PPT – CPP PowerPoint presentation | free to download

About This Presentation

Title:

CPP

Description:

CPP Study Guide # 2 1 - 667 – PowerPoint PPT presentation

Number of Views:405

Avg rating:3.0/5.0

Slides: 668

Provided by: laso150

Category:

more less

Transcript and Presenter's Notes

Title: CPP

1
CPP

Study Guide 2
1 - 667

2
Sensitive Information

Sample Questions

3
1. Any formula, pattern, device or compilation of
information which is used in ones business and
which gives him an opportunity to gain an
advantage over competitors who do not know or use
it is

a. A monopoly
b. An unfair trade practice
c. A trade secret
d. A patent

4
1. Any formula, pattern, device or compilation of
information which is used in ones business and
which gives him an opportunity to gain an
advantage over competitors who do not know or use
it is

a. A monopoly
b. An unfair trade practice
c. A trade secret
d. A patent

5
2. Probably the main reason for loss of sensitive
information is

a. Inadvertent disclosure
b. Deliberately stolen by outsider
c. Industrial espionage
d. Deliberately stolen by insider

6
2. Probably the main reason for loss of sensitive
information is

a. Inadvertent disclosure
b. Deliberately stolen by outsider
c. Industrial espionage
d. Deliberately stolen by insider

7
3. The primary tool of pre-employment screening
is the

a. Interview
b. Application form
c. The investigation
d. The investigator

8
3. The primary tool of pre-employment screening
is the

a. Interview
b. Application form
c. The investigation
d. The investigator

9
4. Competitive intelligence gathering is a
legitimate activity which is engaged in by many
firms throughout the world. The most important
function of competitive intelligence is to

a. Alert senior management to marketplace
changes in order to prevent surprise
b. Alert senior management as to the personal
habits of competitive senior management
c. Alert government intelligence agencies to
marketplace changes
d. Alert senior management to changes in
protocol in foreign countries

10
4. Competitive intelligence gathering is a
legitimate activity which is engaged in by many
firms throughout the world. The most important
function of competitive intelligence is to

a. Alert senior management to marketplace
changes in order to prevent surprise
b. Alert senior management as to the personal
habits of competitive senior management
c. Alert government intelligence agencies to
marketplace changes
d. Alert senior management to changes in
protocol in foreign countries

11
5. The instrument used to monitor telephone call
by providing a record of all numbers dialed from
a particular phone is called

a. A wiretap
b. A bug
c. An electronic surveillance
d. A pen register

12
5. The instrument used to monitor telephone call
by providing a record of all numbers dialed from
a particular phone is called

a. A wiretap
b. A bug
c. An electronic surveillance
d. A pen register

13
6. A clandestine listening device, generally a
small hidden microphone and radio transmitter is
known as

a. A bug
b. A wiretap
c. A tempest
d. A beeper

14
6. A clandestine listening device, generally a
small hidden microphone and radio transmitter is
known as

a. A bug
b. A wiretap
c. A tempest
d. A beeper

15
7. A microphone with a large disk-like attachment
used for listening to audio from great distances
is known as

a. Contact microphone
b. Spike microphone
c. Parabolic microphone
d. Moving coil microphone

16
7. A microphone with a large disk-like attachment
used for listening to audio from great distances
is known as

a. Contact microphone
b. Spike microphone
c. Parabolic microphone
d. Moving coil microphone

17
8. Sound waves too high in frequency to be heard
by the human ear, generally above 20 KHZ are
known as

a. Microwaves
b. Ultrasonic
c. High frequency
d. Short-wave

18
8. Sound waves too high in frequency to be heard
by the human ear, generally above 20 KHZ are
known as

a. Microwaves
b. Ultrasonic
c. High frequency
d. Short-wave

19
9. Two methods of protection against telephone
line eavesdropping are apparently reliable. The
first method is dont discuss sensitive
information and the other is

a. To use a wire tap detector
b. To use a radio jammer
c. To use an audio jammer
d. To use encryption equipment

20
9. Two methods of protection against telephone
line eavesdropping are apparently reliable. The
first method is dont discuss sensitive
information and the other is

a. To use a wire tap detector
b. To use a radio jammer
c. To use an audio jammer
d. To use encryption equipment

21
10. The unauthorized acquisition of sensitive
information is known as

a. Industrial espionage
b. Embezzlement
c. Larceny
d. False pretenses

22
10. The unauthorized acquisition of sensitive
information is known as

a. Industrial espionage
b. Embezzlement
c. Larceny
d. False pretenses

23
11. Proprietary information is

a. Information which must be so classified under
government order
b. Private information of highly sensitive
character
c. Defense data which must be classified
according to federal regulations
d. Anything that an enterprise considers
relevant to its status or operations and does
not want to disclose publicly

24
11. Proprietary information is

a. Information which must be so classified under
government order
b. Private information of highly sensitive
character
c. Defense data which must be classified
according to federal regulations
d. Anything that an enterprise considers
relevant to its status or operations and does
not want to disclose publicly

25
12. A trade secret is

a. Any formula, pattern, device or compilation of
information which is used in ones business and
which gives that business an opportunity to gain
an advantage over competitors who do not know
or use it
b. All information about a company which the
company desires to protect
c. Information of a company which is registered
as such with the Patent Office
d. Information so designated by the government

26
12. A trade secret is

a. Any formula, pattern, device or compilation of
information which is used in ones business and
which gives that business an opportunity to
gain an advantage over competitors who do not
know or use it
b. All information about a company which the
company desires to protect
c. Information of a company which is registered
as such with the Patent Office
d. Information so designated by the government

27
13. The control software of a Private Board
Exchange (PBX) can be accessed and compromised by
calling the telephone number of a device on the
PBX from a computer and modem. The name of this
PBX device is the

a. Time Domain Reflectometer
b. Remote Maintenance Access Terminal
c. Current Carrier Signaling Port
d. Internal and Remote Signal Port

28
13. The control software of a Private Board
Exchange (PBX) can be accessed and compromised by
calling the telephone number of a device on the
PBX from a computer and modem. The name of this
PBX device is the

a. Time Domain Reflectometer
b. Remote Maintenance Access Terminal
c. Current Carrier Signaling Port
d. Internal and Remote Signal Port

29
14. Which of the following is generally not true
in regard to proprietary information?

a. Secret information does not have to be
specifically identifiable
b. Secret information must be such that it can
be effectively protected
c. The more narrowly a business defines what it
regards as secret, the easier it is to protect
that body of information
d. It is difficult to protect as a trade secret
that which can be found in publicly accessible
sources

30
14. Which of the following is generally not true
in regard to proprietary information?

a. Secret information does not have to be
specifically identifiable
b. Secret information must be such that it can
be effectively protected
c. The more narrowly a business defines what it
regards as secret, the easier it is to protect
that body of information
d. It is difficult to protect as a trade secret
that which can be found in publicly accessible
sources

31
15. With respect to trade secrets, it may be
decided that its disclosure by another was
innocent rather than wrongful even in the case
where the person making the disclosure really was
guilty of malice or wrong intent. This situation
may occur when

a. There is absence of evidence that an owner
has taken reasonable precautions to protect
confidential information
b. The trade secret was not registered
c. The trade secret did not involve national
defense information
d. The trade secret was not in current use

32
15. With respect to trade secrets, it may be
decided that its disclosure by another was
innocent rather than wrongful even in the case
where the person making the disclosure really was
guilty of malice or wrong intent. This situation
may occur when

a. There is absence of evidence that an owner
has taken reasonable precautions to protect
confidential information
b. The trade secret was not registered
c. The trade secret did not involve national
defense information
d. The trade secret was not in current use

33
16. The class of person under a duty to safeguard
a proprietary secret is known as

a. Agents
b. Principals
c. Fiduciaries
d. Business Associates

34
16. The class of person under a duty to safeguard
a proprietary secret is known as

a. Agents
b. Principals
c. Fiduciaries
d. Business Associates

35
17. Which of the following is not a correct
statement, or a general rule, involving the
protection of proprietary information?

a. By operation of common law employees are
presumed to be fiduciaries to the extent they
may not disclose secrets of their employers
without authorization
b. As a class, employees are the largest group of
persons bound to secrecy because of their status
or relationship
c. Other than employees, any other persons to be
bound to secrecy must agree to be so bound
d. Any agreements to be bound must always be in
writing and are not implied from acts

36
17. Which of the following is not a correct
statement, or a general rule, involving the
protection of proprietary information?

a. By operation of common law employees are
presumed to be fiduciaries to the extent they
may not disclose secrets of their employers
without authorization
b. As a class, employees are the largest group of
persons bound to secrecy because of their status
or relationship
c. Other than employees, any other persons to be
bound to secrecy must agree to be so bound
d. Any agreements to be bound must always be in
writing and are not implied from acts

37
18. Probably the chief reason for the loss of
information about sensitive operations is

a. Deliberately stolen by an outsider
b. Loss by fire or other disaster
c. Deliberately stolen by insider
d. Lost through inadvertent disclosure

38
18. Probably the chief reason for the loss of
information about sensitive operations is

a. Deliberately stolen by an outsider
b. Loss by fire or other disaster
c. Deliberately stolen by insider
d. Lost through inadvertent disclosure

39
19. The term eavesdropping refers to

a. Wiretapping only
b. Bugging only
c. Both wiretapping and bugging
d. Mail covers

40
19. The term eavesdropping refers to

a. Wiretapping only
b. Bugging only
c. Both wiretapping and bugging
d. Mail covers

41
20. A microphone which has the characteristics of
requiring no power source to operate it, is quite
small, relatively difficult to detect, and is
offered by equipment suppliers in such items as
cuff links and hearing aides is known as

a. Carbon microphone
b. Dynamic microphone
c. Contact microphone
d. Parabolic microphone

42
20. A microphone which has the characteristics of
requiring no power source to operate it, is quite
small, relatively difficult to detect, and is
offered by equipment suppliers in such items as
cuff links and hearing aides is known as

a. Carbon microphone
b. Dynamic microphone
c. Contact microphone
d. Parabolic microphone

43
21. A microphone which is normally installed on a
common wall adjoining a target area when it is
impractical or impossible to enter the area to
make a microphone installation is

a. Carbon microphone
b. Dynamic microphone
c. Contact microphone
d. Parabolic microphone

44
21. A microphone which is normally installed on a
common wall adjoining a target area when it is
impractical or impossible to enter the area to
make a microphone installation is

a. Carbon microphone
b. Dynamic microphone
c. Contact microphone
d. Parabolic microphone

45
22. Which of the following is not true with
regard to electronic eavesdropping

a. A listening device installed in a wire will
cause a crackling sound, click or other noise
than can be heard on the line
b. An effective countermeasures survey to detect
evidence of electronic eavesdropping in
telephone equipment must be conducted by a
person technically familiar with such equipment
c. All wiring should be traced out and accounted
for in a countermeasures survey
d. In a countermeasures survey to detect
electronic eavesdropping. A physical search
should be utilized as well as an electronic
search

46
22. Which of the following is not true with
regard to electronic eavesdropping

a. A listening device installed in a wire will
cause a crackling sound, click or other noise
than can be heard on the line
b. An effective countermeasures survey to detect
evidence of electronic eavesdropping in
telephone equipment must be conducted by a
person technically familiar with such equipment
c. All wiring should be traced out and accounted
for in a countermeasures survey
d. In a countermeasures survey to detect
electronic eavesdropping. A physical search
should be utilized as well as an electronic
search

47
23. In designing a proprietary information
protection program, the area of greatest
vulnerability is

a. Personnel files
b. Marketing data
c. Employees
d. Computers

48
23. In designing a proprietary information
protection program, the area of greatest
vulnerability is

a. Personnel files
b. Marketing data
c. Employees
d. Computers

49
24. Two of the three most common methods of
information losses are inadvertent disclosure and
industrial espionage. Which of the following is
the third

a. Newspaper articles
b. Television
c. Magazine articles
d. Theft by an insider

50
24. Two of the three most common methods of
information losses are inadvertent disclosure and
industrial espionage. Which of the following is
the third

a. Newspaper articles
b. Television
c. Magazine articles
d. Theft by an insider

51
25. Which of the following statements is
incorrect with regard to an information security
program?

a. A good information security program will
provide absolute protection against an enemy
spy
b. The information security program is an attempt
to make theft of sensitive information
difficult, not necessarily eliminate it
c. A trust relationship must be established and
maintained with employees
d. The good will and compliance of employees is
crucial for success

52
25. Which of the following statements is
incorrect with regard to an information security
program?

a. A good information security program will
provide absolute protection against an enemy spy
b. The information security program is an attempt
to make theft of sensitive information
difficult, not necessarily eliminate it
c. A trust relationship must be established and
maintained with employees
d. The good will and compliance of employees is
crucial for success

53
26. Vital records normally constitute the
following percentage of the companys total
records

a. 2
b. 5
c. 10
d. 15

54
26. Vital records normally constitute the
following percentage of the companys total
records

a. 2
b. 5
c. 10
d. 15

55
27. A specially constructed microphone attached
directly to an object or surface to be protected
and which responds only when the protected object
or surface is disturbed is known as

a. Parabolic microphone
b. Special audio microphone
c. Contact microphone
d. Surreptitious microphone

56
27. A specially constructed microphone attached
directly to an object or surface to be protected
and which responds only when the protected object
or surface is disturbed is known as

a. Parabolic microphone
b. Special audio microphone
c. Contact microphone
d. Surreptitious microphone

57
28. Social engineering is

a. The conversation involved in the beginning of
a romantic relationship
b. A function of the personnel department in
which like persons are teamed together in
workshops or seminars for maximum productivity
c. The subtle elicitation of information without
revealing the true purpose of the call
d. The specific design of a business structure to
facilitate the interaction of the inhabitants

58
28. Social engineering is

a. The conversation involved in the beginning of
a romantic relationship
b. A function of the personnel department in
which like persons are teamed together in
workshops or seminars for maximum productivity
c. The subtle elicitation of information without
revealing the true purpose of the call
d. The specific design of a business structure to
facilitate the interaction of the inhabitants

59
29. A former employee, who had access to your
trade secret information, is now employed by a
competitor and is apparently using the trade
secret information to gain market share. There
are several serious factors you should consider
before you institute litigation in the matter.
Which of the following is not a serious factor to
be considered?

a. You may have to expose the very secrets you
are attempting to protect
b. The cost of the litigation may exceed the
value of the secret information
c. You may lose your case
d. Other employees may leave the company and
attempt to use trade secret information in the
business of a new employer

60
29. A former employee, who had access to your
trade secret information, is now employed by a
competitor and is apparently using the trade
secret information to gain market share. There
are several serious factors you should consider
before you institute litigation in the matter.
Which of the following is not a serious factor to
be considered?

a. You may have to expose the very secrets you
are attempting to protect
b. The cost of the litigation may exceed the
value of the secret information
c. You may lose your case
d. Other employees may leave the company and
attempt to use trade secret information in the
business of a new employer

61
30. Electromagnetic radiation is detectable
electromagnetic energy is generated by electronic
information processing devices. Which of the
following is used to protect very sensitive
equipment?

a. A current carrier device
b. Pneumatic cavity shielding
c. Tempest shielding
d. Pen register shielding

62
30. Electromagnetic radiation is detectable
electromagnetic energy is generated by electronic
information processing devices. Which of the
following is used to protect very sensitive
equipment?

a. A current carrier device
b. Pneumatic cavity shielding
c. Tempest shielding
d. Pen register shielding

63
Significant Notes

Sensitive Information

64
The basis for any industrial espionage prevention
program is protection of information
65
There are many kinds of information which a
company would like to keep in a confidential
status but not all such information could be
classified as trade secrets
66
One definition of trade secret is information
including formula, pattern, compilation, program,
device, method, technique or process
thata. Derives independent economic value,
actual or potential, from not being generally
known to and not being readily ascertainable by
proper means, by other persons who can obtain
economic value from its disclosure or use,
andb. Is the subject of efforts that are
reasonable under the circumstances to maintain
its secrecy.
67
Proprietary information is information of value
owned by or entrusted to a company which relates
to the operations of the company and which has
not been disclosed publicly
68
A trade secret is part of a companys
proprietary information but not all propriety
information necessarily fits the definition of
trade secret information
69
Generally trade secrets are given a higher
degree of legal protection than other proprietary
information
70
There are three basic requirements of a trade
secreta. Must be of competitive
advantageb. Must be secretc. Must be used in
the business of the owner
71
Information must meet the following requirements
to fit the definition required of a trade
secreta. Must be specifically
identifiableb. Cannot be found in publicly
accessible sourcesc. Should be disclosed by
owner only to those under a duty to protect
secrecyd. Persons afforded knowledge of secret
information must know it to be
confidentiale. The owners must be able to show
they have instituted adequate protective
measures to safeguard secrecy of date
72
Unless the owner of a trade secret can furnish
proof of diligent care in the protection of a
trade secret, such trade secret may be lost
73
Patent laws provide that an inventor who first
develops a new machine, manufacturing process,
composition or matter, plan or design that is
sufficiently novel and useful can apply for and
receive an exclusive right to that invention for
a period of 17 years
74
Inadvertent disclosure probably is the chief
reason for loss of information about sensitive
operations
75
One method important in protection of sensitive
information is installing an effective awareness
program to assure all employees are aware of the
existence of sensitive data in the company and
their responsibilities in protecting such
76
Another important protective device is the use of
nondisclosure agreements(employee patent and
secrecy agreements) from employees in which the
employees acknowledge their fiduciary
responsibility
77
A non-competitive agreement is agreement on
part of employee upon leaving employment of one
company that the employee will not accept
employment with a defined competitor for a stated
period of time
78
A telephone instrument may also be utilized as a
listening device
79
In an electronic countermeasure survey, note that
light switches and electrical outlets are
favorite places to install listening devices
80
Most loss of proprietary information occurs
because of negligence
81
One very important protective measure used to
safeguard sensitive data is to disclose such only
in a need-to-know basis
82
Theft of sensitive information through industrial
espionage methods or other methods of outside
theft accounts for a smaller loss than through
negligence however, the loss through outside
theft is more dangerous because the data stolen
is usually the most valuable
83
One of the biggest problems in designing a
proprietary information protection program is
caused by the large amount of vital data
processed and analyzed electronically
84
Employees are the greatest vulnerability in a
proprietary information protection program.
Accordingly, an employee awareness program is
necessary whereby they are educated with regard
to their responsibilities in protecting sensitive
data.
85
Definitions

Proprietary Information
Information over which the possessor asserts
ownership and which is related to the activities
or status of the possessor in some special way

86
Definitions

Patent
A government grant conveying and securing the
exclusive right to make, use, and sell an
invention for a term of years (seventeen)

87
Trade Secret

A trade Secret is a process or device for
continuous use in the operation of the business
For trade secret protection, must prove
Secrecy
Value
Use in the owners business

88
Trade Secret

Trade Secret information is entitled by law to
more protection than other kinds of proprietary
information

89
Trade Secret

The following are not trade secrets
Salary information
Rank surveys
Customer usage evaluation
Profitability margins
Unit costs
Personnel changes

90
Trade Secret / Patent

A trade secret remains secret as long as it
continues to meet trade secret tests but the
exclusive right to patent protection expires
after 17 years

91
Trade Secret / Patent

Since anyone can purchase a patent, there are not
industrial espionage targets in a patented
invention
Trade Secrets are targets

92
Proprietary Information

Two approaches used to deal with P.I.
Property Concept
regards the information as having independent
value if it amounts to a trade secret
Fiduciaries
Imposition of duties upon certain classes of
people, other than the owner not to use or
divulge info without owners consent.

93
Proprietary Information

There are 3 broad threats to proprietary
information
It can be lost through inadvertent disclosure
It can be deliberately stolen by an outsider
It can be deliberately stolen by an insider

94
Competitive Intelligence Gathering

The most important function of competitive
intelligence gathering is to alert senior
management to marketplace changes in order to
prevent surprise

95
Competitive Intelligence Gathering

A rich source of information is in the
information provided to government regulators
Never reveal information to anyone that you would
not reveal to a competitor

96
Industrial Espionage

Industrial espionage is the theft of information
by legal or illegal means. It is more dangerous
than inadvertent disclosure by employees in that
highly valuable information is stolen for release
to others who plan to exploit it.

97
Protection Programs

The vulnerability assessment is conducted from
the perspective of the competitor and considers
What critical information exists
The period of time when the information is
critical. This may be a short period or may be
for the life of a product
The identity of employees and indirect associates
who have access to the information

98
Eavesdropping Tactics Equipment

Wiretapping - is the interception of
communication over a wire w/o participants
consent and requires physical entry into the
communication circuit
Bugging - interception of communication w/o
participants consent by means of electronic
devices and w/o penetration of a wire.

99
Eavesdropping Tactics Equipment

Eavesdropping is a psychological traumatic
experience for the victim.
It is the most devastating of espionage
techniques.

100
Wired microphones

Carbon microphone
commonly used in a standard telephone handset
Crystal microphone
generates a small electrical current when the
crystal is vibrated by sound waves
Contact microphone
installed on a common wall with the target area

101
Wired microphones

Spike microphone
installed in a hole in the common wall
(not fully through)
Dynamic microphone
movement of a small wire near a permanent magnet
converts sound into electrical energy. Good
eavesdropping device which operates as a
loudspeaker in reverse

102
Wired microphones

Pneumatic cavity device
has a specially designed small cavity which picks
up surface vibrations. (Glass tumbler effect)
Condenser microphone
high fidelity use. Fragile and sensitive
Electret microphone
used primarily in P.A. and audio recording.
(Extremely small)

103
Wired microphones

Omnidirectional microphone
used in conferences. Picks up sound from many
directions around the room
Cardioid microphone
picks up sound from directly in front of mic
Parabolic microphone
gathers audio energy and directs it to a
conventional microphone in the center of a
dish-type reflector

104
Wireless microphones

A radio frequency (RF) device. Consists of
A microphone
A transmitter
A power supply
An antenna and,
A receiver

105
Light transformation

1. Infrared light wave transmissions use light
waves invisible to the human eye. Sound waves are
converted to electronic impulses and the pulses
are used to modulate infrared light waves.
Similar to a TV remote

106
Light transformation

2. Laser (Light Amplification by Stimulated
Emission of Radiation) transmission of sound does
not require any equipment in the surveillance
area. A laser beam focused on a window pane or a
reflective object in the room. The vibrating
glass modulates a reflected laser beam. Rarely
used due to interference.

107
Light transformation

3. Fiber optic laser transmission uses a
communications grade glass fiber, filled with
laser light, routed through the surveillance
area. Sound waves cause the fiber to vibrate
slightly, altering the laser light.

108
Electromagnetic radiation

Detectable electromagnetic energy is generated by
electronic information processing devices.
Detection is possible for several hundred feet.
The faraday cage or tempest shielding is used
for very sensitive equipment.

109
Telephone eavesdropping

Digital systems - originally thought to be
secure
Digit stream can be recorded and converted to
analog and speech.
The control system is available from an on-site
terminal or from off-site through the network.
(Remote Maintenance Access Terminal) (RMAT)

110
The Eavesdropping Threat

Risk for the electronic eavesdropper is low
electronic eavesdropping is easily committed
chances are low that victim will find the device
chances low, if found, can be tied to
eavesdropper
prosecution of eavesdropping cases is rare and,
the reward far outweighs the risk

111
Miscellaneous

Plenum
space above a dropped ceiling
Variable Path Encryption (VPE)
is particularly useful to secure cellular
signals. A call is made to a toll-free number of
the VPE provider. A unit attached to the cellular
set and a unit at the VPE provider alter the
communication between them. The signal is sent in
the clear from the VPE provider to the intended
destination of the call

112
Miscellaneous

Time domain reflectometry
an electronic picture of the telephone line at a
given time which is compared to the same line at
a future time

113
Miscellaneous

Audio masking
generation of noise at the perimeter of the
secure area to cover or mask conversation. Music
is not used white or pink noise is not as
easily filtered from the tape

114
Security Management

Sample Questions

115
1. One supervisor can effectively control only a
limited number of people and that limit should
not be exceeded. This principle is called

a. Unity of command
b. Supervisory limits
c. Span of control
d. Line of discipline

116
1. One supervisor can effectively control only a
limited number of people and that limit should
not be exceeded. This principle is called

a. Unity of command
b. Supervisory limits
c. Span of control
d. Line of discipline

117
2. An important principle of organization is that
an employee should be under the direct control of
one and only one immediate supervisor. This
principle is

a. Unity of command
b. Supervisory limits
c. Span of control
d. Line of discipline

118
2. An important principle of organization is that
an employee should be under the direct control of
one and only one immediate supervisor. This
principle is

a. Unity of command
b. Supervisory limits
c. Span of control
d. Line of discipline

119
3. From an organizational standpoint, the head of
security should report to

a. Superintendent of buildings
b. Manager of buildings and grounds
c. Head housekeeper
d. A vice-president or higher

120
3. From an organizational standpoint, the head of
security should report to

a. Superintendent of buildings
b. Manager of buildings and grounds
c. Head housekeeper
d. A vice-president or higher

121
4. The most conspicuous role of the security
department in any organization is that of

a. Educational services
b. Management services
c. Special services
d. Protective services

122
4. The most conspicuous role of the security
department in any organization is that of

a. Educational services
b. Management services
c. Special services
d. Protective services

123
5. Training sessions consisting of a security
awareness program for new employees should be
conducted by

a. Special training officers
b. Security personnel
c. Consultants skilled in training
d. Member of management

124
5. Training sessions consisting of a security
awareness program for new employees should be
conducted by

a. Special training officers
b. Security personnel
c. Consultants skilled in training
d. Member of management

125
6. There are necessary and legitimate exceptions
to the principle of unity of command. One
condition which sometimes allows for shifting in
supervision is

a. When order is given by the rank of captain or
above
b. When order is given by the head of a
department
c. When the order is given by the head of
internal affairs
d. During emergencies

126
6. There are necessary and legitimate exceptions
to the principle of unity of command. One
condition which sometimes allows for shifting in
supervision is

a. When order is given by the rank of captain or
above
b. When order is given by the head of a
department
c. When the order is given by the head of
internal affairs
d. During emergencies

127
7. Perhaps the most common shortcoming in the
security industry is

a. Lack of support by top management
b. Failure to properly prepare and equip new
supervisors with tools to discharge their
important responsibilities (supervisor
training)
c. Lack of planning
d. Lack of monetary resources

128
7. Perhaps the most common shortcoming in the
security industry is

a. Lack of support by top management
b. Failure to properly prepare and equip new
supervisors with tools to discharge their
important responsibilities (supervisor
training)
c. Lack of planning
d. Lack of monetary resources

129
8. As a rule, which department of the company
administers the recruiting activity?

a. The security department
b. Administrative department
c. Personnel department
d. Internal affairs

130
8. As a rule, which department of the company
administers the recruiting activity?

a. The security department
b. Administrative department
c. Personnel department
d. Internal affairs

131
9. In non-entry level recruiting, the
recommended technique is

a. Blind ad
b. Open advertisement in newspaper
c. Advertisement in trade journal
d. By word of mouth on selective basis

132
9. In non-entry level recruiting, the
recommended technique is

a. Blind ad
b. Open advertisement in newspaper
c. Advertisement in trade journal
d. By word of mouth on selective basis

133
10. Every applicants first interview should be
with

a. The security manager director
b. The security supervisor
c. A security line employee
d. A personnel interviewer

134
10. Every applicants first interview should be
with

a. The security manager director
b. The security supervisor
c. A security line employee
d. A personnel interviewer

135
11. The heart of personnel selection is

a. Polygraph test
b. Review of application
c. Interview
d. Background investigation

136
11. The heart of personnel selection is

a. Polygraph test
b. Review of application
c. Interview
d. Background investigation

137
12. Which of the following is not recommended
policy with regard to security manuals?

a. It must be updated on a regular basis
b. Employees should not be allowed to have
possession of it
c. The manual should be put in the hands of all
regular security personnel
d. It should include procedural instructions for
specific incidents

138
12. Which of the following is not recommended
policy with regard to security manuals?

a. It must be updated on a regular basis
b. Employees should not be allowed to have
possession of it
c. The manual should be put in the hands of all
regular security personnel
d. It should include procedural instructions for
specific incidents

139
13. Discipline is primarily the responsibility
of

a. The supervisor
b. The employee
c. The security manager or director
d. The inspection division

140
13. Discipline is primarily the responsibility
of

a. The supervisor
b. The employee
c. The security manager or director
d. The inspection division

141
14. Among classical theories of human behavior in
the work environment, one emphasizes negative
aspects of employee behavior which is known as

a. The autocrat theory
b. The custodial theory
c. The supportive theory
d. McGregors Theory X

142
14. Among classical theories of human behavior in
the work environment, one emphasizes negative
aspects of employee behavior which is known as

a. The autocrat theory
b. The custodial theory
c. The supportive theory
d. McGregors Theory X

143
15. Among classical theories of human behavior
in the work environment is one which suggests
that employees do not inherently dislike work and
will actually seek responsibility and better
performance if encouraged to do so. It is known
as

a. McGregors Theory Y
b. McGregors Theory X
c. The supportive theory
d. The motivation theory

144
15. Among classical theories of human behavior
in the work environment is one which suggests
that employees do not inherently dislike work and
will actually seek responsibility and better
performance if encouraged to do so. It is known
as

a. McGregors Theory Y
b. McGregors Theory X
c. The supportive theory
d. The motivation theory

145
16. Dr. Frederick Herzberg developed a position
that motivation comes from work itself, not from
those factors such as salary and job security.
This theory is known as

a. The supportive theory
b. The work motivation theory
c. The custodial theory
d. McGregors Theory X

146
16. Dr. Frederick Herzberg developed a position
that motivation comes from work itself, not from
those factors such as salary and job security.
This theory is known as

a. The supportive theory
b. The work motivation theory
c. The custodial theory
d. McGregors Theory X

147
17. Which of the following is not an advantage of
using in-house (career) personnel?

a. Career personnel develop a loyalty to the
department
b. Career personnel tend to be more ambitious
c. There is more stability among career
personnel
d. Career personnel constitute a fixed, limited
cadre or pool of manpower resources

148
17. Which of the following is not an advantage of
using in-house (career) personnel?

a. Career personnel develop a loyalty to the
department
b. Career personnel tend to be more ambitious
c. There is more stability among career
personnel
d. Career personnel constitute a fixed, limited
cadre or pool of manpower resources

149
18. Which of the following is known to be one of
the disadvantages of contract security services?

a. Turnover
b. Cost
c. Manpower resource
d. Skills

150
18. Which of the following is known to be one of
the disadvantages of contract security services?

a. Turnover
b. Cost
c. Manpower resource
d. Skills

151
19. Ideally, the person who should conduct the
inspection of a security department is

a. An outside consultant
b. The second ranking person
c. The security director or security manager
d. The ranking sergeant

152
19. Ideally, the person who should conduct the
inspection of a security department is

a. An outside consultant
b. The second ranking person
c. The security director or security manager
d. The ranking sergeant

153
20. The process of determining the probability
and cost of potential loss is known as

a. Probability analysis
b. Risk assessment
c. Potential loss analysis
d. Physical survey

154
20. The process of determining the probability
and cost of potential loss is known as

a. Probability analysis
b. Risk assessment
c. Potential loss analysis
d. Physical survey

155
21. In conducting background investigations,
it is good policy to

a. Not let prospective employee know
investigation is being conducted
b. Restrict investigation to confidential
records checks
c. Restrict investigation to employment checks
d. Advise applicant of forthcoming
investigation and secure his permission

156
21. In conducting background investigations,
it is good policy to

a. Not let prospective employee know
investigation is being conducted
b. Restrict investigation to confidential
records checks
c. Restrict investigation to employment checks
d. Advise applicant of forthcoming
investigation and secure his permission

157
22. The ultimate responsibility for the internal
security in a department should rest with

a. The president
b. Chairman of the board
c. Security director
d. The line supervisor

158
22. The ultimate responsibility for the internal
security in a department should rest with

a. The president
b. Chairman of the board
c. Security director
d. The line supervisor

159
23. The behavioral scientist whose key concept is
that every executive relates to his subordinates
on the basis of a set of assumptions termed
theory X and theory Y was formulated by

a. Abraham Maslow
b. Douglas McGregor
c. Warren Bennis
d. B.F. Skinner

160
23. The behavioral scientist whose key concept is
that every executive relates to his subordinates
on the basis of a set of assumptions termed
theory X and theory Y was formulated by

a. Abraham Maslow
b. Douglas McGregor
c. Warren Bennis
d. B.F. Skinner

161
24. The issuance of weapons to guards is usually
not justified

a. In a situation where deterrence is needed in
handling control of large amounts of cash
b. In situations in which terrorism is a real
threat
c. In situations where there would be greater
danger to life without weapons than with them
d. In a situation where there is no danger to
life safety

162
24. The issuance of weapons to guards is usually
not justified

a. In a situation where deterrence is needed in
handling control of large amounts of cash
b. In situations in which terrorism is a real
threat
c. In situations where there would be greater
danger to life without weapons than with them
d. In a situation where there is no danger to
life safety

163
25. In issuing policy statements regarding the
handling of disturbed persons, the primary
consideration is

a. Legal liability to the disturbed
b. Reducing the disturbed person to a form of
benevolent custody and eliminating the
immediate danger
c. Legal liability to employees and third persons
if restraint not achieved
d. Employee-community public relations

164
25. In issuing policy statements regarding the
handling of disturbed persons, the primary
consideration is

a. Legal liability to the disturbed
b. Reducing the disturbed person to a form of
benevolent custody and eliminating the
immediate danger
c. Legal liability to employees and third persons
if restraint not achieved
d. Employee-community public relations

165
26. Spotting the individual loss events that
might take place is the primary step in dealing
with security vulnerability. This process is
called

a. Loss event probability
b. Threat assessment process
c. Loss event profile
d. Actual threat analysis

166
26. Spotting the individual loss events that
might take place is the primary step in dealing
with security vulnerability. This process is
called

a. Loss event probability
b. Threat assessment process
c. Loss event profile
d. Actual threat analysis

167
27. The likelihood or probability of risks
affecting the assets becoming actual loss events
is known as

a. Loss event probability
b. Loss event profile
c. Threat analysis control
d. Threat target control

168
27. The likelihood or probability of risks
affecting the assets becoming actual loss events
is known as

a. Loss event probability
b. Loss event profile
c. Threat analysis control
d. Threat target control

169
28. The impact or effect on the enterprise if
the loss occurs is known as

a. Loss event profile
b. Loss event probability
c. Loss event criticality
d. Security survey analysis

170
28. The impact or effect on the enterprise if
the loss occurs is known as

a. Loss event profile
b. Loss event probability
c. Loss event criticality
d. Security survey analysis

171
29. Which of the following is considered to be
one of the 3 basic functions of risk management?

a. Lock control
b. Barrier control
c. Disaster management
d. Loss control

172
29. Which of the following is considered to be
one of the 3 basic functions of risk management?

a. Lock control
b. Barrier control
c. Disaster management
d. Loss control

173
30. Oscar Neuman published a classic in which he
presented ideas and applied strategies from the
New York public housing project to aid in
reducing the risk of being victimized and
reducing fear of crime when on the streets. What
is the name of this book?

a. Crime Prevention
b. Crime Reduction
c. Defensible Space
d. Crime in Architectural Planning

174
30. Oscar Neuman published a classic in which he
presented ideas and applied strategies from the
New York public housing project to aid in
reducing the risk of being victimized and
reducing fear of crime when on the streets. What
is the name of this book?

a. Crime Prevention
b. Crime Reduction
c. Defensible Space
d. Crime in Architectural Planning

175
31. From a security perspective, what is the
first factor to be considered in facility
construction?

a. The identity of experienced consultants
b. An effective security plan
c. An architect with knowledge of physical
security
d. The building site itself

176
31. From a security perspective, what is the
first factor to be considered in facility
construction?

a. The identity of experienced consultants
b. An effective security plan
c. An architect with knowledge of physical
security
d. The building site itself

177
32. A critical on-site examination and analysis
of an industrial plant business, home or public
or private institution to ascertain the present
security status, to identify deficiencies or
excesses to determine the protection needed to
make recommendations to improve the overall
security is the definition of

a. Security survey
b. Risk analysis
c. Full-field inspection
d. Crime prevention assessment

178
32. A critical on-site examination and analysis
of an industrial plant business, home or public
or private institution to ascertain the present
security status, to identify deficiencies or
excesses to determine the protection needed to
make recommendations to improve the overall
security is the definition of

a. Security survey
b. Risk analysis
c. Full-field inspection
d. Crime prevention assessment

179
33. There are two generally accepted definitions
of risk. These are more commonly known to risk
managers and security officers as

a. Potential risk and dynamic risk
b. Profit risk and dynamic risk
c. Potential risk and pure risk
d. Pure risk and dynamic risk

180
33. There are two generally accepted definitions
of risk. These are more commonly known to risk
managers and security officers as

a. Potential risk and dynamic risk
b. Profit risk and dynamic risk
c. Potential risk and pure risk
d. Pure risk and dynamic risk

181
34. The most effective deterrent to
shoplifting is

a. Highly competent and educated security
officers
b. Widespread use of sensor devices
c. Well positioned CCTVs
d. Well trained personnel

182
34. The most effective deterrent to
shoplifting is

a. Highly competent and educated security
officers
b. Widespread use of sensor devices
c. Well positioned CCTVs
d. Well trained personnel

183
35. A simplified answer to the question of why
employees steal is

a. Sickness in family
b. To feed a drug habit
c. To live on a higher level
d. The theft triangle

184
35. A simplified answer to the question of why
employees steal is

a. Sickness in family
b. To feed a drug habit
c. To live on a higher level
d. The theft triangle

185
36. Many experts agree that the most important
deterrent to internal theft is

a. Threat of dismissal
b. Fear of discovery
c. Threat of prosecution
d. Conscience pangs

186
36. Many experts agree that the most important
deterrent to internal theft is

a. Threat of dismissal
b. Fear of discovery
c. Threat of prosecution
d. Conscience pangs

187
37. Crime analysis is a key element in focusing
the use of police and security resources to
address crime problems. Data collection and
analysis are two specific steps. The other two
are

a. Inspection and discovery of facts
b. Response and feedback
c. Feedback and corrective action
d. Dissemination and feedback

188
37. Crime analysis is a key element in focusing
the use of police and security resources to
address crime problems. Data collection and
analysis are two specific steps. The other two
are

a. Inspection and discovery of facts
b. Response and feedback
c. Feedback and corrective action
d. Dissemination and feedback

189
38. It is generally accepted that insurance rates
are dependent upon two primary variables. These
are

a. Cost of claims and competitors rates
b. Competition among insurance companies and
frequency of claims
c. Cost of claims and frequency of claims
d. Cost of claims and government regulations

190
38. It is generally accepted that insurance rates
are dependent upon two primary variables. These
are

a. Cost of claims and competitors rates
b. Competition among insurance companies and
frequency of claims
c. Cost of claims and frequency of claims
d. Cost of claims and government regulations

191
39. The basic types of protection which security
personnel realize as best can be described by the
following

a. Fidelity Bonds
b. Surety Bonds
c. Burglary/Robbery/Theft Insurance
d. All of the above

192
39. The basic types of protection which security
personnel realize as best can be described by the
following

a. Fidelity Bonds
b. Surety Bonds
c. Burglary/Robbery/Theft Insurance
d. All of the above

193
40. Bonds which require that an employee be
investigated by the bonding company to limit the
risk of dishonesty, and if that trust is
violated, the insurance company must indemnify
the employer, are called

a. Surety Bonds
b. Fidelity Bonds
c. Insurance Bonds
d. Blanket Bonds

194
40. Bonds which require that an employee be
investigated by the bonding company to limit the
risk of dishonesty, and if that trust is
violated, the insurance company must indemnify
the employer, are called