Overview: FEMA IS-872A is the third course in Dams Sector Web-based training series. The first one is the IS-870A and the second is the IS-871A.
The purpose of this series of courses is to provide owners and operators with information pertaining to security awareness, protective measures, and crisis management.
FEMA IS-872A test answers
Each time this test is loaded, you will receive a unique set of questions and answers. The test questions are scrambled to protect the integrity of the exam.
Question 1. There are four main steps in developing a protective program. Which of the steps is usually based on the value of the asset (to its owner and users) and the potential consequences of a successful attack?
A. Identify constraints
B. Determine potential threats to the facility✅
C. Design and implement protective measures
D. Determine the level of protection
Question 2. Employee and contractor identification systems are part of which of the following measures?
A. Physical prevention
B. Perimeter security and control
C. Planning and preparedness
D. Personnel protection✅
Question 3. Installing a perimeter fence to create the perception that an attack is less likely to succeed is an example of:
A. Mitigation✅
B. Deterrence
C. Resilience
D. Recovery
Question 4. Ensuring sufficient standoff distances is a protective measure related to:
A. Inspections
B. Cybersecurity
C. Assessments
D. Physical prevention✅
Question 5. Delay refers to:
A. The time period between an intruder penetrating the perimeter and being able to attack a critical asset.✅
B. The identification of an intrusion with electronic sensors, audio alarms, or a monitoring center.
C. The period between detection and assessment of the aggressor and the time at which the aggressor is able to damage the targeted asset.
D. The investigation and determination of the cause of an alarm before initiating an actual response.
Question 6. Constraints:
A. Relate to physical characteristics or operational considerations that restrict the nature of protective measures✅
B. Measure the probability that an aggressor would be defeated before the asset is compromised
C. Refer to the amount of damage an asset would be allowed to sustain in the event of an attack
D. Refer to the degree to which an asset is protected against a threat
Question 7. Which of the following is an example of an operational measure?
A. Installing motion sensors and closed-circuit televisions
B. Keeping equipment de-energized except when in use
C. Requiring project personnel to carry identification cards✅
D. Collaborating with local law enforcement agencies
Question 8. A stand-off weapons attack is more likely to be:
A. Conducted to alter or steal critical information.
B. Used in order to conduct surveillance and reconnaissance on a specific target.✅
C. Carried out with a car or truck loaded with explosives and maneuvered into position near a target.
D. Employed if it is determined that the target’s physical security is too great to overcome via a direct attack.
Question 9. Long-term actions taken to reestablish a facility’s function after an attack or other incident has caused damage are part of:
A. Response
B. Recovery✅
C. Deterrence
D. Detection
Question 10. Access point security is enhanced by:
A. Removing obvious signs in restricted areas
B. Increasing the number of access points
C. Eliminating expensive swipe access systems
D. Using an electronic entry control system✅
Question 11. TRUE OR FALSE: Facilities are more vulnerable when only a single individual possesses the critical skills needed for facility operation.
A. True✅
B. False
Question 12. Potential interdependencies that could affect operations are primarily addressed in:
A. Planning and preparedness✅
B. Personnel measures
C. Communication and technology
D. Physical prevention
Question 13. Which of the following attack types is most likely to result in corrupted or stolen information?
A. Standoff weapons
B. Suicide bomber
C. Cyber✅
D. Maritime
Question 14. Which of the following is NOT likely to enhance access-point security?
A. Controlling doors and entryways
B. Establishing additional access points for redundancy✅
C. Using appropriate locks
D. Using access identification systems
Question 15. Increasing a facility’s ability to withstand damage by installing redundant control systems is an example of:
A. Detection
B. Deterrence
C. Resilience✅
D. Response
Question 16. Permanently evacuating people from a potential inundation area is an example of which of the following types of risk-reduction strategies?
A. Operational Measures
B. Deterrence
C. Mitigation✅
D. Resilience
Question 17. Access control refers to:
A. Physical and procedural measures to keep unauthorized persons, equipment, or materials out of sensitive areas.✅
B. Special equipment and backup systems used to ensure continuous operation of supervisory control and data acquisition systems.
C. Special equipment and communication protocols used to contact security forces in case of emergency.
D. Special screens installed around critical components to protect against rocket-propelled grenades and other potential standoff weapons.
Question 18. Appropriate design and implementation of protective measures should be conducted
A. Only based on potential environmental impacts
B. Only based on threat considerations
C. As a function of threat, vulnerability, and consequences✅
D. Only based on vulnerability considerations
Question 19. If intelligence suggests that your facility is at risk for a cyber attack, which of the following measures would take precedence?
A. Develop an inventory of parts and suppliers
B. Use the internet to access personal email accounts
C. Conduct terminated employee assess✅
D. Delay scheduled maintenance and upgrades
Question 20. Which of the following is an example of communication and technology measures?
A. Establishing redundant systems and offsite backup data storage
B. Posting signs detailing where access is authorized and unauthorized✅
C. Using magnetometers and x-ray scanners for inspections
D. Using fragmentation-resistant and blast-resistant construction
Critical Infrastructure Security and Resilience Curriculum
Sector-specific courses
- IS-870: Dam Sector: Crisis Management
- IS-871: Dam Sector: Security Awareness
- IS-872: Dam Sector: Protective Measures
- IS-1170: Introduction to the Interagency Security Committee (ISC)
- IS-1171: Overview of Interagency Security Committee (ISC) Publications
- IS-1172: The Risk Management Process for Federal Facilities: Facility Security Level (FSL) Determination
- IS-1173: Levels of Protection (LOP) and Application of the Design-Basis Threat (DBT) Report
- IS-1174: Facility Security Committees
Foundational courses
- IS-860: The National Infrastructure Protection Plan
- IS-913: Critical Infrastructure Security and Resilience: Achieving Results through Partnership and Collaboration
Security awareness courses
- IS-906: Workplace Security Awareness
- IS-907: Active Shooter: What You Can Do
- IS-912: Retail Security Awareness: Understanding the Hidden Hazards
- IS-914: Surveillance Awareness: What You Can Do
- IS-915: Protecting Critical Infrastructure Against Insider Threats
- IS-916: Critical Infrastructure Security: Theft and Diversion – What You Can Do