CPP - PowerPoint PPT Presentation

About This Presentation
Title:

CPP

Description:

CPP Study Guide # 2 1 - 667 – PowerPoint PPT presentation

Number of Views:420
Avg rating:3.0/5.0
Slides: 668
Provided by: laso150
Category:

less

Transcript and Presenter's Notes

Title: CPP


1
CPP
  • Study Guide 2
  • 1 - 667

2
Sensitive Information
  • Sample Questions

3
1. Any formula, pattern, device or compilation of
information which is used in ones business and
which gives him an opportunity to gain an
advantage over competitors who do not know or use
it is
  • a. A monopoly
  • b. An unfair trade practice
  • c. A trade secret
  • d. A patent

4
1. Any formula, pattern, device or compilation of
information which is used in ones business and
which gives him an opportunity to gain an
advantage over competitors who do not know or use
it is
  • a. A monopoly
  • b. An unfair trade practice
  • c. A trade secret
  • d. A patent

5
2. Probably the main reason for loss of sensitive
information is
  • a. Inadvertent disclosure
  • b. Deliberately stolen by outsider
  • c. Industrial espionage
  • d. Deliberately stolen by insider

6
2. Probably the main reason for loss of sensitive
information is
  • a. Inadvertent disclosure
  • b. Deliberately stolen by outsider
  • c. Industrial espionage
  • d. Deliberately stolen by insider

7
3. The primary tool of pre-employment screening
is the
  • a. Interview
  • b. Application form
  • c. The investigation
  • d. The investigator

8
3. The primary tool of pre-employment screening
is the
  • a. Interview
  • b. Application form
  • c. The investigation
  • d. The investigator

9
4. Competitive intelligence gathering is a
legitimate activity which is engaged in by many
firms throughout the world. The most important
function of competitive intelligence is to
  • a. Alert senior management to marketplace
    changes in order to prevent surprise
  • b. Alert senior management as to the personal
    habits of competitive senior management
  • c. Alert government intelligence agencies to
    marketplace changes
  • d. Alert senior management to changes in
    protocol in foreign countries

10
4. Competitive intelligence gathering is a
legitimate activity which is engaged in by many
firms throughout the world. The most important
function of competitive intelligence is to
  • a. Alert senior management to marketplace
    changes in order to prevent surprise
  • b. Alert senior management as to the personal
    habits of competitive senior management
  • c. Alert government intelligence agencies to
    marketplace changes
  • d. Alert senior management to changes in
    protocol in foreign countries

11
5. The instrument used to monitor telephone call
by providing a record of all numbers dialed from
a particular phone is called
  • a. A wiretap
  • b. A bug
  • c. An electronic surveillance
  • d. A pen register

12
5. The instrument used to monitor telephone call
by providing a record of all numbers dialed from
a particular phone is called
  • a. A wiretap
  • b. A bug
  • c. An electronic surveillance
  • d. A pen register

13
6. A clandestine listening device, generally a
small hidden microphone and radio transmitter is
known as
  • a. A bug
  • b. A wiretap
  • c. A tempest
  • d. A beeper

14
6. A clandestine listening device, generally a
small hidden microphone and radio transmitter is
known as
  • a. A bug
  • b. A wiretap
  • c. A tempest
  • d. A beeper

15
7. A microphone with a large disk-like attachment
used for listening to audio from great distances
is known as
  • a. Contact microphone
  • b. Spike microphone
  • c. Parabolic microphone
  • d. Moving coil microphone

16
7. A microphone with a large disk-like attachment
used for listening to audio from great distances
is known as
  • a. Contact microphone
  • b. Spike microphone
  • c. Parabolic microphone
  • d. Moving coil microphone

17
8. Sound waves too high in frequency to be heard
by the human ear, generally above 20 KHZ are
known as
  • a. Microwaves
  • b. Ultrasonic
  • c. High frequency
  • d. Short-wave

18
8. Sound waves too high in frequency to be heard
by the human ear, generally above 20 KHZ are
known as
  • a. Microwaves
  • b. Ultrasonic
  • c. High frequency
  • d. Short-wave

19
9. Two methods of protection against telephone
line eavesdropping are apparently reliable. The
first method is dont discuss sensitive
information and the other is
  • a. To use a wire tap detector
  • b. To use a radio jammer
  • c. To use an audio jammer
  • d. To use encryption equipment

20
9. Two methods of protection against telephone
line eavesdropping are apparently reliable. The
first method is dont discuss sensitive
information and the other is
  • a. To use a wire tap detector
  • b. To use a radio jammer
  • c. To use an audio jammer
  • d. To use encryption equipment

21
10. The unauthorized acquisition of sensitive
information is known as
  • a. Industrial espionage
  • b. Embezzlement
  • c. Larceny
  • d. False pretenses

22
10. The unauthorized acquisition of sensitive
information is known as
  • a. Industrial espionage
  • b. Embezzlement
  • c. Larceny
  • d. False pretenses

23
11. Proprietary information is
  • a. Information which must be so classified under
    government order
  • b. Private information of highly sensitive
    character
  • c. Defense data which must be classified
    according to federal regulations
  • d. Anything that an enterprise considers
    relevant to its status or operations and does
    not want to disclose publicly

24
11. Proprietary information is
  • a. Information which must be so classified under
    government order
  • b. Private information of highly sensitive
    character
  • c. Defense data which must be classified
    according to federal regulations
  • d. Anything that an enterprise considers
    relevant to its status or operations and does
    not want to disclose publicly

25
12. A trade secret is
  • a. Any formula, pattern, device or compilation of
    information which is used in ones business and
    which gives that business an opportunity to gain
    an advantage over competitors who do not know
    or use it
  • b. All information about a company which the
    company desires to protect
  • c. Information of a company which is registered
    as such with the Patent Office
  • d. Information so designated by the government

26
12. A trade secret is
  • a. Any formula, pattern, device or compilation of
    information which is used in ones business and
    which gives that business an opportunity to
    gain an advantage over competitors who do not
    know or use it
  • b. All information about a company which the
    company desires to protect
  • c. Information of a company which is registered
    as such with the Patent Office
  • d. Information so designated by the government

27
13. The control software of a Private Board
Exchange (PBX) can be accessed and compromised by
calling the telephone number of a device on the
PBX from a computer and modem. The name of this
PBX device is the
  • a. Time Domain Reflectometer
  • b. Remote Maintenance Access Terminal
  • c. Current Carrier Signaling Port
  • d. Internal and Remote Signal Port

28
13. The control software of a Private Board
Exchange (PBX) can be accessed and compromised by
calling the telephone number of a device on the
PBX from a computer and modem. The name of this
PBX device is the
  • a. Time Domain Reflectometer
  • b. Remote Maintenance Access Terminal
  • c. Current Carrier Signaling Port
  • d. Internal and Remote Signal Port

29
14. Which of the following is generally not true
in regard to proprietary information?
  • a. Secret information does not have to be
    specifically identifiable
  • b. Secret information must be such that it can
    be effectively protected
  • c. The more narrowly a business defines what it
    regards as secret, the easier it is to protect
    that body of information
  • d. It is difficult to protect as a trade secret
    that which can be found in publicly accessible
    sources

30
14. Which of the following is generally not true
in regard to proprietary information?
  • a. Secret information does not have to be
    specifically identifiable
  • b. Secret information must be such that it can
    be effectively protected
  • c. The more narrowly a business defines what it
    regards as secret, the easier it is to protect
    that body of information
  • d. It is difficult to protect as a trade secret
    that which can be found in publicly accessible
    sources

31
15. With respect to trade secrets, it may be
decided that its disclosure by another was
innocent rather than wrongful even in the case
where the person making the disclosure really was
guilty of malice or wrong intent. This situation
may occur when
  • a. There is absence of evidence that an owner
    has taken reasonable precautions to protect
    confidential information
  • b. The trade secret was not registered
  • c. The trade secret did not involve national
    defense information
  • d. The trade secret was not in current use

32
15. With respect to trade secrets, it may be
decided that its disclosure by another was
innocent rather than wrongful even in the case
where the person making the disclosure really was
guilty of malice or wrong intent. This situation
may occur when
  • a. There is absence of evidence that an owner
    has taken reasonable precautions to protect
    confidential information
  • b. The trade secret was not registered
  • c. The trade secret did not involve national
    defense information
  • d. The trade secret was not in current use

33
16. The class of person under a duty to safeguard
a proprietary secret is known as
  • a. Agents
  • b. Principals
  • c. Fiduciaries
  • d. Business Associates

34
16. The class of person under a duty to safeguard
a proprietary secret is known as
  • a. Agents
  • b. Principals
  • c. Fiduciaries
  • d. Business Associates

35
17. Which of the following is not a correct
statement, or a general rule, involving the
protection of proprietary information?
  • a. By operation of common law employees are
    presumed to be fiduciaries to the extent they
    may not disclose secrets of their employers
    without authorization
  • b. As a class, employees are the largest group of
    persons bound to secrecy because of their status
    or relationship
  • c. Other than employees, any other persons to be
    bound to secrecy must agree to be so bound
  • d. Any agreements to be bound must always be in
    writing and are not implied from acts

36
17. Which of the following is not a correct
statement, or a general rule, involving the
protection of proprietary information?
  • a. By operation of common law employees are
    presumed to be fiduciaries to the extent they
    may not disclose secrets of their employers
    without authorization
  • b. As a class, employees are the largest group of
    persons bound to secrecy because of their status
    or relationship
  • c. Other than employees, any other persons to be
    bound to secrecy must agree to be so bound
  • d. Any agreements to be bound must always be in
    writing and are not implied from acts

37
18. Probably the chief reason for the loss of
information about sensitive operations is
  • a. Deliberately stolen by an outsider
  • b. Loss by fire or other disaster
  • c. Deliberately stolen by insider
  • d. Lost through inadvertent disclosure

38
18. Probably the chief reason for the loss of
information about sensitive operations is
  • a. Deliberately stolen by an outsider
  • b. Loss by fire or other disaster
  • c. Deliberately stolen by insider
  • d. Lost through inadvertent disclosure

39
19. The term eavesdropping refers to
  • a. Wiretapping only
  • b. Bugging only
  • c. Both wiretapping and bugging
  • d. Mail covers

40
19. The term eavesdropping refers to
  • a. Wiretapping only
  • b. Bugging only
  • c. Both wiretapping and bugging
  • d. Mail covers

41
20. A microphone which has the characteristics of
requiring no power source to operate it, is quite
small, relatively difficult to detect, and is
offered by equipment suppliers in such items as
cuff links and hearing aides is known as
  • a. Carbon microphone
  • b. Dynamic microphone
  • c. Contact microphone
  • d. Parabolic microphone

42
20. A microphone which has the characteristics of
requiring no power source to operate it, is quite
small, relatively difficult to detect, and is
offered by equipment suppliers in such items as
cuff links and hearing aides is known as
  • a. Carbon microphone
  • b. Dynamic microphone
  • c. Contact microphone
  • d. Parabolic microphone

43
21. A microphone which is normally installed on a
common wall adjoining a target area when it is
impractical or impossible to enter the area to
make a microphone installation is
  • a. Carbon microphone
  • b. Dynamic microphone
  • c. Contact microphone
  • d. Parabolic microphone

44
21. A microphone which is normally installed on a
common wall adjoining a target area when it is
impractical or impossible to enter the area to
make a microphone installation is
  • a. Carbon microphone
  • b. Dynamic microphone
  • c. Contact microphone
  • d. Parabolic microphone

45
22. Which of the following is not true with
regard to electronic eavesdropping
  • a. A listening device installed in a wire will
    cause a crackling sound, click or other noise
    than can be heard on the line
  • b. An effective countermeasures survey to detect
    evidence of electronic eavesdropping in
    telephone equipment must be conducted by a
    person technically familiar with such equipment
  • c. All wiring should be traced out and accounted
    for in a countermeasures survey
  • d. In a countermeasures survey to detect
    electronic eavesdropping. A physical search
    should be utilized as well as an electronic
    search

46
22. Which of the following is not true with
regard to electronic eavesdropping
  • a. A listening device installed in a wire will
    cause a crackling sound, click or other noise
    than can be heard on the line
  • b. An effective countermeasures survey to detect
    evidence of electronic eavesdropping in
    telephone equipment must be conducted by a
    person technically familiar with such equipment
  • c. All wiring should be traced out and accounted
    for in a countermeasures survey
  • d. In a countermeasures survey to detect
    electronic eavesdropping. A physical search
    should be utilized as well as an electronic
    search

47
23. In designing a proprietary information
protection program, the area of greatest
vulnerability is
  • a. Personnel files
  • b. Marketing data
  • c. Employees
  • d. Computers

48
23. In designing a proprietary information
protection program, the area of greatest
vulnerability is
  • a. Personnel files
  • b. Marketing data
  • c. Employees
  • d. Computers

49
24. Two of the three most common methods of
information losses are inadvertent disclosure and
industrial espionage. Which of the following is
the third
  • a. Newspaper articles
  • b. Television
  • c. Magazine articles
  • d. Theft by an insider

50
24. Two of the three most common methods of
information losses are inadvertent disclosure and
industrial espionage. Which of the following is
the third
  • a. Newspaper articles
  • b. Television
  • c. Magazine articles
  • d. Theft by an insider

51
25. Which of the following statements is
incorrect with regard to an information security
program?
  • a. A good information security program will
    provide absolute protection against an enemy
    spy
  • b. The information security program is an attempt
    to make theft of sensitive information
    difficult, not necessarily eliminate it
  • c. A trust relationship must be established and
    maintained with employees
  • d. The good will and compliance of employees is
    crucial for success

52
25. Which of the following statements is
incorrect with regard to an information security
program?
  • a. A good information security program will
    provide absolute protection against an enemy spy
  • b. The information security program is an attempt
    to make theft of sensitive information
    difficult, not necessarily eliminate it
  • c. A trust relationship must be established and
    maintained with employees
  • d. The good will and compliance of employees is
    crucial for success

53
26. Vital records normally constitute the
following percentage of the companys total
records
  • a. 2
  • b. 5
  • c. 10
  • d. 15

54
26. Vital records normally constitute the
following percentage of the companys total
records
  • a. 2
  • b. 5
  • c. 10
  • d. 15

55
27. A specially constructed microphone attached
directly to an object or surface to be protected
and which responds only when the protected object
or surface is disturbed is known as
  • a. Parabolic microphone
  • b. Special audio microphone
  • c. Contact microphone
  • d. Surreptitious microphone

56
27. A specially constructed microphone attached
directly to an object or surface to be protected
and which responds only when the protected object
or surface is disturbed is known as
  • a. Parabolic microphone
  • b. Special audio microphone
  • c. Contact microphone
  • d. Surreptitious microphone

57
28. Social engineering is
  • a. The conversation involved in the beginning of
    a romantic relationship
  • b. A function of the personnel department in
    which like persons are teamed together in
    workshops or seminars for maximum productivity
  • c. The subtle elicitation of information without
    revealing the true purpose of the call
  • d. The specific design of a business structure to
    facilitate the interaction of the inhabitants

58
28. Social engineering is
  • a. The conversation involved in the beginning of
    a romantic relationship
  • b. A function of the personnel department in
    which like persons are teamed together in
    workshops or seminars for maximum productivity
  • c. The subtle elicitation of information without
    revealing the true purpose of the call
  • d. The specific design of a business structure to
    facilitate the interaction of the inhabitants

59
29. A former employee, who had access to your
trade secret information, is now employed by a
competitor and is apparently using the trade
secret information to gain market share. There
are several serious factors you should consider
before you institute litigation in the matter.
Which of the following is not a serious factor to
be considered?
  • a. You may have to expose the very secrets you
    are attempting to protect
  • b. The cost of the litigation may exceed the
    value of the secret information
  • c. You may lose your case
  • d. Other employees may leave the company and
    attempt to use trade secret information in the
    business of a new employer

60
29. A former employee, who had access to your
trade secret information, is now employed by a
competitor and is apparently using the trade
secret information to gain market share. There
are several serious factors you should consider
before you institute litigation in the matter.
Which of the following is not a serious factor to
be considered?
  • a. You may have to expose the very secrets you
    are attempting to protect
  • b. The cost of the litigation may exceed the
    value of the secret information
  • c. You may lose your case
  • d. Other employees may leave the company and
    attempt to use trade secret information in the
    business of a new employer

61
30. Electromagnetic radiation is detectable
electromagnetic energy is generated by electronic
information processing devices. Which of the
following is used to protect very sensitive
equipment?
  • a. A current carrier device
  • b. Pneumatic cavity shielding
  • c. Tempest shielding
  • d. Pen register shielding

62
30. Electromagnetic radiation is detectable
electromagnetic energy is generated by electronic
information processing devices. Which of the
following is used to protect very sensitive
equipment?
  • a. A current carrier device
  • b. Pneumatic cavity shielding
  • c. Tempest shielding
  • d. Pen register shielding

63
Significant Notes
  • Sensitive Information

64
The basis for any industrial espionage prevention
program is protection of information
65
There are many kinds of information which a
company would like to keep in a confidential
status but not all such information could be
classified as trade secrets
66
One definition of trade secret is information
including formula, pattern, compilation, program,
device, method, technique or process
thata. Derives independent economic value,
actual or potential, from not being generally
known to and not being readily ascertainable by
proper means, by other persons who can obtain
economic value from its disclosure or use,
andb. Is the subject of efforts that are
reasonable under the circumstances to maintain
its secrecy.
67
Proprietary information is information of value
owned by or entrusted to a company which relates
to the operations of the company and which has
not been disclosed publicly
68
A trade secret is part of a companys
proprietary information but not all propriety
information necessarily fits the definition of
trade secret information
69
Generally trade secrets are given a higher
degree of legal protection than other proprietary
information
70
There are three basic requirements of a trade
secreta. Must be of competitive
advantageb. Must be secretc. Must be used in
the business of the owner
71
Information must meet the following requirements
to fit the definition required of a trade
secreta. Must be specifically
identifiableb. Cannot be found in publicly
accessible sourcesc. Should be disclosed by
owner only to those under a duty to protect
secrecyd. Persons afforded knowledge of secret
information must know it to be
confidentiale. The owners must be able to show
they have instituted adequate protective
measures to safeguard secrecy of date
72
Unless the owner of a trade secret can furnish
proof of diligent care in the protection of a
trade secret, such trade secret may be lost
73
Patent laws provide that an inventor who first
develops a new machine, manufacturing process,
composition or matter, plan or design that is
sufficiently novel and useful can apply for and
receive an exclusive right to that invention for
a period of 17 years
74
Inadvertent disclosure probably is the chief
reason for loss of information about sensitive
operations
75
One method important in protection of sensitive
information is installing an effective awareness
program to assure all employees are aware of the
existence of sensitive data in the company and
their responsibilities in protecting such
76
Another important protective device is the use of
nondisclosure agreements(employee patent and
secrecy agreements) from employees in which the
employees acknowledge their fiduciary
responsibility
77
A non-competitive agreement is agreement on
part of employee upon leaving employment of one
company that the employee will not accept
employment with a defined competitor for a stated
period of time
78
A telephone instrument may also be utilized as a
listening device
79
In an electronic countermeasure survey, note that
light switches and electrical outlets are
favorite places to install listening devices
80
Most loss of proprietary information occurs
because of negligence
81
One very important protective measure used to
safeguard sensitive data is to disclose such only
in a need-to-know basis
82
Theft of sensitive information through industrial
espionage methods or other methods of outside
theft accounts for a smaller loss than through
negligence however, the loss through outside
theft is more dangerous because the data stolen
is usually the most valuable
83
One of the biggest problems in designing a
proprietary information protection program is
caused by the large amount of vital data
processed and analyzed electronically
84
Employees are the greatest vulnerability in a
proprietary information protection program.
Accordingly, an employee awareness program is
necessary whereby they are educated with regard
to their responsibilities in protecting sensitive
data.
85
Definitions
  • Proprietary Information
  • Information over which the possessor asserts
    ownership and which is related to the activities
    or status of the possessor in some special way

86
Definitions
  • Patent
  • A government grant conveying and securing the
    exclusive right to make, use, and sell an
    invention for a term of years (seventeen)

87
Trade Secret
  • A trade Secret is a process or device for
    continuous use in the operation of the business
  • For trade secret protection, must prove
  • Secrecy
  • Value
  • Use in the owners business

88
Trade Secret
  • Trade Secret information is entitled by law to
    more protection than other kinds of proprietary
    information

89
Trade Secret
  • The following are not trade secrets
  • Salary information
  • Rank surveys
  • Customer usage evaluation
  • Profitability margins
  • Unit costs
  • Personnel changes

90
Trade Secret / Patent
  • A trade secret remains secret as long as it
    continues to meet trade secret tests but the
    exclusive right to patent protection expires
    after 17 years

91
Trade Secret / Patent
  • Since anyone can purchase a patent, there are not
    industrial espionage targets in a patented
    invention
  • Trade Secrets are targets

92
Proprietary Information
  • Two approaches used to deal with P.I.
  • Property Concept
  • regards the information as having independent
    value if it amounts to a trade secret
  • Fiduciaries
  • Imposition of duties upon certain classes of
    people, other than the owner not to use or
    divulge info without owners consent.

93
Proprietary Information
  • There are 3 broad threats to proprietary
    information
  • It can be lost through inadvertent disclosure
  • It can be deliberately stolen by an outsider
  • It can be deliberately stolen by an insider

94
Competitive Intelligence Gathering
  • The most important function of competitive
    intelligence gathering is to alert senior
    management to marketplace changes in order to
    prevent surprise

95
Competitive Intelligence Gathering
  • A rich source of information is in the
    information provided to government regulators
  • Never reveal information to anyone that you would
    not reveal to a competitor

96
Industrial Espionage
  • Industrial espionage is the theft of information
    by legal or illegal means. It is more dangerous
    than inadvertent disclosure by employees in that
    highly valuable information is stolen for release
    to others who plan to exploit it.

97
Protection Programs
  • The vulnerability assessment is conducted from
    the perspective of the competitor and considers
  • What critical information exists
  • The period of time when the information is
    critical. This may be a short period or may be
    for the life of a product
  • The identity of employees and indirect associates
    who have access to the information

98
Eavesdropping Tactics Equipment
  • Wiretapping - is the interception of
    communication over a wire w/o participants
    consent and requires physical entry into the
    communication circuit
  • Bugging - interception of communication w/o
    participants consent by means of electronic
    devices and w/o penetration of a wire.

99
Eavesdropping Tactics Equipment
  • Eavesdropping is a psychological traumatic
    experience for the victim.
  • It is the most devastating of espionage
    techniques.

100
Wired microphones
  • Carbon microphone
  • commonly used in a standard telephone handset
  • Crystal microphone
  • generates a small electrical current when the
    crystal is vibrated by sound waves
  • Contact microphone
  • installed on a common wall with the target area

101
Wired microphones
  • Spike microphone
  • installed in a hole in the common wall
    (not fully through)
  • Dynamic microphone
  • movement of a small wire near a permanent magnet
    converts sound into electrical energy. Good
    eavesdropping device which operates as a
    loudspeaker in reverse

102
Wired microphones
  • Pneumatic cavity device
  • has a specially designed small cavity which picks
    up surface vibrations. (Glass tumbler effect)
  • Condenser microphone
  • high fidelity use. Fragile and sensitive
  • Electret microphone
  • used primarily in P.A. and audio recording.
    (Extremely small)

103
Wired microphones
  • Omnidirectional microphone
  • used in conferences. Picks up sound from many
    directions around the room
  • Cardioid microphone
  • picks up sound from directly in front of mic
  • Parabolic microphone
  • gathers audio energy and directs it to a
    conventional microphone in the center of a
    dish-type reflector

104
Wireless microphones
  • A radio frequency (RF) device. Consists of
  • A microphone
  • A transmitter
  • A power supply
  • An antenna and,
  • A receiver

105
Light transformation
  • 1. Infrared light wave transmissions use light
    waves invisible to the human eye. Sound waves are
    converted to electronic impulses and the pulses
    are used to modulate infrared light waves.
    Similar to a TV remote

106
Light transformation
  • 2. Laser (Light Amplification by Stimulated
    Emission of Radiation) transmission of sound does
    not require any equipment in the surveillance
    area. A laser beam focused on a window pane or a
    reflective object in the room. The vibrating
    glass modulates a reflected laser beam. Rarely
    used due to interference.

107
Light transformation
  • 3. Fiber optic laser transmission uses a
    communications grade glass fiber, filled with
    laser light, routed through the surveillance
    area. Sound waves cause the fiber to vibrate
    slightly, altering the laser light.

108
Electromagnetic radiation
  • Detectable electromagnetic energy is generated by
    electronic information processing devices.
    Detection is possible for several hundred feet.
    The faraday cage or tempest shielding is used
    for very sensitive equipment.

109
Telephone eavesdropping
  • Digital systems - originally thought to be
    secure
  • Digit stream can be recorded and converted to
    analog and speech.
  • The control system is available from an on-site
    terminal or from off-site through the network.
    (Remote Maintenance Access Terminal) (RMAT)

110
The Eavesdropping Threat
  • Risk for the electronic eavesdropper is low
  • electronic eavesdropping is easily committed
  • chances are low that victim will find the device
  • chances low, if found, can be tied to
    eavesdropper
  • prosecution of eavesdropping cases is rare and,
  • the reward far outweighs the risk

111
Miscellaneous
  • Plenum
  • space above a dropped ceiling
  • Variable Path Encryption (VPE)
  • is particularly useful to secure cellular
    signals. A call is made to a toll-free number of
    the VPE provider. A unit attached to the cellular
    set and a unit at the VPE provider alter the
    communication between them. The signal is sent in
    the clear from the VPE provider to the intended
    destination of the call

112
Miscellaneous
  • Time domain reflectometry
  • an electronic picture of the telephone line at a
    given time which is compared to the same line at
    a future time

113
Miscellaneous
  • Audio masking
  • generation of noise at the perimeter of the
    secure area to cover or mask conversation. Music
    is not used white or pink noise is not as
    easily filtered from the tape

114
Security Management
  • Sample Questions

115
1. One supervisor can effectively control only a
limited number of people and that limit should
not be exceeded. This principle is called
  • a. Unity of command
  • b. Supervisory limits
  • c. Span of control
  • d. Line of discipline

116
1. One supervisor can effectively control only a
limited number of people and that limit should
not be exceeded. This principle is called
  • a. Unity of command
  • b. Supervisory limits
  • c. Span of control
  • d. Line of discipline

117
2. An important principle of organization is that
an employee should be under the direct control of
one and only one immediate supervisor. This
principle is
  • a. Unity of command
  • b. Supervisory limits
  • c. Span of control
  • d. Line of discipline

118
2. An important principle of organization is that
an employee should be under the direct control of
one and only one immediate supervisor. This
principle is
  • a. Unity of command
  • b. Supervisory limits
  • c. Span of control
  • d. Line of discipline

119
3. From an organizational standpoint, the head of
security should report to
  • a. Superintendent of buildings
  • b. Manager of buildings and grounds
  • c. Head housekeeper
  • d. A vice-president or higher

120
3. From an organizational standpoint, the head of
security should report to
  • a. Superintendent of buildings
  • b. Manager of buildings and grounds
  • c. Head housekeeper
  • d. A vice-president or higher

121
4. The most conspicuous role of the security
department in any organization is that of
  • a. Educational services
  • b. Management services
  • c. Special services
  • d. Protective services

122
4. The most conspicuous role of the security
department in any organization is that of
  • a. Educational services
  • b. Management services
  • c. Special services
  • d. Protective services

123
5. Training sessions consisting of a security
awareness program for new employees should be
conducted by
  • a. Special training officers
  • b. Security personnel
  • c. Consultants skilled in training
  • d. Member of management

124
5. Training sessions consisting of a security
awareness program for new employees should be
conducted by
  • a. Special training officers
  • b. Security personnel
  • c. Consultants skilled in training
  • d. Member of management

125
6. There are necessary and legitimate exceptions
to the principle of unity of command. One
condition which sometimes allows for shifting in
supervision is
  • a. When order is given by the rank of captain or
    above
  • b. When order is given by the head of a
    department
  • c. When the order is given by the head of
    internal affairs
  • d. During emergencies

126
6. There are necessary and legitimate exceptions
to the principle of unity of command. One
condition which sometimes allows for shifting in
supervision is
  • a. When order is given by the rank of captain or
    above
  • b. When order is given by the head of a
    department
  • c. When the order is given by the head of
    internal affairs
  • d. During emergencies

127
7. Perhaps the most common shortcoming in the
security industry is
  • a. Lack of support by top management
  • b. Failure to properly prepare and equip new
    supervisors with tools to discharge their
    important responsibilities (supervisor
    training)
  • c. Lack of planning
  • d. Lack of monetary resources

128
7. Perhaps the most common shortcoming in the
security industry is
  • a. Lack of support by top management
  • b. Failure to properly prepare and equip new
    supervisors with tools to discharge their
    important responsibilities (supervisor
    training)
  • c. Lack of planning
  • d. Lack of monetary resources

129
8. As a rule, which department of the company
administers the recruiting activity?
  • a. The security department
  • b. Administrative department
  • c. Personnel department
  • d. Internal affairs

130
8. As a rule, which department of the company
administers the recruiting activity?
  • a. The security department
  • b. Administrative department
  • c. Personnel department
  • d. Internal affairs

131
9. In non-entry level recruiting, the
recommended technique is
  • a. Blind ad
  • b. Open advertisement in newspaper
  • c. Advertisement in trade journal
  • d. By word of mouth on selective basis

132
9. In non-entry level recruiting, the
recommended technique is
  • a. Blind ad
  • b. Open advertisement in newspaper
  • c. Advertisement in trade journal
  • d. By word of mouth on selective basis

133
10. Every applicants first interview should be
with
  • a. The security manager director
  • b. The security supervisor
  • c. A security line employee
  • d. A personnel interviewer

134
10. Every applicants first interview should be
with
  • a. The security manager director
  • b. The security supervisor
  • c. A security line employee
  • d. A personnel interviewer

135
11. The heart of personnel selection is
  • a. Polygraph test
  • b. Review of application
  • c. Interview
  • d. Background investigation

136
11. The heart of personnel selection is
  • a. Polygraph test
  • b. Review of application
  • c. Interview
  • d. Background investigation

137
12. Which of the following is not recommended
policy with regard to security manuals?
  • a. It must be updated on a regular basis
  • b. Employees should not be allowed to have
    possession of it
  • c. The manual should be put in the hands of all
    regular security personnel
  • d. It should include procedural instructions for
    specific incidents

138
12. Which of the following is not recommended
policy with regard to security manuals?
  • a. It must be updated on a regular basis
  • b. Employees should not be allowed to have
    possession of it
  • c. The manual should be put in the hands of all
    regular security personnel
  • d. It should include procedural instructions for
    specific incidents

139
13. Discipline is primarily the responsibility
of
  • a. The supervisor
  • b. The employee
  • c. The security manager or director
  • d. The inspection division

140
13. Discipline is primarily the responsibility
of
  • a. The supervisor
  • b. The employee
  • c. The security manager or director
  • d. The inspection division

141
14. Among classical theories of human behavior in
the work environment, one emphasizes negative
aspects of employee behavior which is known as
  • a. The autocrat theory
  • b. The custodial theory
  • c. The supportive theory
  • d. McGregors Theory X

142
14. Among classical theories of human behavior in
the work environment, one emphasizes negative
aspects of employee behavior which is known as
  • a. The autocrat theory
  • b. The custodial theory
  • c. The supportive theory
  • d. McGregors Theory X

143
15. Among classical theories of human behavior
in the work environment is one which suggests
that employees do not inherently dislike work and
will actually seek responsibility and better
performance if encouraged to do so. It is known
as
  • a. McGregors Theory Y
  • b. McGregors Theory X
  • c. The supportive theory
  • d. The motivation theory

144
15. Among classical theories of human behavior
in the work environment is one which suggests
that employees do not inherently dislike work and
will actually seek responsibility and better
performance if encouraged to do so. It is known
as
  • a. McGregors Theory Y
  • b. McGregors Theory X
  • c. The supportive theory
  • d. The motivation theory

145
16. Dr. Frederick Herzberg developed a position
that motivation comes from work itself, not from
those factors such as salary and job security.
This theory is known as
  • a. The supportive theory
  • b. The work motivation theory
  • c. The custodial theory
  • d. McGregors Theory X

146
16. Dr. Frederick Herzberg developed a position
that motivation comes from work itself, not from
those factors such as salary and job security.
This theory is known as
  • a. The supportive theory
  • b. The work motivation theory
  • c. The custodial theory
  • d. McGregors Theory X

147
17. Which of the following is not an advantage of
using in-house (career) personnel?
  • a. Career personnel develop a loyalty to the
    department
  • b. Career personnel tend to be more ambitious
  • c. There is more stability among career
    personnel
  • d. Career personnel constitute a fixed, limited
    cadre or pool of manpower resources

148
17. Which of the following is not an advantage of
using in-house (career) personnel?
  • a. Career personnel develop a loyalty to the
    department
  • b. Career personnel tend to be more ambitious
  • c. There is more stability among career
    personnel
  • d. Career personnel constitute a fixed, limited
    cadre or pool of manpower resources

149
18. Which of the following is known to be one of
the disadvantages of contract security services?
  • a. Turnover
  • b. Cost
  • c. Manpower resource
  • d. Skills

150
18. Which of the following is known to be one of
the disadvantages of contract security services?
  • a. Turnover
  • b. Cost
  • c. Manpower resource
  • d. Skills

151
19. Ideally, the person who should conduct the
inspection of a security department is
  • a. An outside consultant
  • b. The second ranking person
  • c. The security director or security manager
  • d. The ranking sergeant

152
19. Ideally, the person who should conduct the
inspection of a security department is
  • a. An outside consultant
  • b. The second ranking person
  • c. The security director or security manager
  • d. The ranking sergeant

153
20. The process of determining the probability
and cost of potential loss is known as
  • a. Probability analysis
  • b. Risk assessment
  • c. Potential loss analysis
  • d. Physical survey

154
20. The process of determining the probability
and cost of potential loss is known as
  • a. Probability analysis
  • b. Risk assessment
  • c. Potential loss analysis
  • d. Physical survey

155
21. In conducting background investigations,
it is good policy to
  • a. Not let prospective employee know
    investigation is being conducted
  • b. Restrict investigation to confidential
    records checks
  • c. Restrict investigation to employment checks
  • d. Advise applicant of forthcoming
    investigation and secure his permission

156
21. In conducting background investigations,
it is good policy to
  • a. Not let prospective employee know
    investigation is being conducted
  • b. Restrict investigation to confidential
    records checks
  • c. Restrict investigation to employment checks
  • d. Advise applicant of forthcoming
    investigation and secure his permission

157
22. The ultimate responsibility for the internal
security in a department should rest with
  • a. The president
  • b. Chairman of the board
  • c. Security director
  • d. The line supervisor

158
22. The ultimate responsibility for the internal
security in a department should rest with
  • a. The president
  • b. Chairman of the board
  • c. Security director
  • d. The line supervisor

159
23. The behavioral scientist whose key concept is
that every executive relates to his subordinates
on the basis of a set of assumptions termed
theory X and theory Y was formulated by
  • a. Abraham Maslow
  • b. Douglas McGregor
  • c. Warren Bennis
  • d. B.F. Skinner

160
23. The behavioral scientist whose key concept is
that every executive relates to his subordinates
on the basis of a set of assumptions termed
theory X and theory Y was formulated by
  • a. Abraham Maslow
  • b. Douglas McGregor
  • c. Warren Bennis
  • d. B.F. Skinner

161
24. The issuance of weapons to guards is usually
not justified
  • a. In a situation where deterrence is needed in
    handling control of large amounts of cash
  • b. In situations in which terrorism is a real
    threat
  • c. In situations where there would be greater
    danger to life without weapons than with them
  • d. In a situation where there is no danger to
    life safety

162
24. The issuance of weapons to guards is usually
not justified
  • a. In a situation where deterrence is needed in
    handling control of large amounts of cash
  • b. In situations in which terrorism is a real
    threat
  • c. In situations where there would be greater
    danger to life without weapons than with them
  • d. In a situation where there is no danger to
    life safety

163
25. In issuing policy statements regarding the
handling of disturbed persons, the primary
consideration is
  • a. Legal liability to the disturbed
  • b. Reducing the disturbed person to a form of
    benevolent custody and eliminating the
    immediate danger
  • c. Legal liability to employees and third persons
    if restraint not achieved
  • d. Employee-community public relations

164
25. In issuing policy statements regarding the
handling of disturbed persons, the primary
consideration is
  • a. Legal liability to the disturbed
  • b. Reducing the disturbed person to a form of
    benevolent custody and eliminating the
    immediate danger
  • c. Legal liability to employees and third persons
    if restraint not achieved
  • d. Employee-community public relations

165
26. Spotting the individual loss events that
might take place is the primary step in dealing
with security vulnerability. This process is
called
  • a. Loss event probability
  • b. Threat assessment process
  • c. Loss event profile
  • d. Actual threat analysis

166
26. Spotting the individual loss events that
might take place is the primary step in dealing
with security vulnerability. This process is
called
  • a. Loss event probability
  • b. Threat assessment process
  • c. Loss event profile
  • d. Actual threat analysis

167
27. The likelihood or probability of risks
affecting the assets becoming actual loss events
is known as
  • a. Loss event probability
  • b. Loss event profile
  • c. Threat analysis control
  • d. Threat target control

168
27. The likelihood or probability of risks
affecting the assets becoming actual loss events
is known as
  • a. Loss event probability
  • b. Loss event profile
  • c. Threat analysis control
  • d. Threat target control

169
28. The impact or effect on the enterprise if
the loss occurs is known as
  • a. Loss event profile
  • b. Loss event probability
  • c. Loss event criticality
  • d. Security survey analysis

170
28. The impact or effect on the enterprise if
the loss occurs is known as
  • a. Loss event profile
  • b. Loss event probability
  • c. Loss event criticality
  • d. Security survey analysis

171
29. Which of the following is considered to be
one of the 3 basic functions of risk management?
  • a. Lock control
  • b. Barrier control
  • c. Disaster management
  • d. Loss control

172
29. Which of the following is considered to be
one of the 3 basic functions of risk management?
  • a. Lock control
  • b. Barrier control
  • c. Disaster management
  • d. Loss control

173
30. Oscar Neuman published a classic in which he
presented ideas and applied strategies from the
New York public housing project to aid in
reducing the risk of being victimized and
reducing fear of crime when on the streets. What
is the name of this book?
  • a. Crime Prevention
  • b. Crime Reduction
  • c. Defensible Space
  • d. Crime in Architectural Planning

174
30. Oscar Neuman published a classic in which he
presented ideas and applied strategies from the
New York public housing project to aid in
reducing the risk of being victimized and
reducing fear of crime when on the streets. What
is the name of this book?
  • a. Crime Prevention
  • b. Crime Reduction
  • c. Defensible Space
  • d. Crime in Architectural Planning

175
31. From a security perspective, what is the
first factor to be considered in facility
construction?
  • a. The identity of experienced consultants
  • b. An effective security plan
  • c. An architect with knowledge of physical
    security
  • d. The building site itself

176
31. From a security perspective, what is the
first factor to be considered in facility
construction?
  • a. The identity of experienced consultants
  • b. An effective security plan
  • c. An architect with knowledge of physical
    security
  • d. The building site itself

177
32. A critical on-site examination and analysis
of an industrial plant business, home or public
or private institution to ascertain the present
security status, to identify deficiencies or
excesses to determine the protection needed to
make recommendations to improve the overall
security is the definition of
  • a. Security survey
  • b. Risk analysis
  • c. Full-field inspection
  • d. Crime prevention assessment

178
32. A critical on-site examination and analysis
of an industrial plant business, home or public
or private institution to ascertain the present
security status, to identify deficiencies or
excesses to determine the protection needed to
make recommendations to improve the overall
security is the definition of
  • a. Security survey
  • b. Risk analysis
  • c. Full-field inspection
  • d. Crime prevention assessment

179
33. There are two generally accepted definitions
of risk. These are more commonly known to risk
managers and security officers as
  • a. Potential risk and dynamic risk
  • b. Profit risk and dynamic risk
  • c. Potential risk and pure risk
  • d. Pure risk and dynamic risk

180
33. There are two generally accepted definitions
of risk. These are more commonly known to risk
managers and security officers as
  • a. Potential risk and dynamic risk
  • b. Profit risk and dynamic risk
  • c. Potential risk and pure risk
  • d. Pure risk and dynamic risk

181
34. The most effective deterrent to
shoplifting is
  • a. Highly competent and educated security
    officers
  • b. Widespread use of sensor devices
  • c. Well positioned CCTVs
  • d. Well trained personnel

182
34. The most effective deterrent to
shoplifting is
  • a. Highly competent and educated security
    officers
  • b. Widespread use of sensor devices
  • c. Well positioned CCTVs
  • d. Well trained personnel

183
35. A simplified answer to the question of why
employees steal is
  • a. Sickness in family
  • b. To feed a drug habit
  • c. To live on a higher level
  • d. The theft triangle

184
35. A simplified answer to the question of why
employees steal is
  • a. Sickness in family
  • b. To feed a drug habit
  • c. To live on a higher level
  • d. The theft triangle

185
36. Many experts agree that the most important
deterrent to internal theft is
  • a. Threat of dismissal
  • b. Fear of discovery
  • c. Threat of prosecution
  • d. Conscience pangs

186
36. Many experts agree that the most important
deterrent to internal theft is
  • a. Threat of dismissal
  • b. Fear of discovery
  • c. Threat of prosecution
  • d. Conscience pangs

187
37. Crime analysis is a key element in focusing
the use of police and security resources to
address crime problems. Data collection and
analysis are two specific steps. The other two
are
  • a. Inspection and discovery of facts
  • b. Response and feedback
  • c. Feedback and corrective action
  • d. Dissemination and feedback

188
37. Crime analysis is a key element in focusing
the use of police and security resources to
address crime problems. Data collection and
analysis are two specific steps. The other two
are
  • a. Inspection and discovery of facts
  • b. Response and feedback
  • c. Feedback and corrective action
  • d. Dissemination and feedback

189
38. It is generally accepted that insurance rates
are dependent upon two primary variables. These
are
  • a. Cost of claims and competitors rates
  • b. Competition among insurance companies and
    frequency of claims
  • c. Cost of claims and frequency of claims
  • d. Cost of claims and government regulations

190
38. It is generally accepted that insurance rates
are dependent upon two primary variables. These
are
  • a. Cost of claims and competitors rates
  • b. Competition among insurance companies and
    frequency of claims
  • c. Cost of claims and frequency of claims
  • d. Cost of claims and government regulations

191
39. The basic types of protection which security
personnel realize as best can be described by the
following
  • a. Fidelity Bonds
  • b. Surety Bonds
  • c. Burglary/Robbery/Theft Insurance
  • d. All of the above

192
39. The basic types of protection which security
personnel realize as best can be described by the
following
  • a. Fidelity Bonds
  • b. Surety Bonds
  • c. Burglary/Robbery/Theft Insurance
  • d. All of the above

193
40. Bonds which require that an employee be
investigated by the bonding company to limit the
risk of dishonesty, and if that trust is
violated, the insurance company must indemnify
the employer, are called
  • a. Surety Bonds
  • b. Fidelity Bonds
  • c. Insurance Bonds
  • d. Blanket Bonds

194
40. Bonds which require that an employee be
investigated by the bonding company to limit the
risk of dishonesty, and if that trust is
violated, the insurance company must indemnify
the employer, are called
  • a. Surety Bonds
  • b. Fidelity Bonds
  • c. Insurance Bonds
  • d. Blanket Bonds

195
41. Protection for a corporation, if there is a
failure to perform specified acts within a
certain period of time, is known as a
  • a. Contract Bond
  • b. Blanket Bond
  • c. Surety Bond
  • d. Fiduciary Bond

196
41. Protection for a corporation, if there is a
failure to perform specified acts within a
certain period of time, is known as a
  • a. Contract Bond
  • b. Blanket Bond
  • c. Surety Bond
  • d. Fiduciary Bond

197
42. The urban planning and design process which
integrates crime prevention techniques with
neighborhood design is known as
  • a. Urban Development Plan
Write a Comment
User Comments (0)
About PowerShow.com