FEMA Test Answers
For what group of stakeholders are the following examples of activities suggested: Become involved in a relevant local, regional sector and cross-sector partnership; Work with private sector and emergency response partners on emergency management plans and exercising; Share success stories and opportunities for improvement. A. State, Local, Tribal, and Territorial Government Executives
Private Sector Companies
First Responders
All of the Above
All of the following are features of the critical infrastructure risk management framework EXCEPT: A. It describes the functions of the partnership structures, as well as additional structures that support national critical infrastructure security and resilience
It supports a collaborative decisionmaking process to inform the selection of risk management actions.
It can be tailored to dissimilar operating environments and applies to all threats and hazards.
It is designed to provide flexibility for use in all sectors, across different geographic regions and by various partners
All of the following statements about NIPP 2013 are true EXCEPT: A. The NIPP replaces continuity of operations and local emergency operations plans
The NIPP framework is based on an understanding that in some sectors, private
Collaboration between private and public sector is a key component of the NIPP
The NIPP Framework is applicable for both terrorist attacks and natural disasters
TRUE or FALSE: The critical infrastructure risk management approach complements and supports the Threat and Hazard Identification and Risk Assessment (THIRA) process conducted by regional, State, and urban area jurisdictions. A. TRUE
FALSE
All of the following statements are Core Tenets of the NIPP EXCEPT: A. Security and resilience by design
Domestic and international partnership collaboration
Coordinated and comprehensive risk identification and management
Comparative advantage in risk mitigation
All of the following are strategic imperatives described by PPD-21 to drive the Federal approach to strengthen critical infrastructure security and resilience EXCEPT: A. Enable effective information exchange by identifying baseline data and systems requirements for the Federal Government
Coordinate with critical infrastructure owners and operators to improve cybersecurity information sharing and collaboratively develop and implement risk-based approaches to cybersecurity
Implement an integration and analysis function to inform planning and operations decisions regarding critical infrastructure
Refine and clarify functional relationships across the Federal Government to advance the national unity of effort to strengthen critical infrastructure security and resilience
To achieve security and resilience, critical infrastructure partners must: A. Support all Federal, State, local, tribal and territorial government efforts to effect national critical infrastructure security and resilience.
Implement an integration and analysis function within each organization to inform partners of critical infrastructure planning and operations decisions.
Restrict information sharing activities to departments and agencies within the intelligence community.
Leverage the full spectrum of capabilities, expertise and experience across the critical infrastructure community and associated stakeholders.
The Call to Action activity “Improve Critical Infrastructure Security and Resilience by Advancing Research and Development Solutions” is related to which of the five steps toward implementing the risk management framework A. Identify Infrastructure
Implement Risk Management Activities
Measure Effectiveness
Assess and Analyze Risks
Set Infrastructure Goals and Objectives
Make the following statement True by filling in the blank from the choices below: Other Federal departments and agencies play an important partnership role in the critical infrastructure security and resilience community because they ____. A. Develop and implement security and resilience programs for the critical infrastructure under their control, while taking into consideration the public good as well.
Include a variety of public-private sector initiatives that cross jurisdictional and/or sector boundaries and focus on prevention, protection, mitigation, response, and recovery within a defined geographic area.
Have unique responsibilities, functions, or expertise in a particular critical infrastructure sector (such as GCC members) assist in identifying and assessing high-consequence critical infrastructure and collaborate with relevant partners to share security and resilience-related information within the sector, as appropriate.
Are crucial coordination hubs, bringing together prevention, protection, mitigation, response, and recovery authorities, capabilities, and resources among local jurisdictions, across sectors, and between regional entities.
Make the following statement True by filling in the blank from the choices below: Regional organizations play an important partnership role in the critical infrastructure security and resilience community because they ____. A. Develop and implement security and resilience programs for the critical infrastructure under their control, while taking into consideration the public good as well.
Which of the following are examples of critical infrastructure interdependencies? A. Reliance on information and communications technologies to control production
Distributed nature of critical infrastructure operations, supply and distribution systems
Public and private sector partners work collaboratively to develop plans and policies
Commuter use of Global Positioning Service (GPS) navigation to avoid traffic jams
All of the above
PPD-21 prescribes Sector Specific Agencies with all of the following roles and responsibilities, EXCEPT: A. Serve as a day-to-day Federal interface for the dynamic prioritization and coordination of sector-specific activities
Ensure that funding priorities are addressed and that resources are allocated efficiently and effectively
Provide, support, or facilitate technical assistance and consultations for a specific sector to identify vulnerabilities and help mitigate incidents, as appropriate
Carry out incident management responsibilities consistent with statutory authority and other appropriate policies, directives, or regulations
Under which category in the NIPP Call to action does the following activity fall: Determine Collective Actions through Joint Joint-Planning Efforts A. Innovate in Managing Risk
Focus on Outcomes
Build Upon Partnership Efforts
Which of the following critical infrastructure partners offer an additional mechanism to engage with a pre-existing group of private sector leaders to obtain feedback on critical infrastructure policy and programs, and to make suggestions to increase the efficiency and effectiveness of specific government programs. A. Advisory Councils
State and Regionally Based Boards, Commissions, Authorities, Councils, and Other Entities
Academia and Research Centers
Federal and State Regulatory Agencies
The NIPP Call to Action is meant to guide the collaborative efforts of the critical infrastructure community to advance security and resilience outcomes under three broad activity categories. All of the following activities are categorized under Build upon Partnerships Efforts EXCEPT? A. Leverage incentives to advance security and resilience
Promote infrastructure, community, and regional recovery following incidents
Determine collective actions through joint planning efforts
Set national focus through jointly developed priorities
Empower local and regional partnerships to build capacity nationally
Which of the following statements describes the benefits of information sharing? A. Information sharing enhances owners’ and operators’ ability to assess risks, make prudent security investments and develop appropriate resilience strategies.
Information sharing enhances government’s ability to adjust its information collection, analysis, synthesis and dissemination activities based on the needs of the private sector.
The increasing availability of data and information essential to operating and maintaining infrastructure and related technologies enables more efficient and effective practices.
Multidirectional information sharing enhances owners and operators ability to assess risks, make prudent security investments and develop appropriate resilience strategies
What NIPP 2013 element provide a basis for the critical infrastructure community to work jointly to set specific national priorities? A. Call to Action
Risk Management Framework
Partnership Model
Mission, vision, and goals.
Core Tenets
All of the following statements are Key Concepts highlighted in NIPP 2013 EXCEPT: A. Having accurate information and analysis about risk is essential to achieving resilience.
The Nation’s critical infrastructure is largely owned and operated by the private sector; however, Federal and SLTT governments also own and operate critical infrastructure, as do foreign entities and companies.
Risk management and prevention and protection activities contribute to strengthening critical infrastructure security and resilience.
Developing partnerships with private sector stakeholders is an option for consideration by government decisionmakers ultimately responsible for implementing effective and efficient risk management.
The National Plan establishes seven Core Tenets, representing the values and assumptions the critical infrastructure community should consider when conducting security and resilience planning. A. TRUE
Consisting of officials from the Sector-specific Agencies and other Federal departments and agencies, this forum facilitates critical infrastructure security and resilience communication and coordination across the Federal Government. A. Sector Coordinating Councils (SCC)
Regional Consortium Coordinating Council (RC3)
Federal Senior Leadership Council (FSLC)
State, Local, Tribal and Territorial Government Coordinating Council (SLTTGCC)
Make the following statement True by filling in the blank from the choices below: State and territorial governments play an important partnership role in the critical infrastructure security and resilience community because they ____. A. Develop and implement security and resilience programs for the critical infrastructure under their control, while taking into consideration the public good as well.
Which of the following statements describes how the NIPP fosters information sharing at all levels between private sector owners and operators and their government counterparts? A. Multidirectional information sharing enhances owners and operators ability to assess risks, make prudent security investments and develop appropriate resilience strategies
Voluntary collaboration is the primary mechanism for advancing collective action toward national critical infrastructure security and resilience.
When the Government understands private sector information needs, it can adjust its information collection, analysis, synthesis and dissemination activities accordingly.
When the private sector is assured that the critical infrastructure information that it shares with the government will be protected from release or disclosure, the Nation’s critical infrastructure protection capabilities will be enhanced.
Dependencies and interdependencies emerging from complex cyber capabilities and limitations is an example of which risk element? A. Human
Vulnerability
Consequence
Threat
Which of the following documents best defines and analyzes the numerous threats and hazards to homeland security? A. The Strategic National Risk Assessment (SNRA)
Presidential Policy Directive 21
The National Strategy for Information Sharing and Safeguarding
NIPP 2013 Supplement: Incorporating Resilience into Critical Infrastructure Projects
The NIPP Call to Action is meant to guide the collaborative efforts of the critical infrastructure community to advance security and resilience outcomes under three broad activity categories. All of the following activities are categorized under Build upon Partnerships Efforts EXCEPT: A. Leverage incentives to advance security and resilience
Promote infrastructure, community and regional recovery following incidents
Under which category in the NIPP Call to action does the following activity fall: Analyze Infrastructure Dependencies, Interdependencies and Associated Cascading Effects A. Innovate in Managing Risk
All of the following terms describe key concepts in the NIPP EXCEPT: A. Defense
Security
Critical Infrastructure
Resilience
None of the Above
For what group of stakeholders are the following examples of activities suggested: Build Upon Partnership Efforts; Innovate in Managing Risk; Focus on Outcomes A. State, Local, Tribal, and Territorial Government Executives
NIPP framework is designed to address which of the following types of events? A. A blackout affecting the Northeast
Disruptions to infrastructure systems that cause cascading effects over multiple jurisdictions
Long term risk management planning to address prolonged floods and droughts
Cyber intrusions resulting in physical infrastructure failures and vice versa
All of the following statements about the importance of critical infrastructure partnerships are true EXCEPT A. The Federal, State, local, tribal and territorial government is ultimately responsible for managing all risks to critical infrastructure for private and public sector partners; regional entities; non-profit organizations; and academia.
Critical infrastructure partners require efficient sharing of actionable and relevant information among partners to build situational awareness and enable effective risk-informed decisionmaking
To achieve security and resilience, critical infrastructure partners must leverage the full spectrum of capabilities, expertise and experience across the critical infrastructure community and associated stakeholders.
The critical infrastructure partnership community involved in managing risks is wide-ranging, composed of owners and operators; Federal, State, local, tribal and territorial governments; regional entities; non-profit organizations; and academia.
The sector and cross-sector partnership model is intended to promote consistency of process to enable efficient collaboration between disparate parts of the critical infrastructure community, while allowing for the use of other viable partnership structures and planning processes. A. TRUE
This forum promotes the engagement of non-Federal government partners in National critical infrastructure security and resilience efforts and provides an organizational structure to coordinate across jurisdictions on State and local government guidance, strategies and programs. A. Sector Coordinating Councils (SCC)
These sector-specific forums serve as principal collaboration points between the government and private sector owners and operators for critical infrastructure security and resilience policy coordination and planning and a range of related sector-specific activities. A. Sector Coordinating Councils (SCC)
ALL of the following statements directly to one of the seven NIPP 2013 core tenets EXCEPT: A. Security and resilience should be considered during the design of assets, systems and networks.
Hazard assessments draw on theoretical scenarios and deductive reasoning about future natural hazards to assess the likelihood or frequency of various hazards.
Managing risk requires sharing information, promoting efficient and effective use of resources and minimizing duplication of effort.
The way infrastructure sectors interact shapes how the Nation’s critical infrastructure partners should collectively manage risk.
Partnerships are crucial to developing shared perspectives on gaps and actions to improve critical infrastructure security and resilience.
Within the NIPP Risk Management Framework, the interwoven elements of critical infrastructure include A. Set goals, identify Infrastructure, and measure effectiveness
Threat, vulnerability, and consequence
Information sharing and the implementation steps
Human , cyber, and physical
PPD-21 recommends critical infrastructure owners and operators contribute to national critical infrastructure security and resilience efforts through a range of activities, including all of the following EXCEPT: A. Establish continuity plans and programs that facilitate the performance of lifeline functions during an incident
Sponsor critical infrastructure security and resilience-related research and development, demonstration projects, and pilot programs
Develop and coordinate emergency response plans with appropriate Federal and SLTT government authorities
Perform critical infrastructure risk assessments; understand dependencies and interdependencies; and develop emergency response plans