FEMA IS 302: Modular Emergency Radiological Response Transportation Training Answers

1

What does a malicious insider require in order to exploit an organization’s vulnerabilities?

  • Access or inside knowledge.
  • Elimination of knowledge-related processes.
  • Explicit and tacit knowledge.
  • Network-enabled access controllers.
2

Which of the following organizational factors might present an opportunity to a malicious insider?

  • Well-known and strict legal consequences for malicious activities.
  • Thorough training for employees on protecting proprietary information.
  • Clearly defined policies regarding working from home.
  • The ease of leaving the premises with protected materials.
3

The following activities are associated with potential malicious insiders, EXCEPT FOR:

  • Meeting frequently with strangers around the workplace.
  • Encouraging coworkers to follow effective security practices.
  • Taking proprietary or other material without authorization.
  • Working odd hours without a valid reason or authorization.
4

TRUE OR FALSE: Malicious insiders can be encouraged by a work environment where employees feel rushed.

  • True
  • False
5

TRUE OR FALSE: Malicious insiders include employees who are motivated by adventure or a sense of thrill.

  • True
  • False
6

The following are common characteristics of malicious insiders, EXCEPT FOR:

  • Having performance or behavioral problems.
  • Being at risk for layoff or termination.
  • Having alternate sources of income.
  • Expressing extreme levels of dissatisfaction with the organization.
7

The following behaviors are associated with potential malicious insiders, EXCEPT FOR:

  • Appearing overwhelmed by career disappointments.
  • Openly conveying hostility toward the organization or coworkers.
  • Making exorbitant purchases inconsistent with income.
  • Facing workplace challenges with flexibility and patience.
8

The following activities are associated with potential malicious insiders, EXCEPT FOR:

  • Frequently recognizing coworker achievements.
  • Making unexplainable large data transfers.
  • Inappropriately obtaining access to unauthorized locations.
  • Taking abnormal measures to keep activities unobserved.
9

The following are examples of threats to critical infrastructure from malicious insider activities, EXCEPT FOR:

  • Disruptions of essential services.
  • Overlaps in business processes.
  • Contamination of food or water supplies.
  • Theft of intellectual property.
10

The following are examples of threats to critical infrastructure from malicious insider activities, EXCEPT FOR:

  • Destroying equipment and inventory.
  • Stealing hazardous or essential materials.
  • Developing unconventional technologies.
  • Sabotaging control or other essential systems.
11

A malicious insider exploits the vulnerabilities of an entity’s security, systems, services, products, or facilities with the intent to:

  • Resist malice.
  • Achieve progress.
  • Place blame.
  • Cause harm.
12

The following are protective measures that you can take against an insider threat, EXCEPT FOR:

  • Providing non-threatening and convenient ways for employees to report suspicions.
  • Issuing universal systems access and credentials to all employees.
  • Using appropriate screening processes to select new employees.
  • Ensuring that access is terminated for employees leaving the organization.

What Others Also Viewed