SFPC TEST 2023-2024 ACTUAL EXAM 200 QUESTIONS AND CORRECT DETAILED ANSWERS WITH RATIONALES (100% CORRECT AND VERIFIED ANSWERS) |ALREADY GRADED A||BRAND NEW!!

What are the 5 elements of PERSEC?

1. Designation
2. Investigation
3. Adjudication
4. Reinvestigation
5. Continuous Evaluation

What is the 5 criteria adjudicators use when determining eligibility for a security clearance?

1. Honesty
2. Reliability
3. Character
4. Loyalty
5. Trustworthiness

Define continuous evaluation
uninterrupted assessment of an individual for retention of a security clearance eligibility or a continuing assignment to sensitive duties

What does the Continuous Evaluation Program (CEP) do?
Monitors employees for new information or changes since the last investigation or reinvestigation

What the prerequisites for interim clearance eligibility?

1. Valid need for access
2. Favorable review of SF-86
3. All minimum requirements are met

What are the 4 civilian personnel designations?

1. Special-sensitive
2. Critical-sensitive
3. Noncritical-sensitive
4. Nonsensitive

What are special-sensitive positions?
Civilian position with potential for inestimable damage to NS or inestimable adverse impact to the efficiency of the DoD/Military; consists of SCI, SAP, or positions the DoD component head determines to be at a higher level of security

What are critical-sensitive positions?
A civilian NS position that has the potential to cause exceptionally grave damage to NS; consists of TOP SECRET duties, fiduciary duties or designation from DoD component head

What are noncritical sensitive positions?
A civilian NS position with the potential to cause significant or serious damage to NS; consists of positions requiring access to CONFIDENTIAL/SECRET info

Define the Hatch Act of 1939
Established the initial guidelines for personnel security – requiring employees to pledge allegiance to the US

What are the objectives of Joint Clearance and Access Verification System (JCAVS)?

1. Update security accesses
2. Allow communication amongst other offices and CAFs
3. Facilitate management tasks (personnel actions/reports/notifications)

What is the objective of JPAS?
JPAS uses a centralized database with computer processing and application programs for standard DoD PERSEC processes. Comprises JCAVS and JAMS

Define and describe CATS
Case Adjudication Tracking System – used by DoD CAF adjudicators to review electronic PSIs completed by NBIB

What is DISS and what two programs does it replace?
Defense Information System for Security. It replaces CATS and JPAS

What are the 4 information advisements required under the Privacy Act of 1974?

1. Under what authority is the information being gathered?
2. What is the principal purpose for gathering the information?
3. How will the information routinely be used?
4. Is providing the information mandatory or voluntary; what are the consequences for refusal to provide information

What are the standards for creating classified working papers?

1. They are dated upon creation
2. They are marked with the classification and “WOKRING PAPERS”
3. They are destroyed when no long needed or brought into accountability (180 days)

Name the classified coversheet titles?
SF-703 = TOP SECRET
SF-704 = SECRET
SF-705 = CONFIDENTIAL

Original Classification
Determines in the info is official government info, classification eligibility (including threat and level), duration of classification, and communicates the decision

Derivative Classification
an assumed responsibility of anyone who applies markings for a new document or material conveying classified info

Scheduled Declassification
Occurs when the instructions assigned by the OCA are followed (instructions consist of either a date or event)

Automatic Declassification
Classified records that have been determined to have permanent historical value under Title 44 of USC are automatically declassified on Dec 31 of the year that is 25 years from the date of its original classification

Mandatory Declassification Review
Initiates a declassification review as requested from the public. The originating agency must respond to the request in a timely manner

What the 6 Steps of Original Classification?

1. Government info confirmation
2. Eligibility
3. Impact
4. Designate classification level
5. Duration
6. Guidance

What are the 5 types of government inspection ratings?

1. Superior
2. Commendable
3. Satisfactory
4. Marginal
5. Unsatisfactory

Define vulnerability
weakness that could be exploited to gain unauthorized access to information or an information system

What are the 3 types of Risk Management (IA) ?

1. Risk Assessment – identifying controls
2. Risk Mitigation – implementing controls
3. Evaluation – as needed / scheduled

What are the 4 characteristics of controls?

1. Testable
2. Measurable
3. Assignable
4. Accountable

What are the 6 steps of RMF Assessment & Authorization?

1. Categorize system
2. Select security controls
3. Implement security controls
4. Assess security controls
5. Authorize system
6. Monitor security controls

What are the 5 types of IS security violations?

1. Unauthorized access
2. Data spills
3. Processing classified info on an unclassified system
4. Failure to report suspicious contacts
5. Inadvertent exposure

Define E.O. 13467 (PERSEC)
Established an efficient, reciprocal, and aligned system to investigate and determine suitability and national security eligibility

What the 5 Tiers of National Security adjudication?
Tier 1: non-sensitive, low risk positions
Tier 2: non-sensitive, moderate risk positions
Tier 3: non-critical sensitive positions requiring confidential, secret, or “L” access eligibility
Tier 4: non-sensitive, high risk public trust
Tier 5: Critical sensitive and special sensitive positions requiring TOP SECRET, SCI, or Q eligibility

What are the requirements for initial assignment to a Presidential Support Activities (Yankee White) Category 2 position?
Favorable completion of T5 SSBI within 36 months preceding selection

What is the purpose of the Federal Acquisition Regulation (FAR)?
To codify and publish uniform policies and procedures for acquisition by all executive agencies

What is the role of the Special Access Program Oversight Committee (SAPOC) during the maintenance phase of the SAP lifecycle?
To review existing programs annually to determine whether to revalidate them as SAPs

Define acquisition SAP
A SAP established to protect sensitive research, development, testing, and evaluation, modification, and procurement activities

Define intelligence SAP
A SAP established primarily to protect the planning and execution of especially sensitive intelligence or CI operations or collection activities

Define operations and support SAP
A SAP established primarily to protect the planning for, execution of, and support to especially sensitive military operations. An operations and support SAP may protect organizations, property, operational concepts, plans, or activities

Define Security-in-Depth
Layered and complementary security controls sufficient to deter, detect, and document unauthorized entry and movement within the facility

What is the purpose of Intrusion Detection System (IDS)
Deter, detect, and document

What are the components of IDS?
Sensors, control or transmission units, monitor units, and computer monitoring stations

List and define the four operational phases of IDS

1. Detection: begins as soon as a detector or sensor reacts to the stimuli
2. Reporting: begins when the premise control unit (PCU) receives signals from sensors in the protected area and incorporates the signals into a communication scheme
3. Dispatch: the first phase requiring human interaction – operator initiates the appropriate response
4. Response/Assessment: initiated once a response force is dispatched and continues when they arrive at the scene of the alarm

What are the 3 types of IDS monitoring?

1. Local
2. Proprietary
3. Central Station

What are the 2 types of locks?

1. Combination (electromechanical/mechanical/padlock)
2. Key operated (high security padlock/low security padlock/mortise lock)

What are the 4 types of lighting?

1. Continuous
2. Standby
3. Emergency
4. Movable

What kind of electromechanical locks meet the FF-L-2740 standard to secure classified material in security containers, vaults, or other secure rooms?
Kaba Mas X-07, X-08, X-09, X-10, CDX-07, CDX-08, CDX-09 and CDX-10 locks and S&G 2740, 2740B, and 2890 Pedestrian Door Locks.

What are vulnerabilities?
Weaknesses, characteristics, or circumstances that can be exploited by an adversary to gain access to information/assets

What are the objectives of physical security?
Identify assets, identify threats, identify vulnerabilities

What are host organization responsibilities for facility visits?
Determine the need for the visit, confirm visitor PCL, determine NTK, control visitor access during visit

When must you obtain an export authorization for discussion of classified information with international visitors?
Both incoming and outgoing international visits. Access control procedures should ensure that the disclosure of, and access to, export-controlled articles and related information is limited to those that are approved by an export authorization.

When is Technology Control Plan (TCP) needed for long-term visitors?
A TCP is required to control access by foreign nationals assigned to, or employed by, cleared contractor facilities.

When should you provide threat awareness training for international visits?
Both incoming and outgoing visits. Personnel interacting with foreign visitors should receive threat awareness briefings and personnel going overseas must receive threat awareness and antiterrorism/force protection security briefings.

What are 5 steps of the OPSEC process?

1. Identify critical information
2. Analyze threats and adversaries
3. Analyze vulnerabilities
4. Conduct risk assessment
5. Choose/apply countermeasures

What do operational and logistical countermeasures (OPSEC) do?
They randomize the performance of functions and operational missions

What do technical countermeasures (OPSEC) do?
Limit nonsecure computer e-mail messages to nonmilitary activities. Do not
provide operational information in nonsecure e-mail messages

What are the 5 criteria for OPSEC survey assessment?

1. Purpose
2. Scale
3. Frequency
4. Resources
5. Design

Define Information Assurance (IA)
Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation

What are Information Owner (IO) responsibilities during the categorize system step of RMF?
Identifies the potential impact (low, moderate, or high) resulting from loss of confidentiality, integrity, and availability if a security breach occurs

What are the categories of information technology in RMF?

1. Platform Information Technology (PIT)
2. PIT Systems
3. Information Technology Services
4. Information Technology Products
5. Information systems

What does the Security Authorization package consist of?

1. Security Assessment Report
2. Plan of Action and Milestones (POA&M)
3. Security Plan

Define loss of availability
The IS, network, and/or data are unavailable to authorized users, and missions or operations cannot be performed

Define loss of confidentiality
The data may be available in an electronic form to users who are not authorized to receive it

Define loss of integrity
The data can no longer be trusted to be reliable or accurate

What is an Authorizing Official (AO)?
A designated senior manager who reviews a certification report and makes the decision to approve the system for implementation

What is classification by compilation?
Combining or associating unclassified individual elements of information with one classification level to reveal additional association or relationship that warrants a classified level of protection

What is derivative classification?
Incorporating, paraphrasing, restating, or generating in a new form any information that is already classified and then marking the newly developed material consistent with guidance from the SCG

What is DD Form 254?
Contract Security Classification Specification – specifies security requirements of the contract, covers clearance and access requirements, authorizes contractor to generate classified information

What is Statement of Work (SOW)?
A document that is provided by the government to the contractor which outlines in detail what will be required to complete a contract

What is DD Form 441?
DoD Security Agreement – a legally binding document between the government and the cleared contract that performs the work

What is SF 328?
Certificate pertaining to Foreign Influence

What are the 5 elements to obtaining a facility clearance?

1. Sponsorship
2. Security Agreement
3. A certificate pertaining to foreign interests
4. Organization
5. Key management personnel clearances

What are the 4 systems of declassification?

1. Scheduled
2. Automatic
3. Mandatory
4. Systematic

PSI reports must be destroyed by DoD recipient organizations within how many days following completion of the necessary security determination?
90 days

What is an initial/indoctrination briefing?
Used to identify security responsibilities, provide a basic understanding of DoD security policies, and explain the importance of protecting government assets

What requirements are necessary to perform classified activities from non-traditional locations?

1. Employee must be trained to operate classified information systems
2. Employee must be trained on protection and storage of classified information and COMSEC
3. Employee must receive written approval for use of classified material the location

Which of the following security program areas would you find practitioners who train and/
or advise Original Classification Authorities in the application of the process for making
classification determinations?
A. Information Security
B. Physical Security
C. Personnel Security
D. Industrial Security
A. Information Security

Which of the following security program areas would you find practitioners working with a
facility’s Antiterrorism Officer to deploy defensive measures designed to reduce the facility’s
vulnerability from terrorist attacks?
A. Information Security
B. Physical Security
C. Personnel Security
D. Industrial Security
B. Physical Security

Which of the following security programs areas would you find practitioners involved with
processes that monitor employees for new information that could affect their security clearance
eligibility status?
A. Foreign Disclosure
B. Information Security
C. International Security
D. Operations Security
E. Personnel Security
F. Physical Security
G. Research and Technology Protection
H. Information Assurance
E. Personnel Security

Two security professionals – Paul and Ashley – are discussing security program areas.
Paul says that Information Security practitioners train and/or advise Original Classification
Authorities in the application of the process for making classification determinations.
Ashley says that Physical Security practitioners work with a facility’s Antiterrorism Officer to
deploy defensive measures designed to reduce the facility’s vulnerability from terrorist attacks.
Who is correct?
A. Paul is correct
B. Ashley is correct
C. Paul and Ashley are both correct
D. Paul and Ashley are both incorrect
C. Paul and Ashley are both correct

Two security professionals – Paul and Ashley – are discussing security program areas.
Paul says that Information Security practitioners work with a facility’s Antiterrorism Officer to
deploy defensive measures designed to reduce the facility’s vulnerability from terrorist attacks.
Ashley says that Personnel Security practitioners train and/or advise Original Classification
Authorities in the application of the process for making classification determinations.
Who is correct?
A. Paul is correct
B. Ashley is correct
C. Paul and Ashley are both correct
D. Paul and Ashley are both incorrect
D. Paul and Ashley are both incorrect

Which of the following is a true statement regarding the special handling requirements of Foreign Government Information (FGI)?

a. When the classification marking on a document containing FGI is not in English, or when the foreign government marking requires a different degree of protection than
the same U.S. classification designation, a U.S. marking that results in a degree of protection equivalent to that required by the foreign government shall be applied.
b. A U.S. document containing FGI cannot be declassified or downgraded below the highest level of FGI contained in the document without the permission of the foreign government or international organization that originated the information.
c. Those holding security clearances issued by the U.S. government cannot access U.S. documents containing FGI without written consent from the originating foreign government.
d. The receiving DoD Components must maintain records for 1 year of the receipt, internal distribution, destruction, annual inventory, access, reproduction, and transmittal of foreign government Top Secret information.
B

Which of the following is a requirement for access to North Atlantic Treaty Organization (NATO) information?
a. Personnel has been subject of a Single Scope Background Investigation (SSBI), including a National Agency Check (NAC) on the spouse and all members of the individual’s immediate family of 18 years of age or over who are United States citizens other than by birth or who are resident aliens.
b. Personnel has been subject of a favorably adjudicated background investigation (BI) (10-year scope), Tier 5, current within five years prior to the assignment, and completed a NATO brief.
c. Personnel has been subject of a favorably adjudicated BI (10-year scope), Defense National Agency Check with Inquiries (DNACI)/ National Agency Check with Inquiries (NACI) or NACI Entrance National Agency Check (ENTNAC), current within five years prior to the assignment.
d. Personnel requiring access to NATO COSMIC (Top Secret) or SECRET information must at least possess the equivalent interim U.S. security clearance.
B

According to Executive Order 13556, which of the following
is considered a type of controlled unclassified information (CUI)?
a. Communications Security (COMSEC) Information
b. Declassified Information
c. Law Enforcement Sensitive (LES) Information
d. North Atlantic Treaty Organization (NATO) Information
C. Law Enforcement Sensitive Information

What is the purpose of marking classified materials?
a. To alert holders to the presence of classified information, how to properly protect it, and for how long.
b. To deter foreign adversaries from committing actions aimed at accessing such information.
c. To provide guidance for interpretation and analysis of classified information.
d. To alert holders to the methods used to collect classified information.
A

What is included in the markings of classified information?
a. Derivative classifier as the authority to make declassification determinations.
b. Agencies and authorities that have previously accessed the classified information.
c. Document holder as the sole authority to make transfer and dissemination determinations.
d. Sources and reasons for the classification.
C

What is the purpose of the Controlled
Access Program Coordination (CAPCO) register?
a. To identify the categories, types, and levels of Special Access Programs (SAPs.)
b. To define the authorities for classifying, declassifying, and regrading sensitive documents.
c. To identify the official classification and control markings, and their authorized abbreviations and portion markings.
d. To define the requirements, restrictions, and measures necessary to safeguard classified information from unauthorized disclosure.
C

When a classified data spill occurs, who is responsible for ensuring that policy requirements for addressing an unauthorized disclosure are met?
a. Activity Security Manager
b. Information Assurance Staff
c. Information Assurance Manager
d. Information Assurance Officer
A

There are five information assurance attributes that are important to protect and defend DoD networks and information. If there was a loss in non- repudiation, what would this cause in relation to information assurance?**
a. Data is no longer reliable, accurate, nor trusted.
b. Data may potentially be available to unauthorized users via electronic form.
c. General communications are no longer trusted.
d. Potential of unauthorized access to classified data.
e. Data is no longer available to authorized users, and missions cannot be conducted.
B

Which of the following examples describes
a security violation rather than a security infraction?
a. On a busy day, Karen printed classified documents on the printer in her open storage/secure room. She forgot about the documents and they remained on the printer for about an hour before she retrieved them.
b. Karen was late for a meeting in a different area of her building. She put a classified document in a folder she believed was marked for carrying classified materials. When handing out the materials, Karen realized that the folder was not marked for carrying classified materials, she had put the documents in the wrong folder.
c. At the end of the day, Karen was leaving and taking with her unclassified documents she would review at home. When she began to review those documents that night, she realized that classified materials had slipped in between the unclassified materials.
d. Karen was working a mission related to Mexican Drug cartel operating out of Playa Carmen. Her husband planned a golf trip with friends to that area. She advised him not to go, and believing that it was a safety issue, she provided sensitive details about the cartel to make sure that he did not go.
C

The inability to deny you are the sender of an email would be an indication of a lapse in:**
a. Non-Repudiation
b. Confidentiality
c. Integrity
d. Availability
A. Non-repudiation

Unauthorized disclosure and loss of privacy is a lapse in:**
a. Confidentiality
b. Integrity
c. Availability
d. Authentication
A

Which of the following is the first action done to downgrade, declassify
or remove classification markings? a. Through the appropriate chain of command, contact the original classification authority (OCA) to confirm that information does not have an extended classification period.
b. Change the classification authority block to indicate “Declassify ON:” to show the new declassification instructions.
c. Take all classification markings off the document and redistribute.
d. Request a waiver from the Information Security Oversight. Office (ISOO) to remove the declassification markings.
A

All of the
following are requirements to perform classified activities from non-traditional locations (e.g., the employees home), EXCEPT:
a. The employee must be trained to operate classified information systems.
b. The employee must be trained on protection and storage of classified information and Communications Security (COMSEC) materials.
c. The employee must receive written approval for use of classified information and equipment at home.
d. The employee must have an office space that meets requirements comparable to the Sensitive Compartmented Information Facility (SCIF).
B

What is the purpose of the Personnel Security Program (PSP)?
a. To define original classification for DoD assets and information.
b. To designate individuals for positions requiring access to classified information.
c. To ensure that only loyal, trustworthy, and reliable individuals may access classified information or perform sensitive duties.
d. To describe the safeguarding requirements personnel must employ when handling classified materials at a cleared contractor facility.
C

DoD reciprocally accepts existing national security eligibility determinations or clearances from other Government agencies in accordance with which of the following policy documents?
a. Office of Management and Budget Memorandum M-05-24, “Implementation of Homeland Security Presidential Directive (HSPD) 12 – Policy for a Common Identification Standard for Federal Employees and Contractors,”.
b. Executive Order 13467, “Reforming Processes Related to Suitability for Government Employment, Fitness for Contractor Employees, and Eligibility for Access to Classified National Security Information”.
c. Sections 301 and 7532 of title 5, United States Code.
d. Executive Order 13526, “Classified National Security Information”.
B

Review of Tier 5 on an individual disclosed that the subject had been a member of
an anarchist organization dedicated to disestablishing existing Federal laws and overthrowing the U.S. government by any means necessary, including violence. Although the subject terminated his membership with the organization upon learning he would be investigated for
a clearance for his new position, he still maintains social contact with several members of the anarchist organization. Based on this information, which of the following adjudicative guidelines is most appropriate for an adjudicator to apply to the case?
a. Psychological Conditions
b. Foreign Preference
c. Allegiance to the United States
d. Criminal Activity
C

19. Which of the following is considered an element of the Personnel Security Program (PSP)?
    a. Risk Assessment and Analysis
    b. Implementation
    c. Classification
    d. Continuous Evaluation
    D

Limited access to classified information for
specific programs may be approved for non-U.S. citizens only under which of the following conditions?
a. The subject is eligible to access material marked by a foreign government that is equivalent to a U.S. Top Secret classification marking.
b. The subject will only have one-time access to specific material, after which the material will be appropriately destroyed or returned to the originating U.S. agency
c. The subject will only have access to classified U.S. documents containing Foreign Government Information (FGI) originating from the foreign country of which the subject is a citizen.
d. The prior 10 years of the subject’s life can be appropriately investigated.
D

Which of the following is the investigative requirement for access to
Single Integrated Operational
Plan-Extremely Sensitive Information (SIOP- ESI)?
a. Individual has a valid favorably adjudicated Tier 5 or Single Scope Background (SSBI) Investigation.
b. Individual has a valid favorable adjudicated Tier 3 or National Agency Check with Local Agency Check (NACLC) investigation.
c. Individual has a valid favorably adjudicated Tier 3 or Access National Agency Check with Written Inquiries and Credit Check (ANACI) investigation.
d. Individual has a valid favorably adjudicated Tier.
A

Which of the following is not qualifying criteria for personnel assigned to nuclear weapons personnel reliability assurance positions?
a. Individual must be a U.S. Citizen
b. Individual has a security clearance eligibility in accordance with the position
c. Individual is subject to a periodic reinvestigation every three years
d. Individual must be continuous evaluated
C

Which of the following is correct regarding the investigation requirement for initial assignment to a Presidential Support Activities (i.e. Yankee White) Category 2 position?
a. Favorably completed Tier 5/Single Scope Background Investigation (SSBI) within 36 months preceding selection.
b. Favorably completed Tier 3/National Agency Check with Local Agency Check (NACLC) within 36 months preceding selection.
c. Favorably completed Tier 5/SSBI within 24 months preceding selection.
d. Favorably completed Tier 3/NACLC within 24 months preceding selection.
A

Which of the following adjudication processes refers to a person’s identifiable character traits and conduct sufficient to decide whether employment or continued employment would or would not protect the integrity or promote the efficiency of the Federal service?
a. Homeland Security Presidential Directory (HSPD) 12 credentialing
b. National security adjudication
c. Suitability adjudication
d. Continuous evaluation
C

All unclassified DoD information in the possession or control of non-DoD entities on non-DoD information systems, to the
extent provided by the applicable grant, shall minimally be safeguarded under which of the following standards?
a. Information holders must use the Secret Internet Protocol Router Network (SIPRNET) to transmit such information.
b. Such information may be store in an open storage area, provided the room is equipped with an Intrusion Detection System (IDS) with the personnel responding to an alarm within 15 minutes of the alarm annunciation.
c. Such information must be stored in a General Services Administration (GSA)-approved security container equipped with a lock meeting FF-L-2740 standards.
d. Organizational wireless connections holding such information must be encrypted, and those accessing such information must use encrypted wireless connections where available when traveling.
D

Copies of personnel security investigative reports must be destroyed by DoD recipient organizations, within how many days following completion
of the necessary personnel security determination?
a. 30 days
b. 45 days
c. 60 days
d. 90 days
D

Which of the following limitations is true regarding Limited Access Authorization (LAA) to non-U.S. citizens?
a. LAAs shall only be granted access at the Secret and Confidential levels.
b. A favorably completed and adjudicated Tier 3 or National Agency Check with Local Agency Check (NACLC). investigation within the last five years is required.
c. An LAA is the same as a security clearance eligibility.
d. Access to classified information Is not limited to a specific program or project.
A

28. Which of the following is not considered when making a security clearance eligibility determination?
    a. Education Level
    b. Alcohol consumption
    c. Financial considerations
    d. Psychological Conditions
    A

A position designated as a DoD noncritical-sensitive civilian position may fall under any of the following criteria, EXCEPT:
a. A position not requiring eligibility for access to classified information, but having the potential to cause significant or serious damage to the national security.
b. A position requiring eligibility for access to Top Secret information.
c. A position requiring eligibility for access to confidential information.
d. A position requiring eligibility for access to secret information.
B

What information must a statement of reasons (SOR) include?
a. SOR must state why an unfavorable national security eligibility determination is being proposed.
b. SOR must explain each security concern and state the specific facts that trigger each security concern.
c. The SOR must identify applicable adjudicative guideline(s) for each concern, and provide the disqualifying conditions and mitigating conditions for each guideline.
d. All of the Above
D

Which type of briefing is used to obtain confirmation that a cleared employee agrees never to disclose classified information to an unauthorized person?
a. Special Briefings – Courier
b. Original Classification Authority (OCA) Briefing
c. Special Briefings – Non-Disclosure
d. Debriefing
C

___________is the security system performance goal of immediate indication of deliberate attempts, security probing and warning for inadvertent or mistaken intention
is an example of which system security capability?
a. Detect
b. Assessment
c. Deterrence
d. Delay
C

Two security professionals – Paul and Ashley – are discussing secure rooms, containers, and vaults. Paul says weapons or sensitive items such as funds, jewels, or precious metals should not be stored in the same security container as classified information. Ashley says the General Service Administration approves security containers used to store classified information. Who is correct?
a. Paul is correct
b. Ashley is correct
c. Paul and Ashley are both correct
d. Paul and Ashley are both incorrect
C

Which of the following is not a distinct phase of the Intrusion Detection System?
a. Detection
b. Control
c. Assessment
d. Response
B

Which of the following would be considered a public safety crime?
a. Theft of ammunition shipment for the purpose of criminal or gang related activity.
b. Theft of sensitive, proprietary information relating to US aerospace and defense technologies.
c. Deliberate destruction of DoD assets or interruption of normal operations.
d. Theft of an item and use of it outside of its intended purpose or without permission.
A

Which of the following best describes the goal of the Physical Security Program?
a. To ensure that industry safeguards the classified information in their possession, while performing work on contracts, bids, or research and development efforts on behalf of the government.
b. To protect assets against compromise resulting from activities such as espionage, sabotage, terrorism, damage or loss, and criminal.
c. To ensure that only loyal, trustworthy, and reliable individuals may access classified information or perform sensitive duties.
d. To create uniform policies and procedures for defense acquisition by all executive agencies.
B

Preventing unauthorized access to information
and equipment, safeguarding DoD assets against espionage and criminal activity, and providing the means to counter threats when preventative measures are ignored, best characterize the primary functions of which of the following programs or processes? a. Physical Security Program
b. Operations Security (OPSEC) process
c. Security incident response process
d. Personnel Security Program
A

The process of integrating active and passive complementary physical security measures to ensure the protection of DoD assets is known as which of the following concepts?
a. Area security
b. Threat-vulnerability assessment
c. Security-in-depth
d. Point security
C

The stealing of sensitive, proprietary information related to U.S. aerospace and defense technologies with the intent to provide such information to a foreign adversary is an example of which type of threat to DoD assets?
a. Criminal activity
b. Economic espionage
c. Treason
d. Terrorism
B

When a Terrorism Threat Level is escalated from LOW to MODERATE, a DoD Component Head should employ which of the following countermeasures?
a. Cease all flying except for specifically authorized operational sorties.
b. Direct the execution of advance site reviews to facilitate the antiterrorism planning process.
c. Encourage dependent family members to complete Level I Antiterrorism Awareness Training before any travel outside the continental United States (OCONUS).
d. Conduct an immediate Terrorism Vulnerability Assessment for off-installation housing, schools, daycare centers, transportation.
C

Requests for authorizing disclosure of classified information during visits must include all the following information, EXCEPT:
a. The explanation of the government purpose to perform when disclosing classified information.
b. The subject of the meeting, scope of classified topics and classification level
c. Expected time and location of the meeting.
d. The main content of the invitation to send to the participants.
C

Two security professionals – Paul and Ashley

• are discussing the security procedures for visits and meetings. Paul says visits must serve a specific U.S. Government purpose. Ashley says DoD Components should, as a minimum, establish procedures that include verification of the identity, personnel security clearance, access (if appropriate), and need-to-know for all visitors. Who is correct?
  a. Paul is correct
  b. Ashley is correct
  c. Paul and Ashley are both correct
  d. Paul and Ashley are both incorrect
  A

Executive Order 12829, signed in January 1993, mandated that which of the following entities be responsible for implementing and monitoring the National industrial Security Program (NISP)?
a. Director of the Information Security Oversight Office (ISOO)
b. Secretary of Defense
c. National Security Council (NSC)
d. Director, Defense Security Services (DSS)
A

What is the role of the government contracting activity (GCA), or cleared prime contractor, when a contractor that does not have a Facility Clearance (FCL) wants to bid on a Request
for Proposal (RFP) that requires access to classified information? a. The GCA must issue a formal letter rejecting the contractor’s bid since the contractor does not have the requisite FCL.
b. The contractor must submit a sponsorship request to DSS, who will decide whether to allow the contractor to bid on the contract.
c. The GCA must sponsor the contractor for a facility security clearance by submitting a sponsorship request to DSS, which initiates the facility clearance process.
d. The GCA must ensure that the all owners and senior management of the uncleared contractor are U.S. citizens and are eligible to be processed for a personnel security clearance.
C

What is the purpose of the Federal Acquisition Regulations (FAR)?
a. To codify and publish uniform policies and procedures for acquisition by all executive agencies.
b. To manage DoD funds and prioritize the development of vital research and technology.
c. To provide small businesses and minority owned companies an opportunity to compete in the government acquisition process.
d. To promote uniform standards and best practices of technology acquisition across U.S. industry.
A

What is the role of the security professional during the “Award Contract” step of the contracting process?
a. To ensure the appropriate classification level for the bid, and to define unique security requirements associated with the product.
b. To interface with the Cognizant Security Organization (CSO) to ensure oversight is performed and review results of and previous assessments on behalf of component.
c. To ensure that the contractor follows proper safeguarding and disposition guidance.
d. To review and define the specific security requirements with the contracting officer – specifically, block 13 of DD Form 254.
D

What is the purpose of DD Form 254?
a. To convey security classification guidance and to advise contractors on the handling procedures for classified material.
b. To document the formal agreement between the US government and a cleared contractor in which the contactor agrees to maintain a security program in compliance with the NISPOM and the government agrees to security guidance and program oversight.
c. To validate details regarding the foreign ownership, control or influence affecting that cleared contractor facility.
d. It replaces the actual contract document for any contract requiring access to classified information.
A

As part of Operations Security (OPSEC), a program coordinator should use which of the following tools to assess assets as part of the risk management process for critical information?
a. Critical Information List
b. Threat vulnerability matrix
c. Risk Rating Table
d. Security Classification Guide
A

What is the role of the Special Access Program Oversight Committee (SAPOC) during the maintenance phase
of the Special Access Program (SAP) lifecycle?
a. To ensure that the SAP has adequate Internal Review and Audit Compliance (IRAC) support, including accessed auditors at supporting offices, to meet program audit needs.
b. To review existing programs annually to determine whether to revalidate them as SAPs.
c. To provide oversight of SAP program and budget accomplishments.
d. To provide oversight of SAP audits and inspections.
B

Which of the following describes a Special Access Program (SAP) that is established to protect sensitive research, development, testing and evaluation, modification, and procurement activities?
a. Research and Technology SAP
b. Operations and Support SAP
c. Acquisition SAP
d. Intelligence SAP
C

Which type of briefing is used to identify security responsibilities, provide a basic understanding of DoD security policies, and explain the importance of protecting government assets?
a. Indoctrination Briefing
b. Original Classification Authority (OCA)
Briefing
c. Foreign Travel Briefing
d. Debriefing
A

Which type of briefing is used to reinforce the information provided during the initial security briefing and to keep cleared employees informed of appropriate changes in security regulations?
a. Annual Refresher Briefings
b. Indoctrination Briefings
c. Attestation Briefings
d. Courier Briefings
A

Which step of the Operations Security (OPSEC) process would be applied when conducting exercises, red teaming and analyzing operations?
a. Conduct a Risk Assessment
b. Apply OPSEC Countermeasures
c. Conduct a Threat Analysis
d. Conduct a Vulnerability Analysis
B

Which step of the Operations Security (OPSEC) process would be applied when identifying potential adversaries and the associated capabilities and intentions
to collect, analyze, and exploit critical information and indicators?
a. Conduct a Vulnerability Analysis
b. Conduct a Threat Analysis
c. Conduct a Risk Assessment
d. Apply OPSEC Countermeasures
B

Please determine which of the following is an element of an Operations Security (OPSEC) Assessment.
a. Small in scale and focused on evaluating the effectiveness of the OPSEC program.
b. Conducted on an annual basis.
c. Uses external resources collectively to conduct with or without the use of indigenous resources.
d. Determines the likelihood that critical information can be protected based on procedures that are currently in place.
C

To provide access to Social Media sites, the DoD agency must provide all of the following, EXCEPT:
a. Protection against malware and advance threats.
b. Blocked access to prohibited sites and content.
c. Individual compliance with Joint Ethics Regulations and guidelines.
d. Constant monitoring to deter inappropriate site access.
D

Who’s responsibility is it during the categorize steps to identify a potential impact (low, moderate, or high) due
to loss of confidentiality, integrity, and availability if a security breach occurs?**
a. Information System Owner (ISO)
b. Information Owner (IO)
c. Information System Security Manager (ISSM)
d. Authorizing Official (AO)
B

Please determine which of the following is an example of reportable foreign intelligence contacts, activities, indicators, and behaviors.
a. Authorizing others to acquire unauthorized access to classified or sensitive information systems.
b. Unauthorized downloads or uploads of sensitive data.
c. Network spillage incidents or information compromise.
d. Use of DoD account credentials by unauthorized parties.
A

Limiting nonsecure computer e-mail messages to nonmilitary activities and not providing operational information in nonsecure e-mail messages are functions of which OPSEC measure?
a. Operational and Logistic Measures
b. Technical Measures
c. Administrative Measures
d. Operations Security and Military Deception
B

Which of the following is NOT a category of Information Technology (IT)?**
a. Platform Information Technology (PIT)
b. Information Technology Services
c. Information Technology Products
d. Information Technology Applications
D

What step within the Risk Management Framework (RMF) does system categorization occur?**
a. Categorize Information System
b. Select Security Controls
c. Implement Security Controls
d. Assess Security Controls
e. Authorize
f. Monitor Security Controls
A

At what step of the Risk Management Framework (RMF) would you develop a
system-level continuous monitoring strategy?” **
a. Categorize Information System
b. Select Security Controls
c. Implement Security Controls
d. Assess Security Controls
e. Authorize
f. Monitor Security Controls
B

One responsibility of the Information System Security Manager (ISSM) during Step 6 of the Risk Management Framework (RMF) is:**
a. Review and approve the security plan and system-level continuous monitoring strategy developed and implemented by the DoD Components.
b. Monitor the system for security relevant events and configuration changes that affect the security posture negatively.
c. Determine and documents a risk level in the Security Assessment Report (SAR) for every non-compliant security control in the system baseline.
d. Coordinate the organization of the Information System (IS) and Platform Information Technology (PIT) systems with the Program Manager (PM)/System Manager (SM), Information System Owner (ISO), Information Owner (IO), mission owner(s), Action Officer (AO) or their designated representatives.
B

What family of controls does Security Functionality
Verification belong to?**
a. System and Communications Protection
b. Maintenance
c. System and Information Integrity
d. Audit and Accountability
C

What does “AO” stand for?
Authorizing Official

What is a SAR as related to cyber security?
System Assessment Report

What activities occur when authorizing the system? (select all that apply)
a. Implement decommissioning strategy
b. Develop, review, and approve Security Assessment Plan
c. Prepare the Plan of Action and Milestones (POA&M)
d. Submit security authorization package
C & D

What activities occur when assessing security controls? (Select all that apply)
A. prepare the plan of action and milestones (POA&M)
B. conduct final risk determination
C. Develop, plan, and approve Security Assessment Plan
D. Prepare Security Assessment Report
C & D

What activities occur when monitoring security controls? (Select all that apply)
A. Prepare the Plan of Action and Milestones (POA&M)
B. Develop, review, and approve Security Assessment Plan
C. Implement decommissioning strategy
D. Determine impact of changes
C & D

What are the cybersecurity attributes?
Select all that apply.
A Confidentiality
B Integrity
C Availability
D Authentication
E Non-repudiation
All of the above

Why do you need to be aware of cybersecurity?
A To uphold all elements of the National Industrial Security Program Operating Manual
B To appropriately manage risk by mitigating threats and vulnerabilities
C To examine your own actions and activities to uphold personal accountability
D To ensure all appropriate measures are taken to protect a place and ensure only people with permission enter and leave it
B

What are the cybersecurity drivers?
A NIST 800-30 Rev 1 Guide for Conducting Risk Assessments
B DoD 8530.01 Cybersecurity Activities Support to DoD Information Network Operations
C DoD 8510.01 Risk Management Framework
D DoD 8500.01
E DoD Security Policy
All of the above

Which skills do security personnel need?
A. Protect information systems.
B. Identify all cybersecurity concepts.
C. Identify fundamental cybersecurity concepts that are related to the protection of classified and controlled unclassified information.
D. Examine their role in protecting DoD’s information systems and the information they process, transmit, and store.
D

What is the primary responsibility of security personnel?
A Monitor, evaluate, and provide advice to the Secretary of Defense
B Protect classified information and controlled unclassified information
C Direct the operation of and assure the security of the global DoD network
D Coordinate all DoD network operations
B

What is security personnel’s primary skill in relationship to cybersecurity?
A Analyze duties
B Manage risk
C Execute training
D Respond to incidents
B

What are the components of the Risk Management System? (Select all that apply)
A Revision
B Analysis
C Evaluation
D Assessment
E Mitigation
C, D & E

What are the steps in the Risk Management Framework (RMF)? (Select all that apply)
A Monitor Security Controls
B Categorize System
C Authorize System
D Assess Security Controls
E Select Security Controls
F Implement Security Controls
All of the above

What threat environments should you consider? (Select all that apply)
A Adversarial
B Environmental
C Structural
D Accidental
All of the above

What should you look for when assessing vulnerabilities? (Select all that apply)
A Residual risk
B Ease
C Likelihood
D Related threats
D Rewards
All of the above

Which steps of the RMF are designed to mitigate risk? (Select all that apply)
A Assess Security Controls
B Monitor Security Controls
C Select Security Controls
D Authorize System
E Implement Security Controls
F Categorize System
C & E

Which of the following are the activities that occur when performing RMF Step 2, Select Security Controls? (Select all that apply)
A Common Control Identification
B Monitoring Strategy
C Security Baseline and Overlay Selection
D Security Plan and Review Approval
All of the above

What activities occur during implementation of security controls? (Select all that apply)
A Communicate updates to appropriate audiences
B Seek approvals from CIO
C Create appropriate training and communication plans
D Ensure consistency with DoD architectures
E Document security control implementation in the security plan
F Identify security controls available for inheritance
D, E & F

Which steps of the RMF are designed to evaluate risk? (Select all that apply)
A Select Security Controls
B Assess Security Controls
C Monitor Security Controls
D Authorize System
E Categorize System
F Implement Security Controls
B, C & D

What activities occur when assessing security controls? (Select all that apply)
A Prepare the Plan of Action and Milestones (POA&M)
B Conduct final risk determination
C Develop, plan, and approve Security Assessment Plan
D Prepare Security Assessment Report (SAR)
C & D

Select ALL of the correct responses. What activities occur during implementation of security
controls?
A Ensure consistency with DoD architectures
B Document security control implementation in the security plan
C Seek approvals from CIO
D Identify security controls available for inheritance
E Communicate updates to appropriate audiences
F Create appropriate training and communication plans
A, B & D

Which role leads the day-to-day defense?
A Authorizing Official (AO)
B US Cyber Command (USCYBERCOM)
C Security personnel
D DoD Chief Information Officer (CIO)
B

The cybersecurity attributes are confidentiality, integrity, availability, authentication, and:
A Validity
B Non-repudiation
C Architecture
D Stability
B

True or false? Cybersecurity is important so that risk is eliminated.
True
False
False

Select ALL of the correct responses. What are the Risk Management Framework (RMF) steps
designed to mitigate risk?
A Categorize System
B Select Security Controls
C Implement Security Controls
D Assess Security Controls
B & C

What activities occur in Step 4 of the Risk Management Framework (RMF), Assess Security
Controls?
A Develop, plan, and approve Security Assessment Plan
B Prepare the Security Assessment Report (SAR)
C Conduct remediation actions on non-compliant security controls
D All of the above
D

Select ALL of the correct responses. What are all cybersecurity attributes susceptible to?
A Vulnerabilities
B Threats
C Disclosure
D Authorization
A & B

Select ALL of the correct responses. Which of the following are cybersecurity skill standards needed
by security personnel?
A Identify and manage all cybersecurity concepts
B Explain their role in protecting DoD’s information systems
C Identify fundamental cybersecurity concepts that are related to the protection of classified and
controlled unclassified information
D Conduct assessment and evaluation of all IT systems
B & C

Which steps of the Risk Management Framework (RMF) are designed to evaluate risk?
A. Assess Security Controls, Monitor Security Controls, Categorize System
B. Assess Security Controls, Implement Security Controls, Authorize System
C. Implement Security Controls, Monitor Security Controls, Authorize System
D. Assess Security Controls, Monitor Security Controls, Authorize System
D

In which step of the Risk Management Framework (RMF) would you implement the
decommissioning strategy?
A. Step 3 – Implement security controls
B. Step 4 – Assess security controls
C. Step 5 – Authorize system
D. Step 6 – Monitor security controls
D

What evolving threats are attempts by hackers to damage or destroy a computer network or system?
A. Insider Threat
B. Social Media
C. Cyber Attack
D. Mobile Computing
C

What is the first step in the Risk Management Framework (RMF)?
A. Categorize System
B. Authorize System
C. Implement Security Controls
D. Select Security Controls
E. Assess Security Controls
F. Monitor Security Controls
A

Select ALL of the correct responses. What is included in the security authorization package?
A Security Assessment Report (SAR)
B Plan of Action and Milestones (POA&M)
C Security Plan
D None of the above
A, B & C