Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
20 Cards in this Set
- Front
- Back
|
1. Development of a security system starts with a definition of the problem to be solved and a determination of the system’s:
a. Cost and ROI b. Goals and objectives c. Functions and features d. Vulnerabilities |
B
|
|
|
2. Within the design stage, specific security equipment and measures are divided into groups, according to function (deterrence, detection, delay, and response).
a. 2 b. 3 c. 4 d. 5 |
C
|
|
|
3. A logical method for problem solving in which a comprehensive solution is developed in relation to a problem having several dimensions. This method is called:
a. System design b. Systemic thinking c. System approach d. System management |
C
|
|
|
4. In general, risk refers to all the adverse outcomes that an organization wishes to avoid and is a function of the probability that such consequences will occur, their:
a. Criticality & likelihood b. Magnitude & imminence c. Likelihood & outcomes d. Sensitivity & nature |
B
|
|
|
5. 5. Which one of the following characteristics pertaining inductive risk assessment techniques is not true:
a. using a bottom-up approach b. using a top-down approach c. may provide incomplete results d. may fail to account for concurrent attacks |
B
|
|
|
6. Which one of the following characteristics of deductive risk assessment techniques is not true:
a. using a bottom-up approach b. using a top-down approach c. using logic diagrams d. Also used are influence diagrams |
A
|
|
|
7. What is the process of examining the outcome of a successful adversary attack, the likelihood it will occur, how it will unfold, and how many people will be affected?
a. Risk assessment b. Risk analysis c. Risk calculation d. Risk management |
A
|
|
|
8. Risk management programs should include both risk financing (insurance) and:
a. Risk control tools b. Risk avoidance c. Risk reduction d. Risk acceptance |
A
|
|
|
9. Which one of the following risk management approached is not true.
a. Avoidance b. Spreading c. Acceptance d. None of the above |
D
|
|
|
10. Which of the following are the agreed right terms for express risk?
a. Threat, consequence, and vulnerability b. Probability, criticality and consequence c. Likelihood, criticality and Probability d. Threat, likelihood and vulnerability |
A
|
|
|
11. The overall process of risk identification, risk analysis, and risk evaluation is called:
a. Risk management b. Asset identification c. Risk assessment d. Risk analysis |
C
|
|
|
12. Which one of the following adversaries is not true:
a. Outsiders b. Insiders c. Outsiders in collusion with insiders d. None of the above |
D
|
|
|
13. ASIS defines what as “the adversary against which the utility must be protected” ?
a. DBT b. CBT c. RABT d. None of the above |
A
|
|
|
14. Determining the design basis threat requires consideration of the threat type, tactics, mode of operations, capabilities, threat level, and:
a. Likelihood of occurrence b. Risk level c. Criticality d. Consequences |
A
|
|
|
15. While safety and security are related and complementary functions, a PPS is implemented primarily to stop:
a. All advertent threats b. Malevolent attacks c. Crime, as well as nature disasters d. All of the above |
B
|
|
|
16. The basis of vulnerability assessment is:
a. verifying system performance against the defined threats b. asset and threat identification c. problem definition and threat identification d. risk assessment based on defined threat |
A
|
|
|
17. In risk assessment, the analyst attempts to answer three questions (Kaplan & Garrick, 1981) except for:
a. What can go wrong? b. What is the likelihood that it would go wrong? c. What are the consequences? d. What can we do? |
D
|
|
|
18. In general, can risk be reduced in which way?
a. preventing an attack by detecting it before it is under way b. protecting against an attack c. reducing (mitigating) consequences d. all of the above |
D
|
|
|
19. Permanent replacement of a lost asset includes all costs to return it to its former location. Components of that cost include the following except for:
a. Loss of income b. purchase price or manufacturing cost c. freight and shipping charges d. make-ready or preparation cost to install it or make it functional |
A
|
|
|
20. Which one of the followings should be treated as not a threat?
a. Extremists b. Disgruntled employee c. Vandals d. None of the above |
D
|
