Casey Neville
Quiz by , created more than 1 year ago

SFPC SPeD Practice Quiz

4488
9
0
Casey Neville
Created by Casey Neville about 2 years ago
Close

SFPC (Possible Test Questions)

Question 1 of 55

1

Two security professionals – Jo and Chris – are discussing the contracting process.

Jo says that the Federal Acquisition Regulation governs the process the federal government uses to acquire or purchase goods and services.

Chris says that although the Federal Acquisition Regulation’s intent is to provide uniform and government-wide policies and procedures for acquisition, the Department of Defense has issued a supplemental acquisition regulation called the DFAR.

Who is correct?

Select one of the following:

  • Jo is correct.

  • Chris is correct.

  • Jo and Chris are both correct.

  • Jo and Chris are both incorrect.

Explanation

Question 2 of 55

1

Two security professionals – Jo and Chris – are discussing the Federal Acquisition Regulation (FAR).

Jo says that, to be awarded a contract, a bidder needs to show that his or her organization it meets the FAR provisions of that contract.

Chris says that a bidder can be awarded a contract with FAR provisions if his or her organization can demonstrate that it will be able to comply with those provisions at the time of the contract award.

Who is correct?

Select one of the following:

  • Jo is correct.

  • Chris is correct.

  • Jo and Chris are both correct.

  • Jo and Chris are both incorrect.

Explanation

Question 3 of 55

1

Working papers need to be finalized or destroyed after how many days?

Select one of the following:

  • 180 Days

  • 90 Days

  • 30 Days

  • 7 Days

Explanation

Question 4 of 55

1

FOUO becomes legacy it turns into?

Select one of the following:

  • CUI

  • UNCLASSIFIED

  • CIA

  • FBI

Explanation

Question 5 of 55

1

Banner Line Markings start with what first?

Select one of the following:

  • CLASSIFICATION

  • DATE

  • ORIGINATORS NAME

  • ORGANIZATIONS NAME

Explanation

Question 6 of 55

1

Definition of BIOMETRIC:
"Measurable Physical characteristics or personal behavior traits used to recognize the identity, or verify the claimed identity. Fingerprints, Iris, handwriting, voice recognition."

Select one of the following:

  • True

  • False

Explanation

Question 7 of 55

1

Contractors are automatically authorized to do work at the level of the DD254.

Select one of the following:

  • True

  • False

Explanation

Question 8 of 55

1

What are the 3 SAP categories?

Select one or more of the following:

  • Aquisition

  • Intelligence

  • Operations and Support

  • Acknowledged

Explanation

Question 9 of 55

1

Couring information within a hotel room is allowed as long as it’s locked in a safe and the courier is in the room.

Select one of the following:

  • True

  • False

Explanation

Question 10 of 55

1

CNWDI, RD and FRD are categories which fall under which department?

Select one of the following:

  • Dept. Of Energy (DOE)

  • Dept. Of Defense (DoD)

  • CIA

  • FBI

Explanation

Question 11 of 55

1

What is a Security Violation?

Select one of the following:

  • An event that results in or could be expected to result in the loss or compromise of classified information

  • This event cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information.

Explanation

Question 12 of 55

1

What is a Security Infraction?

Select one of the following:

  • This event cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information.

  • An event that results in or could be expected to result in the loss or compromise of classified information

Explanation

Question 13 of 55

1

What is the form number for a Top Secret coversheet?

Select one of the following:

  • 703

  • 704

  • 705

  • 702

Explanation

Question 14 of 55

1

What is the form number for a Secret coversheet?

Select one of the following:

  • 703

  • 704

  • 705

  • 701

Explanation

Question 15 of 55

1

What is the form number for a Confidential coversheet?

Select one of the following:

  • 703

  • 704

  • 705

  • 706

Explanation

Question 16 of 55

1

If someone accidentally gave a foreign entity access to classified information, which guideline would it fall under?

Select one of the following:

  • Use of Information Technology Systems

  • Use of Information DoD Systems

  • Use of Classified Systems

  • Use of Unclassified Systems

Explanation

Question 17 of 55

1

SCATTERED CASTLES:
"Intelligence Community (IC) Personnel Security Database that verifies personnel security access and visit certifications."

Select one of the following:

  • True

  • False

Explanation

Question 18 of 55

1

What is the RMF six-step process?

Select one or more of the following:

  • Categorize Information Systems

  • Select Security Controls

  • Implement Security Controls

  • Assess Security Controls

  • Authorize Information System

  • Monitor Security Controls

  • Accountability Measures

  • Implement Cyber Controls

  • Risk Assessment

Explanation

Question 19 of 55

1

Vault doors have non-removable hinge pins.

Select one of the following:

  • True

  • False

Explanation

Question 20 of 55

1

What is the highest classification a contractor can courier overseas?

Select one of the following:

  • Unclassified

  • Secret

  • Confidential

  • Top Secret

Explanation

Question 21 of 55

1

Access for a retired flag/general officer?

Select one of the following:

  • 3 Months

  • 3 Years

  • 6 Months

  • 6 Years

Explanation

Question 22 of 55

1

Industrial is NOT SAP is not a category

Select one of the following:

  • True

  • False

Explanation

Question 23 of 55

1

Who controls the list of approved shredders?

Select one of the following:

  • NSA

  • GSA

  • BSA

  • AA

Explanation

Question 24 of 55

1

What are the threat levels?

Select one or more of the following:

  • Low

  • Moderate

  • Significant

  • High

  • (D) Delta

  • (C) Charlie

  • (B) Bravo

  • (A) Alpha

  • (N) Normal

Explanation

Question 25 of 55

1

What are the levels for FPCON?

Select one or more of the following:

  • Low

  • Moderate

  • Significant

  • High

  • (N) Normal

  • (A) Alpha

  • (B) Bravo

  • (C) Charlie

  • (D) Delta

Explanation

Question 26 of 55

1

Key word for (N) Normal FPCON?

Select one of the following:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE

  • LIKELY

  • IMMINENT

Explanation

Question 27 of 55

1

Key word for (A) FPCON?

Select one of the following:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Explanation

Question 28 of 55

1

Key word for (B) Normal FPCON?

Select one of the following:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Explanation

Question 29 of 55

1

Key word for (C) Normal FPCON?

Select one of the following:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Explanation

Question 30 of 55

1

Key word for (D) Normal FPCON?

Select one of the following:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Explanation

Question 31 of 55

1

What are the 5 OPSEC steps?

Select one or more of the following:

  • Identify Critical Information

  • Analyze Threats

  • Analyze Vulnerabilities

  • Assess Risks

  • Apply Countermeasures

  • Assess Vulnerabilities

  • Counter Risks

Explanation

Question 32 of 55

1

What is the purpose of marking classified materials?

Select one of the following:

  • To alert holders to the presence of classified information, how to properly protect it, and for how long.

  • To deter foreign adversaries from committing actions aimed at accessing such information.

  • To provide guidance for interpretation and analysis of classified information.

  • To alert holders to the methods used to collect classified information.

Explanation

Question 33 of 55

1

What is included in the markings of classified information?

Select one of the following:

  • Derivative classifier as the authority to make declassification determinations.

  • Agencies and authorities that have previously accessed the classified information.

  • Document holder as the sole authority to make transfer and dissemination determinations.

  • Sources and reasons for the classification.

Explanation

Question 34 of 55

1

When a classified data spill occurs, who is responsible for ensuring that policy requirements for addressing an unauthorized disclosure are met?

Select one of the following:

  • Activity Security Manager

  • Information Assurance Staff

  • Information Assurance Manager

  • Information Assurance Officer

Explanation

Question 35 of 55

1

The inability to deny you are the sender of an email would be an indication of a lapse in:

Select one of the following:

  • Non-Repudiation

  • Confidentiality

  • Integrity

  • Availability

Explanation

Question 36 of 55

1

Which of the following is the first action done to downgrade, declassify or remove classification markings?

Select one of the following:

  • Through the appropriate chain of command, contact the original classification authority (OCA) to confirm that information does not have an extended classification period.

  • Change the classification authority block to indicate “Declassify ON:” to show the new declassification instructions.

  • Take all classification markings off the document and redistribute.

  • Request a waiver from the Information Security Oversight. Office (ISOO) to remove the declassification markings.

Explanation

Question 37 of 55

1

What is the purpose of the Personnel Security Program (PSP)?

Select one of the following:

  • To define original classification for DoD assets and information.

  • To designate individuals for positions requiring access to classified information.

  • To ensure that only loyal, trustworthy, and reliable individuals may access classified information or perform sensitive duties.

  • To describe the safeguarding requirements personnel must employ when handling classified materials at a cleared contractor facility.

Explanation

Question 38 of 55

1

Which of the following is considered an element of the Personnel Security Program (PSP)?

Select one of the following:

  • Risk Assessment and Analysis

  • Implementation

  • Classification

  • Continuous Evaluation

Explanation

Question 39 of 55

1

Which of the following is not qualifying criteria for personnel assigned to nuclear weapons personnel reliability assurance positions?

Select one of the following:

  • Individual must be a U.S. Citizen

  • Individual has a security clearance eligibility in accordance with the position

  • Individual is subject to a periodic reinvestigation every three years

  • Individual must be continuous evaluated

Explanation

Question 40 of 55

1

Copies of personnel security investigative reports must be destroyed by DoD recipient organizations, within how many days following completion of the necessary personnel security determination?

Select one of the following:

  • 30 Days

  • 45 Days

  • 60 Days

  • 90 Days

Explanation

Question 41 of 55

1

Which of the following limitations is true regarding Limited Access Authorization (LAA) to non-U.S. citizens?

Select one of the following:

  • LAAs shall only be granted access at the Secret and Confidential levels.

  • A favorably completed and adjudicated Tier 3 or National Agency Check with Local Agency Check (NACLC).

  • An LAA is the same as a security clearance eligibility.

  • Access to classified information Is not limited to a specific program or project.

Explanation

Question 42 of 55

1

___________ is the security system performance goal of immediate indication of deliberate attempts, security probing and warning for inadvertent or mistaken intention is an example of which system security capability?

Select one of the following:

  • Deterrence

  • Detect

  • Delay

  • Distract

Explanation

Question 43 of 55

1

Which of the following would be considered a public safety crime?

Select one of the following:

  • Theft of ammunition shipment for the purpose of criminal or gang related activity.

  • Theft of sensitive, proprietary information relating to US aerospace and defense technologies.

  • Deliberate destruction of DoD assets or interruption of normal operations.

  • Theft of an item and use of it outside of its intended purpose or without permission.

Explanation

Question 44 of 55

1

Two security professionals – Paul and Ashley – are discussing the security procedures for visits and meetings.

Paul says visits must serve a specific U.S. Government purpose.

Ashley says DoD Components should, as a minimum, establish procedures that include verification of the identity, personnel security clearance, access (if appropriate), and need-to-know for all visitors.
Who is correct?

Select one of the following:

  • Paul is correct.

  • Ashley is correct.

  • Paul and Ashley are both correct.

  • Paul and Ashley are both incorrect.

Explanation

Question 45 of 55

1

Executive Order 12829, signed in January 1993, mandated that which of the following entities be responsible for implementing and monitoring the National industrial Security Program (NISP)?

Select one of the following:

  • Director of the Information Security Oversight Office (ISOO)

  • Secretary of Defense

  • National Security Council (NSC)

  • Director, Defense Security Services (DSS)

Explanation

Question 46 of 55

1

Which of the following describes a Special Access Program (SAP) that is established to protect sensitive research, development, testing and evaluation, modification, and procurement activities?

Select one of the following:

  • Research and Technology SAP

  • Operations and Support SAP

  • Acquisition SAP

  • Intelligence SAP

Explanation

Question 47 of 55

1

Which type of briefing is used to identify security responsibilities, provide a basic understanding of DoD security policies, and explain the importance of protecting government assets?

Select one of the following:

  • Indoctrination Briefing

  • Original Classification Authority (OCA) Briefing

  • Foreign Travel Briefing

  • Debriefing

Explanation

Question 48 of 55

1

Which type of briefing is used to reinforce the information provided during the initial security briefing and to keep cleared employees informed of appropriate changes in security regulations?

Select one of the following:

  • Annual Refresher Briefings

  • Indoctrination Briefings

  • Attestation Briefings

  • Courier Briefings

Explanation

Question 49 of 55

1

Which step of the Operations Security (OPSEC) process would be applied when conducting exercises, red teaming and analyzing operations?

Select one of the following:

  • Conduct a Risk Assessment

  • Apply OPSEC Countermeasures

  • Conduct a Threat Analysis

  • Conduct a Vulnerability Analysis

Explanation

Question 50 of 55

1

Which step of the Operations Security (OPSEC) process would be applied when identifying potential adversaries and the associated capabilities and intentions to collect, analyze, and exploit critical information and indicators?

Select one of the following:

  • Conduct a Vulnerability Analysis

  • Conduct a Threat Analysis

  • Conduct a Risk Assessment

  • Apply OPSEC Countermeasures

Explanation

Question 51 of 55

1

Who’s responsibility is it during the categorize steps to identify a potential impact (low, moderate, or high) due to loss of confidentiality, integrity, and availability if a security breach occurs?

Select one of the following:

  • Information System Owner (ISO)

  • Information Owner (IO)

  • Information System Security Manager (ISSM)

  • Authorizing Official (AO)

Explanation

Question 52 of 55

1

Which of the following is NOT a category of Information Technology (IT)?

Select one of the following:

  • Platform Information Technology (PIT)

  • Information Technology Services

  • Information Technology Products

  • Information Technology Applications

Explanation

Question 53 of 55

1

What step within the Risk Management Framework (RMF) does system categorization occur?

Select one of the following:

  • Categorize Information System

  • Select Security Controls

  • Implement Security Controls

  • Assess Security Controls

  • Authorize

  • Monitor Security Controls

Explanation

Question 54 of 55

1

At what step of the Risk Management Framework (RMF) would you develop a system-level continuous monitoring strategy?

Select one of the following:

  • Categorize Information System

  • Select Security Controls

  • Implement Security Controls

  • Assess Security Controls

  • Authorize

  • Monitor Security Controls

Explanation

Question 55 of 55

1

One responsibility of the Information System Security Manager (ISSM) during Step 6 of the Risk Management Framework (RMF) is:

Select one of the following:

  • Review and approve the security plan and system-level continuous monitoring strategy developed and implemented by the DoD Components.

  • Monitor the system for security relevant events and
    configuration changes that affect the security posture
    negatively.

  • Determine and documents a risk level in the Security Assessment Report (SAR) for every non-compliant security control in the system baseline.

  • Coordinate the organization of the Information System (IS) and Platform Information Technology (PIT) systems with the Program Manager (PM)/System Manager (SM), Information System Owner (ISO), Information Owner (IO), mission owner(s), Action Officer (AO) or their designated representatives.

Explanation

Previous
Check answer
Next