DSCA SPED PHYSICAL SECURITY CERTIFICATION TEST AND
ANSWERS #13
Lighting, weapons, closed circuit TV, fences, and locking mechanisms are examples of
what category of Countermeasure?
Equipment
Procedural
Facilities
Training - correct answer Equipment
(GS102)
An asset value should be assigned based on the perspective of the
_________________
Asset Manager
Asset Owner
Chief of Security
Program Manager - correct answer Asset Owner
(GS102)
Your are the one who decides what constitutes an acceptable level of risk for an
organization's assets.
(T or F) - correct answer False
(GS102)
Which of the following questions are used to identify an adversary's intent?
Are the adversaries willing to risk getting caught? (multiple)
What are the vulnerabilities to the risk management system?
What are the adversary's goals?
What level of risk are the adversaries likely to accept? - correct answer Are the
adversaries willing to risk getting caught?
What are the adversary's goals?
What level of risk are the adversaries likely to accept?
(GS102)
After you've completed all other steps, what final chart would you use to summarize and
record your information in order to get the total cost for all countermeasures?
Intent Assessment Chart
Collection Capability Assessment Chart
Countermeasure Analysis Chart
Threat Assessment Summary Chart - correct answer Countermeasure Analysis Chart
(GS102)
To assist in analyzing threat data, adversaries are typically grouped into all EXCEPT
which of the following categories?
Organizations
Companies
,Governments
Individuals - correct answer Companies
(GS102)
After completing the vulnerability assessment in the risk management process, the next
step is the ___________ assessment.
Risk
Countermeasures
Cost/benefit
Asset - correct answer Risk
(GS102)
After completing the threat assessment step of the risk management process, what step
should be completed next?
Asset Assessment
Vulnerability assessment
Cost/benefit analysis
Countermeasure determination - correct answer Vulnerability assessment
(GS102)
Which of the following is NOT a good interview question for determining an adversary's
history's?
Does the adversary have the weapons or tools for exploiting or attacking?
Has the adversary attacked or exploited assets or personnel before?
Has the adversary been suspected of attacking or exploiting assets?
Might some foreseeable event cause the adversary to attempt an attack? - correct
answer Has the adversary been suspected of attacking or exploiting assets?
(GS102)
Which of the following is one of the five categories of assets?
Facilities
Countermeasures
Vulnerability - correct answer Facilities
(GS102)
Using the formula R= (I[T x V]) which of the examples below poses the highest risk:
Asset is assessed as 3 (low), threat is assessed as .75(critical), and the vulnerability is
assessed as .74 (high)
Asset is assessed as 13 (medium), threat is assessed as .50(high), and the vulnerability
is assessed as .74 (high)
Asset is assessed as 80 (critical), threat is assessed as .24(low), and the vulnerability is
assessed as .37 (medium) - correct answer Asset is assessed as 80 (critical), threat is
assessed as .24(low), and the vulnerability is assessed as .37 (medium)
(GS102)
, The risk management process uses four linguistic values: critical, high, medium, and
significant
T or F - correct answer False
(GS102)
Poor perimeter lighting and unsecured doors are examples of a/an _______
vulnerability.
Operational
Facility
Human
Information - correct answer Facility
(GS102)
The formula R=I [T x V] is used for calculating a risk rating. What risk factors do R, I, T,
and V represent?
Risk, impact, threat, vulnerability
Return, impact, threat, vulnerability
Risk, importance, threat, vulnerability
Return, importance, threat, vulnerability - correct answer Risk, impact, threat,
vulnerability
(GS102)
Awareness programs, two person rules, and passwords are examples of what category
of countermeasures?
Manpower
Equipment
Planning
Procedural - correct answer Procedural
(GS102)
The time to implement and oversee the countermeasure, the time to prepare for its
implementation, and any time required for follow-up and evaluation have no impact
when determining the cost of a countermeasure.
T or F - correct answer False
(GS102)
Identify and characterize the specific vulnerabilities that still exist, given the current
countermeasures is a step necessary for _______________.
Risk rating
Risk assessment
Regression analysis
Threat rating - correct answer Regression analysis
(GS102)
The process in which the costs and benefits of each alternative countermeasure are
compared, and the most appropriate alternative is selected, is called ____________.
ANSWERS #13
Lighting, weapons, closed circuit TV, fences, and locking mechanisms are examples of
what category of Countermeasure?
Equipment
Procedural
Facilities
Training - correct answer Equipment
(GS102)
An asset value should be assigned based on the perspective of the
_________________
Asset Manager
Asset Owner
Chief of Security
Program Manager - correct answer Asset Owner
(GS102)
Your are the one who decides what constitutes an acceptable level of risk for an
organization's assets.
(T or F) - correct answer False
(GS102)
Which of the following questions are used to identify an adversary's intent?
Are the adversaries willing to risk getting caught? (multiple)
What are the vulnerabilities to the risk management system?
What are the adversary's goals?
What level of risk are the adversaries likely to accept? - correct answer Are the
adversaries willing to risk getting caught?
What are the adversary's goals?
What level of risk are the adversaries likely to accept?
(GS102)
After you've completed all other steps, what final chart would you use to summarize and
record your information in order to get the total cost for all countermeasures?
Intent Assessment Chart
Collection Capability Assessment Chart
Countermeasure Analysis Chart
Threat Assessment Summary Chart - correct answer Countermeasure Analysis Chart
(GS102)
To assist in analyzing threat data, adversaries are typically grouped into all EXCEPT
which of the following categories?
Organizations
Companies
,Governments
Individuals - correct answer Companies
(GS102)
After completing the vulnerability assessment in the risk management process, the next
step is the ___________ assessment.
Risk
Countermeasures
Cost/benefit
Asset - correct answer Risk
(GS102)
After completing the threat assessment step of the risk management process, what step
should be completed next?
Asset Assessment
Vulnerability assessment
Cost/benefit analysis
Countermeasure determination - correct answer Vulnerability assessment
(GS102)
Which of the following is NOT a good interview question for determining an adversary's
history's?
Does the adversary have the weapons or tools for exploiting or attacking?
Has the adversary attacked or exploited assets or personnel before?
Has the adversary been suspected of attacking or exploiting assets?
Might some foreseeable event cause the adversary to attempt an attack? - correct
answer Has the adversary been suspected of attacking or exploiting assets?
(GS102)
Which of the following is one of the five categories of assets?
Facilities
Countermeasures
Vulnerability - correct answer Facilities
(GS102)
Using the formula R= (I[T x V]) which of the examples below poses the highest risk:
Asset is assessed as 3 (low), threat is assessed as .75(critical), and the vulnerability is
assessed as .74 (high)
Asset is assessed as 13 (medium), threat is assessed as .50(high), and the vulnerability
is assessed as .74 (high)
Asset is assessed as 80 (critical), threat is assessed as .24(low), and the vulnerability is
assessed as .37 (medium) - correct answer Asset is assessed as 80 (critical), threat is
assessed as .24(low), and the vulnerability is assessed as .37 (medium)
(GS102)
, The risk management process uses four linguistic values: critical, high, medium, and
significant
T or F - correct answer False
(GS102)
Poor perimeter lighting and unsecured doors are examples of a/an _______
vulnerability.
Operational
Facility
Human
Information - correct answer Facility
(GS102)
The formula R=I [T x V] is used for calculating a risk rating. What risk factors do R, I, T,
and V represent?
Risk, impact, threat, vulnerability
Return, impact, threat, vulnerability
Risk, importance, threat, vulnerability
Return, importance, threat, vulnerability - correct answer Risk, impact, threat,
vulnerability
(GS102)
Awareness programs, two person rules, and passwords are examples of what category
of countermeasures?
Manpower
Equipment
Planning
Procedural - correct answer Procedural
(GS102)
The time to implement and oversee the countermeasure, the time to prepare for its
implementation, and any time required for follow-up and evaluation have no impact
when determining the cost of a countermeasure.
T or F - correct answer False
(GS102)
Identify and characterize the specific vulnerabilities that still exist, given the current
countermeasures is a step necessary for _______________.
Risk rating
Risk assessment
Regression analysis
Threat rating - correct answer Regression analysis
(GS102)
The process in which the costs and benefits of each alternative countermeasure are
compared, and the most appropriate alternative is selected, is called ____________.
