FEMA Test Answers
Potential interdependencies that could affect operations are primarily addressed in: A. Communication and technology
Physical prevention
Personnel measures
Planning and preparedness
Permanently evacuating people from a potential inundation area is an example of which of the following types of risk-reduction strategies? A. Mitigation
Resilience
Deterrence
Operational Measures
Ensuring sufficient standoff distances is a protective measure related to: A. Assessments
Cybersecurity
Inspections
If intelligence suggests that your facility is at risk for a cyber attack, which of the following measures would take precedence? A. Conduct terminated employee assess
Delay scheduled maintenance and upgrades
Use the internet to access personal email accounts
Develop an inventory of parts and suppliers
Which of the following is NOT likely to enhance access-point security? A. Using appropriate locks
Using access identification systems
Establishing additional access points for redundancy
Controlling doors and entryways
Access point security is enhanced by: A. Eliminating expensive swipe access systems
Using an electronic entry control system
Increasing the number of access points
Removing obvious signs in restricted areas
Appropriate design and implementation of protective measures should be conducted A. As a function of threat, vulnerability, and consequences
Only based on vulnerability considerations
Only based on threat considerations
Only based on potential environmental impacts
Access control refers to: A. Special equipment and communication protocols used to contact security forces in case of emergency.
Special screens installed around critical components to protect against rocket-propelled grenades and other potential standoff weapons.
Special equipment and backup systems used to ensure continuous operation of supervisory control and data acquisition systems.
Physical and procedural measures to keep unauthorized persons, equipment, or materials out of sensitive areas.
Long-term actions taken to reestablish a facility’s function after an attack or other incident has caused damage are part of: A. Deterrence
Detection
Recovery
Response
Constraints: A. Refer to the amount of damage an asset would be allowed to sustain in the event of an attack
Refer to the degree to which an asset is protected against a threat
Measure the probability that an aggressor would be defeated before the asset is compromised
Relate to physical characteristics or operational considerations that restrict the nature of protective measures
Installing a perimeter fence to create the perception that an attack is less likely to succeed is an example of: A. Resilience
Mitigation
Employee and contractor identification systems are part of which of the following measures? A. Planning and preparedness
Personnel protection
Perimeter security and control
Delay refers to: A. The period between detection and assessment of the aggressor and the time at which the aggressor is able to damage the targeted asset.
The investigation and determination of the cause of an alarm before initiating an actual response.
The identification of an intrusion with electronic sensors, audio alarms, or a monitoring center.
The time period between an intruder penetrating the perimeter and being able to attack a critical asset.
Which of the following is an example of an operational measure? A. Requiring project personnel to carry identification cards
Collaborating with local law enforcement agencies
Keeping equipment de-energized except when in use
Installing motion sensors and closed-circuit televisions
There are four main steps in developing a protective program. Which of the steps is usually based on the value of the asset (to its owner and users) and the potential consequences of a successful attack? A. Design and implement protective measures
Determine level of protection
Determine potential threats to the facility
Identify constraints
Which of the following is an example of communication and technology measures? A. Using magnetometers and x-ray scanners for inspections
Using fragmentation-resistant and blast-resistant construction
Posting signs detailing where access is authorized and unauthorized
Establishing redundant systems and offsite backup data storage
Which of the following attack types is most likely to result in corrupted or stolen information? A. Cyber
Maritime
Suicide bomber
Standoff weapons
TRUE OR FALSE: Facilities are more vulnerable when only a single individual possesses the critical skills needed for facility operation. A. True
False
A stand-off weapons attack is more likely to be: A. Carried out with a car or truck loaded with explosives and maneuvered into position near a target.
Employed if it is determined that the target’s physical security is too great to overcome via a direct attack.
Used in order to conduct surveillance and reconnaissance on a specific target.
Conducted to alter or steal critical information.
Increasing a facility’s ability to withstand damage by installing redundant control systems is an example of: A. Resilience