Casey Neville
Quiz von , erstellt am more than 1 year ago

SFPC SPeD Practice Quiz

5897
11
0
Casey Neville
Erstellt von Casey Neville vor mehr als 2 Jahre
Schließen

SFPC (Possible Test Questions)

Frage 1 von 55

1

Two security professionals – Jo and Chris – are discussing the contracting process.

Jo says that the Federal Acquisition Regulation governs the process the federal government uses to acquire or purchase goods and services.

Chris says that although the Federal Acquisition Regulation’s intent is to provide uniform and government-wide policies and procedures for acquisition, the Department of Defense has issued a supplemental acquisition regulation called the DFAR.

Who is correct?

Wähle eine der folgenden:

  • Jo is correct.

  • Chris is correct.

  • Jo and Chris are both correct.

  • Jo and Chris are both incorrect.

Erklärung

Frage 2 von 55

1

Two security professionals – Jo and Chris – are discussing the Federal Acquisition Regulation (FAR).

Jo says that, to be awarded a contract, a bidder needs to show that his or her organization it meets the FAR provisions of that contract.

Chris says that a bidder can be awarded a contract with FAR provisions if his or her organization can demonstrate that it will be able to comply with those provisions at the time of the contract award.

Who is correct?

Wähle eine der folgenden:

  • Jo is correct.

  • Chris is correct.

  • Jo and Chris are both correct.

  • Jo and Chris are both incorrect.

Erklärung

Frage 3 von 55

1

Working papers need to be finalized or destroyed after how many days?

Wähle eine der folgenden:

  • 180 Days

  • 90 Days

  • 30 Days

  • 7 Days

Erklärung

Frage 4 von 55

1

FOUO becomes legacy it turns into?

Wähle eine der folgenden:

  • CUI

  • UNCLASSIFIED

  • CIA

  • FBI

Erklärung

Frage 5 von 55

1

Banner Line Markings start with what first?

Wähle eine der folgenden:

  • CLASSIFICATION

  • DATE

  • ORIGINATORS NAME

  • ORGANIZATIONS NAME

Erklärung

Frage 6 von 55

1

Definition of BIOMETRIC:
"Measurable Physical characteristics or personal behavior traits used to recognize the identity, or verify the claimed identity. Fingerprints, Iris, handwriting, voice recognition."

Wähle eine der folgenden:

  • True

  • False

Erklärung

Frage 7 von 55

1

Contractors are automatically authorized to do work at the level of the DD254.

Wähle eine der folgenden:

  • True

  • False

Erklärung

Frage 8 von 55

1

What are the 3 SAP categories?

Wähle eine oder mehr der folgenden:

  • Aquisition

  • Intelligence

  • Operations and Support

  • Acknowledged

Erklärung

Frage 9 von 55

1

Couring information within a hotel room is allowed as long as it’s locked in a safe and the courier is in the room.

Wähle eine der folgenden:

  • True

  • False

Erklärung

Frage 10 von 55

1

CNWDI, RD and FRD are categories which fall under which department?

Wähle eine der folgenden:

  • Dept. Of Energy (DOE)

  • Dept. Of Defense (DoD)

  • CIA

  • FBI

Erklärung

Frage 11 von 55

1

What is a Security Violation?

Wähle eine der folgenden:

  • An event that results in or could be expected to result in the loss or compromise of classified information

  • This event cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information.

Erklärung

Frage 12 von 55

1

What is a Security Infraction?

Wähle eine der folgenden:

  • This event cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information.

  • An event that results in or could be expected to result in the loss or compromise of classified information

Erklärung

Frage 13 von 55

1

What is the form number for a Top Secret coversheet?

Wähle eine der folgenden:

  • 703

  • 704

  • 705

  • 702

Erklärung

Frage 14 von 55

1

What is the form number for a Secret coversheet?

Wähle eine der folgenden:

  • 703

  • 704

  • 705

  • 701

Erklärung

Frage 15 von 55

1

What is the form number for a Confidential coversheet?

Wähle eine der folgenden:

  • 703

  • 704

  • 705

  • 706

Erklärung

Frage 16 von 55

1

If someone accidentally gave a foreign entity access to classified information, which guideline would it fall under?

Wähle eine der folgenden:

  • Use of Information Technology Systems

  • Use of Information DoD Systems

  • Use of Classified Systems

  • Use of Unclassified Systems

Erklärung

Frage 17 von 55

1

SCATTERED CASTLES:
"Intelligence Community (IC) Personnel Security Database that verifies personnel security access and visit certifications."

Wähle eine der folgenden:

  • True

  • False

Erklärung

Frage 18 von 55

1

What is the RMF six-step process?

Wähle eine oder mehr der folgenden:

  • Categorize Information Systems

  • Select Security Controls

  • Implement Security Controls

  • Assess Security Controls

  • Authorize Information System

  • Monitor Security Controls

  • Accountability Measures

  • Implement Cyber Controls

  • Risk Assessment

Erklärung

Frage 19 von 55

1

Vault doors have non-removable hinge pins.

Wähle eine der folgenden:

  • True

  • False

Erklärung

Frage 20 von 55

1

What is the highest classification a contractor can courier overseas?

Wähle eine der folgenden:

  • Unclassified

  • Secret

  • Confidential

  • Top Secret

Erklärung

Frage 21 von 55

1

Access for a retired flag/general officer?

Wähle eine der folgenden:

  • 3 Months

  • 3 Years

  • 6 Months

  • 6 Years

Erklärung

Frage 22 von 55

1

Industrial is NOT SAP is not a category

Wähle eine der folgenden:

  • True

  • False

Erklärung

Frage 23 von 55

1

Who controls the list of approved shredders?

Wähle eine der folgenden:

  • NSA

  • GSA

  • BSA

  • AA

Erklärung

Frage 24 von 55

1

What are the threat levels?

Wähle eine oder mehr der folgenden:

  • Low

  • Moderate

  • Significant

  • High

  • (D) Delta

  • (C) Charlie

  • (B) Bravo

  • (A) Alpha

  • (N) Normal

Erklärung

Frage 25 von 55

1

What are the levels for FPCON?

Wähle eine oder mehr der folgenden:

  • Low

  • Moderate

  • Significant

  • High

  • (N) Normal

  • (A) Alpha

  • (B) Bravo

  • (C) Charlie

  • (D) Delta

Erklärung

Frage 26 von 55

1

Key word for (N) Normal FPCON?

Wähle eine der folgenden:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE

  • LIKELY

  • IMMINENT

Erklärung

Frage 27 von 55

1

Key word for (A) FPCON?

Wähle eine der folgenden:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Erklärung

Frage 28 von 55

1

Key word for (B) Normal FPCON?

Wähle eine der folgenden:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Erklärung

Frage 29 von 55

1

Key word for (C) Normal FPCON?

Wähle eine der folgenden:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Erklärung

Frage 30 von 55

1

Key word for (D) Normal FPCON?

Wähle eine der folgenden:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Erklärung

Frage 31 von 55

1

What are the 5 OPSEC steps?

Wähle eine oder mehr der folgenden:

  • Identify Critical Information

  • Analyze Threats

  • Analyze Vulnerabilities

  • Assess Risks

  • Apply Countermeasures

  • Assess Vulnerabilities

  • Counter Risks

Erklärung

Frage 32 von 55

1

What is the purpose of marking classified materials?

Wähle eine der folgenden:

  • To alert holders to the presence of classified information, how to properly protect it, and for how long.

  • To deter foreign adversaries from committing actions aimed at accessing such information.

  • To provide guidance for interpretation and analysis of classified information.

  • To alert holders to the methods used to collect classified information.

Erklärung

Frage 33 von 55

1

What is included in the markings of classified information?

Wähle eine der folgenden:

  • Derivative classifier as the authority to make declassification determinations.

  • Agencies and authorities that have previously accessed the classified information.

  • Document holder as the sole authority to make transfer and dissemination determinations.

  • Sources and reasons for the classification.

Erklärung

Frage 34 von 55

1

When a classified data spill occurs, who is responsible for ensuring that policy requirements for addressing an unauthorized disclosure are met?

Wähle eine der folgenden:

  • Activity Security Manager

  • Information Assurance Staff

  • Information Assurance Manager

  • Information Assurance Officer

Erklärung

Frage 35 von 55

1

The inability to deny you are the sender of an email would be an indication of a lapse in:

Wähle eine der folgenden:

  • Non-Repudiation

  • Confidentiality

  • Integrity

  • Availability

Erklärung

Frage 36 von 55

1

Which of the following is the first action done to downgrade, declassify or remove classification markings?

Wähle eine der folgenden:

  • Through the appropriate chain of command, contact the original classification authority (OCA) to confirm that information does not have an extended classification period.

  • Change the classification authority block to indicate “Declassify ON:” to show the new declassification instructions.

  • Take all classification markings off the document and redistribute.

  • Request a waiver from the Information Security Oversight. Office (ISOO) to remove the declassification markings.

Erklärung

Frage 37 von 55

1

What is the purpose of the Personnel Security Program (PSP)?

Wähle eine der folgenden:

  • To define original classification for DoD assets and information.

  • To designate individuals for positions requiring access to classified information.

  • To ensure that only loyal, trustworthy, and reliable individuals may access classified information or perform sensitive duties.

  • To describe the safeguarding requirements personnel must employ when handling classified materials at a cleared contractor facility.

Erklärung

Frage 38 von 55

1

Which of the following is considered an element of the Personnel Security Program (PSP)?

Wähle eine der folgenden:

  • Risk Assessment and Analysis

  • Implementation

  • Classification

  • Continuous Evaluation

Erklärung

Frage 39 von 55

1

Which of the following is not qualifying criteria for personnel assigned to nuclear weapons personnel reliability assurance positions?

Wähle eine der folgenden:

  • Individual must be a U.S. Citizen

  • Individual has a security clearance eligibility in accordance with the position

  • Individual is subject to a periodic reinvestigation every three years

  • Individual must be continuous evaluated

Erklärung

Frage 40 von 55

1

Copies of personnel security investigative reports must be destroyed by DoD recipient organizations, within how many days following completion of the necessary personnel security determination?

Wähle eine der folgenden:

  • 30 Days

  • 45 Days

  • 60 Days

  • 90 Days

Erklärung

Frage 41 von 55

1

Which of the following limitations is true regarding Limited Access Authorization (LAA) to non-U.S. citizens?

Wähle eine der folgenden:

  • LAAs shall only be granted access at the Secret and Confidential levels.

  • A favorably completed and adjudicated Tier 3 or National Agency Check with Local Agency Check (NACLC).

  • An LAA is the same as a security clearance eligibility.

  • Access to classified information Is not limited to a specific program or project.

Erklärung

Frage 42 von 55

1

___________ is the security system performance goal of immediate indication of deliberate attempts, security probing and warning for inadvertent or mistaken intention is an example of which system security capability?

Wähle eine der folgenden:

  • Deterrence

  • Detect

  • Delay

  • Distract

Erklärung

Frage 43 von 55

1

Which of the following would be considered a public safety crime?

Wähle eine der folgenden:

  • Theft of ammunition shipment for the purpose of criminal or gang related activity.

  • Theft of sensitive, proprietary information relating to US aerospace and defense technologies.

  • Deliberate destruction of DoD assets or interruption of normal operations.

  • Theft of an item and use of it outside of its intended purpose or without permission.

Erklärung

Frage 44 von 55

1

Two security professionals – Paul and Ashley – are discussing the security procedures for visits and meetings.

Paul says visits must serve a specific U.S. Government purpose.

Ashley says DoD Components should, as a minimum, establish procedures that include verification of the identity, personnel security clearance, access (if appropriate), and need-to-know for all visitors.
Who is correct?

Wähle eine der folgenden:

  • Paul is correct.

  • Ashley is correct.

  • Paul and Ashley are both correct.

  • Paul and Ashley are both incorrect.

Erklärung

Frage 45 von 55

1

Executive Order 12829, signed in January 1993, mandated that which of the following entities be responsible for implementing and monitoring the National industrial Security Program (NISP)?

Wähle eine der folgenden:

  • Director of the Information Security Oversight Office (ISOO)

  • Secretary of Defense

  • National Security Council (NSC)

  • Director, Defense Security Services (DSS)

Erklärung

Frage 46 von 55

1

Which of the following describes a Special Access Program (SAP) that is established to protect sensitive research, development, testing and evaluation, modification, and procurement activities?

Wähle eine der folgenden:

  • Research and Technology SAP

  • Operations and Support SAP

  • Acquisition SAP

  • Intelligence SAP

Erklärung

Frage 47 von 55

1

Which type of briefing is used to identify security responsibilities, provide a basic understanding of DoD security policies, and explain the importance of protecting government assets?

Wähle eine der folgenden:

  • Indoctrination Briefing

  • Original Classification Authority (OCA) Briefing

  • Foreign Travel Briefing

  • Debriefing

Erklärung

Frage 48 von 55

1

Which type of briefing is used to reinforce the information provided during the initial security briefing and to keep cleared employees informed of appropriate changes in security regulations?

Wähle eine der folgenden:

  • Annual Refresher Briefings

  • Indoctrination Briefings

  • Attestation Briefings

  • Courier Briefings

Erklärung

Frage 49 von 55

1

Which step of the Operations Security (OPSEC) process would be applied when conducting exercises, red teaming and analyzing operations?

Wähle eine der folgenden:

  • Conduct a Risk Assessment

  • Apply OPSEC Countermeasures

  • Conduct a Threat Analysis

  • Conduct a Vulnerability Analysis

Erklärung

Frage 50 von 55

1

Which step of the Operations Security (OPSEC) process would be applied when identifying potential adversaries and the associated capabilities and intentions to collect, analyze, and exploit critical information and indicators?

Wähle eine der folgenden:

  • Conduct a Vulnerability Analysis

  • Conduct a Threat Analysis

  • Conduct a Risk Assessment

  • Apply OPSEC Countermeasures

Erklärung

Frage 51 von 55

1

Who’s responsibility is it during the categorize steps to identify a potential impact (low, moderate, or high) due to loss of confidentiality, integrity, and availability if a security breach occurs?

Wähle eine der folgenden:

  • Information System Owner (ISO)

  • Information Owner (IO)

  • Information System Security Manager (ISSM)

  • Authorizing Official (AO)

Erklärung

Frage 52 von 55

1

Which of the following is NOT a category of Information Technology (IT)?

Wähle eine der folgenden:

  • Platform Information Technology (PIT)

  • Information Technology Services

  • Information Technology Products

  • Information Technology Applications

Erklärung

Frage 53 von 55

1

What step within the Risk Management Framework (RMF) does system categorization occur?

Wähle eine der folgenden:

  • Categorize Information System

  • Select Security Controls

  • Implement Security Controls

  • Assess Security Controls

  • Authorize

  • Monitor Security Controls

Erklärung

Frage 54 von 55

1

At what step of the Risk Management Framework (RMF) would you develop a system-level continuous monitoring strategy?

Wähle eine der folgenden:

  • Categorize Information System

  • Select Security Controls

  • Implement Security Controls

  • Assess Security Controls

  • Authorize

  • Monitor Security Controls

Erklärung

Frage 55 von 55

1

One responsibility of the Information System Security Manager (ISSM) during Step 6 of the Risk Management Framework (RMF) is:

Wähle eine der folgenden:

  • Review and approve the security plan and system-level continuous monitoring strategy developed and implemented by the DoD Components.

  • Monitor the system for security relevant events and
    configuration changes that affect the security posture
    negatively.

  • Determine and documents a risk level in the Security Assessment Report (SAR) for every non-compliant security control in the system baseline.

  • Coordinate the organization of the Information System (IS) and Platform Information Technology (PIT) systems with the Program Manager (PM)/System Manager (SM), Information System Owner (ISO), Information Owner (IO), mission owner(s), Action Officer (AO) or their designated representatives.

Erklärung