Download SPēD SFPC: All Areas Exam Test Bank 2025-2026. Questions & Correct Answers. Graded A and more Exams Information Security and Markup Languages in PDF only on Docsity!
SPēD SFPC: All Areas Exam Test Bank
2025-2026. Questions & Correct
Answers. Graded A
32 CFR Parts 2001 & 2003, "Classified National Security Information; Final Rule" – ANS The Information Security Oversight Office (ISOO) document that governs the DoD Information Security Program Acceptance – ANS PSIs are used to determine the eligibility of an individual for ___________ or retention to the armed forces. Access – ANS PSIs are used to determine the eligibility of an individual for ___________ to classified information. Acknowledged - ANSThis protection level describes a SAP whose existence may be openly recognized. Its purpose may be identified. However, the details of the program (including its technologies, materials, and techniques) are classified as dictated by their vulnerability to exploitation and the risk of compromise. The funding is generally unclassified. Actual compromise - ANSAn unauthorized disclosure of classified information
Administrative Judge - ANSDuring due process, military and civilian personnel may request an in-person appearance before this individual. ANACI - ANSInitial investigation for civilians: · Noncritical-Sensitive positions · Confidential and Secret clearance eligibility · IT-II duties Antiterrorism Officer - ANSThis person is responsible for the installation's antiterrorism program Area Security - ANSSecurity is geared towards protecting an entire area of the installation or facility asset, threat, vulnerability, risk, countermeasures - ANSElements that a security professional should consider when assessing and managing risks to DoD assets Assignment - ANSPSIs are used to determine the eligibility of an individual for ___________ or retention to sensitive duties. Authorization, Appropriations, and Intelligence Congressional - ANSCongressional committees granted SAP access Automated access control systems - ANSThis system allows one to be identified by their eye, handprint, or fingerprint
Compilation - ANSThis is defined as unclassified information or classified information (at a lower level) that when the information is combined or associated reveals additional factors that qualifies for classification. Component-level SAP Central Offices - ANSExist for each military component, the Joint Chiefs of Staff, Defense Advanced Research Projects Agency (DARPA), and Missile Defense Agency (MDA) COMSEC - ANSThe protection resulting from the measures designed to deny unauthorized persons information of value that might be derived from the possession and study of telecommunications and to ensure the authenticity of such communications. Confidential - ANSUnauthorized disclosure of this information could reasonably be expected to cause damage to our national security. Construction requirements for vault doors - ANS1. Constructed of metal
- Hung on non-removable hinge pins or with interlocking leaves.
- Equipped with a GSA-approved combination lock.
- Emergency egress hardware (deadbolt or metal bar extending across width of door). Continuous Evaluation - ANSThis is used to monitor employees for new information or changes that could affect their status.
Contracting Officer - ANSA government employee with the authority to enter into, administer, and/or terminate contracts and make related determinations and findings Controlling access - ANSThe establishment of a restricted area improves security by ______________ and providing additional layers of security. COTR - ANSThis government employee is a subject matter expert who has regular contact with the contractor Critical Program Information in DoD - ANS1. U.S. capability elements that contribute to the warfighter's advantage throughout the life cycle, which if compromised or subject to unauthorized disclosure, decrease the advantage.
- Elements or components of a Research, Development, and Acquisition (RDA) program that, if compromised, could cause significant degradation in mission effectiveness; shorten the expected combat-effective life of the system; reduce technological advantage; significantly alter program direction; or enable an adversary to defeat, counter, copy, or reverse engineer the technology or capability. Includes information about applications, capabilities, processes and end-items. Includes elements or components critical to a military system or network mission effectiveness. Includes technology that would reduce the U.S. technological advantage if it came under foreign control.
Derivative Classification - ANSThis is defined as the incorporating, paraphrasing, restating, or generating in new form any information that is already classified. Designation of Sensitive Duties - ANSDuties that have a great impact on National Security DISA, Joint Interoperability Test Command (JITC) - ANSThis organization maintains a register of certified security digital facsimiles Document destruction - ANSMust be burned, shredded, or chemically decomposed of DoD 5200.08-R - ANSPhysical Security Program regulation DoD 5200.2-R - ANSImplements and maintains the DoD personnel security policies and procedures DoD CAF responsibilities - ANS1. Making adjudicative decisions
- The DoD CAF is a repository for investigative records
- Initiating special investigations
- The DoD CAF adjudicate by applying the whole person concept DoD Instruction 5200.08, Security of DoD Installations and Resources and the DoD Physical Security Review Board (PSRB) - ANSThis document authorizes commanders to issue regulations for the protection or security of property and places under their command. This document also establishes
guidelines to build consistent minimum standards for protecting DoD installations and resources. DoD Manual 5200.01, Volumes 1-4 - ANSThe manual that governs the DoD Information Security Program DoD position sensitivity types and their investigative requirements. - ANS1. Critical Sensitive
- Non-Critical Sensitive
- Non-Sensitive DoD Special Access Central Office (SAPCO) - ANSDoD SAP legislative liaison that notifies Congress of SAP approval DOHA - ANSAdministers due process for contractor personnel. e-QIP - ANSThe system Mr. Smith needs to access when he needs to update his personal information on his Personnel Security Questionnaire for his re-investigation E.O. 12968 - ANSThe Executive Order (E.O.) that establishes a uniform Personnel Security Program E.O. 13526 - ANSThe executive order that governs the DoD Information Security Program Effective Protective Barriers - ANS1. Steel barriers
years;
- Individual must materially contribute to the program in addition to having the need to know;
- All individuals with access to SAP are subject to a random counterintelligence scope polygraph examination;
- Polygraph examination, if approved by the DepSecDef, may be used as a mandatory access determination;
- Tier review process;
- Personnel must have a Secret or Top Secret clearance;
- SF-86 must be current within one year;
- Limited Access;
- Waivers required for foreign cohabitants, spouses, and immediate family members. Within Industrial Security: The SecDef or DepSecDef can approve a carve-out provision to relieve Defense Security Service of industrial security oversight responsibilities. Within Physical Security:
- Access Control;
- Maintain a SAP Facility;
- Access Roster;
- All SAPs must have an unclassified nickname/ Codeword (optional). Within Information Security:
- The use of HVSACO;
- Transmission requirements (order of precedence).
Factors for determining whether U.S. companies are under Foreign Ownership, Control or Influence (FOCI) - ANS1. Record of economic and government espionage against the U.S. targets
- Record of enforcement/engagement in unauthorized technology transfer
- Type and sensitivity of the information that shall be accessed
- The source, nature and extent of FOCI
- Record of compliance with pertinent U.S. laws, regulations and contracts
- Nature of bilateral & multilateral security & information exchange agreements
- Ownership or control, in whole or part, by a foreign government False - ANSTrue or False: Anyone can determine the need for hand carrying classified information False - ANSTrue or False: Standby lighting is used when regular lighting is not available False - ANSTrue or False: The DoD CAF is the only authority who can grant an interim clearance. False. Threats and vulnerabilities are related but distinct. Threats to national security exploit vulnerabilities. - ANSTrue or False: There is no difference between a threat and a vulnerability.
for secure and reliable forms of identification for Federal employees and contractors. Indicators of insider threats - ANS1. Failure to report overseas travel or contact with foreign nationals
- Seeking to gain higher clearance or expand access outside the job scope
- Engaging in classified conversations without a need to know
- Working hours inconsistent with job assignment or insistence on working in private
- Exploitable behavior traits
- Repeated security violations
- Attempting to enter areas not granted access to
- Unexplainable affluence/living above one's means
- Anomalies (adversary taking actions which indicate they are knowledgeable to information)
- Illegal downloads of information/files
Industrial - ANSMuch of U.S. classified information originates within this environment Initial Orientation Briefing - ANSThe initial briefing given to all personnel on the DoD Information Security Program Insert the envelope into the outer envelope - ANSWhen the document has been sealed within a properly marked inner envelope you must... Installation - ANSA contractor must adhere to the security rules of the __________ commander when working at a government installation Intrusion Detection Systems - ANSThis device sends a signal through wires when it has been triggered Investigative requirement for a Critical- Sensitive position - ANSSSBI, SSBI-PR, or PPR Investigative requirement for a Non-Critical Sensitive position - ANSANACI or NACLC Investigative requirement for a Non-Sensitive position - ANSNACI JAMS - ANSThis sub-system (used by adjudicators) and JCAVS make up the JPAS system
Microfiche destruction - ANSBurned or shredded to be destroyed. It can also be destroyed with chemicals that destroy the imprints. Moderate terrorist threat level - ANSThe terrorist threat level indicating terrorists are present but there are no indications of anti-U.S. activity. The operating environment favors the host nation or the U.S. NAC - ANSThe fingerprint check portion of a PSI NACI - ANSNational Agency Check with Inquiries for civilians and contractors: · Non-Sensitive positions · Low Risk · HSPD-12 Credentialing NACLC - ANSInitial National Agency Check with Law and Credit for military and contractors: · Secret or Confidential clearance eligibility · All military accessions and appointments · IT-II duties · IT-III duties (military only) Neither confirm nor deny - ANSIf classified information appears in the public media, DoD personnel must be careful not to make any statement of comment that would confirm the accuracy or verify the classified status of the information
NISP - ANSThe program that covers protection of classified information by government contractors OPSEC Officer - ANSThis person analyzes threats to assets and their vulnerabilities Options an OCA has when determining declassification - ANSSpecific Date, Specific Event, or by the 50X1-HUM Exemption Original Classification - ANSThis is defined as an initial determination that information requires, in the interest of national security, protection against unauthorized disclosure. Original Classification Authority - ANSThe term used to identify individuals specifically authorized in writing to make initial classification decisions. Original Classification Process - ANSThe six step process an OCA applies in making classification determinations OSD-level SAP Central Offices - ANSExercise oversight authority for the specific SAP category under their purview. Personnel Security Investigation - ANSThe first phase of the security clearance process
- National Disclosure Policy-
- International Traffic in Arms Regulation (ITAR)
- E.O.s 12829, 13526
- Bilateral Security Agreements
- DoD 5220.22-M, "NISPOM," Principle incident/ events required to be reported to DoD counterintelligence (CI) organizations - ANSespionage, sabotage, terrorism, cyber Protection Level - ANSThis communicates how the SAP is acknowledged and protected. PSAB/Appeal Board - ANSThis board makes the final appeal determination for all personnel Purpose of protective barriers - ANS1. Establishing boundaries
- Protecting the facility
- Stopping observation Refresher Briefing - ANSThis briefing is presented annually to personnel who have access to classified information or assignment to sensitive duties. Reinvestigation - ANSThis is part of the Continuous Evaluation Program (CEP). It is done at certain intervals based on duties or access.
Responsibilities of the Government SAP Security Officer/Contractor Program Security Officer (GSSO/ CPSO) - ANSFrom Revision 1 Department of Defense Overprint to the National Industrial Security Program Operating Manual Supplement - 1 April 2004:
- Possess a personnel clearance and Program access at least equal to the highest level of Program classified information involved.
- Provide security administration and management for his/her organization.
- Ensure personnel processed for access to a SAP meet the prerequisite personnel clearance and/or investigative requirements specified.
- Ensure adequate secure storage and work spaces.
- Ensure strict adherence to the provisions of the NISPOM, its supplement, and the Overprint.
- When required, establish and oversee a classified material control program for each SAP.
- When required, conduct an annual inventory of accountable classified material.
- When required, establish a SAPF.
- Establish and oversee a visitor control program.
- Monitor reproduction and/or duplication and destruction capability of SAP information
- Ensure adherence to special communications capabilities within the SAPF.
- Provide for initial Program indoctrination of employees after their
