FEMA Test Answers
The ten essential elements of a viable continuity of operations program include are continuity communications; continuity facilities; devolution; essential functions; human capital; reconstitution; vital records; delegations of authority; orders of succession; test training and exercise. A. True
False
A worm self-replicates across networks without a host file through inbuilt email or scan engines. A. True
National Planning Scenario #10 focuses on a cyber attack against critical infrastructures reliant upon the internet over a long period of time cause major disruptions and considerable harm to the United States. A. True
Federal Continuity Directive (FCD-1) provides direction to the Federal executive branch for developing continuity plans and programs. A. True
Federal Continuity Directive 2 (FCD-2) and Continuity Guidance Circular 2 (CGC-2) provides methodology for conducting for conducting a Business Process Analysis and Business Impact Analysis. A. True
Coordination between public and private sector is encouraged to strengthen continuity and cybersecurity capabilities. A. True
The National Continuity Policy Implementation Plan (NCPIP) directs FEMA National Continuity Programs to provide cyber security assistance and support in accordance with Homeland Security Presidential Directive-7 and the National Strategy to Secure Cyberspace. A. True
FEMA National Continuity Programs (NCP) is the Federal Executive Branch Lead Agent responsible for the development and promulgation of Continuity of Operations (COOP) directives and guidance, and training which includes coordination between the Federal, State, local, territorial, tribal and private sectors. A. True
It is important that the continuity planner and information technology professionals work together because: A. Information Technology professional must manage daily functions of continuity planner
Continuity planner must manage daily function performed by information technology professionals
The continuity planner should understand the essential functions of their organization and the impact of losing that capability, while IT personnel should understand the technical requirements needed to support the performance of essential functions.
Continuity Guidance Circular 1 (CGC-1) provides continuity guidance for non-federal entities (States, territories, tribal and local government jurisdictions) and private sector organizations. A. True
The good business practice of ensuring the execution of essential functions through all circumstances, and a fundamental responsibility of public and private entities to their stakeholders can be described as________________. A. Devolution planning
Continuity planning
Reconstitution planning
The Business Process Analysis (BPA) is a method of examining, identifying, and mapping the functional processes, workflows, activities, personnel expertise, systems, data and facilities inherent to the execution of a essential function. A. True
Cyber linkages among sectors raise the risk of cascading failures during a cyber incident which may impact performance of essential functions. A. True
The United States is the most targeted country for cyber attacks. A. True
A Trojan appears legitimate but can be a carrier for a virus and is able to self-replicate. A. True
Establishing continuity plans and procedures mitigate consequences from cyber incidents and assure performance of essential functions. A. True
As organizations work to improve their continuity plans and programs to include cybersecurity, continuity planners should: A. Communicate the importance and value of establishing continuity plans that address the various cyber risks.
Understand the challenges and incorporate methods to enhance the organization’s ability to perform essential functions.
All of the above
Establish solid relationships with information technology professionals.
Within the Department of Homeland Security (DHS) ________ serves as the Subject Matter Expert (SME) for defining cyber risks and vulnerabilities. A. FEMA National Continuity Programs
DHS National Cyber Security Division
United States Secret Service
United States Coast Guard
Cyberspace is the interdependent network of IT infrastructures including the internet, telecommunications networks, computer systems, and embedded processors and controllers in critical industries. A. True
Organizations should consider implementing policies for patching vulnerabilities in systems and servers to reduce risk. A. True
According to the National Continuity Policy Implementation Plan, risk management is the process used to identify, control, and minimize the impact of uncertain events. A. True
DHS components of risk include threat, vulnerability and consequences. A. True
A virus is not able to self replicate and requires a host file. A. True
Various cyber threats may impact your organizations ability to perform essential functions. However, the intent to destroy, incapacitate, or exploit critical infrastructures in order to threaten national security, cause mass casualties, weaken the U.S. economy, and damage public morale and confidence can be best described as the following: A. Hackers
Bot-Network Operators
Script Kiddies
Terrorists
The Business Impact Analysis (BIA) evaluates the risk to mission essential functions from various threats and hazards. A. True
B. False