FEMA IS-860.C: The National Infrastructure Protection Plan, An Introduction Answers For what group of stakeholders are the following examples of activities suggested: Become involved in a relevant local, regional sector and cross-sector partnership; Work with private sector and emergency response partners on emergency management plans and exercising; Share success stories and opportunities for improvement. A. State, Local, Tribal, and Territorial Government ExecutivesPrivate Sector Companies First RespondersAll of the Above All of the following are features of the critical infrastructure risk management framework EXCEPT: A. It describes the functions of the partnership structures, as well as additional structures that support national critical infrastructure security and resilienceIt supports a collaborative decisionmaking process to inform the selection of risk management actions.It can be tailored to dissimilar operating environments and applies to all threats and hazards. It is designed to provide flexibility for use in all sectors, across different geographic regions and by various partners All of the following statements about NIPP 2013 are true EXCEPT: A. The NIPP replaces continuity of operations and local emergency operations plans The NIPP framework is based on an understanding that in some sectors, privateCollaboration between private and public sector is a key component of the NIPPThe NIPP Framework is applicable for both terrorist attacks and natural disasters TRUE or FALSE: The critical infrastructure risk management approach complements and supports the Threat and Hazard Identification and Risk Assessment (THIRA) process conducted by regional, State, and urban area jurisdictions. A. TRUEFALSE All of the following statements are Core Tenets of the NIPP EXCEPT: A. Security and resilience by designDomestic and international partnership collaborationCoordinated and comprehensive risk identification and managementComparative advantage in risk mitigation All of the following are strategic imperatives described by PPD-21 to drive the Federal approach to strengthen critical infrastructure security and resilience EXCEPT: A. Enable effective information exchange by identifying baseline data and systems requirements for the Federal GovernmentCoordinate with critical infrastructure owners and operators to improve cybersecurity information sharing and collaboratively develop and implement risk-based approaches to cybersecurityImplement an integration and analysis function to inform planning and operations decisions regarding critical infrastructure Refine and clarify functional relationships across the Federal Government to advance the national unity of effort to strengthen critical infrastructure security and resilience To achieve security and resilience, critical infrastructure partners must: A. Support all Federal, State, local, tribal and territorial government efforts to effect national critical infrastructure security and resilience.Implement an integration and analysis function within each organization to inform partners of critical infrastructure planning and operations decisions.Restrict information sharing activities to departments and agencies within the intelligence community.Leverage the full spectrum of capabilities, expertise and experience across the critical infrastructure community and associated stakeholders. The Call to Action activity “Improve Critical Infrastructure Security and Resilience by Advancing Research and Development Solutions” is related to which of the five steps toward implementing the risk management framework A. Identify Infrastructure Implement Risk Management Activities Measure EffectivenessAssess and Analyze RisksSet Infrastructure Goals and Objectives Make the following statement True by filling in the blank from the choices below: Other Federal departments and agencies play an important partnership role in the critical infrastructure security and resilience community because they ____. A. Develop and implement security and resilience programs for the critical infrastructure under their control, while taking into consideration the public good as well.Include a variety of public-private sector initiatives that cross jurisdictional and/or sector boundaries and focus on prevention, protection, mitigation, response, and recovery within a defined geographic area.Have unique responsibilities, functions, or expertise in a particular critical infrastructure sector (such as GCC members) assist in identifying and assessing high-consequence critical infrastructure and collaborate with relevant partners to share security and resilience-related information within the sector, as appropriate.Are crucial coordination hubs, bringing together prevention, protection, mitigation, response, and recovery authorities, capabilities, and resources among local jurisdictions, across sectors, and between regional entities. Make the following statement True by filling in the blank from the choices below: Regional organizations play an important partnership role in the critical infrastructure security and resilience community because they ____. A. Develop and implement security and resilience programs for the critical infrastructure under their control, while taking into consideration the public good as well. Include a variety of public-private sector initiatives that cross jurisdictional and/or sector boundaries and focus on prevention, protection, mitigation, response, and recovery within a defined geographic area.Have unique responsibilities, functions, or expertise in a particular critical infrastructure sector (such as GCC members) assist in identifying and assessing high-consequence critical infrastructure and collaborate with relevant partners to share security and resilience-related information within the sector, as appropriate.Are crucial coordination hubs, bringing together prevention, protection, mitigation, response, and recovery authorities, capabilities, and resources among local jurisdictions, across sectors, and between regional entities. Which of the following are examples of critical infrastructure interdependencies? A. Reliance on information and communications technologies to control productionDistributed nature of critical infrastructure operations, supply and distribution systemsPublic and private sector partners work collaboratively to develop plans and policies Commuter use of Global Positioning Service (GPS) navigation to avoid traffic jamsAll of the above PPD-21 prescribes Sector Specific Agencies with all of the following roles and responsibilities, EXCEPT: A. Serve as a day-to-day Federal interface for the dynamic prioritization and coordination of sector-specific activities Ensure that funding priorities are addressed and that resources are allocated efficiently and effectivelyProvide, support, or facilitate technical assistance and consultations for a specific sector to identify vulnerabilities and help mitigate incidents, as appropriateCarry out incident management responsibilities consistent with statutory authority and other appropriate policies, directives, or regulations Under which category in the NIPP Call to action does the following activity fall: Determine Collective Actions through Joint Joint-Planning Efforts A. Innovate in Managing Risk Focus on OutcomesBuild Upon Partnership Efforts Which of the following critical infrastructure partners offer an additional mechanism to engage with a pre-existing group of private sector leaders to obtain feedback on critical infrastructure policy and programs, and to make suggestions to increase the efficiency and effectiveness of specific government programs. A. Advisory CouncilsState and Regionally Based Boards, Commissions, Authorities, Councils, and Other EntitiesAcademia and Research Centers Federal and State Regulatory Agencies The NIPP Call to Action is meant to guide the collaborative efforts of the critical infrastructure community to advance security and resilience outcomes under three broad activity categories. All of the following activities are categorized under Build upon Partnerships Efforts EXCEPT? A. Leverage incentives to advance security and resilience Promote infrastructure, community, and regional recovery following incidentsDetermine collective actions through joint planning effortsSet national focus through jointly developed prioritiesEmpower local and regional partnerships to build capacity nationally Which of the following statements describes the benefits of information sharing? A. Information sharing enhances owners’ and operators’ ability to assess risks, make prudent security investments and develop appropriate resilience strategies.Information sharing enhances government’s ability to adjust its information collection, analysis, synthesis and dissemination activities based on the needs of the private sector.The increasing availability of data and information essential to operating and maintaining infrastructure and related technologies enables more efficient and effective practices. Multidirectional information sharing enhances owners and operators ability to assess risks, make prudent security investments and develop appropriate resilience strategiesAll of the Above What NIPP 2013 element provide a basis for the critical infrastructure community to work jointly to set specific national priorities? A. Call to ActionRisk Management FrameworkPartnership ModelMission, vision, and goals.Core Tenets All of the following statements are Key Concepts highlighted in NIPP 2013 EXCEPT: A. Having accurate information and analysis about risk is essential to achieving resilience.The Nation’s critical infrastructure is largely owned and operated by the private sector; however, Federal and SLTT governments also own and operate critical infrastructure, as do foreign entities and companies.Risk management and prevention and protection activities contribute to strengthening critical infrastructure security and resilience.Developing partnerships with private sector stakeholders is an option for consideration by government decisionmakers ultimately responsible for implementing effective and efficient risk management. The National Plan establishes seven Core Tenets, representing the values and assumptions the critical infrastructure community should consider when conducting security and resilience planning. A. TRUEFALSE Consisting of officials from the Sector-specific Agencies and other Federal departments and agencies, this forum facilitates critical infrastructure security and resilience communication and coordination across the Federal Government. A. Sector Coordinating Councils (SCC) Regional Consortium Coordinating Council (RC3)Federal Senior Leadership Council (FSLC)State, Local, Tribal and Territorial Government Coordinating Council (SLTTGCC) Make the following statement True by filling in the blank from the choices below: State and territorial governments play an important partnership role in the critical infrastructure security and resilience community because they ____. A. Develop and implement security and resilience programs for the critical infrastructure under their control, while taking into consideration the public good as well.Include a variety of public-private sector initiatives that cross jurisdictional and/or sector boundaries and focus on prevention, protection, mitigation, response, and recovery within a defined geographic area.Have unique responsibilities, functions, or expertise in a particular critical infrastructure sector (such as GCC members) assist in identifying and assessing high-consequence critical infrastructure and collaborate with relevant partners to share security and resilience-related information within the sector, as appropriate.Are crucial coordination hubs, bringing together prevention, protection, mitigation, response, and recovery authorities, capabilities, and resources among local jurisdictions, across sectors, and between regional entities. Which of the following statements describes how the NIPP fosters information sharing at all levels between private sector owners and operators and their government counterparts? A. Multidirectional information sharing enhances owners and operators ability to assess risks, make prudent security investments and develop appropriate resilience strategiesVoluntary collaboration is the primary mechanism for advancing collective action toward national critical infrastructure security and resilience.When the Government understands private sector information needs, it can adjust its information collection, analysis, synthesis and dissemination activities accordingly.When the private sector is assured that the critical infrastructure information that it shares with the government will be protected from release or disclosure, the Nation’s critical infrastructure protection capabilities will be enhanced.All of the Above Dependencies and interdependencies emerging from complex cyber capabilities and limitations is an example of which risk element? A. HumanVulnerability ConsequenceThreat Which of the following documents best defines and analyzes the numerous threats and hazards to homeland security? A. The Strategic National Risk Assessment (SNRA)Presidential Policy Directive 21The National Strategy for Information Sharing and SafeguardingNIPP 2013 Supplement: Incorporating Resilience into Critical Infrastructure Projects The NIPP Call to Action is meant to guide the collaborative efforts of the critical infrastructure community to advance security and resilience outcomes under three broad activity categories. All of the following activities are categorized under Build upon Partnerships Efforts EXCEPT: A. Leverage incentives to advance security and resilience Promote infrastructure, community and regional recovery following incidentsDetermine collective actions through joint planning effortsSet national focus through jointly developed prioritiesEmpower local and regional partnerships to build capacity nationally Under which category in the NIPP Call to action does the following activity fall: Analyze Infrastructure Dependencies, Interdependencies and Associated Cascading Effects A. Innovate in Managing RiskFocus on OutcomesBuild Upon Partnership Efforts All of the following terms describe key concepts in the NIPP EXCEPT: A. DefenseSecurityCritical InfrastructureResilienceNone of the Above For what group of stakeholders are the following examples of activities suggested: Build Upon Partnership Efforts; Innovate in Managing Risk; Focus on Outcomes A. State, Local, Tribal, and Territorial Government ExecutivesPrivate Sector Companies First RespondersAll of the Above NIPP framework is designed to address which of the following types of events? A. A blackout affecting the NortheastDisruptions to infrastructure systems that cause cascading effects over multiple jurisdictionsLong term risk management planning to address prolonged floods and droughtsCyber intrusions resulting in physical infrastructure failures and vice versaAll of the above All of the following statements about the importance of critical infrastructure partnerships are true EXCEPT A. The Federal, State, local, tribal and territorial government is ultimately responsible for managing all risks to critical infrastructure for private and public sector partners; regional entities; non-profit organizations; and academia.Critical infrastructure partners require efficient sharing of actionable and relevant information among partners to build situational awareness and enable effective risk-informed decisionmakingTo achieve security and resilience, critical infrastructure partners must leverage the full spectrum of capabilities, expertise and experience across the critical infrastructure community and associated stakeholders.The critical infrastructure partnership community involved in managing risks is wide-ranging, composed of owners and operators; Federal, State, local, tribal and territorial governments; regional entities; non-profit organizations; and academia. The sector and cross-sector partnership model is intended to promote consistency of process to enable efficient collaboration between disparate parts of the critical infrastructure community, while allowing for the use of other viable partnership structures and planning processes. A. TRUEFALSE This forum promotes the engagement of non-Federal government partners in National critical infrastructure security and resilience efforts and provides an organizational structure to coordinate across jurisdictions on State and local government guidance, strategies and programs. A. Sector Coordinating Councils (SCC) Regional Consortium Coordinating Council (RC3)Federal Senior Leadership Council (FSLC)State, Local, Tribal and Territorial Government Coordinating Council (SLTTGCC) These sector-specific forums serve as principal collaboration points between the government and private sector owners and operators for critical infrastructure security and resilience policy coordination and planning and a range of related sector-specific activities. A. Sector Coordinating Councils (SCC)Regional Consortium Coordinating Council (RC3)Federal Senior Leadership Council (FSLC)State, Local, Tribal and Territorial Government Coordinating Council (SLTTGCC) ALL of the following statements directly to one of the seven NIPP 2013 core tenets EXCEPT: A. Security and resilience should be considered during the design of assets, systems and networks.Hazard assessments draw on theoretical scenarios and deductive reasoning about future natural hazards to assess the likelihood or frequency of various hazards.Managing risk requires sharing information, promoting efficient and effective use of resources and minimizing duplication of effort.The way infrastructure sectors interact shapes how the Nation’s critical infrastructure partners should collectively manage risk.Partnerships are crucial to developing shared perspectives on gaps and actions to improve critical infrastructure security and resilience. Within the NIPP Risk Management Framework, the interwoven elements of critical infrastructure include A. Set goals, identify Infrastructure, and measure effectivenessThreat, vulnerability, and consequence Information sharing and the implementation stepsHuman , cyber, and physicalNone of the Above PPD-21 recommends critical infrastructure owners and operators contribute to national critical infrastructure security and resilience efforts through a range of activities, including all of the following EXCEPT: A. Establish continuity plans and programs that facilitate the performance of lifeline functions during an incidentSponsor critical infrastructure security and resilience-related research and development, demonstration projects, and pilot programsDevelop and coordinate emergency response plans with appropriate Federal and SLTT government authoritiesPerform critical infrastructure risk assessments; understand dependencies and interdependencies; and develop emergency response plans Previous Next