Exam 3
What are two types of detectors used for fire protection.
Flame detectors are line-of-sight devices that look for specific types of light (infrared, visible, ultraviolet) emitted by flames during combustion. Smoke detectors are devices that detect the visible or invisible smoke particles from combustion.
What is the purpose of masterkeying?
Master keys are a single key that will open many locks, although the locks are individually keyed differently. Master-keying is done for the convenience of persons with broad or variable access requirements to keep them from having to carry a separate key for each lock.
Define and distinguish between closed-circuit television and digital imaging systems.
A closed-circuit television is a type of video surveillance system, often known by its acronym CCTV. Digital imaging systems (DIS) are the more current type of video surveillance system, eventually replacing CCTV.
Describe the practice of Crime Prevention through Environmental Design.
Crime Prevention through Environmental Design (CPTED) is the purposeful design and use of the physical environment as a means to reduce fear of injury or victimization and to improve the quality of life.
Identify differences between a safe and a vault.
A safe is a metal or high-strength box with a high-security lock and locking device. Safes come in many sizes and are often affixed to an immovable object. A vault is a completely enclosed space, often a specially constructed room. Vaults do not typically move.
What are the basic styles or approaches for incident management and response?
All-hazards approach functions-based approach comprehensive approach
What are the 16 critical infrastructure sectors?
Chemical; Commercial Facilities; Communications; Critical Manufacturing; Dams; Defense Industrial Base; Emergency Services; Energy; Financial Services; Food and Agriculture; Government Facilities; Healthcare and Public Health; Information Technology; Nuclear Reactors, Materials and Waste; Transportation Systems; and Water and Wastewater
What is surveillance?
Covert observation of individuals, places, or objects for the purpose of gathering info or intelligence
What are the steps to evaluate effectiveness of an organizations mobile security plan?
Develop a mobile device security policy that defines what types of resources can be accessed via mobile devices, what types of mobile devices are permitted, degrees of access, and how provisioning should be handled. Develop system threat models for mobile devices and the resources accessed through such devices. This helps organizations to identify security requirements and to design effective solutions. Consider the merits of each provided security service, determine the needed services, and design and acquire solutions that provide the services. Categories of services to be considered include general policy, data communication and storage, user and device authentication, and applications. Implement and test a pilot of the mobile device solution before putting the solution into production. Consider connectivity, protection, authentication, application functionality, solution management, logging, and performance of the mobile device solution. Fully secure each organization-issued mobile device before allowing access. This ensures a basic level of trust in the device before it is exposed to threats. Maintain mobile device security on a regular basis. Organizations should periodically assess mobile device policies and procedures to ensure that users are properly following them
Contrast a sampling of public-private partnerships for infrastructure security
LEAPS El Paso, which gives adults the time and opportunity to develop an understanding of college and the skills needed for a successful transition. The goal of NYPD Shield, in contrast, is protecting New York City from terrorist attacks. Target & Blue is a partnership between the Target Corporation and law enforcement and public safety organizations to build stronger, safer communities across the nation
what is the difference between networking and Liaison for investigating?
Networking is intentionally acquainting oneself with a diverse group of professionals and using those acquaintances to the benefit of all. Liaison is communicating for the purpose of establishing and maintaining mutual understanding and cooperation.
What are five qualities of effective and reliable investigation
Objectivity thoroughness relevance accuracy timeliness
What are the activities of the Homeland Infrastructure Threat and Risk Analysis Center?
The HITRAC provides risk, threat, and consequence analyses to give the DHS and its security partner's information on threats, infrastructure vulnerabilities, and potential consequences of attacks or natural disasters. HITRAC experts analyze the effects of risk mitigation actions for strategic threat and risk analysis; modeling and simulation; and analytic support during incidents. HITRAC analysts produce intelligence-based reports that support threat-mitigation strategies and investment decisions, identify physical and cyber threats against critical infrastructure, and provide education on adversary tactics and use of weapons and explosives.
Analyze and identify the basic steps of a vulnerability assessment
Vulnerability assessment tends to be performed according to the following steps: Cataloging assets and capabilities (resources) in a system Assigning quantifiable value (or rank order) and importance to those resources Identifying vulnerabilities or potential threats to each resource Mitigating or eliminating the most serious vulnerabilities for the most valuable resources
What are reasons for conducting undercover operations?
considered when other efforts have failed or proved impractical. Undercover investigations gather relevant information unavailable by other means, and are a useful option to investigate crimes involving stolen property sales and frauds. The general objectives of an undercover operation are to obtain information, observe criminal activity, and collect evidence
What is cyber warfare?
covers the doctrine regarding the tactics, techniques, and procedures involving attacks, defense, and exploitation, and often social engineering
What is the goal of an organizations mobile security plan?
designed to improve the security of mobile devices on their network
What is the business continuity management?
examines an organization's exposure to various threats to prioritize certain processes, identify threats to operation, and plan mitigation strategies
What is an emergency?
extraordinary situation in which people are unable to meet their basic survival needs, or there are serious and immediate threats to human life and well-being
What was the National Incident Management System designed to accomplish?
identifies concepts and principles that answer how to manage emergencies from preparedness to recovery regardless of their cause, size, location, or complexity. NIMS provides a consistent, nationwide approach and vocabulary for multiple agencies or jurisdictions to work together to build, sustain, and deliver the core capabilities needed to achieve a secure and resilient nation
What is a crisis?
incident or situation involving a threat to a specific country, its territories, citizens, military forces, possessions, or national security interests that develops rapidly and creates a condition of such diplomatic, economic, political, or military importance that commitment of military forces and resources is contemplated to achieve national objectives.
what is the comprehensive approach?
integrated approach to the management of emergency programs and activities for all emergency phases, for all types of emergencies and disasters, and for all levels of government and the private sector.
What is the investigative process?
investigative process consists of examining, studying, or inquiring into the particulars of a thing in detail. Investigations are often conducted to learn the facts about something hidden, unique, or complex, especially in an attempt to find a motive, cause, or culprit.
What skills are needed to be able to successfully accomplish surveillance?
must have well-developed observation and description skills, patience, and the ability to endure long tedious hours of observation
what is the all-hazards approach/
planned effort to respond to any incident or event, natural or human caused, that requires an organized response by a public, private, and/or governmental entity in order to protect life, public health and safety, values to be protected, and to minimize any disruption of governmental, social, and economic services
what is the functions-based approach?
planned effort to respond to the potential effects of emergencies in general. This approach avoids duplication of the planning effort for every hazard and for every task
What is business impact anaylsis?
predicts the potential consequences of disruption of a business function or process and gathers the information needed to develop effective recovery strategies
what is the function of the National Infrastrucutre Protection Plan?
primary goal or function of the NIPP is to build a safer, more secure, and more resilient America by preventing, deterring, neutralizing, or mitigating the effects of a terrorist attack or natural disaster. Strengthening national preparedness, response, and recovery in the event of an emergency is another core part of the goal for the plan. The NIPP was developed with collaboration by critical infrastructure partners including federal departments and agencies, state and local government agencies, and private-sector entities. NIPP provides a risk analysis and management framework for conducting risk assessments and encouraging the continuous improvement of CIKR protection
What is information security?
processes and methodologies designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption. Information security is a broader term than the others. It involves the protection of information stored in computer systems and films, recordings, using the spoken language and the memory of people. Information security describes the security of the digital data protected by both computer security and cybersecurity, as well as the protection of information stored, shared, and transmitted by other means
What is computer security?
protecting data, networks, and computing power that make up computer systems. Protection of networks is important to prevent loss of server resources as well as to protect the network from being used for illegal purposes. The protection of computing power applies to expensive machines such as large supercomputers. Computer security is focused on the application of the policies and procedures that protect digital information shared on computer systems
What is the continuity of operations?
readiness examination by individual government executive departments and agencies to ensure that functions continue to be performed during emergencies from accidents to attacks
What is a disaster?
serious disruption of the functioning of a community or a society involving widespread human, material, economic, or environmental losses and impacts, which exceeds the ability of the affected community or society to cope using its own resources
What is the incident command system?
standardized, on-scene, all-hazards incident management approach that allows for the integration of facilities, equipment, personnel, procedures, and communications operating within a common organizational structure; enables a coordinated response among various jurisdictions and functional agencies; and establishes common processes for planning and managing resources
What is cyber terrorism?
use of the Internet in terrorist activities, including acts of deliberate, large-scale disruption of computer networks. Terrorist organizations want to see loss of life and to spread terror through horrific and violent acts
What is cyber-security?
use of various technologies and processes to protect networks, computers, programs, and data from attack, damage, or unauthorized access. Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and user's assets against relevant security risks in the cyber environment. Cybersecurity describes the actions, tactics, and strategies that secure the larger Internet network.