Physical Security Professional (PSP) – Flashcards
Unlock all answers in this set
Unlock answersquestion
Classification of risk
answer
Assest, exposure, losses
question
3 criteria of cost/benefit analysis
answer
Cost, reliability, delay
question
Basic methods of fieldwork
answer
Observing, questioning, analyzing, verifying, investigating, evaluating
question
Business continuity planning (BCP) process
answer
Readiness, prevention, response, recovery/resumption
question
BCP process "readiness"
answer
Assign accountability, perform risk assessment, agree on strategic plans, crises management
question
BCP process "prevention"
answer
Compliance with corporate policy, mitigation strtegies
question
BCP process "response"
answer
Potential crisis recognition, notify teams, assess the situation, declare a crisis, excute the plan, communication
question
BCP process "recovery/resumption"
answer
Damage & impact assessment, resumption of critical & remaining processes
question
BCP implementation & maintenance
answer
Test & train, evaluate & maintain
question
General physical security measures
answer
CPTED, physical barriers and site hardening, physical entry and access control, security lighting, IDS, veideo surveillance, security personnel, security policies and procedures
question
Designing PPS
answer
Determine objectives, Design PPS, Analyze design, redesign PPS
question
Determine objectives
answer
Facility characterization, threat detection, target identification
question
Design PPS
answer
Detection, delay, response
question
Detection (design PPS)
answer
exterior sensore, interior sensor, alarm assessment, alarm comm & display, entry control
question
Delay (design PPS)
answer
access delay
question
Response (design PPS)
answer
response force, response force communication
question
Analyze PPS design
answer
Analysis/evaluation (EASI)
question
Target identification techniques
answer
Manual listing, logic diagram
question
Vital area indentification
answer
Fault tree
question
Detection perfrmance measures
answer
Probability of detection, time for communication & assessment, frequency of nuisance alarm
question
Delay performance measure
answer
Time to defeat obstacales
question
Response performance measure
answer
Probability of accurate communication to the response force, time to communicate, probability of deployment to adversary location, time to deploy, reponse force effectiveness
question
Exterior sensors vulnerability to defeat
answer
Bypass, spoof
question
exterior sensors classification
answer
Passive or active, covert or visable, Line of sight or terrain following, volumetric or line detection, application
question
Exterior sensor fence groups
answer
buried line, fence associated, freestanding
question
interior sensor classification
answer
Passive or active, covert or visible, volumetric or line detection
question
interior sensor application
answer
boundary-penetration, interior motion, proximity sensor
question
2 purposes of alarm assessment
answer
Determine cause of alarm, provide additional information
question
3 levels of alarm resolution
answer
detection, classification, identification
question
2 critical elements of alarm communication and display
answer
transportation of data, display of data in meaningful manner
question
Objectives of entry control
answer
Permit only authorized persons to entry and exit, detec and prevent contraband, provide information ot facilitate assessment and response
question
Types of barriers
answer
Passive, guards, dispensable
question
Best height for barries
answer
30 inches
question
Placement of roof barriers
answer
10-12 inches below roof
question
5 parts of response
answer
general considerations, contingency planning, communication, interruption, neutralization
question
Types of PPS analysis
answer
Quantitative (higher consequence of loss assets), Qualitative (lower consequence of loss assests)
question
Defensible space
answer
a residential environment whose physical characteristics fuction to allow inhabitants to become key agents in ensuring security
question
2 basic social behaviors
answer
Territoriality, natural surveillance
question
3 phases of vulnerability assessment
answer
Planning, conducting, reporting
question
3 types of requirements in a system (vulnerability assessment)
answer
Fuctional, constraint, performance
question
Risk assesments should include
answer
Risk analysis, risk identification, risk evaluation
question
2 types of protective barriers
answer
Natural, structural
question
Types of key operated locks
answer
Disc or wafer tumbler, pin tumbler, lever
question
Door lock types
answer
Mortise, rim-mounted, tubular, cylindrical, unit
question
Types of lock attacks
answer
Surreptitious techniques (picking), force
question
Attacks on bolts
answer
Jimmying, punching, sawing, peeling
question
attacks on cylinders
answer
pulling, lug pulling, twisting, drilling, punching, hammering
question
3 purposes of alarms
answer
Perimeter protection, area/space protection, spot/object protection
question
Example of perimeter alarm protection
answer
Door switches, glass break detectors, window screens
question
Example of area/space alarm protection
answer
Ultrasonic, microwave, PIR
question
Example of spot/object alarm protection
answer
proximity detectors, vibration detectors
question
Security video systems aspect ratio
answer
4x3 (16x9 wide screen)
question
2 types of video scanning
answer
Raster, digital or pregressive
question
Chain link fence A-B-C-D method
answer
Aids to security, Barriers for security, Controls, Deterrents
question
4 stages of a fire
answer
Ignition, groth, fully developed, decay
question
5 network infrastructure devices
answer
Hubs Switches Routers Firewalls Intrusion detection systems
question
Network configurations
answer
Peer-to-peer, client sever
question
5 avenues to address risk
answer
Risk avoidance Risk transfer Risk spreading Risk reduction Risk acceptance
question
The 5 Ds of asset protection
answer
Deter Deny Detect Delay Destroy
question
4 stages of a project
answer
Feasibility, development, execution, close out
question
6 phases of a project life cycle
answer
planning, design & estimation, procurement, installation (operation and training), commissining & warranty, Maintenance (evaluation & replacement)
question
Project life cycle cost
answer
purchase, operation, maintenance, service interruption, end-of-life
question
What is the single most important factor in proper lens selection?
answer
Focal length
question
A measure of a lens ability to gather light
answer
f-number (the smaller the more light is admitted)
question
The two most important parameters of a lighting system for CCTV are?
answer
Minimum intensity & evenness of illumunation
question
What are the classes of lighting sources
answer
Natural & artificial
question
The most effective form of outdoor lighting
answer
High & low pressure sodium
question
4 lighting types
answer
Continuous, standby, movable, emergency
question
___________ uses an optical path rather than an electrical path for transmission.
answer
Fiber optics
question
The ___________ is the main interface between the alarm sensor system and the alarm assessment system.
answer
Video controller
question
What are the three levels of resolution for assessment purposes?
answer
Detection, Classification, Identification
question
_______ ________ associates imediate image capture with a sensor alarm to determine the response
answer
Assessment system
question
________ ________ are those that collect video information without associated sensors.
answer
Surveillance systems
question
A resolution of ___ lines per foot is suggested in order to classify a crawling human target.
answer
6
question
______ make poor detectors but are good at assessment.
answer
Humans
question
________________ is that part of the PPS that trasports alarm assessment information to a central point and presents the information to a human operator.
answer
Alarm communication and display (AC&D)
question
The AC&D system must communicate the following information:
answer
Where the alarm has occured, what or who caused the alarm, when the alarm happened.
question
OSI model layers as applied to AC&D systems...
answer
Physical layer, Link layer, network layer.
question
Safety vs. security
answer
safety is meant to represent the operation of systems in abnormal enviornments, such as flood, fire, earthquake, or accidents. security, refers to systems used to prevent or detec an attack by a malevolent human adversary.
question
What does PPS stand for?
answer
Physical Protection System
question
What is the definition of PPS
answer
It integrates people, procedures, and equipment for the protection of assets or facilities against theft, sabotage, or other malevolent human attacks.
question
Types of network architecture connections or wiring configurations
answer
point to point, star, loop bus, or rings.
question
OSI model - error checking is an important feature of which layer?
answer
Link layer
question
__________ _________ monitor the communication link to ensure that it is operating correctly and that the data has not been alteredduring transmission.
answer
Supervisory systems
question
On graphic displays, no more than ___ windows should be visible at any one time.
answer
3
question
The ultimate goal of the display system is...
answer
to promote rapid evaluation of alarms
question
The alarm communication and display system...
answer
collects alarm data, presents information to a security operator, and enables the operator to control the system.
question
The physical equipment used to control the movment of people or material into an area.
answer
Entry control
question
The process of managing databases or other records & determining the parameters of authorized entry.
answer
Access control
question
Types of credintials used in personnel entry control
answer
Photo ID badge, exchange badge, stored-image badge, coded credential.
question
Types of biometrics used for personal identification
answer
Hand/finger geometry, handwriting, fingerprints, eye pattern, voice, face
question
Any item that is prohibited from an area
answer
Contraband
question
What two methods can be used to actively detec metal?
answer
Continuous wave & pulsed field
question
Access delay barriers may take the form of what?
answer
Passive barriers, gaurds, and dispensable barriers
question
catagories of attack tools:
answer
Hand tools, powered hand tools, thermal cutting tools, explosives, and vehicles
question
What forms the outermost protective layer of a PPS?
answer
Perimeter barriers
question
What is the first step in upgrading existing facilities?
answer
Eliminating all unnecessary doors
question
What are the two types of dispensible barriers?
answer
Active & passive
question
Passive dispendible barriers do not requier what?
answer
Any command & control system
question
Dispensable barriers are generally deployed where?
answer
Very close to the asset being protected.
question
__________ follows detection in an effective PPS.
answer
Access delay
question
The performance measure for access delay elements is ________.
answer
Time
question
Delay elements include:
answer
Passive barriers, guards, and dispensable barriers.
question
Dispensable barriers must be used in combination with _______ to provide the most effective delays.
answer
passive barriers
question
Response may be broken into what two major catagories?
answer
Immediate on-site response, after the fact recovery
question
What is the key to effective guard use?
answer
Training
question
The two measures of an immediate response are...
answer
The time for arrival and neutralization effectiveness.
question
What refers to the arrival of response personnel at a location that will prevent the adversary from progressing in their attack?
answer
Interruption
question
What is defined as defeat of tha adversary?
answer
Neutralization
question
What are the response force strategies?
answer
Containment, denial, and assault
question
The range of force tactics available toa respnseforce is referred to as what?
answer
Force continuum
question
What is a vital part of the response function?
answer
Communication
question
What communication systems can provide a very high resistance to radio jamming?
answer
Spread-spectrum systems
question
5 Levels of Security Systems
answer
1 .Minimum 2. Low Level 3. Medium Security 4. High-level Security 5. Maximum Security
question
Minimum Security
answer
Impede some unauthorized external activity. * Simple physical barriers * Simple locks
question
Low-level Security
answer
Impede and detect some unauthorized external activity. * Basic security physical barriers * High-security locks * Simple security lighting * Basic local alarm systems
question
Medium Security
answer
Impede and detect and assess most unauthorized external activities and some internal activities * High-security physical barriers at perimeter, guard dogs * Advanced remote alarm systems * Watchmen with basic communications
question
High-level security
answer
Impede, detect and assess most unauthorized external and internal activities. * Access controls * CCTV * Perimeter alarm system * High security lighting * Local law enforcement coordination *Highly trained armed guards w/advanced comms * Formal contingency Plans
question
Maximum security
answer
Impede, detect, assess and neutralize all unauthorized external and internal activities * Sophisticated alarm system * Onsite, armed response force
question
For the maximum psychological effect to be achieved...
answer
...the capabilities of the protection system must be known to the criminal, that is, they must convince the criminal that the odds of getting caught are high.
question
What is a PPS
answer
A Physical protection System (PPS) integrates people, procedures, and equipment for the protection of assets or facilities against theft, sabotage, or other malevolent human attacks
question
What are the primary functions of a PPS?
answer
1. Detection of an adversary. 2. Delay of that adversary. 3. Response by security personnel or guard force.
question
What are the components of a PPS
answer
1. People. 2. Procedures. 3. Equipment.
question
What are the four stages of PPS implementation?
answer
1. Determine Objectives. 2. Design PPS. 3. Analyze PPS Design. 4. Re-design PPS (or components of) where necessary.
question
Facility Characterization means to look at major areas such as:
answer
1. Physical conditions. 2. Facility operations. 3. Facility policies and procedures. 4. Regulatory requirements. 5. Safety Considerations. 6. Legal Issues. 7. Corporate goals and objectives.
question
Facility Characterization Physical Conditions
answer
* Identify site boundary * Number & location of buildings * Access points. * Existing physical protection features. * All infrastructure details.
question
Facility Characterization Facility Operations
answer
* Major products of the facility * Processes that support these products * Operating conditions * Types and numbers of employees * Procurement procedures * Computing resources & distribution * Maintenance activities * Asset tracking * Operational involvement & location of senior execs * Work flow & shift changes * Employee benefits * Shipping & receiving * Accounting & any other support functions
question
Facility Characterization Facility Policy & Procedures
answer
* Obtain understanding of written and un-written proceedures. * Have a guided tour of facility. * Observe the ebb and flow of work. * Review safety & security training requirements for all workers. * Determine extent of documented procedures.
question
Facility Characterization Regulatory Requirements
answer
* Fire department. * Safety & Health regulators. * Department of Labor. * Nuclear regulatory commission. * Local building codes. * ULC (Underwriter Laboratories) standards.
question
Facility Characterization Safety Considerations
answer
* Strike a balance between safety and security. * 1-15 second time delay on fire exits. * Dispatch a guard to protect an area. * UL 2000 "safety & security personnel must work together to design systems that will be effective in normal (daily operations), abnormal (fire), and malevolent (attack on facility by a human adversary) conditions."
question
Facility Characterization Legal Issues
answer
* Liability * Privacy * Access for the disabled * Labor relations * Employment practices * Proper training for guards * The failure to protect * Excessive use of force by guards
question
Facility Characterization Corporate Goals & Objectives
answer
* Establish support of senior management. * Conduct assessment of vulnerabilities. * Present solutions showing the value add.
question
Facility Characterization Security Principle
answer
In order to design a system that will be effective, the PPS design must accommodate the safety, process and mission of the corporation and the facility.
question
Eight Points of Threat Definition (1-4)
answer
1. Study the capabilities intentions of assumed potential criminals or adversaries. 2. Look at possible intentions, motivations and physical capabilities of likely adversaries. 3. Availability of on-site security personnel or local law enforcement. 4. Once adversary types are identified, determine the threat against which the facility or target will be protected.
question
Eight Points of Threat Definition (5-8)
answer
5. A Threat Definition results in a detailed description of the physical threat by a malevolent adversary to the system. 6. Threat Definition aids in determining PPS design objectives. 7. Any facility will have records of suspicion regarding malevolent adversaries. 8. PPS must be designed to protect against these adversaries or threats.
question
The three basic parts for determining a Threat Definition are:
answer
1. List the information needed to define the threat. 2. Collect information of the potential threat. 3. Organize the information to make it usable.
question
Four necessary points of information about adversaries:
answer
1. Motivation (Idealogical, economic, personal) 2. Potential goals based upon targets (theft, espionage, extortion, kidnapping, etc) 3. Tactics (force, stealth, or deceit) 4. Numbers & capabilities (use of weapons, various tools they may use, etc.)
question
Adversaries are characterized in three broad groups:
answer
1. Outsiders (terrorists, criminals, extremists or hackers). 2. Insiders. 3. Outsiders working in collusion with insiders.
question
True or False: Insider Threats have a knowledge of operations or security and who has un-escorted access.
answer
True
question
List the three types of insider threats:
answer
1. Passive. 2. Active non-violent. 3. Active violent.
question
True or False: Outsider threats are responsible for the majority of security breaches in both physical and computer security systems.
answer
False. Insider threats are responsible for the majority of security breaches in both physical and computer security systems.
question
True or False: One study showed that guards do almost half of all stealing, and that many inside opportunities are due to procedural failures.
answer
True
question
What are three characteristics of Insider threats?
answer
1. System knowledge that can be used to their advantage. 2. Authorized access to the facility, assets, or PPS without raising suspicions of others. 3. Opportunity to chose the best time to commit an act.
question
Three points of consideration on adversaries:
answer
1. Capability of an adversary. 2. Adversary tactics (force, stealth or deceit). 3. Potential actions (trying to steal something, industrial espionage, sabotage, extortion, coercion, violence against other or kidnapping)
question
List five sources for the collection of threat information:
answer
1. Intelligence sources (network with law enforcement or other related services). 2. Crime analysis, studies. 3. Professional organizations & services. 4. Published literature. 5. Government directives and legislation.
question
What is the Security Principle regarding Threat Definition?
answer
A facility PPS is designed based on the maximum credible threat to the facility.
question
Target Identification identifies _______ , ________ or ________ actions to be protected.
answer
areas, assets or actions
question
True or False: The ease or difficulty of protecting against a particular threat are considered BEFORE the items of Target Identification have been identified.
answer
False: The ease or difficulty of protecting against a particular threat are considered AFTER the items of Target Identification have been identified.
question
List at least four Undesirable Consequences to an inadequate PPS
answer
* Loss of life * Theft of material or information * Environmental damage due to release of hazarous material by theft or sabotage * Interruption of critical utilities or communications * Degraded business operations * Workplace violence, extortion, blackmail * Building collapse * Damage to reputation * Legal Liability
question
List two techniques for Target Identification:
answer
1. Manual listing of targets. 2. Logic Diagrams.
question
Manual listing is good for....
answer
* Localized items (laptops, tools, etc) * Work-in-progress (items ready to be packaged)
question
Locations in a facility containing equipment to be protected against are called ______ _______
answer
vital areas
question
Because both the function and structure of a facility can be very complex, the choice of components and areas to protect as vital is...
answer
...usually not obvious.
question
What tool is used for the determination of a vital area?
answer
A sabotage fault tree.
question
True or False: Target Identification is used to determine what to protect.
answer
True
question
Target may be susceptible to _____ , _______ , or _______.
answer
theft, sabotage, or personal harm
question
Priorities of targets are based on...
answer
Analysis of the consequence of the loss and threat.
question
True or False: For every crime that is committed, there is a crime prevention or loss reduction defense or procedure that, if followed, could delay or prevent a criminal from committing that act.
answer
True
question
The strongest reason for a criminal to lose desire to break-in, etc is...
answer
...the threat of getting caught.
question
A PPS is designed based on...
answer
...the maximum credible threat to the facility.
question
What are the two ways to prevent theft and sabotage?
answer
1. Deterring the adversary. 2. Defeating the adversary.
question
List six steps in designing a security layout:
answer
1. Eliminate all non-essential doors and windows. 2. Specify fire-resistant material throughout the interior. 3. Install fire, intrusion and environmental control systems. 4. Separate shipping and receiving areas. 5. Make provisions for the handicapped. 6. Provide adequate lighting around the perimeter.
question
Detection is the _________ of an adversary action.
answer
discovery
question
What are the three steps Detection is accomplished?
answer
1. A sensor reacts to a stimulus and initiates an alarm. 2. Information from the sensor and assessment subsystems is reported and displayed. 3. A person assesses information and judges the alarm to be valid or invalid.
question
A PPS system works best if what two conditions are met?
answer
1. Detection is as far from the target as possible. 2. Delays are in place near the target.
question
______________ is the process of determining whether the source of the alarm is due to an attack or a nuisance alarm.
answer
Assessment
question
Detection without ____________ is not detection.
answer
assessment
question
True or False: Entry control is part of detection.
answer
True
question
What is a measure of entry control?
answer
Throughput (number of authorized people allowed access per until time)
question
A False Acceptance Rate is ...
answer
...the rate at which false identities or credentials are allowed entry.
question
The frequency of denying access to authorized people is the ....
answer
...false rejection rate.
question
List three measures of effectiveness for PPS detection:
answer
1. Probability of sensing adversary action. 2. Time required for reporting and assessing the alarm. 3. Nuisance alarm rate.
question
The probability of detection ____________ as the time before assessment ___________.
answer
decreases; increases
question
An effective assessment provides what two types of information with detection?
answer
1. Whether the alarm is valid or nuisance. 2. Details such as what, who, where and how many.
question
What is a NAR
answer
Nuisance Alarm Rate
question
Any alarm not caused by an intrusion is a _____ _____.
answer
nuisance alarm
question
Because not all alarms are caused by intrusion, what is necessary?
answer
Assessment.
question
Animals, birds, trees, rain, lightning, blowing debris, etc are all common sources of...
answer
nuisance alarms
question
Nuisance alarms generated by the equipment itself (from poor design, inadequate maintenance or component failure) are called...
answer
False alarms
question
Delay is the _______ ________ of adversary progress.
answer
slowing down
question
List for methods for accomplishing delay:
answer
1. People. 2. Barriers. 3. Locks. 4. Activated delays.
question
Delay before detection is primarily a ________.
answer
deterrent
question
True or False: Delay without detection is not delay
answer
True
question
The primary purpose of placing barriers before detections is:
answer
To force adversaries to change or abandon their tactic.
question
True or False: In PPS design, delay before detection is of no benefit. Why or why not
answer
True. Because it does not provide additional time for a guard force to respond.
question
____________ is defined as a sufficient number of response force personnel arriving at the appropriate location to stop the adversary's progress.
answer
Interruption
question
What is the measure of response force effectiveness?
answer
The time between receipt of a communication of adversary and the interruption of the adversary action.
question
The time between receipt of a communication of adversary and the interruption of the adversary action is called what?
answer
Response Force Time
question
PPS Performance Measures Detection:
answer
* Probability of detection. * Time for communication and assessment. * Frequency of nuisance alarms.
question
PPS Performance Measures Delay
answer
* Time to defeat obstacles
question
PPS Performance Measures Response
answer
* Probability of accurate communication to response force. * Time to communicate. * Probability of deployment to adversary location. * Time to deploy. * Response force effectiveness.
question
The use of multiple lines of detection (e.g.the use of two or more types of sensors to detect the same event) is referred to as...
answer
...Protection in depth.
question
True or False: Protection-in-depth requires an adversary to avoid or defeat a number of protective devices in sequence.
answer
True
question
List three effects of Protection-in-depth:
answer
1. Increased uncertainty about the system. 2. More extensive preparation prior to the attack required. 3. Additional steps where the adversary may fail or abort the mission created.
question
Balanced protection means:
answer
That no matter how an adversary attempts to accomplish the goal, effective elements of the PPS will be encountered.
question
For a complementary balanced system, what two factors should be equal?
answer
1. The minimum time to penetrate each barrier and.. 2. The minimum time to detect penetration of the barrier.
question
The objective should be to provide adequate protection against all threats on all possible paths and to maintain a balance with other considerations such as ________ , ________ , or __________.
answer
cost, safety or structural integrity
question
What is a "Clear Zone"?
answer
The area within two parallel fences where the sensors are inside.
question
A PPS is best measured by the concept of probability of __________ of a defined ________ along the most _________ path in the facility.
answer
A PPS is best measured by the concept of probability of interruption of a defined adversary along the most vulnerable path in the facility.
question
A PPS that is well designed will exhibit the following three characteristics:
answer
1. Protection-in-depth. 2. Minimum consequence of component failure. 3. Balanced protection.
question
A PPS where effective elements are encountered no matter how an adversary attempts to accomplish his goal is said to have...
answer
Balanced protection.
question
What are the three functions of a PPS?
answer
1. Detection. 2. Delay. 3. Response.
question
What three things do the functions of a PPS integrate?
answer
1. People. 2. Procedures. 3. Equipment.
question
True or false: Detection is placed before Delay
answer
True.
question
Detection is most effective at the ______ and delay more effective at the _______.
answer
perimeter, target
question
True or False: Assessment is not a critical component of Detection.
answer
False
question
For protection of critical assets, the total time for detection, delay, and response must be less than...
answer
...the adversary's task time.
question
True or False: Feature-based design is better than performance-based design when measuring overall system effectiveness.
answer
False
question
What is an ordered series of actions against a facility, which, if completed, results in successful theft, sabotage, or other malevolent outcome?
answer
An adversary path
question
The point where the minimum delay along the remaining portion of the pathjust exceeds the guard response time.
answer
The critical detection point (CDP)
question
Adversaries will try to minimize _______ before the CDP and minimize _______ after the CDP.
answer
Detection, delay
question
The effectiveness of the system is somewhat dependent on?
answer
Adversary tactics
question
What is the path with the lowest probability of interruption?
answer
The critical path
question
What is a measure of dispersion of a set of related data?
answer
Standard deviation
question
What is the output of the EASI model?
answer
An estimate of the probability a sufficient number of response force personnel will interrupt the adversary at some point before the adversarycompletes an act.
question
The critical detection point is the point on the path where...
answer
the delay time remaining first exceeds the response force time (RFT).
question
The _______ is a graphic representation of protection system elements that is used to help evaluate the effectiveness of the PPS at a facility.
answer
Adversary sequence diagram (ASD)
question
The ASD shows...
answer
the paths that adversaries can follow to accomplish their goals.
question
Risk avoidance is...
answer
accomplished by eliminating the source of the risk.
question
Risk reduction is...
answer
achieved by taking some actions to lower risk to reduce the severity of the loss.
question
Risk spreading is...
answer
spreading the risk among multiple locations
question
Risk transferis...
answer
the use of insurance to cover the replacement or costs incurred as a result of the loss.
question
Risk acceptance is...
answer
the recognition that there will always be some residual risk.
question
PPS performance testing catagories:
answer
Operability, performance, post maintenance, whole system and limited scope, evaluation
question
In order to design a system that will be effective, the PPS design must accommodate;
answer
saftey, process, and mission needs
question
What is the maximum credible threat to a faciity called?
answer
design basis threat (DBT)
question
The process of identifying specific locations, actions, or assests to be protected to prevent undesirable consequences.
answer
Target identification
question
a structured approach of target identification based on logic diagrams called fault trees.
answer
Vital area identification
question
Priorities of targets are based on what?
answer
The consequence of the loss and the threat
question
Exterior intrusion detection sensors have been discussed in terms of what?
answer
sensor classification and application, probability of detection, nuisance alarm rate, and vulnerability to defeat.
question
The performance measures for sensors are?
answer
Probability of detection, NAR, vulnerability to defeat
question
What are used to reduce the load on human operators to assist their performance during malevolent events?
answer
AC&D systems
question
What are the methods of personnel entry authorization?
answer
credentials, personal identification numbers, and automated personal identity verification
question
Explosives detection includes what two techniques?
answer
Bulk and trace
question
What is one of the tools that may be used to achieve balance and to establish protection0in0depth at a facility?
answer
Entry control
question
Entry control falls into what three classes?
answer
Something you know, something you possess, or something you are
question
What is one of the most effective ways to reduce response time and the cost of delay upogrades?
answer
Consolidating assests into a single area
question
What forms the basis for an effective response force?
answer
Contingency planning
question
Response force strategies include what?
answer
Containment, denial, and assault
question
The measures of response force effective ness are...
answer
response force time for interruption & probability of communication
question
Three possible measures of PPS system effectiveness (for analysis) include:
answer
delay time, cumulative probability of detection, and timely detection
question
What are the performace measures used in a quantitative analysis?
answer
Probability of detection, delay times, and response force times.
question
What is the point in a path when the remaining delay time exceeds the response time?
answer
Critical detection point
question
What is a graphic representation of the physical layers around a facility, the protective elements between layers, and paths to assests?
answer
Adversary sequence diagram (ASD)
question
System effectiveness can be used to quantify the risk a facility faces from a specific threat through the use of what?
answer
the risk equation
question
The vulnerability assessment process is divided into what three stages?
answer
Planning, conducting, and reporting
question
What is a more indepth study, including risk management, analysis of risk factors, environmental and physiological security risks, and analysis of crime patterns, fraud, and internal theft?
answer
security risk analysis
question
What are the functions of a structual or natural barrier?
answer
Define, delay, detect, deny
question
Menimum hight for a security fence?
answer
7 feet
question
What are the four most important things about biometrics?
answer
Cost, overall convenience, secure application, identity assurance
question
What are the most common access control ID methods?
answer
Personal recognition, single badge, badge exchange, multiple badge
question
How do fires spread?
answer
Conduction, convection, radiation
question
What are the divisions of risk?
answer
Personal, property, liability
question
Physical access controls for protected facilities are generally intended to do what?
answer
Deter, distinguish, delay, detec trigger, deny
question
PPSs consist of a proper mix of what elements?
answer
preventive, corrective, detective (measures)
question
What are the three types of procurement actions?
answer
Sole source, requests for proposals (RFP), invitations to bid
question
what is a temporary endeavor undertaken to accomplisha unique process?
answer
a project
question
What is a mix of people, systems and techniques required to carry a project to successful completion?
answer
Project management
question
What are the four project stages?
answer
Feasibility, Develpoment, Execution, Closeout
question
It is the point of what to capture all the elements of work in a project?
answer
WBS
question
When the WBS is complete, it should be converted into what?
answer
network diagram
question
For a project, whatever goes undocumented might as well have ...
answer
gone unsaid
question
Once a project moves into stage ___, any changes must be subjected to a strengent process
answer
3 (Execution)
question
What are the 6 life cycle phases of a project
answer
Planning, design, procurment, instalation, commissioning, maintenance
question
The risk analysis is cunducted during whichproject life cycle phase?
answer
Planning
question
What follows a risk asesment?
answer
Vulnerability assessment
question
What follows a vulnerability assessment?
answer
Cost-benefit analysis
question
What is a major output of the planning phase?
answer
Requirements documents
question
What are the three CPTED strategies (measures)?
answer
Mechanical, organizational, natural or architectural
question
The output of the design phase is what?
answer
procurement package or construction documents
question
What are the three common methods of procument?
answer
Sole source, Rquest for proposal (RFP), Invitation for bids (IFB)
question
What forms a major part of commissioning a PPS?
answer
Tests
question
Name four types of PPS testing.
answer
Pre-delivery, site acceptance, reliability, after-implementation
question
What are the two main types of PPS maintenance?
answer
Preventive & remedial
question
The divisions of risk are limited to three common categories:
answer
Personal, property, liability
question
what can provide management with vital information on which to base sound decisions?
answer
Risk analysis
question
______ is measurement - it is measuring "what is" against "what should be."
answer
Fieldwork
question
The process by which an entity identifies its potential losses and then decides what is the best way to manage the potential losses.
answer
Risk management
question
The leading cause of death for women and the second leading cause of death for men in the workplace.
answer
Workplace violence
question
4 types of workplace violence
answer
I - criminal intent, II - customer/client related, III - worker versus worker, IV - domestic violence
question
What is used to determine which functions in a business are the most critical, and at what times they are critical?
answer
Business impact analysis (BIA)
question
A process that identifies the critical functions of an organization and that developes stratigies to continue these functions without interruption or to minimize the effects of an outage or loss of service provided by the functions.
answer
Business continuity planning
question
Targets are...
answer
Physical assets, electronic data, people, or anything that could impact business operations.
question
The first step in designing a new PPS or upgrading an existing system is to...
answer
Characterize the facility to be protected.
question
What is the most subjective and least constrained aspect of designing a PPS?
answer
Characterizing a facility
question
What must be considered when determining the objectives or evaluating the effectiveness of an existing PPS?
answer
Threat definition
question
Three catagories of outsiders (adversaries)
answer
Ideological, economical, personal
question
Anyone with knowledge of operations or security systems and who has unsecourted access to facilities or security interests.
answer
Insider
question
What is the utmost concern to the designer of a PPS?
answer
Capability of the potential adversary
question
List the three primary tactics used by adversaries.
answer
Force, stealth, and deceit
question
The two most common types of logic diagram gates...
answer
AND gate, OR gate
question
What type of gate requires only one of the inputs be prevented?
answer
AND gate
question
What type of gate requiers all of the inputs to be prevented?
answer
OR gate
question
AND gate/OR gate shape?
answer
Flat bottom/curved bottom
question
What is the process identifying specific locations, actions, or assests to be protected to prevent undesirable consequences?
answer
Target identification
question
A structured approach of target identificationbased on logic diagrams called fault trees.
answer
Vital area identification
question
Priorities of targets are based on the analysis of the consequence of what?
answer
the loss and the threat
question
A collection of components or elements designed to achieve an objective according to a plan.
answer
a system
question
Intrusion sensor performance is described by whta three fundamental characteristics?
answer
Probability of detection, NAR, vulnerability to defeat
question
Classification of exterior sensors
answer
passive or active, covert or visable, line of sight or terrain following, volumetric or line detection, application
question
What type of sensor untilizes a reciever to collect energy emissions?
answer
Passive
question
What type of sensor transmits some type of energy and detecs a change?
answer
Active
question
The use of what can be an effective alternative to the use of duel technology sensors
answer
complementary sensors
question
What are the two basic techniques for combining sensors?
answer
OR and AND combinations
question
The use of multiple, continuous lines of detection pprocide for what?
answer
Protection in depth
question
What are the three application classes for interior sensors?
answer
Boundary-penetration, interior motion, proximity
question
What is the process of combining individual technology elements, procedures, and personnel into one system providing security at a facility?
answer
System integration
question
What is the means for monitoring the communication link between a sensor and the alarm control center?
answer
Line supervision
question
Sensor detection areas should...
answer
overlap
question
What collects and sends information to the operator?
answer
AC&D subsystem
question
Methods of personnel entry athorization include...
answer
credentials, personal identification numbers (PIN), and automated personal identity verification.
question
As part of protection in depth, what should be implemented?
answer
delay in depth
question
What forms the basis for an effective response force?
answer
Contingency planning
question
Analysis of a protection system uses the concept of what?
answer
Adversary path
question
Fixed focal length lenses of one format may be used with ______ sensor formats, but never with ______ sensor sizes.
answer
smaller, larger
question
Use of lenses with larger camera sensor sizes will creat what?
answer
image distortion and darkening at the edges of the field of view
question
What does a smaller f-number indicate?
answer
The more light is admitted.
question
Cameras must never be angled where?
answer
To look above the horizon
question
How should solid state cameras be focused?
answer
With the iris fully open
question
What is the minimum amount of illumination required to produce a specified output signal called?
answer
CCTV sensitivity
question
Most street lights are...
answer
Mercury vapor
question
Generally, the assessment area should occupy what percent of the monitor?
answer
75%
question
The most common media type of cable in use today is...
answer
Twisted pair copper cable
question
The most common broadband cables are...
answer
Coaxial cables
question
What uses radio transmitters and receivers to send data?
answer
RF links
question
What layer handles packaging data for transmission?
answer
Link layer
question
Supervisory systems can either be ______ or ______
answer
static or dynamic
question
What type of supervisory systems are more difficult to defeat?
answer
Dynamic
question
Typical supervisory systems have sensitivity ranges of ...
answer
2-30%
question
Name the types of alarm handling
answer
acknowledgment, assessment, access
question
The control and display subsystem must be designed with what in mind?
answer
The human operator
question
Name the three expected system security operating states at a facility.
answer
normal, abnormal, malevolent
question
The de facto badges which have become industry standard are?
answer
Weigand wire badges
question
Biometric error rate performance indicators come in what two types?
answer
Type I false reject & type II false accept
question
The two major components in most locks are what?
answer
The fastening device (latch or bolt) & the coded mechanism (Key cylinder)
question
Methods of personnel entry authorizationinclude:
answer
credentials, personal identification numbers (PIN), automated personal identity verification.
question
The technology used to restrict entry or exitat a facility
answer
Entry control
question
The databases, procedures, and rules for access that complement technology.
answer
Access control
question
What is one of the weakest links in a structure design?
answer
Doors
question
Communication to the response force must contain what?
answer
Information about adversary actions and instructions for deployment
question
The maximum range for reliable communication between two radios?
answer
1-3 miles
question
Insertion of unwanted signals into the frequency channel of a communications system for the purpose of masking desired signals.
answer
Jamming
question
What kind of systems are most vulnerable to jamming?
answer
RF systems
question
What is used to verify that response force tactical training has resulted in the desired capability and that the overall tactical plan is realistic?
answer
Field exercises
question
Response force contingency planning includes;
answer
Tactical planning, interaction with outside agencies, the facility's use of force policy, and additional duties of the guard force.
question
Analysis and evaluation principles and models are based on what?
answer
The existance of adversary paths to an asset
question
An ordered series of actions against a facility, which, if completed, results in successful theft, sabotage, or other malevolent outcome.
answer
Adversary path
question
An adequate protection system provides what?
answer
high probability of detection
question
A better mesure of effectiveness is...
answer
Timely detection
question
The principle of timely detection states that system effectiveness is...
answer
measured by the cumlative probability of detection at the point where there is still enough time remaining for the response force to interrupt the adversary.
question
A simple, easy to use method of evaluating PPS performance along a specific path and under specific conditions of threat and system operations.
answer
EASI
question
In most PPSs, the likelihood of successful communication to the response force...
answer
increases with time
question
The time data entered into EASI may be in units of...
answer
seconds or minutes but not both
question
Steps to use the EASI model
answer
select an adversary action, select physical path th asset, determine location of sensors (obtain probability of detection and communication, the mean and standard deviation of task times and response times.
question
What is the best measure of a PPS effectiveness?
answer
Probability of interruption of a defined adversary along the most vulnerable path in a facility.
question
The risk equation culminates in values for...
answer
C (Consequence), Pa (probability of attack), Pe (probability of system effectiveness)
question
The degree of protection desired in any installation is predicated upon an analysis of thwhat two factors?
answer
Criticality and vulnerability
question
The processused by the security manager in establishing proiorities of protection of assets is known as
answer
Vunerability study
question
The type of fencing generallly used for protection of permananent limited and exclusion areas is
answer
Chain link
question
For general security usage, excluding the top gaurd, chain link fence should be:
answer
9 gauge wire and at least 6 feet high
question
In a barbed wire fence, the distance between the strands should noot exceed:
answer
6 inches
question
Standard barbed wire is twisted double strand:
answer
13.5 gauge with 4 points barbs
question
Top guard suporting arms should be permanently affixed to the top of the fence posts to increase the overall height at least
answer
1 foot
question
The intrusion detection syste,=m in which a pattern of radio waves is transmitted and partially reflected back to the antenna is known as
answer
Microwave system
question
The type of lock generally used on automobiles, desks and cabinets is
answer
Wafer
question
inventories of keys should be conducted at least
answer
annually
question
UL classified safes must be anchored to the floor or weight at least
answer
750 pds
question
The temperature at which paper may be destroyed is
answer
350 degrees
question
A system using inaudible sound waves to detect the presenses of an intruder or other disturbgance is known as
answer
Ultrasonic motion detection
question
What is considared the most resistance to blast from explosion
answer
Thick reinforced concrete walls
question
The mechanical lock longest in use which has practically no security value
answer
The warded lock
question
The most widely used lock for building doors and rooms
answer
Pin tumbler lock
question
The sensore used when light air turbulence, vibration and motion outside the room are present
answer
Acoustic
question
Foil used as a detector on a glass window to signal a surreptitious or forcible penetration is
answer
Elector mechanical sensor
question
A sound wave sensor is generally referred to as
answer
Ultrasonic detector
question
Security services in which the security force is hired and controlled directly by the protected organization are called
answer
proprietary
question
A hybrid system is a combination of Proprietary & contract security
answer
proprietary and contract security
question
What is lost by using a contract security service
answer
Control
question
What is lost by using proprietary officers?
answer
Impartiality
question
A person who already knows and understands the basics of loss prevention and security is known as:
answer
engaged liaison
question
The most common perimeter barriers are
answer
Fencing and walls
question
What is designed to control pedestrian traffic and minimize tailgating (piggybacking)?
answer
Turnstiles
question
Key factors in hardening a facility include:
answer
Stand off distance, structual integrity, Prevention of progressive collapse, redundancy of operating systems
question
An adversay may use what type of attacks to defeat an access control point:
answer
Deceit, direct physical attack, technical attack
question
Camera fucntional requirement considerations
answer
Target, activity, purpose
question
The major types of video surveillance cameras:
answer
Analog, IP, Infrared, thermal
question
A general statement of a principle according to whcih and organization performs business fuctions
answer
A policy
question
Detailed implementation instructions for staff to carry out security policies.
answer
procedures
question
Presidential directive establishes a policy for a common identification standard for federal employees and contractos.
answer
HSPD-12
question
Sources of law
answer
Common law, case law, statutory law
question
A civil action based on the principle that one individual can expect certain behavior from another individual
answer
tort
question
Tort law may be invoked for either
answer
an intentional or negligent act
question
types of intentional torts
answer
assault, battery, false arrest, defamation, invasion of privacy
question
Three parts of the fire triangle
answer
Oxygen, heat, fuel
question
Theft occurs when what three elements are present:
answer
motive, desire, oppertunity
question
A barrier is normally considared penetrated when and adversary reaches:
answer
3 feet beyond the barrier
question
For a VA response stratagies include
answer
Deterrence
question
A business impact analysis is conducted during which BCP step?
answer
Readiness
question
Classification of security survey recommendations
answer
Maximum, medium, minimum
question
The first step in conducting a security survey
answer
interview who you will turn the report into
question
A systematic evaluation in which quantitative or qualitative techniques are used to predict PPs compnent performance and overall system effectiveness by identifying exploitable weaknesses in asset protection for a defind threat.
answer
Vulnerability assessment
question
A facility attack can be broken into three distict phases:
answer
Pre-attack, attack, post-attack
question
An estimate of predicted outcomes of identical trials stated with a confidence level.
answer
probability
question
What is one of the required inputs for a VA?
answer
Knowing the threat
question
third target identification technique for VAs
answer
consequence analysis
question
A VA is conducted in the requirments stage of systems engineering, producing what
answer
requirements for an upgraded system design
question
A characteristic that identifies the levels needed to achieve specific objectives under a given set of conditions
answer
A requirement
question
Requirements are generally stated as ____ and goasl are stated as _____.
answer
Shall, should
question
Signals are transmitted in what is called a _____ of picture video, made up of two _____ of information
answer
frame, fields
question
Criteria for good reporting
answer
Accuracy, clarity, conciseness, timeliness, slant
question
Risk analysis is conducted during which PPS life cycle phase?
answer
Planning
question
A successful security design integratesthree primary elements:
answer
Architechtural aspects, security systems, and operational factors
question
The deliverables of the design phase
answer
PPS specifications & the statement of work
question
International Organization for standardization (ISO) are...
answer
voluntary but widely adopted
question
Binding under law and can be enforced by formal authorities
answer
statutory and regulatory standards
question
The job of managing involves five basic fuctions:
answer
Planning, organizing, directing, coordinating, controlling
question
A structure that extends higher than the maximum reach of available fire fighting equipment.
answer
High-rise
question
High rise building operating modes
answer
Open, closed, hybrid