Private and Industrial Security Exam 3

Domestic Terrorist Groups include

All of the above

Identifiable levels of expertise or motivation of black hackers are referred to as

All of the above

Without use of an ICS, responses typically

All of the above

The Harakat al-Shabaab al-Mujahidin known as al-Shabaab was the clan-based insurgent and terrorist group that served

As the militant wing of the Somali Council of Islamic Courts

Information security is comprised of two categories. They are:

Information assurance and information technology security

The various processes and methodologies used to protect print, electronic, and other data is termed

Information security

What does IASD stand for?

Infrastructure Analysis and Strategy Division

A key component of disaster management includes conducting vulnerability assessments of the hazards to the population and to

Infrastructure in political, social, economic, or environmental fields

The physical world has effectively merged with the virtual world and potentially every physical object can be

Made both intelligent and networked

The defense of a nation's security interests in cyberspace depends on

Military IT Systems in place

The 4 phases of emergency management are:

Mitigation, preparedness, response, and recovery

Which Israeli intelligence agency is responsible for addressing national security overseas?

Mossad

Strengthening national preparedness is one of the core goals of

NIPP

The acronym NIMS stands for

National Incident Management System

The acronym NRF stands for

National Response Framework

Security professionals who identify a bomb or reported bomb should immediately

Notify local law enforcement

LEAPS acts as a catalyst for change and an advocate for new ideas in what U.S. city?

El Paso

Homeland security is controlled and shaped 3 main concepts: Security, Resilience, and

Customs and exchanges

Identity theft is described as a

Cyber Crime

An extraordinary situation in which people are unable to meet their basic survival needs is considered a(n)

Emergency

The ICS approach helps the incident commander to safely and effectively manage and employ resources, and

Ensures responder safety through a coordinated planning and response effort

What policy delegated the functions of the President under Section 892 of the Homeland Security Act to the Secretary of Homeland Security?

Executive Order 13311 (2003)

The U.S. Bureau of Justice Assistance defines a Terrorism Threat Assessment as a systematic effort conducted to identify and evaluate

Existing or potential terrorist threats to a jurisdiction and its assets

A vulnerability analysis is an assessment performed only on government run systems

False

All organizations need to plan for all types of emergencies

False

An HVE is an American citizen who advocates, is engaged in, or is preparing to engage in ideologically-motivated terrorist activities in furtherance of political or social objectives

False

Anarchist extremists are those who profess belief that the government deliberately is stripping Americans of their freedoms and is attempting to establish a totalitarian regime

False

Boko Haram promotes a version of Islam that forbids Muslims to take part in any political or social activity associated with any society

False

Competitive intelligence is just a simple process

False

Comprehensive approach to disaster and emergency planning is a systematic attempt to reduce socioeconomic vulnerabilities to disaster and assist citizens in dealing with the environmental and other hazards that trigger such vulnerabilities

False

Emergency-planning formats used in different organizations are similar no matter the nature of the organization and the organization's policy

False

Globalization helps to prevent health threats to the U.S.

False

Islamist or jihadist terrorism has been more deadly in the United States than domestic terrorism since 9/11

False

Prisoner radicalization occurs primarily with one-on-one proselytizing by charismatic leaders who target the most hardened of inmates

False

Security professionals are not affected by government policy and the political decisions attached to reductions in government spending in support of disasters

False

Short complex passwords are harder to crack than a longer, less complex password

False

Synchronization refers to the ability of a system to work with or use the components of another system

False

Target & Black supports law enforcement and public safety agencies and supports disaster preparedness

False

Terrorist groups engaged in an average of 5 preparatory, planning, and ancillary behaviors per incident

False

The Incident Command System is a standardized, on-scene, functions-based approach to incident management

False

The NRF integrates and guides a range of efforts designed to enhance the safety of the nation's critical infrastructure

False

The National Response Framework is a collection of standards and procedures

False

The biggest vulnerability to information security is botnets

False

The media plays a minimal role in informing the public about emergency and disaster events

False

The most highly intrusive powers for ensuring homeland security in France is Interpol

False

The private sector has begun to leverage sector-specific private-sector capabilities and information to enhance its own intelligence posture

False

There are 16 steps in the information and intelligence cycle identified by DHS

False

With mobility comes a decrease in security concerns for an organization's security professionals

False

In the United States who typically takes the lead in protection services?

Federal departments and agencies

Extreme right-wing groups are extremist groups that are

Fiercely nationalistic

Preparation and planning for catastrophe is the responsibility of the

Security professional

Many states and large cities have also established fusion centers to

Share information and intelligence

Takfirism is the Islamic Messianistic ideology that permits or encourages the killing of non-Muslims

True

Terrorist organizations can be placed into two major groups; Homegrown violent extremists and domestic terrorists

True

The FBI is the primary agency for investigating terrorism, international terrorism, and domestic terrorism using the definition from U.S. Code of Federal Regulation and Title 18 of the U.S. Code

True

The Internet's functions to enable communication among intelligent physical objects

True

The National Governor's Association (NGA) developed the first model framework for government-run emergency management in 1979

True

The main focus of attacks and threats against the U.S. is on government institutions

True

The private sector plays a critical role in economic recovery by retaining and providing jobs and a stable tax base

True

Users should change passwords often and not use the same password for multiple logins or reuse them

True

What legislation in the U.K. criminalized financing terrorism?

Terrorism Act of 2000

Which federal agency promulgates federal information technology and cybersecurity standards

The Department of Commerce

Terrorism is defined as the unlawful use of force and violence against persons or property to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives by

The Federal Bureau of Investigation (FBI), Department of Justice

A Caliph is a spiritual/political leader in Islam and a Caliphate is a jurisdiction controlled by a Caliph under Muslim law

True

A trade secret is a process, device, or something else that is used continuously in the operation of the business

True

Assessing the threat of terrorism should include relevant, open-source, and nonproprietary threat assessments, as well as intelligence information

True

Crisis management can occur before, during, and after an emergency takes on a critical form

True

Cyber attacks have the potential to disrupt power, water, and communication

True

Data is secured using passwords and digital certificates

True

Disaster Risk Reduction DRR is a systematic attempt to identify, assess, and reduce the risks of disaster

True

Emergency management practices are increasingly the responsibility of security professionals

True

Governments are largely unprepared to respond to an act of cyberwarfare

True

HITRAC threat analysis focuses mainly on regional, critical infrastructure, cyber, and explosives threats

True

Hacktivists are individuals with a political agenda and motivation

True

Homegrown violent extremists make racial, religious, or ethnic claims of superiority

True

In the United States and in many other countries, domestic terrorism is the primary focus when it comes to law enforcement and private security

True

It is the responsibility of the CIKR community to set specific national priorities to drive action

True

One of the missions of LEAPS is to promote the concept of crime prevention

True

One of the most difficult types of threats to mitigate is an organization's trusted insider

True

Part of becoming an extremist involves accepting four positions that define this ideology: Polarized, Absolutist, Threat-oriented, and Hateful.

True

Private companies working in the homeland security realm are able to clear and bring in new employees faster than the public sector

True

Private security professionals and others interested in proficiency can access and attend interactive online courses on subjects like NIMS and ICS at FEMA's Emergency Management Institute

True

Protecting critical infrastructure is essential to a nation's economic vitality

True

Protection of networks is important to security professionals because it can prevent the loss of an organization's computer resources

True

Risk-oriented management is considered to be superior to politics-oriented management in resolving emergency in the long run

True

Security in computers systems and network environments includes limiting access and protecting assets from threats

True

Small businesses contribute to all aspects of homeland security and employ more than half of all private-sector workers

True

Step 1 of the information and intelligence cycle identified by the DHS is

Planning and requirements development

The vast majority of the nation's critical infrastructure is owned and operated by the

Private sector

At the core, the primary mission of public-sector responders is to protect the community while the primary mission of private-sector responders is to

Protect the company's assests

The NRF defines the key principles that enable first responders, decision makers, and supporting entities to

Provide a unified national response to domestic incidents

NIMS was developed by DHS to

Provide a universal emergency management system and provide a common technical language

An umbrella program that coordinates efforts of both public and private security activities with the goal of protecting NYC from terrorist attacks is called

SHIELD

Radicalization primarily occurs through anti-U.S. sermons calling on inmates to embrace

Salafi form of Sunni Islam and Shia Islam

CIKR protection process begins with a(n)

Vulnerability Assessment

The threat of terrorism, specifically regarding crisis management and response, along with bombings and bomb threats

Were among the top 20 security concerns facing Fortune 1000 companies in 2012

The ability of a system to work with or use the components of another system is termed

interoperability

The continual process of compiling and examining all available information concerning activities, which could target an organization's facility or resources is called a(n)

threat analysis

A black hat is considered a(n)

unethical hacker

The Presidential Policy Directive 21 (PPD-21) identified ____ infrastructure sectors

16

A destructive program that masquerades as a legitimate file or application to gain entry to a computer is called a(n)

Trojan horse

Today's threats often asymmetrically blend national and homeland security threats and require

A response by a public-private partnership

The first function of the public information and warning by the CDC is to

Activate the emergency public information system

Due to attacks on critical infrastructure, protection of CIKR is a national concern and triggered a variety of actions

Designed to mitigate and minimize risk

The core programs and tools the DHS uses to conduct vulnerability assessments include all of the following except:

Assigning quantifiable value

Boko Haram promotes a version of Islam that forbids Muslims to take part in any political or social activity

Associated with society in the west

The use of the Internet for terrorist activities include

Large-scale acts of deliberate disruption of computer networks

BYOD is an acronym for

Bring Your Own Device

Types of information sought during social engineering include all except:

Company Address

The Department of the Interior is responsible for

Developing policies and procedures for all types of hazards and emergencies

Which of the following is not one of the three primary areas of cybercrime?

Computer Firewall Crime

The lowest level of government classified data is labeled

Confidential

Reconstitution embodies the ability of an organization to recover from an event that disrupts normal operations and consolidates the necessary resources so that the organization

Can resume its operations as a fully functional entity

NIMS standard incident command structures are based on all except

Center for Disease Control

Programmers with malicious intent can use the technique of code injection to introduce (inject) code into a computer program to cause the processing of invalid data by

Changing the course of code execution

The acronym COOP stands for

Continuity of Operations

The FRP established both an all-hazards and functions-based approach to emergency management that aimed for a

Coordinated and efficient use of resources during disasters

Private security organizations are often more advanced than the public sector in the use of technology to prevent and detect crime, investigation of high-tech and economic crime, and

Crime and loss prevention

Dangerous events that are concentrated in time and space that disrupt the social structure and prevent certain societal functions is termed a(n)

Disaster

The acronym DDoS stands for

Distributed Denial of Service

PS-Prep is a program that has prioritized the preparedness of the private sector by what organization

DHS

What organization has prioritized the preparedness of the private sector through PS-Prep?

DHS

Which President initiated the use of government funding for emergency management concerns to stimulate local economies?

Franklin D. Roosevelt

Violent Extremists are generally characterized as being: Polarized; Absolutist; Threat-Oriented; &

Hateful

The FBI's public formulation of extremism suggests two components. First, extremism involves following particular ideologies. Second-

It includes using criminal activity to advance these ideologies

The federal government generates classified information, while the private sector

Provides information concerning suspicious activities and privately held information

HITRAC threat analysis focuses on

Regional critical infrastructure, cyber, and explosives threats

The all-hazards approach to emergency management is

Respond to any incident or event that requires an organized response by a public, private, and/or governmental entity

The ability to work from anywhere at any time raises the level of concern about who can access what and

The number of technology assets on the organization's network

A trade secret is a process, device, or something else that is used continuously in the operation of the business

Trade Secret

Examples of key resources and assets include all of the following except

all of the above