedures
Security post orders
Security Post Orders
This detector can use buried cable or transmitting and receiving signals relying on consistent reception of transmitted or reflected energy. When energy levels change due to a reflection or deflection, an alarm is transmitted. This is called ________ detection.
Vibration
Infrared
Microware
Capacitance
Microwave
When an investigator is questioning an employee who is suspected of stealing funds from the organization, this is best described as an:
Informational interview
Interview
Non accusatory interview
Confrontational interview
Confrontational interview
ABC inc decided to reduce the risk of theft by spreading valuable assets to various locations, while applying target hardening strategies and countermeasures. However, a risk of the theft remains. This is referred to as
Residual threat
Residual risk
Risk spreading
Residual impact
Residual risk
Which of the following statement BEST describes a CCTV camera’s field of view?
The area visible through the camera lens
The location or area intended to be observed
The function of a CCTV camera which best controls colour rendition
The view from the camera that is recorded
The area visible through the camera lens
No matter how an adversary attempts to accomplish their goal, effective elemetns of the physical protection systems will be encoutered. This is BESt described to as which of the following?
Design criteria
Performance based design
Balanced protection
Conceptual design criteria
Balanced protection
ABC Inc’s information system human resources files have been compromised and an unknown cyber criminal is demanding a payment of USD 1 million or they will release the confidential information onto public internet. This type of threat is known as which of the following?
Phishing
Malware
Virus ware
Ransomware
Ransomware
When designing the physical security protection for the facility, this layer of security measures included protective lighting, intrusion detection systems, locks, signs, barriers such as fencing, and building exterior walls and openings. this BEST describes which layer or protection?
Outer
Perimeter
Middle
Inner
Middle
Cyber criminals were disguising themselves as members from ABC Inc human resource group and contacted employees of ABC Inc asking recipients for their username and passwords. This type of threat is known as
Ransomware
Phishing
Malware
Virusware
Ransomware
The following theory asserts that a person’s behaviour is driven by basic needs at different levels and is still widely recommended to analyse individual employee motivation. This is referred to which of the following?
Motivation Hygiene Theory
McGregor’s Theory
Maslow’s Theory
Hertzberg’s Theory
Maslow’s Theory
To monitor and measure an organization’s risk management performance, a set of performance indicators should be developed to measure both the management systems and its outcomes. Measurements should meet which of the following metrics?
Quantitative or qualitative
Qualitative
Quantitative
Quantitative and SMART
Qualitative or quantitative
ABC Inc installed perimeter fence at the local warehouse. Which of the following best describes the application of this measure?
Deterrence and response
Delay and response
Access control and delay
Access control and deterrence
Access control and deterrence
According to most international legal requirements, these do not have to be registered to be protected. Nevertheless, a person can formalize ownership through government registration, which may help any later enforcement actions. This applies to which of the following?
Patents
Trademark
Trade secrets
Copyrights
Copyrights
A security officer deployment configuration where a proprietary supervisor oversee contract front line officers is know as
Contract Principle-Agent
Proprietary Principal-Agent
Hybrid Principal-Agent
Contract-Agent
Hybrid Principal-Agent
Which of the following best describes ESRM
ESRM assigns determined risks to specific programs
ESRM is an element of an existing security program within the organzation
ESRM is management program or process using a strategic approach.
ESRM is built around existing security programs in the organization including sub programs.
ESRM is management program or process using a strategic approach.
In a bomb threat assessment, the threat evaluation team is an important asset. Which of the following statements is correct?
The TET can manage several different sites
The team’s final decisions are made by several members
A record keeper is an important part of the team
A large team is better than a smaller team
A record keeper is an important part of the team
An organiztion is planning highly sensitive meetings, involving information which would be considered highly confidential and proprietary and not intended for disclosure. The organization wants employement services, equipment and techniques designed to locate, identify and neutralize covert technical surveillance devices, which may be in or near the meeting areas. Which type of services BEST describes what the organization needs?
Contracted counter surveillance
Technical surveillance countermeasures
Contracted investigation services
Technical security services
Technical surveillance countermeasures
When conducting a security survey which of the following should be the focus of the assessment?
Threats
Consequences
Assets
Vulnerabilities
Vulnerabilities
Private and personal information pertaining to an organization’s employees, management, business relationships, and customers is also often referred to as
Employee Personnel Records
Organization’s Personnel Records
Trade Secrets
Personally Identifiable information
Personally Identifiable information
In ESRM, who owns the risk decisions for identifable assets?
The security manager
The supervisors and managers
The asset owner
The employees and non employees
The asset owner
To ensure sustained longevity and success, there are four critical concepts tht comprisethe foundation of ESRM. They are holistic risk management, partnership with stakeholders, transparency and which of the following?
Resilience
Preparedness
Governance
Convergence
Governance
The primary goal of an interview is which of the following?
Admission of guilt
Truthful information
Recollection of facts
Confession to a crime
Truthful information
This is measured in terms of frequency or probability, where frequency is the number of times an undesired event happens in a defined time period. this is called
Observability
Impact
Criticality
Likelihood
Likelihood
Programs developed and implemented prior to an incident used to support mitigation of, response to, and recovery from emergencies is referred to as which of the following?
Mitigation
Recovery
Preparedness
Response
Preparedness
Tom, the CSO at DEF Inc, has a leadership style where he perceives subordinates need direct supervision and instructions to their complete work. This describes which of the following leadership styles?
Laissez-faire
Behavioural
Authoritarian
Democratic
Authoritarian
CPTED is the design or redesign of a venue to reduce crime opportunity and fear of crime through natural, mechanical, and procedufral means. CPTED is a crime prevention theory grounded in environmental criminology. CPTED primarily focuses on which of the following physical protection system principles?
Delay
Deterrence
Detection
Response
Deterrence
The Plan-Do-Check-Act (PDCA) cycle has a step where one examines the solutions devised to address the problem. The point is to check whether the solutions are producing outcomes that are consistent with the plan. This step is referred to as which part of the cycle?
Plan
Do
Check
Act
Check
A suspicious letter was received in the mailroom delivered through the local postal delivery system. The letter is suspicious because it is directed to the CEO and the return address is a person known to have made threats. the large, brown envelop feels like it has granular sand-like material contained inside. Which of the following is a correct reaction?
Move the package outside immediately.
Open the items enough to examine the contents, while awaiting emergency services
Submerge the item in water, placing a heavy object on top to ensure it remains submerged
Consider moving the item to an isolated place and wait for emergency services.
Consider moving the item to an isolated place and wait for emergency services.
Which of the following statements would be considered an interviewing clue to an investigator, indicating a deceitful subject?
No I didn’t steal the money
I couldn’t take that money. I wouldn’t do that type of thing.
I did not steal that USD12000 or whatever it is. I didn’t steal a penny of it.
Absolutely not; I had nothing to so with it.
I couldn’t take that money. I wouldn’t do that type of thing.
The enterprise security risk management (ESRM) cycle involves a process of identifying and prioritizing organizational assets and the process involves three key roles. Which of the following identifies the key roles?
All employees, the risk manager, legal counsel
The asset owner, top management, the security professional
All employees, the risk manager, the security professional
The asset owner, top management, the risk manager
The asset owner, top management, the security professional
Which of the following statements is correct when reviewing an incident reporting and management database?
Management needs to avoid flexibility in establishing and maintaining the database system
Regardless of the size of the other category, making changes to the database is not recommended because reporting will change.
To be cost effective, an asset protection program must consider only the major incidents and events
If 80 percent of each month’s reports fall into the “other” category, new categories should be developed.
If 80 percent of each month’s reports fall into the “other” category, new categories should be developed.
Which of the following statements BEST describes risk assessments as they relate to information systems?
Organizations are recommended to only perform qualitative risk assessments
Organizations are recommended to only perform quantitative risk assessments
Risk assessment of the organization’s information systems should be performed once.
Risk assessments should identify risks, quantify them, and prioritize them according to the organization’s criteria for risk acceptance.
Risk assessments should identify risks, quantify them, and prioritize them according to the organization’s criteria for risk acceptance.
The property owner in a 20-unit townhouse complex decided to reinforce the privacy of the children’s playground by adding a security patrol to the area to deter illicit drug use by trespassers, along with overt CCTV surveillance, with perimeter fencing and an access controlled gate. This is BEST known in CPTED as which of the following?
Management and maintenance support
Legitimate activity support
Mechanical measures
Natural measures
Legitimate activity support
Activities providing a critical foundation in the effort to reduce the loss of life and property from natural and/or manmade disasters by avoiding or lessoning the impact of a disaster and providing value to the public by creating safer communities. This is referred to as
Response
Preparedness
Mitigation
Recovery
Mitigation
Which of the following statements about recording functional requirements is TRUE?
Resolution relates to the lenght of time a recorded video is stored.
When selecting a video surveillance system, it is important to use a systems approach
Compression (Codec) relates to picture clarity and the ability to distinguish key features
When selecting a video surveillance system, it is important to use a components approach
When selecting a video surveillance system, it is important to use a systems approach
Which of the following standards specifies requirements to implement, maintain and improve a management system to protect against, prepare for, respond to, and recover from disruptions when they arise?
ANSI/ASIS ORM.1-2017 Security and Resilience in Organizations
ISO 22301:2019 Business Continuity
ANSI/ASIS PAP.1-2012 Physical Asset Protection
ISO 27001:2022 Information Security
ISO 22301:2019 Business Continuity
The property owners in a 20-unit townhouse complex implemented signage and designed the landscaping to deter unwanted activity and tresspassing. They also designed the area to better sight lines of the children’s playground from the inside of the residences. They intend to establish a sense of ownership, responsibility, and accountability with property owners, to increase vigilance in identifying tresspassers. Which of the following CPTED terms BEST meets this community’s intent?
Natural Territorial Reinforcement
Random Activity Theory
Target attractiveness
Neighbourhood watch
Natural Territorial Reinforcement
The likelihood of one outcome out of the total of all possible undesirable outcomes, expressed as a number between 0 and 1 is called:
Likelihood
Probability
Criticality
Impact
Probability
The ability of the physical protection system to prevent a successful attack once it has been initiated is BEST referred to as which of the following?
Vulnerability effectiveness
System effectiveness
Effective security and personnel
Effective security hardware
System effectiveness
A company’s investigative unit is conducing an internal theft investigation in its warehouse. The company hired external contract investigators to assist in the project by providing project management, undercover operations, an anonymous caller “Tip Line” and convert CCTV monitoring the area. These efforts can be BEST described as:
Covert surveillance
Force multiplier
Undercover operations
Overt surveillance
Force multiplier
“One of the basic CPTED strategies is to design multiple or concentric layers of security measures so that protected assets are behind multiple barrier” is a definition of which of the following?
Natural boundary definition
Natural access control
Protection in depth
CPTED
Protection in depth
In the design of a new high rise structure and considering the life safety aspect of the building, which of the following should rank as a first priority?
Fire detection, confinement, extinguishment, evacuation and escape
Adversary deterrence, detection, denial, delay and defense
CPTED principles in the building design
Controlled access and surveillance for legitimate users.
Fire detection, confinement, extinguishment, evacuation and escape
What is interoperability?
The ability for security forces to communicate with internal departments in an emergency.
The ability of private security and the public sector to work together.
The ability for different jurisdictions and responding agencies to communicate with each other wirelessly.
The ability for the emergency responders to work seamlessly with proprietary security forces.
The ability for different jurisdictions and responding agencies to communicate with each other wirelessly.
Using a comprehensive model for theft and fraud prevention uses programs to educate management and employees about the nature, types and most vulnerable areas of losses in the organization using written policies, accountability systems, and awareness programs. Which element of the program BEST describes this description?
Prevention
Training
Compliance
Analysis
Prevention
Inappropirate links or unprotected networks, improper system configuration, or unpatched workstations are examples of:
Natural information security threat
Virtual information security threat
Vulnerability in the information systems management processes
Vulnerability in the information systems infrastructure
Vulnerability in the information systems infrastructure
These diagrams show complete security subsystems, including all the devices and how they are connected in a building or campus. They are called:
Riser diagrams
Plan drawings
Elevation drawings
Details diagrams
Riser diagrams
ABC Inc wants to develop a document outlining the overall intensions and direction of the organization as it relates to managing risk to enhance the resilience and security of ABC Inc. This is also referred to as which of the following?
A policy
A procedure
A practice
A standard
A policy
Security professionals can most effectively convince managment of the need for security by qualifying and prioritizing the loss potential with presenting which of the following?
A strategic plan that applies to the security organization
A cost-benefit analysis with business unit enforsement
A cost-benefit analysis and returns on investment assessment
A strategic plan that applies to the whole organization.
A strategic plan that applies to the whole organization.
The product of the potential loss from an event and the likihood of the event is BEST described as
Vulnerability Exposure
Risk Profile
Loss Event profile
Annual Loss Expectancy
Annual Loss Expectancy
Which of the following is an example of risk reduction?
Application of CPTED principles to mitigate risk
Purchasing insurance to mitigate losses
Accepting the risk without mitigation strategies applied
Considering the probability and impact, doing nothing
Application of CPTED principles to mitigate risk
“A systematic evaluation of a subject’s verbal and non verbal behaviour during the course of a structured interview in which both invstigative and behaviour provoking quesitons are asked” BEST describes which of the following?
Behaviour analysis interview
Statement analysis
Fact finding interview
Non confrontational interview
Behaviour analysis interview
A business unit’s top leadership will develop a plan that provides a general direction for the organization. This plan is the fundamental template for direction that defines and supports the organization’s long term goals.
SWOT plan
PEST plan
Strategic plan
STEP plan
Strategic plan
A janitor has limited access to information on the organization’s information systems, restricting access to only his/her payroll information and personal timesheets. HR and payroll personnel have access to higher levels of the same timesheet information. This is an example of:
Information control
Information protection
Password protocols
Defense in Depth
Defense in Depth
When defining protection for information systems, persons are asigned increased level of trust for access to entitled levels of access to sensitive informatio. This is called:
Password protocols
Information protection
Defense in Depth
Information control
Defense in Depth
CPTED measurs which employ good space planning to reduce inhabitant conflicts by considering compatible circulation patterns, including a well defined building entrance and arrnagement courtyards, patios, and porches for unobstructed line of sight describes which of the following?
Organizational measures
Human measures
Mechanical measures
Natural measures
Natural measures
Which of the following lighting systems have the BEST color rendition for night lighting?
Mercury vapor
Metal halide
Low pressure sodium
High pressure sodium
Metal halide
“The ability of an organization to resist being affected by an event or the ability to return to an acceptable level of performance in an acceptable period of time after being affected by an event” is called
Organizational resilience
Emergency operations plans
Continuity of operations
Business continuity
Organizational resilience
This assessment is performed to establish a baseline of physical protection system; effectiveness iin meeting goals and objectives. The process is a method of identifying the weak points of a facility, entity, venue or person. This is BEST described as a
Risk assessment
Vulnerability assessment
Security survey
Risk analysis
Vulnerability assessment
Insurance coverage on an asset is considered the most common form of what type of risk management?
Risk transfer
Risk spreading
Risk acceptance
Risk reduction
Risk transfer
When in a procurement stage, an invitation for bids will list specific equipment and software and request prices from the contractor to supply the specific items and install them. This is best described as
Design estimation
Design evaluation
Design specification
Design planning
Design specification
Which of the following BEST describes the document that tells how much money an organization generates (revenue), how much it spends (expenses) and the difference between those figures (net income)?
Income statement
Balance sheet
Cash flow statement
Expense sheet
Income statement
The following theory is based on the premise that the opposite of satisfaction is not dissatisfaction but simply no satisfaction. The theory maintains that two set of factors determine a worker’s motivation, attitude and success. It is referred to as which of the following?
Hertzberg’s Theory
Maslow’s Theory
Hierarchy of needs theory
McGregor’s Theory
Hertzberg’s Theory
This type of property need not be registered with any outside agency, so the owner can maintain a greater degree of control over the asset. The owner must be able to prove that the information’s added value or benefit to the owner, was specifically identified, and the owner provided a reasonable level of security to protect the information. This is called a
Trade secret
Copyright
Patent
Trademark
Trade secret
When considering incident command management, who becomes the incident commander when an incident requires public safety response?
The security manager
The senior member of the organization’s leadership
The senior member of the responding security team
The senior member of the responding agency
The senior member of the responding agency
Which of the following best describes ENTRAPMENT?
Considered a crime when done by a designated agent.
Does not require pre existing evidence of similar acts.
The agent is encouraged to use entrapment to catch employees stealing.
The agent encourages a person to commit a crime.
The agent encourages a person to commit a crime.
Which of the following best describes the following statement: “This process uses the risk criteria and outputs to determine what risks are acceptable with the existing risk treatments and which require additional risk treatments. “
Risk identification
Risk analysis
Risk evaluation
Risk assessment
Risk evaluation
Post incident recovery can be categorized into (3) phases, where the long term phase includes post-incident debriefing with internal stakeholders. Which of the following strategies is included in this phase?
1. Coordinating and directing employees and families to employee assistant programs.
2. Accounting for all individuals onsite, ensuring for life safety priorities.
3. Ensuring emergency communication with employees, families, public and the media.
4. Evaluate the incident
- Coordinating and directing employees and families to employee assistant programs.
Which of the following is an essential component to the primary objective of implementing local network access control?
1. Protecting information confidentiality using authentication
2. Protecting information confidentiality from viruses.
3. Protecting the organization’s network security
4. Protecting personal identifiable information against hackers.
Protecting information confidentiality using authentication
The three primary functions of a physical protection system are
1. Detect, delay and response
2. Deter, detect and response
3, Deter, delay and response
4, Detect deter and response.
Detect, delay and response
Which of the following best describes the role of an organization’s crisis management team?
Performs more of a tactical role in an emergency
Fulfils a strategic more than tactical role
Performs more of an operational role in an emergency
Performs the role of incident command in an emergency.
Fulfils a strategic more than tactical role
The product of the potential loss from an event and the likelihood of the event is BEST described as:
Annual loss expectancy
Vulnerability exposure
Loss event profile
Risk profile
Loss event profile
Organizations are required by standards (ANSI/ASIS ORM-2017) to report and investigate incidents. Which of the following types of incidents are stipulated?
Incidents involving casualties, allegations of abuse or substance abuse
Incidents with allegations of personal relationship between employees
Human resources (HR) reporting employees arriving late for work and abusing sick time
Incidents involving missing property and subordination to a superior.
Incidents involving casualties, allegations of abuse or substance abuse
A process by which an organizational user is identified and granted privileges to level of network information, systems or resources is called which of the following?
Application encryption control
Application security control
Logical network access control
Digital signature control
Logical network access control
An organization invested in developing a new technology and intends to secure the information for the design, development and marketing of the product. At this point, how can this information be BEST defined?
Trademark information
Patent information
Trade secret information
Proprietary information
Proprietary information
Packages may be searched for contraband manually or by active interrogation using x rays. Which of the following statements is correct?
Active interrogation x ray technology will not detect drugs.
Active interrogation x ray technology will not detect explosives.
It is safe to expose personnel to active interrogation methods of x ray screening.
Advanced backscatter x ray technology is safe for screening personnel.
Advanced backscatter x ray technology is safe for screening personnel.
Who is BEST suited to conduct a preliminary search for suspicious packages in the event of a bomb threat?
The responding fire department
The responding police
Responding security officers
People who work in that area
People who work in that area
The Security Director for ABC Manufacturing wants to test the new, never tested before business continuity plan designed for the organization. It is critical the 24/7 manufacturing and assembly operations are not impacted by the testing, Which of the following statements BEST describes how to test the plant?
A tabletop practical or stimulated exercise presented as realistically as possible.
An orientation session followed by a tabletop exercise presented in a narrative form.
A full scale live or real life exercise
A functional exercise
An orientation session followed by a tabletop exercise presented in a narrative form.
This communicates business functionality and operational methods. It specifies a business’ type of products or services, level of quality, and other tangible aspects of the business and its plans.” This is best referred to as:
A vision statement
A mission statement
A strategic plan
An organizational strategy
A mission statement
The process of assessing security-related risks from internal and external threats to an entity, its assets and personnel, it is best described as a
Security survey
Risk assessment
Vulnerability assessment
CARVER assessment
Risk assessment
Ethics problems are not confined to the business world; they can be found in almost any field or endeavour. What are the three factors that psychologists include commonly motivate individuals to commit unethical or dishonest acts?
Desire, rationalization, and opportunity
Determination, access, and lack of ethics
Determination, justification and lack of ethics
Desire, justification and lack of ethics
Desire, rationalization, and opportunity
“This statement includes the specific details that all involved parties can understand what needs to be done, highlighting specific goals the organization wants units to achieve,” This best describes
Vision statement
Mission statements
Strategic plans
Organizational Objectives
Organizational objectives
This process reuires consideration of the threat type, tactics, mode of operations, capabilities, threat levels and likelihood of occurance. Threats come from malevolent humans, not accidental (safety-related) events. This process is BEST defined as which of the following?
Threat Risk Assessment
Design Basis Threats
Loss Event Profiles
Adversarial Sequence Diagrams
Design Basis Threats
In the following formula, what does K equal?
K=Cp+Ct+Cr+Ci-I
Incident Frequency Factor
Return on Investment
Cost of Loss
Avoided Cost of Loss
Cost of Loss
When considering the development of a post incident recovery plan for acts of workplace violence, which of the following is the highest priority?
Evidence collection and preservation for the impending invstigation
Notification to management and next of kin
Life safety considering the immediate needs of those impacted
Coordination of the Threat Management Team
Life safety considering the immediate needs of those impacted
A metric which measures how an organization or individual is performing against defined goals and objectives are called a:
Defined Target Measure
Competence Based Metric
Balanced Scorecard Metric
Key Performance Indicator
Key Performance Indicator
When designing a new multi-level parking garage, to increase visibility, both interior-to-exterior and exterior-to-interior to facilitate witness potential and make the likely adversary fear exposure is described in CPTED as which of the following?
Compartmentalization
Natural access control
Natural surveillance
Natural territorial reinforcement
Natural surveillance
An uncertain situation where a number of possible outcomes might occur, one or more of which is undesirable, Best describes which of the following?
Risk
Targets
Threats
Loss
Risk
“An organization can be an adaptive, problem solving, innovative system operating in and coping rapidly changing environments. Bureaucracy and the “organization man” will have no place in future organiztions.” This is a theory known as which of the following?
Maslow’s Theory
Crime Prevention Through Environmental Design
Warren Bennis’ Theory
Hertzberg’s Theory
Warren Bennis’ Theory
This detector absorbs invisible light energy comparing actual energy to established background energy. What type of detector is this?
Active infrared
Passive microwave
Active microwave
Passive infrared
Passive infrared
ABC Inc. installed a chain-link security fence, defining the perimeter of the facility. The fence also displays “No tresspassing signage” and has locking gates with automated access control. In CPTED, these measures are elements of which of the following?
Surveillance and territoriality
Natural territoriality and natural access control
Territoriality and access control
Management and maintenance
Territoriality and access control
The Human Resource (HR) department for ABC Inc. invited the Security Director to provide guidance towards protecting the organization’s personnel files which are designated as personal identifiable information (PII). Which of the following is the best advice from the Security Director?
Recommend relevant HR personnel handling the information undertake special training on protecting sensitive information
Recommend HR evaluate the employee’s privacy information and determine the legal and regulatory requirements for protection
Implement physical security measures
Implement immediate network access control measures
Recommend HR evaluate the employee’s privacy information and determine the legal and regulatory requirements for protection
Which of the following is considered part of developing an effective physical protection system using protection-in-depth principle when designing an “outer-layer” perimeter?
Deter, detect, delay and dispatch
Detect, delay, dispatch and detain
Deter, detect, delay and respond
Detect, delay, deny and respond
Deter, detect, delay and respond
Active intrusion sensors transmit a signal from a transmitter and, with a receiver, detect changes or reflections on that signal. When the transmitter and the receiver are separated, what type of installation would this be called?
Bistatic
Monostatic
Passive
Active
Bistatic
Which of the following statements is correct relating to using bulk explosive detection technologies to screen packages, people, or vehicles with the intention of detecting explosives?
A fabric swab is rubbed across the object to collect partlcie residues from hard surface then analysed by a detector
Vapor sampling collects an air sample next to the object for analysis
Backscatter technologies are capable of scanning packages, vehicles, persons for weapons, contraband and the presence of explosives.
Bulk technologies using ionizing radiation
Backscatter technologies are capable of scanning packages, vehicles, persons for weapons, contraband and the presence of explosives.
The following theory asserts job content (motivators), such as achievement, recognition, responsibility and satisfaction are derived from work itself, is best described as part of which of the following theories?
Maslow’s theory
Hertzberg’s Theory
Hierarchy of Needs Theory
McGregor’s Theory
Hertzberg’s Theory (not sure)
Which of the following statements is the MOST accurate declaraction concerning employee dishonesty?
Most employees would seal from the employer if given an opportunity
Employees have no control over factors which contribute towards employee theft and fraud
Employees involved in theft have usually been involved in other misconduct at the company
Most employees would steal from their employers considering themselves dishonest
Employees involved in theft have usually been involved in other misconduct at the company
When considering the development of a post incident recovery plan for acts of workplace violence, which of the following is the highest priority?
Evidence collection and preservation for the impending investigation
Notification to management and next of kin
Life safety considering the immediate needs of those impacted
Coordination of the Threat Management Team
Evidence collection and preservation for the impending investigation
“A specific description of where the business will be in the long term, that conveys a general understanding of the business, its culture and its future goals.” This concept is BEST referred to as”
A strategic plan
An organizational strategy
A vision statement
A mission statement
A vision statement
“The ability of an organization to resist being affected by an event or the ability to return to an acceptable level of performance in an acceptable period of time after being affected by an event” is called
Organizational resilience
Business continuity
Emergency operations plans
Continuity of operations
Organizational resilience
These can change often to meet the changing demands and conditions the overall organization or security department faces. They can be changed without high-level, time consuming executive review process. This BEST describes:
Procedures
Strategic plans
Policies and procedures
Policies
Procedures
This theorizes that once the primary needs are satisfied, they are no longer driving needs and are replaced by needs higher in the order. thus when primary needs are satisfied, higher-order needs are predominant. This is considered:
Self Esteem Theory
Hertzberg’s Theory
Maslow’s Theory
Motivation-Hygiene Theory
Maslow’s theory
This statement includes the specific details that all involved parties can understand what needs to be done, highlighting specific goals the organization wants to achieve.” this best describes
Organizational Objectives
When dealing with suspected chemical or biological agents that are released from a suspicious package, what should be your FIRST goal?
Call the police
Look after any staff exposed to the material
Call security
Limit distribution of the material
Limit distribution of the material
Which of the following is the keystone for continuous improvement in the organization’s ability to effectively manage the security of its information assets?
ISO/IEC 27001:2005
Generally Accepted Information Systems Security Practices (GAISSP)
Red Flag Rules
ISO/IEC 27002:2005
ISO/IEC 27001:2005
This facility applied CPTED principles when CCTV cameras were installed, security officers contracted and patrols added along with landscaping modifications to better deter unwanted activities onsite. Which of the following are the three CPTED strategies applied?
Mechanical, Organizational and Natural Measures
Mechanical, Organizational and Physical Security measures
Organizational, Natural and Physical Security measures
Organizational, Natural and Personnel measures
Mechanical, Organizational and Natural Measures
In a workplace violence incident, where it is assessed to be an “Urgent-Emergency Situation,” which of the following is the MOST appropriate response?
Conduct further data collection to determine incident seriousness
Perform a violence risk screening
Contact the Threat Management Team to initiate the plan
Law enforcement and emergency response personnel should be notified.
Law enforcement and emergency response personnel should be notified.
Which of the following mitigation strategies would be considered risk acceptance?
Considering the risk by not applying mitigation strategies
Purchasing insurance to cover a loss
Installing CCTV cameras and other access control measures
Applying a system approach to target hardening
Considering the risk by not applying mitigation strategies
Which of the following are considered the MOST important elements of a violence risk assessment program?
Behaviour recognition, notification, assessment and adequate response
Behavioural recognition, diversion, delay and adequate response
Detection, deterrence, delay and response
Detection, diversion, delay and response
Behaviour recognition, notification, assessment and adequate response
Following a telephone bomb threat, a search has been conducted of your building and a search team found a suspicious backpack. Which of the following statements BEST describes the action the search team undertake?
Physically inspect the backpack and determine the contents.
Leave the backpack and location and report to the incident commander
Report to the search supervisor and remain available to be a witness to the responding emergency services
Take the backpack to the incident commander for inspection
Report to the search supervisor and remain available to be a witness to the responding emergency services
ABC Inc. is in the process of developing a business impact analysis (BIA). After understanding the enterprise business and general risk environment what is the FIRST step of determining the risk?
Identifying and prioritizing the assets needing protection
Identify the alternate business and staff processes needed for business continuity.
Identify the likelihood and probability of a threat event
Identify the recovery time objectives for allowable disruption to the organization
Identifying and prioritizing the assets needing protection
Which of the following scenarios would warrent an acceptable undercover investigation?
To investigate protected union organizing activities
Investigate alleged or suspected employee theft in the workplace
To replace some other form of investigaiton method that will likely produce the same results with less time and resources
Investigate activities that are permitted or protected by a government statute, rule or regulation.
Investigate alleged or suspected employee theft in the workplace
Implementation of the organization’s emergency plan and control of the facility during an emergency incident should be the responsibility of the following person:
The organization’s senior manager present on site
The security manager
The senior responding public safety person
The senior officer
The organization’s senior manager present on site
When establishing internal and external complaint and grievance procedures, which of the following procedures should be included?
Levels of the organization excluded from the procedures
Identification of the root cause
Identification of the penalties for breach of policy
Details on the required experience and training of the investigators.
Identification of the root cause
Which of the following types of investigations is considered the “most common type of investigation in many business and organizational setting”?
Undercover
Compliance
Incident
Misconduct
Incident
Frontline managers involved in the day-to-day operations of their departments or divisions are their organizations’ best resource for realistic budget information and setting their own department budgets. This process is referred to as:
Top-down budgeting
Zero based budgeting
Bottom-up budgeting
Combination budgeting
Bottom-up budgeting
Which of the following BEST describes a performance metric applicable for evaluating an employee in an organization?
The employee must work better with other workers
The worker’s supervisor will provide their thoughts about performance
The worker’s supervisor will observe overall behaviour improvement
The employee shall achieve CPP designation within the year
The employee shall achieve CPP designation within the year
Which of the following BEST describes the personnel who are often described as the “first line of defense” in the selection of quality and risk-free application for the organization?
Contracted Recruiter
Background Investigator
Security Manager
Human Resource (HR) personnel
Human Resource (HR) personnel
An organization wants to restrict access to internal company information. When designing the access restrictions, which of the following should describe who can access sensitive information?
Company personnel or others who have signed a nondisclosure agreement
Personnel authorized by the original owner or IT Manager
Access is granted based on their position or management level
Company personnel who have attended an information security workshop
Company personnel or others who have signed a nondisclosure agreement
Before conducting a risk analysis, particularly a quantitative one, who should determine the evaluation levels?
The trainied assesser assigned to the project, regardless of internally or externally resourced
A team of security practitioners (internally and externally) resourced with specific expertise on security assessments
A multi-disciplinary team of subject matter experts considered stakeholders in the assessment
The security manager responsible for the assessment and assessment teams.
A multi-disciplinary team of subject matter experts considered stakeholders in the assessment
Which of the following would be considered one of the greatest legal liabilities an organization faces with security officers?
Poor reputation
Safety training
Lack of honesty
Issued a deadly weapon
Issued a deadly weapon
In almost all situations, what is considered a major facotr in the decision to outsource or maintain an internal investigative capacity?
Goals
Expertise
Objectives
Cost
Cost
When an interviewer asks the following question:
“Explain what you were doing between midnight last night to the time we called you for this interview.” What type of question is this?
Leading question
Open question
Accusatory question
Closed question
Open question
