Lesson 6.1: Simulated Domain Drills

By /

Back to: ASIS PSP – Preparation Course

0

Objective: By the end of this lesson, you will be able to deconstruct complex scenario-based questions, identify the “distractor” answers that look correct but are wrong, and apply the “ASIS Mindset” to select the Best answer among several good options.

1. Anatomy of a Scenario Question

The PSP exam is famous for questions that are a paragraph long. They give you too much information on purpose to test your ability to filter noise.

The “Filter” Method

When you see a long scenario, do not read it linearly.

  1. Read the Last Sentence First: This is the actual question. (e.g., “What should be the PSP’s PRIMARY concern?”).
  2. Scan for Constraints: Look for capitalized or absolute words in the scenario text.
    • Budget: “The client has limited funds.”
    • Timeline: “The project must be finished by Friday.”
    • Code: “The facility is a hospital” (implies strict fire/life safety).
  3. Identify the Phase: Are we in Assessment (Thinking), Design (Planning), or Implementation (Building)?
    • Trap: If you are in the Assessment phase, the answer “Install a camera” is wrong. You haven’t finished assessing yet!

2. Domain 1 Drill: Assessment (The “Best” vs. “Correct” Trap)

Scenario: You are conducting a risk assessment for a historic government building. The client is worried about vehicle-borne IEDs (VBIEDs). You identify that the building is only 10 feet from a busy public street. You recommend installing K12-rated bollards. The client rejects this because the local historical society forbids altering the sidewalk appearance.

Question: What is your FIRST course of action?

A. Insist on the bollards because life safety overrides historical aesthetics. B. Accept the risk on behalf of the client. C. Re-evaluate the risk and propose alternative mitigation strategies (e.g., planters or street closures). D. Install video surveillance to detect vehicles approaching the building.

Analysis:

  • A (The “Safety Zealot” Answer): Incorrect. You are a consultant, not a dictator. You cannot “insist” if the client (or law) says no.
  • B (The “Lazy” Answer): Incorrect. You cannot accept risk for the client. Only the asset owner can accept risk.
  • C (The ASIS Answer): Correct. If one treatment (Engineering Control) fails, you loop back and find another (Procedural or different Engineering).
  • D (The “Tech” Answer): Incorrect. Cameras detect, they do not stop a bomb. This does not mitigate the specific threat of VBIED impact.

Key Lesson: When a specific countermeasure is rejected, the correct step is usually to re-assess or propose alternatives, not to force the original idea.

3. Domain 2 Drill: Design (The “Code vs. Security” Conflict)

Scenario: You are designing the access control for a high-security server room. The IT Director demands a “Fail Secure” electric strike so that if power is cut, the door remains locked to protect the data. The room has only one door.

Question: Which standard dictates your final design decision?

A. UL 294 (Access Control System Units). B. NFPA 101 (Life Safety Code). C. The Client’s Information Security Policy. D. GDPR (Data Privacy Regulations).

Analysis:

  • A & D: Relevant standards, but not the governing conflict here.
  • C: The client wants the door locked.
  • B (The “Trump Card”): Correct. NFPA 101 dictates that you cannot trap people in a room during a fire. If there is only one door, it generally must allow free egress. You cannot prioritize data protection over human life. The door must be Fail Safe (or have mechanical free egress).

Key Lesson: In any conflict between Security (Asset Protection) and Safety (Human Life), Safety always wins.

4. Domain 3 Drill: Implementation (The Project Manager’s Dilemma)

Scenario: You are the Project Manager for a CCTV upgrade. During installation, the contractor discovers that the existing conduit is crushed and cannot be used. Running new conduit will cost an extra $5,000 and delay the project by 3 days. The project has a strict budget but a flexible timeline.

Question: What step must you take BEFORE authorizing the work?

A. Tell the contractor to proceed immediately to minimize the delay. B. Pay for the conduit out of your own company’s overhead to save the relationship. C. Process a formal Change Order (CO) requesting approval for the cost increase. D. Update the Gantt chart to reflect the 3-day delay.

Analysis:

  • A (The “Cowboy”): Incorrect. You are spending money you don’t have authorization for. This is “Scope Creep.”
  • B (The “Martyr”): Incorrect. Never pay for client infrastructure out of your pocket.
  • C (The PMI Answer): Correct. You must formally document the change in Scope (New conduit), Cost (+$5k), and Time (+3 days) and get a signature.
  • D (The “Admin”): You will do this after the Change Order is approved, not before.

Key Lesson: “Get it in writing.” Never authorize work or spend money without a signed Change Order.

5. The “Keyword” Hunter Strategy

For the next 10 questions you practice, highlight these words before you read the answers:

  1. “PRIMARY”: Means multiple answers are right, but one is more important (usually Life Safety).
  2. “FIRST”: Means you are looking for the start of a sequence. (e.g., Survey comes before Design).
  3. “MOST”: Means you need the most effective solution. (e.g., A fence is good, but a wall is better).
  4. “IMMEDIATE”: Implies an emergency response or a direct fix to a critical vulnerability.