IS-906 is one of the sections that is available on FEMA’s course and exam. This section talks about the Introduction to Workplace Security Awareness. This course is designed for individuals and organizations on how to improve security in a workplace.
It is known that the workplace security awareness program actually serves the participants with the right compliance and governance. Furthermore, it provides a security mechanism which safeguards tension at the workplace.
Objectives of FEMA IS-906 Course
There are a number of objectives that the participants should do after completing this course. Here are the objectives of course on FEMA IS-906:
- To identify potential risks to workplace security
- To explain measures for improving workplace security
- To determine the actions to take in response to a security situation.
- To identify core competencies which can obstruct the progress of workplace balance
- To take necessary measures to control the misplaced setup
FEMA IS-906 Answers
Are you on FEMA’s training now and looking for the answers to the IS-906 course? If so, you don’t have to worry, as this post will show you a full list of IS-906 answers. There are so many internet sources that provide the answers to the FEMA IS-906 course, but we finally got the trusted FEMA IS-906 answers from faspe.info. To know these answers, let’s check our post below!
QUESTION:
- Any software or program that comes in many forms and is designed to disrupt the normal operation of a computer by allowing an unauthorized process to occur or by granting unauthorized access is known as:
a. Trojan Horse
b. Peer-to-peer Software
c. Hacking
d. Malicious Code
- Vulnerability can be defined as:
a. Physical features or operational attributes that render an entity open to exploitation or susceptible to a given hazard.
b. The impact or effect of an event, incident, or occurrence
c. A natural or manmade occurrence, individual, entity, or action that has or indicates the potential to harm life, information, operations, the environment, and/or property
d. The potential for an unwanted outcome resulting from an incident, event, or occurrence
- TRUE OR FALSE: The security goals of confidentiality, availability, and integrity of data can be adversely impacted by malicious code.
a. True
b. False
- TRUE OR FALSE: When noticing a suspicious vehicle on the property, a responsible employee should approach the driver and ask if he/she needs assistance.
a. True
b. False
- TRUE OR FALSE: Bomb threat checklists are extremely valuable and should be made available at all workstations.
a. True
b. False
- Indicators of potential workplace violence:
a. Cannot usually be identified before an employee ‘snaps’ and commits a violent act
b. Can only be recognized by trained mental health experts
c. Are completely individualized and therefore impossible to protect against
d. Can often be managed and treated if recognized
- When addressing a suspected intruder, it is best to:
a. Attempt to shake hands with the individual, to see if the handshake is reciprocated
b. Maintain civility and trust your intuition about whether to let him or her pass
c. Use open-ended questions when asking the person the purpose of his/her visit
d. Leave it up to coworkers who know more people in the building to decide what to do
- TRUE OR FALSE: If you notice indicators of potentially violent behavior in a coworker, you must wait until you see something violent actually happen before reporting your suspicions to security personnel or human resources.
a. True
b. False
- When employees collect or handle personally identifiable information (PII), they should:
a. Share that information with other coworkers upon request
b. Apply the ‘need to know’ principle before disclosing PII to other personnel
c. Collect as much PII as they can at first contact with the individual to avoid having to get other data later
d. Recognize that sharing PII is often permissible if done for what one believes is the greater good of the community
- Tricking someone to reveal personal information, passwords, and other information that can compromise a security system is known as:
a. Social Engineering
b. Hacking
c. Telephone Solicitation
d. Mass Marketing
- Which of the following statements is NOT true about peer-to-peer (P2P) software?
a. Some P2P programs have remote-control capabilities, allowing users to take control of a computer from another computer somewhere else in the world
b. Peer-to-peer software can bypass firewall and antivirus systems by hiding activities of users, such as file transfers
c. P2P software provides direct access to another computer. Some examples include file sharing, Internet meeting, or chat messaging software
d. P2P software includes any data storage device that you can remove from a computer and take with you to a peer’s computer
- The potential for an unwanted outcome resulting from an incident, event, or occurrence is:
a. Consequence
b. Vulnerability
c. Threat
d. Risk
- An unlawful or unauthorized acquisition, by fraud or deceit, is known as a:
a. Theft
b. Diversion
c. Container Breach
d. Consequence
- Controlling doors and other entrances is an example of a measure taken to address:
a. Criminal and terrorist threats
b. Access and security control threats
c. Workplace violence threats
d. Information and cyber threats
- Password procedures, information encryption software, and firewalls are examples of measures taken to address:
a. Criminal and terrorist threats
b. Workplace violence threats
c. Information and cyber threats
d. Access and security control threats
ANSWERS:
- d. Malicious Code
- a. Physical features or operational attributes that render an entity open to exploitation or susceptible to a given hazard
- b. False
- b. False
- a. True
- d. Can often be managed and treated if recognized
- c. Use open-ended questions when asking the person the purpose of his/her visit
- b. False
- b. Apply the ‘need to know’ principle before disclosing PII to other personnel
- a. Social Engineering
- d. P2P software includes any data storage device that you can remove from a computer and take with you to a peer’s computer
- a. Consequence
- b. Diversion
- a. Access and security control threats
- c. Information and cyber threats