Pass the ASIS Physical Security Professional ASIS-PSP Questions and answers with ValidTests

The planning phase of a security system project results in key deliverables such as stakeholder identification, project requirements, timelines (meeting schedules), and budget forecasts (cost estimates). These form the foundation for design and implementation.

B, C, and D include inputs or analysis components, but they are not final outputs of the planning phase.

Risk avoidance means eliminating a threat entirely by discontinuing the activity or removing the condition that creates the risk. For example, if transporting valuable goods through a high-risk area poses too much danger, a company might choose to stop shipments through that route altogether.

References from PSP: Risk Treatment Options – ASIS POA; PSP Study Guide – Security Strategy Planning

Conspiracy in the context of theft or fraud refers to two or more individuals collaborating—often using confusion or chaos in the environment—to execute or conceal a theft. This is especially common in employee-customer collusion or multi-person theft scenarios.

Accountability (B) reduces confusion.

Invoicing (C) is a documentation process.

Proliferation (D) means rapid increase, not relevant here.

Performance testing typically involves precise measurement using calibrated instruments or devices to ensure systems meet specified performance criteria (e.g., camera resolution, sensor range, alarm response time).

A (Operational) testing checks usability.

C (Subsystem) testing targets individual components.

D (Post-maintenance) confirms system functionality after servicing.

The primary objective of a CCTV system is deterrence—by making individuals aware they are being monitored, it discourages unauthorized or criminal behavior. While recording for evidence and employee monitoring are benefits, they are secondary.

A (Reducing guard costs) may be a benefit but is not the main objective.

C (Evidence collection) supports post-incident action but doesn’t directly deter behavior.

D (Watching employees) is an application, not the core goal.

For confined interior areas containing explosive vapors or materials, non-emitting sensors are preferred to avoid ignition risk. Passive Infrared (PIR) sensors are ideal in such environments because they detect heat signatures (infrared energy) emitted by intruders without emitting any signals or energy that could trigger an explosion.

A (Ultrasonic) and C (Capacitance) sensors emit signals.

D (Passive vibration sensors) detect vibration and are used in a different context, like surface tampering.

In the organizational structure of a security function, the core activities typically include:

Managerial: Oversight, policy development, leadership.

Administrative: Recordkeeping, personnel management, compliance.

Preventive: Strategies and operations to deter incidents before they occur.

Investigative: Reactive efforts to determine the cause of incidents or breaches.

These functions vary depending on the organization and risk profile but represent the foundational elements of an effective security program.

A trapdoor (also known as a backdoor) is a hidden method used by developers or attackers to bypass normal authentication or access controls in software. However, in technical distinction, a “trapdoor” refers more to unintentional or overlooked access, while “backdoor” is often intentional. For this question, since it emphasizes “unintentional access,” trapdoor is the best fit.

Bomb (A): Refers to logic bombs—malicious code triggered by specific conditions.

Backdoor (C): Usually intentionally left in place by developers or attackers.

Trojan Horse (D): Malware disguised as legitimate software.

Comprehensive Detailed Explanation:

To implement effective preventive maintenance, you must have access to the manufacturer's specifications for each component. These specifications provide details such as recommended maintenance intervals, acceptable tolerances, environmental operating conditions, and part replacement guidelines.

A (MTBF), B (Performance reports), and C (Failure rates) are useful for analysis, but the foundational document for preventive action is the manufacturer’s specification.

Comparative fault, also known as comparative negligence, is a legal principle where the plaintiff’s own actions are taken into account when determining liability and awarding damages. If a person contributed to their own injury—e.g., by entering a restricted area—their compensation may be reduced proportionally to their share of fault.

Control tactics (A) and Defensive control (C) relate to use-of-force procedures, not legal doctrines.