Security Management...Garima's Deck

Question 1

Which actions are most successful in preventing theft?

Answer 1

1. Identifying risks, ranking and addressing risks.
2. Backing up technology with governance, expertise and monitoring
3. Taking notice.

Question 2

How to develop a detailed response strategy (after insider theft)?

Answer 2

1. Convening a quick response team
2. Creating a cross divisional team to establish the facts of the case.
3. Investigate why the theft occurred.
4. Conducting a root cause analysis
5. Developing a remediation process.

Question 3

What are the 10 steps of a comprehensive theft and fraud prevention?

Answer 3

1. Prevention Program
2. Incident
3. Incident reporting
4. Investigation
5. Action
6. Resolution
7. Analysis
8. Publication
9. Implementation of controls
10. Testing for compliance and training.

Question 4

What are the components of preventive education?

Answer 4

1. Screening for past trust violation
2. Policies detailing prohibited activities and actions to be taken in case of violation
3. Setting up shipping, receiving and warehousing
4. Specific accountability systems for each vulnerable function
5. Periodic employee communication to demonstrate company vulnerabilities and management actions.
6. Theft and fraud prevention training
7. Avenues for employees to report concerns
8. Audits & security reviews of high value inventory and operations.

Question 5

Which is the most common and serious motive for employee theft?

Answer 5

gambling addiction

Question 6

ABC Inc decided to reduce the risk of theft by spreading valuable assets to various locations, while applying target hardening strategies and counter measures. However, a risk of theft remains. This is referred to as

Answer 6

Residual Risk (not risk spreading, risk threat, or risk impact)

Question 7

What was the Counterintelligence Strategic Partnership Program earlier known as?

Answer 7

Developing Espionage and Counterintelligence Awareness (DECA) program and then
Awareness of National Security Issues and Response (ANSIR)

Question 8

An information protection strategy is designed to support what?

Answer 8

An organization’s goals, strategy and timelines.

Question 9

What are the three types of Information Asset Protection (IAP) threats?

Answer 9

1. Intentional threats
2. Natural threats
3. Inadvertent threats

Question 10

What are other noteworthy IAP threats besides intentional, natural and inadvertent threats?

Answer 10

1. Data mining
2. Insiders
3. Counterfeiting and piracy

Question 11

Fill in the blanks:
Risk assessments should identify risks, quantify them, and prioritize them according to an organization’s _________

Answer 11

criteria for risk acceptance.

Question 12

What are the top business impacts to watch out for while conducting risk assessments (for IAP)?

Answer 12

1. Loss of company reputation/image/goodwill;
2. Loss of competitive advantage in one product/service;
3. Reduced projected/anticipated returns or profitability;
4. Loss of core business technology or process; and
5. Loss of competitive advantage in multiple products/services

Question 13

What are the benefits of IAP for businesses?

Answer 13

1. Enhances fiduciary oversight, control, and stewardship of key assets
2. Aligns information assets with business operations and the organization’s strategic vision;
3. Offers efficient allocation of traditional and IT security resources;
4. Allows timely pursuit of information asset compromises and intellectual property rights (IPR) violations;
5. Helps to negotiate coverage and premiums for intellectual property (IP) and information technology IT insurance;
6. Provides consistency in regulatory reporting of assets;
7. Standardizes internal and external asset handling
8. Identifies key internal and external sources of assets and intellectual capital.

Question 14

What are the steps for developing an IAP policy?

Answer 14

1. Leadership to provide resources and ask all business units to develop strategies to align business and protection goals.
2. A dedicated team should be tasked with policy management and auditing
3. All should adhere to the policy
4. There should be IAP training
5. IAP training should be documented.

Question 15

What must IAP protection measures ensure?

Answer 15

confidentiality, integrity, availability, accountability, recoverability, auditability, and non- repudiation of information in both the physical and cyber environment

Question 16

Many businesses divide information into three categories. Which three categories are there?

Answer 16

1. External release (unrestricted access),
2. Internal (limited to employees and contractors), and 3. Confidential (limited by a specific need to know).

Question 17

True or False:
Layered Protection (Defense in Depth) applies to both physical security and IAP

Answer 17

True

Question 18

In IAP, what does defense in depth imply?

Answer 18

1. Increasing level of trust for those who are given access to successive layers
2. Different security technologies or measures that operate in concert.
3. Successive layers employed to delay, detect and deter intruders.

Question 19

What should a security professional do to implement layered technology?

Answer 19

1. Apply multiple levels to critical assets
2. Ensure successive layers compliment each other
3. Built a coordinated strategy that integrates different protective measures.

Question 20

What are the protective steps recommended to manage documents and records?

Answer 20

1.Place shredders or secure collection receptacles near printers, copiers, and fax machines.
2.Place signs in such areas to remind employees that overruns and misprints must be destroyed.
3.Where appropriate, document any transfers (internal and external) of sensitive records or documents.
4.Carefully select any contractors that destroy records, documents, or sensitive information.
5.Destroy records and sensitive information in a manner that precludes reconstruction consistent with its level of sensitivity, and document the date and place of destruction.
6.Destroy obsolete records regularly, according to a record retention schedule.
7.Destroy incidental and duplicate records on a regular basis.
8.Store media awaiting destruction in secure containers.
9.If possible, avoid discarding destroyed media in trash receptacles accessible to the public.
10.Give categories of access to the documentation, such as public use or restricted use.
11.When records and information are being transported, protect them with locked containers, seals, escorts, radio frequency identification tags, transportation logs, and other means.

Question 21

What should be done to maintain IAP privacy protection?

Answer 21

1. Evaluate privacy information
2. Ensure systems are in place to safeguard such information.
3. Establish specific privacy policies and designate someone for implementation and management.
4. Device a mechanism to investigate priacy breaches
5. Review applicable regulatory laws and guidelines and ensure compliance.
6. Be transparent about privacy information, accessibility to individuals, notifications and associated actions
7. Conduct program audits to ensure proper implementation of privacy policies

Question 22

What steps can be taken to harmonize IAP and business principles?

Answer 22

1. Coordinate IAP matters with all business units.
2. Incorporate IAP into business continuity plan
3. Employee onboarding, training and professional development programs should include IAP related material
4. Communicate IAP issues to all levels of management.

Question 23

What steps should be taken in OPSEC or information risk management?

Answer 23

1. Develop tailored IAP policies for key projects.
2. Ensure that peripheral information, facility enhancements and other observable activities, do not provide valuable intelligence to others
3. Consider the vulnerability of information released to outside but related entities as these may not have sufficient IAP measures.
4. Review the company’s and it partner’s publicly available information to determine if it reveals sensitive information.
5. Assess vulnerabilities by taking the adversary’s perspective.
6. Implement an approval process for any presentations, papers, or articles that may contain information pertinent to sensitive activities or plans.

Question 24

How can IAP professionals prevent and detect counterfeiting and illegal copying?

Answer 24

1. Monitor the Internet for counterfeit products.
2. Train employees to watch for counterfeit products
3. Require all to sign nondisclosure agreements (NDAs).
4. Employ anti-counterfeiting technology.
5. Number all technical memoranda and reports.
6. Conduct compliance and inventory control audits
7. Work with law enforcement and prosecutorial agencies

Question 25

How can organization protect its trade secrets?

Answer 25

1. Document the identification and valuation of the trade secrets, their role in establishing competitive advantage in the industry, and the full scope of protection measures instituted to protect them.
2. Ensure that measures are in place to prevent unauthorized access.
3. Conduct periodic, random audits
4. Execute nondisclosure agreements
5. Establish need-to-know criteria to ensure that individuals have limited access
6. Institute effective information warning notifications
7. Properly discard what is no longer needed.

Question 26

How is decision making helpful?

Answer 26

Decision making serves to:
1. Guard against errors in judgement
2. Ask important questions
3. Access information
4. Recognize & assess assumptions, implications and consequences.
5. Come to well reasoned conclusions
6. Achieve commitment & understanding
7. Solve the problem in question.

Question 27

What is critical thinking?

Answer 27

Process by which knowledge & intelligence are used effectively to arrive at the most reasonable and justifiable positions on issues. A thinker identifies and overcomes hinderances to thinking.

Question 28

What is a strategy?

Answer 28

A goal oriented set of plans & actions that enables a business to compete effectively. It is also known as a theory about how to gain a competitive advantage.

Question 29

What does evaluating the external macro environment in business entail?

Answer 29

1. Recognize risks or factors which have strategic significance.
2. Diagnose the competitive conditions in the industry.
3. Map the market position of key industry rivals.
4. Use multiple frameworks to determine whether an industry provides sufficient opportunities for growth and profitability.

Question 30

What are the components of external analysis of macro level environment?

Answer 30

1. Economic
2. Demographic
3. Socio-cultural
4. Politico-legal
5. Technological
6. International-global

Question 31

What is monopoly and perfect competition?

Answer 31

When threats are very high, the approach is called perfect competition. When threats are low, the approach is called monopoly.

Question 32

What is Monopolistic competition?

Answer 32

It is when an industry has large numbers of competing firms and a low cost of entry into and out of the industry. Like toothpaste, shampoo, golf balls.

Question 33

What are oligopolies?

Answer 33

Oligopolies are characterized by a small number of competing firms with homogenous products and high industry entry and exit costs. For example, coca-cola.

Question 34

Actions firms take to gain competitive advantage by operating in multiple markets or industries simultaneously. This is called

Answer 34

Corporate level strategies.

Question 35

Action arrived at by a set of decisions made by management that enable the company to successfully compete in a single product market or industry.

Answer 35

Business level strategies

Question 36

Why does a company opt out of domestic market?

Answer 36

1. To gain new customers.
2. To achieve lower costs
3. To access low cost inputs of production
4. To exploit its own competencies.
5. To access resources and capabilities in foreign locations.

Question 37

What is considered the DNA of a company?

Answer 37

Corporate culture

Question 38

What is emergency management?

Answer 38

The planning and activity associated with detecting, containing, and dealing with the immediate impact of an event.

Question 39

What are the elements of emergency management?

Answer 39

1. Mitigation
2. Preparedness
3. Response
4. Recovery

Question 40

What is the goal of business continuity planning?

Answer 40

1. Save lives and reduce injuries
2. Protect assets
3. Restore critical business processes and systems
4. Restore the length of business interruptions
5. Protect reputational damage
6. Control media coverage
7. Maintain customer relations

Question 41

What should be included in a BCP?

Answer 41

1. Team members;
2. Alternate locations or transportation needs;
3. Checklists for preparing for a disruption;
4. Checklists for responding during a disruption;
5. Checklists for returning to normal operations after a disruption;
6. Lists of needed resources;
7. Communications paths and templates;
8. Financial considerations; and
9. Plans for specific disruptions that require special response.

Question 42

How to decide what preventive and response measures are appropriate?

Answer 42

1. Identify the likelihood of crisis incidents
2. Identify the potential consequences should a crisis event take place.

Question 43

How can the likelihood of an incident be estimated?

Answer 43

Assess the organization’s changing profile and security measures already in place.

Question 44

How can the potential consequences of a crisis incident be estimated?

Answer 44

It may be assessed based on the knowledge of the asset at risk.

Question 45

What is the purpose of an emergency plan?

Answer 45

1. Highlight the problems that decision makers or emergency management personnel will face
2. Prepare ahead how to act should an emergency develop.

Question 46

What are the types of crisis?

Answer 46

1. Natural or environmental
2. Human
3. Active
4. Cyber based threats

Question 47

What are pre incident considerations?

Answer 47

1. Select threat management team members.
2. Establish roles, responsibilities, procedures and trainings for key response personnel
3. Create alert, warning and emergency notification systems.
4. Conduct awareness, education and trainings
5. Provide emergency response equipment
6. Liaise with official public safety bodies
7. For direction coordination and communication set up EOC and ICC
8. Establish a media staging area and family notification area.
9. Considering psychological impact, have a team ready.

Question 48

What are post incident considerations?

Answer 48

1. Immediate phase: life safety, accounting for all individuals
2. Short-term phase: preserve crime scene, monitor individuals for signs of psychological trauma, assist individuals in reunification and other incident-related efforts, continue to communicate information.
3. Long-term phase: conduct post-incident debrief, replenish supplies, and continue communications with appropriate groups.

Question 49

What is an investigation?

Answer 49

A process of logically, methodically, and lawfully gathering and documenting information for the specific purpose of objectively developing a reasonable conclusion based on the facts learned through this process.

Question 50

What is the purpose of an investigation?

Answer 50

1. Investigating:
2. Incidents 2. undesirable situations with nefarious activities 3. misconduct and inappropriate behaviour 4. suspects involved in crime or misconduct 5. allegations
3. Make a decision regarding individual or organization
4. Perform threat assessment
5. Collect crime data

Question 51

What are the five attributes of an investigation?

Answer 51

objectivity, thoroughness, relevance, accuracy, and timeliness.

Question 52

How is the value of private sector investigative capabilities measured?

Answer 52

In terms of recovery, risk reduction, restitution and mitigation of liabilities.

Question 53

What are the basic functions of management (also applicable to managing investigations)?

Answer 53

Planning
Organizing
Directing
Coordinating
Controlling

Question 54

What are the three levels of investigative management?

Answer 54

Strategic Level
Operational Level
Case Level

Question 55

What are the four phases of an investigation?

Answer 55

1. The initial process
2. The investigation itself
3. Reporting the findings
4. Use of the results.

Question 56

What are the three I’s used during an investigation?

Answer 56

Information
Interrogation
Instrumentation

Question 57

What are the two basic categories of evidence?

Answer 57

Direct and indirect

Question 58

What are the four types of investigative reports?

Answer 58

Initial, progress, special and final

Question 59

What is usually the costliest item in an organization’s security budget?

Answer 59

Security officers

Question 60

What are the duties of a security officer?

Answer 60

1. Control of entrances and movement of pedestrian and vehicle traffic;
2. Patrol
3. Escort
4. Inspection
5. Monitoring assets
6. Emergency response;
7. Dealing with disruptive people;
8. Observing and reporting
9. Safety and accident prevention;
10. Public relations; and
11. Special assignments.

Question 61

What are the three major categories of security consultants?

Answer 61

1. Security management consultants
2. Technical security consultants
3. Security forensic consultants

Question 62

What is the critical detection point?

Answer 62

The point when the delay time remaining exceeds the response force time.

Question 63

What are the three primary components of physical security?

Answer 63

1. Structural security
2. Electronic security systems
3. Human element

Question 64

What are the three underlying elements of CPTED?

Answer 64

1. Territoriality
2. Surveillance
3. Access control.

Question 65

What are the three types of CPTED measures?

Answer 65

1. Mechanical
2. Organizational
3. Natural

Question 66

What are the steps involved in system implementation?

Answer 66

1. Site preparation
2. Contractor coordination
3. Installation
4. Testing and warranty issues
5. Training

Question 67

What is a standard?

Answer 67

a set of criteria, guidelines, and best practices that can be used to enhance the quality and reliability of products, services, or processes.