Final Exam for: IS-921.a: Implementing Critical Infrastructure Security and Resilience 1. Which of the following threats should we prioritize the highest when managing risk? A. Threats with the greatest consequences should they occur B. Threats with the lowest probability of occurring C. Threats that are confined to residential neighborhoods D. Threats that are limited to publicly-owned infrastructure2. Which of the following is a benefit of critical infrastructure partnerships for owners and operators? A. Partners automatically receive access to sensitive and classified threat information. B. Partners are eligible for subsidies under the National Infrastructure Protection Act. C. Partners receive timely and useful information about threats to critical infrastructure. D. Information provided by partners can satisfy regulatory reporting requirements .3. The following are examples of protective measures, EXCEPT FOR:A. Automating inventory functions. B. Installing security systems. C. Hardening facilities. D. Building system redundancies .4. Complete the Statement: Critical infrastructure security and resilience plans should explicitly address the following topics, EXCEPT FOR.A. Partnership building and information sharing. B. Corrective actions. C. Roles and responsibilities. D. Risk management. 5. Complete the Statement: Continuous improvement activities provide the following benefits, EXCEPT FOR:A. They help to identify gaps in policies, plans, and procedures. B. They better prepare personnel to protect against potential threats. C. They enable participants to apply policies, plans, and procedures in a safe environment. D. They help to identify best practices from other industries .6. Complete the Statement: The most effective protective programs have the following characteristics, EXCEPT FOR:A. Coordinated. B. Risk-informed. C. Delegated . D. Cost-effective. 7. What are the two factors used to evaluate reported information?A. The relevance of the information to terrorism or to other threats B. The reliability of the information and whether it is actionable C. The reliability of the source and the validity of the information D. The currency of the information and the evaluation of the source 8. What step is needed after information is collected?A. Validate information B. Establish information analysis centers C. Form public-private partnerships D. Determine information resources 9. What is government’s role when engaging owners and operators to form partnerships?A. Encouraging and providing incentives to owners and operators to take action to make critical infrastructure secure and resilient B. Creating partnerships that rely on civic engagement for critical infrastructure protection C. Developing relationships with government regulatory partners that include mechanisms for sharing mandatory data D. Working with owners and operators to enforce compliance with widely-held protective measures and practices 10. Complete the Statement: Critical .

1. Final Exam for: IS-921.a: Implementing Critical Infrastructure
Security and Resilience
1. Which of the following threats should we prioritize the
highest when managing risk?
A. Threats with the greatest consequences should they occur
B. Threats with the lowest probability of occurring
C. Threats that are confined to residential neighborhoods
D. Threats that are limited to publicly-owned infrastructure2.
Which of the following is a benefit of critical infrastructure
partnerships for owners and operators?
A. Partners automatically receive access to sensitive and
classified threat information.
B. Partners are eligible for subsidies under the National
Infrastructure Protection Act.
C. Partners receive timely and useful information about threats
to critical infrastructure.
D. Information provided by partners can satisfy regulatory
reporting requirements
.3. The following are examples of protective measures,
EXCEPT FOR:A. Automating inventory functions.
B. Installing security systems.
C. Hardening facilities.
D. Building system redundancies
.4. Complete the Statement: Critical infrastructure security and
resilience plans should explicitly address the following topics,
EXCEPT FOR.A. Partnership building and information sharing.
B. Corrective actions.
C. Roles and responsibilities.
D. Risk management.
5. Complete the Statement: Continuous improvement activities
provide the following benefits, EXCEPT FOR:A. They help to
identify gaps in policies, plans, and procedures.
B. They better prepare personnel to protect against potential
threats.

2. C. They enable participants to apply policies, plans, and
procedures in a safe environment.
D. They help to identify best practices from other industries
.6. Complete the Statement: The most effective protective
programs have the following characteristics, EXCEPT FOR:A.
Coordinated.
B. Risk-informed.
C. Delegated .
D. Cost-effective.
7. What are the two factors used to evaluate reported
information?A. The relevance of the information to terrorism or
to other threats
B. The reliability of the information and whether it is actionable
C. The reliability of the source and the validity of the
information
D. The currency of the information and the evaluation of the
source
8. What step is needed after information is collected?A.
Validate information
B. Establish information analysis centers
C. Form public-private partnerships
D. Determine information resources
9. What is government’s role when engaging owners and
operators to form partnerships?A. Encouraging and providing
incentives to owners and operators to take action to make
critical infrastructure secure and resilient
B. Creating partnerships that rely on civic engagement for
critical infrastructure protection
C. Developing relationships with government regulatory
partners that include mechanisms for sharing mandatory data
D. Working with owners and operators to enforce compliance
with widely-held protective measures and practices
10. Complete the Statement: Critical infrastructure threat
assessments should evaluate the following threats, EXCEPT
FOR:A. Qualified workforce shortages.
B. Drought.

3. C. Cyber/database failures.
D. Domestic terrorist attacks.
11. Complete the Statement: Exercises conducted with major
stakeholders strengthen security and resilience capabilities by
helping to:
A. Provide outreach and training resources to major
stakeholders.
B. Improve communications and promote consistency.
C. Identify best practices through benchmarking.
D. Exploit vulnerabilities and weaknesses in protective
measures.
12. Complete the Statement: The responsibility for developing
business continuity and emergency management plans to
address the direct effects of incidents lies with:
A. The Federal Emergency Management Agency.
B. The DHS Office of Infrastructure Protection.
C. Sector Specific Agencies.
D. Critical infrastructure owners and operators.
13. Complete the Statement: Implementation plans provide the
following benefits, EXCEPT FOR
:A. They provide a schedule for the completion of actions.
B. They identify specific actions that must be taken.
C. They identify expected outcomes from corrective actions.
D. They identify areas for improvement.
14. Which of the following provides a set of tools for owners
and operators to assess critical infrastructure asset
vulnerabilities?
A. The National Terrorism Advisory System
B. The Homeland Security Exercise and Evaluation Program
C. The Critical Infrastructure Resource Center
D. The Automated Critical Asset Management System
15. Complete the Statement: Critical infrastructure partners
focus their information collection efforts and lay the foundation
for a common operating picture by:
A. Identifying information needs up front
B. Participating in industry partnerships

4. C. Registering in warning and alert programs
D. Implementing the Critical Information Protection program
16. Complete the Statement: One of the key benefits of
Protected Critical Infrastructure Information (PCII) is that it:A.
Makes classified threat information available to owners and
operators.
B. Permits discovery under Federal, State, and local disclosure
laws.
C. Includes threat awareness materials tailored to a particular
sector’s needs.
D. Cannot be used for regulatory purposes.
17. Owner/operator concerns about sharing sensitive or
proprietary information can be moderated by the following,
EXCEPT FOR:
A. Developing and establishing agreements in advance about the
use of shared information.
B. Identifying classified information networks to protect
proprietary information.
C. Building confidence and trust over time.
D. Leveraging existing public-private partnerships.
18. Complete the Statement: Risk management identifies how
threats will be deterred
:A. Vulnerabilities eliminated, and consequences exploited.
B. Vulnerabilities mitigated, and consequences minimized.
C. Vulnerabilities eliminated, and consequences minimized.
D. Vulnerabilities mitigated, and consequences exploited.
19. What document provides the unifying structure for the
integration of critical infrastructure security efforts and
resilience strategies into a single national program?A. The
Sector-Specific Protection Plan
B. The Critical Infrastructure Response Plan
C. The National Infrastructure Protection Plan
D. The Homeland Security Response Plan
20. The following statements are applicable to establishing
partnership goals, EXCEPT FORA. Goals should help partners
to identify specific risk-reduction strategies that will most

5. significantly enhance security and resilience.
B. Goals should help partners maintain a common vision of
desired security and resilience criteria.
C. Goals should reflect the broad security and resilience goals
of the full range of partners.
D. Goals should duplicate those met under existing emergency
operations programs.
High School Football declining due to Injuries/ Injuries in
Sports
Discuss the significance and meaning of a purpose statement in
a research project. Then, select a potential research topic
related to your degree path (Sports and Health Sciences or
Sports Management) and develop a purpose statement example
for this topic. Your purpose statement should demonstrate
thoughtful consideration of the ideas and concepts that are
presented in the course and provide new thoughts and insights
relating directly to this topic. Your purpose statement should
reflect scholarly writing.
· Overview
Your writing needs a purpose, specific aim or goal. A clear
reason for writing your research paper is particularly important.
Developing and writing a purpose statement can be daunting.
You want your statement to be narrow yet broad - certainly an
oxymoron. This week you will learn how to write an effective
purpose statement.
Objectives
· Generate each section of the scholarly paper
Specific Topics
The Purpose Statement (Specific Aims)
Key Learning Concepts
· Using a script for writing a qualitative purpose statement

6. · Considering how the script would change depending on your
qualitative design
· Using a script for writing a quantitative purpose statement
· Considering how the script would change depending on your
quantitative design
· Using a script for writing mixed methods purpose statement
· Considering how the script would change depending on your
mixed methods design
Creswell, J.W. (2009). Research design: Qualitative,
quantitative, and mixed methods approach (5th Ed.) Twelve
Oaks, CA: Sage Publications.
Please read Chapter 6 The Purpose statement
· During Week 3, you learned the introduction is important to
catch the reader’s attention and keep it. Now that you have
engaged the reader, you need to tell then succinctly why you
want them to take time to read your paper.
During this week’s lesson, you will learn how to writing a
purpose statement for each of the different research approaches.
You will gain experience designing and writing these
statements.