[29 Test Answers] FEMA IS-1173 LOP and DBT Report

Here are the test answers to FEMA IS-1173: Levels of Protection (LOP) and Application of the Design-Basis Threat (DBT) Report.

Overview: FEMA IS-1173 course was published on 8/18/2017 and is the fourth course in the ISC Web-based training series. The purpose of the series is to provide Federal facility security professionals, engineers, building owners, construction contractors, architects, and the general public with basic information pertaining to the ISC and its facility security standards, processes, and practices.

The purpose of the FEMA IS-1173 course is to provide Federal personnel with responsibilities for security-related policies, programs, projects, and/or operations for their department or agency with an overview of the process to determine the appropriate level of protection (LOP) for a federal facility.

FEMA IS-1173 test answers

Each time this test is loaded, you will receive a unique set of questions and answers. The test questions are scrambled to protect the integrity of the exam.

Question 1. TRUE OR FALSE: The necessary LOP takes precedence over the baseline LOP.
A. TRUE
B. FALSE✅

Question 2. The five levels of protection identified in the ISC Risk Management Process are
A. Possible, Baseline, Necessary, Existing, Customized
B. Baseline, Existing, Necessary, Customized, Maximum
C. Achievable, Baseline, Existing, Necessary, Customized✅
D. Very Low, Low, Medium, High, Very High

Question 3. TRUE OR FALSE: Facilities with higher facility security levels (FSLs) require lower levels of protection (LOP).
A. TRUE
B. FALSE✅

Question 4. If the necessary LOP cannot be achieved, the next step is to identify the:
A. Facility security level (FSL)
B. Risk assessment
C. Highest achievable level of protection (LOP)✅
D. Baseline level of protection (LOP)

Question 5. A profile of the type, composition, capabilities, methods and goals, intent, and motivation of an adversary upon which the security engineering and operations of a facility are based is referred to as:
A. Facility Security Level (FSL)
B. Design-Basis Threat (DBT) Report✅
C. Risk Management Process (RMP)
D. Level of protection (LOP)

Question 6. The Design Basis Threat (DBT) Report is what Appendix on the RMP?
A. Appendix C
B. Appendix B
C. Appendix A ✅
D. Appendix E

Question 7. The final set of countermeasures developed as the result of the risk-based analytical process is referred to as:
A. Customized level of protection (LOP)
B. Necessary level of protection (LOP)
C. Existing level of protection (LOP)
D. Baseline level of protection (LOP)✅

Question 8. If you have a level III facility what is your level of risk?
A. Very High
B. Low
C. Medium✅
D. High
E. Minimum

Question 9. The element of an undesirable event that provides specific characteristics of the event, such as numbers of adversaries, sizes, speeds, tactics, etc. is the:
A. Administrative information
B. Scenario✅
C. Outlook
D. Definition

Question 10. An incident directed towards a Federal facility that adversely impacts the operation of the facility, the mission of the agency or personnel is:
A. Undesirable event✅
B. Risk acceptance
C. Risk
D. Necessary level of protection (LOP)

Question 11. The degree of security determined to be needed to mitigate the assessed risks at the facility is referred to as the:
A. Baseline level of protection (LOP)
B. Facility security level (FSL)
C. Existing level of protection (LOP)
D. Necessary level of protection (LOP)✅

Question 12. Which appendix identifies the appropriate countermeasures to implement for mitigating vulnerabilities that should reduce risk to an acceptable level?
A. Appendix B
B. Appendix C
C. Appendix F✅
D. Appendix A

Question 13. The DBT supports the calculation of:
A. Risk✅
B. Countermeasures
C. Facility Security Level
D. Reproducibility

Question 14. Recommended facility countermeasures associated with baseline LOP can be found in:
A. Appendix F: Forms and Templates
B. Appendix B: Countermeasures✅
C. FSL Matrix
D. Appendix A: Design-Basis Threat Report

Question 15. Each undesirable event has a common structure. The Baseline Threat element of the undesirable event structure:
A. aids in identifying aspects of a particular facility that might make it more or less likely to be a target of a particular Undesirable Event.
B. is an estimate of the relative threat posed to Federal facilities is provided, as is a summary of the rationale for the level. Ratings include MINIMUM, LOW, MEDIUM, HIGH, or VERY HIGH.
C. defines the Title of Event, Assessment Date(s), Classification data
D. ensures a common understanding of the threat being considered
E. provides specific characteristics of the event, such as numbers of adversaries, sizes, speeds, tactics, etc.✅


Question 16. How does the Design Basis Threat (DBT) report support the ISC Risk Management Process?
A. It uses real-world threat information to inform decision-makers about appropriate adjustments to Level of Protection (LOP) determinations.
B. It specifies the impacts of natural hazards and addresses mitigation of risk within applicable construction and life safety standards
C. It provides an estimate of the threat Federal facilities face across a range of undesirable events.
D. It is based on the worst-reasonable case scenarios and the best intelligence available at the time and provides specific details as to the characteristics of each event.
E. All of the above✅

Question 17. TRUE OR FALSE. Risk acceptance is an allowable outcome of applying the ISC Risk Management Process.
A. TRUE✅
B. FALSE

Question 18. Select the correct order of the ISC RMP Level of Protection steps
A. Baseline, Necessary, Existing, Customized, Achievable
B. Existing, Customized, Baseline, Necessary, Achievable
C. Existing, Customized, Baseline, Necessary, Achievable
D. Baseline, Existing, Customized, Necessary, Achievable
E. Baseline, Necessary, Existing, Achievable, Customized✅

Question 19. The explicit or implicit decision not to take an action that would affect all or part of a particular risk.
A. Customized level of protection (LOP)
B. Risk acceptance✅
C. Deviation from a baseline level of protection (LOP)
D. Risk management

Question 20. TRUE OR FALSE. Documenting risk acceptance justification is not required by ISC standards.
A. TRUE
B. FALSE✅

Question 21. Which risk assessment methodology principle must provide sufficient justification for deviation from the baseline?
A. Defensible ✅
B. Credible
C. Risk
D. Reproducible

Question 22. A risk assessment methodology must have three characteristics. They are:
A. Credited, Reproducible, Defensive
B. Credible, Reproducible, Defensible✅
C. Credible, Responsible, Defensible
D. Credible, Reputable, Defensible

Question 23. The element of an undesirable event that estimates the relative threat posed to Federal facilities is the:
A. Baseline Threat✅
B. Scenario
C. Definition
D. Target Attractiveness

Question 24. It is critical that decision-makers obtain all the information they deem necessary to make a fully informed decision. Which of the following rationale used to support a Risk Acceptance decision should be documented?
A. All rationale must be documented.✅
B. Personal preferences of the FSC members.
C. Only budgetary constraints must be documented.
D. Alternate strategies considered or implemented do not need to be included in the documentation.

Question 25. A facility with an FSL of III requires a baseline LOP of:
A. Low
B. Very High✅
C. Medium
D. Minimum

Question 26. TRUE OR FALSE: Each facility security level (FSL) corresponds to a level of risk that then relates directly to a level of protection (LOP) and associated set of baseline countermeasures.
A. TRUE✅
B. FALSE

Question 27. To be CREDIBLE, the risk methodology MUST assess threat, vulnerability and consequence. The criteria that define a credible risk methodology consequence is:
A. The intention and capability of an adversary to initiate an Undesirable Event
B. The level, duration, and nature of the loss resulting from an Undesirable Event✅
C. An estimated measure of potential harm to a facility weakness from an Undesirable Event
D. A weakness in the design or operation of a facility that can be exploited by an adversary

Question 28. The ISC Risk Management Process defines Necessary Level of Protection as
A. the degree of security determined to be needed to mitigate the assessed risks at the facility✅
B. the final set of countermeasures developed as the result of the risk-based analytical process
C. the difference between the protection afforded by the necessary countermeasures and the reduced protection afforded by the achievable countermeasures
D. the degree of security provided by the set of countermeasures for each Facility Security Level (FSL) that must be implemented unless a deviation (up or down) is justified by a risk assessment.

Question 29. Which element of a credible methodology identifies a weakness in the design or operation of a facility that can be exploited by an adversary?
A. Threat
B. Consequence
C. Risk
D. Vulnerability✅

Critical Infrastructure Security and Resilience Curriculum

Sector-specific courses

Foundational courses

Security awareness courses