36515001
Descripción
Test por Casey Neville, actualizado hace más de 1 año
|
Creado por Casey Neville
hace alrededor de 2 años
|
|
Pregunta 1
Pregunta
Two security professionals – Jo and Chris – are discussing the contracting process.
Jo says that the Federal Acquisition Regulation governs the process the federal government uses to acquire or purchase goods and services.
Chris says that although the Federal Acquisition Regulation’s intent is to provide uniform and government-wide policies and procedures for acquisition, the Department of Defense has issued a supplemental acquisition regulation called the DFAR.
Who is correct?
Respuesta
-
Jo is correct.
-
Chris is correct.
-
Jo and Chris are both correct.
-
Jo and Chris are both incorrect.
Pregunta 2
Pregunta
Two security professionals – Jo and Chris – are discussing the Federal Acquisition Regulation (FAR).
Jo says that, to be awarded a contract, a bidder needs to show that his or her organization it meets the FAR provisions of that contract.
Chris says that a bidder can be awarded a contract with FAR provisions if his or her organization can demonstrate that it will be able to comply with those provisions at the time of the contract award.
Who is correct?
Respuesta
-
Jo is correct.
-
Chris is correct.
-
Jo and Chris are both correct.
-
Jo and Chris are both incorrect.
Pregunta 3
Pregunta
Working papers need to be finalized or destroyed after how many days?
Respuesta
-
180 Days
-
90 Days
-
30 Days
-
7 Days
Pregunta 4
Pregunta
FOUO becomes legacy it turns into?
Respuesta
-
CUI
-
UNCLASSIFIED
-
CIA
-
FBI
Pregunta 5
Pregunta
Banner Line Markings start with what first?
Respuesta
-
CLASSIFICATION
-
DATE
-
ORIGINATORS NAME
-
ORGANIZATIONS NAME
Pregunta 6
Pregunta
Definition of BIOMETRIC:
"Measurable Physical characteristics or personal behavior traits used to recognize the identity, or verify the claimed identity. Fingerprints, Iris, handwriting, voice recognition."
Respuesta
-
True
-
False
Pregunta 7
Pregunta
Contractors are automatically authorized to do work at the level of the DD254.
Respuesta
-
True
-
False
Pregunta 8
Pregunta
What are the 3 SAP categories?
Respuesta
-
Aquisition
-
Intelligence
-
Operations and Support
-
Acknowledged
Pregunta 9
Pregunta
Couring information within a hotel room is allowed as long as it’s locked in a safe and the courier is in the room.
Respuesta
-
True
-
False
Pregunta 10
Pregunta
CNWDI, RD and FRD are categories which fall under which department?
Respuesta
-
Dept. Of Energy (DOE)
-
Dept. Of Defense (DoD)
-
CIA
-
FBI
Pregunta 11
Pregunta
What is a Security Violation?
Respuesta
-
An event that results in or could be expected to result in the loss or compromise of classified information
-
This event cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information.
Pregunta 12
Pregunta
What is a Security Infraction?
Respuesta
-
This event cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information.
-
An event that results in or could be expected to result in the loss or compromise of classified information
Pregunta 13
Pregunta
What is the form number for a Top Secret coversheet?
Respuesta
-
703
-
704
-
705
-
702
Pregunta 14
Pregunta
What is the form number for a Secret coversheet?
Respuesta
-
703
-
704
-
705
-
701
Pregunta 15
Pregunta
What is the form number for a Confidential coversheet?
Respuesta
-
703
-
704
-
705
-
706
Pregunta 16
Pregunta
If someone accidentally gave a foreign entity access to classified information, which guideline would it fall under?
Respuesta
-
Use of Information Technology Systems
-
Use of Information DoD Systems
-
Use of Classified Systems
-
Use of Unclassified Systems
Pregunta 17
Pregunta
SCATTERED CASTLES:
"Intelligence Community (IC) Personnel Security Database that verifies personnel security access and visit certifications."
Respuesta
-
True
-
False
Pregunta 18
Pregunta
What is the RMF six-step process?
Respuesta
-
Categorize Information Systems
-
Select Security Controls
-
Implement Security Controls
-
Assess Security Controls
-
Authorize Information System
-
Monitor Security Controls
-
Accountability Measures
-
Implement Cyber Controls
-
Risk Assessment
Pregunta 19
Pregunta
Vault doors have non-removable hinge pins.
Respuesta
-
True
-
False
Pregunta 20
Pregunta
What is the highest classification a contractor can courier overseas?
Respuesta
-
Unclassified
-
Secret
-
Confidential
-
Top Secret
Pregunta 21
Pregunta
Access for a retired flag/general officer?
Respuesta
-
3 Months
-
3 Years
-
6 Months
-
6 Years
Pregunta 22
Pregunta
Industrial is NOT SAP is not a category
Respuesta
-
True
-
False
Pregunta 23
Pregunta
Who controls the list of approved shredders?
Respuesta
-
NSA
-
GSA
-
BSA
-
AA
Pregunta 24
Pregunta
What are the threat levels?
Respuesta
-
Low
-
Moderate
-
Significant
-
High
-
(D) Delta
-
(C) Charlie
-
(B) Bravo
-
(A) Alpha
-
(N) Normal
Pregunta 25
Pregunta
What are the levels for FPCON?
Respuesta
-
Low
-
Moderate
-
Significant
-
High
-
(N) Normal
-
(A) Alpha
-
(B) Bravo
-
(C) Charlie
-
(D) Delta
Pregunta 26
Pregunta
Key word for (N) Normal FPCON?
Respuesta
-
GENERAL THREAT
-
INCREASED GENERAL THREAT
-
MORE PREDICTABLE
-
LIKELY
-
IMMINENT
Pregunta 27
Pregunta
Key word for (A) FPCON?
Respuesta
-
GENERAL THREAT
-
INCREASED GENERAL THREAT
-
MORE PREDICTABLE THREAT
-
LIKELY
-
IMMINENT
Pregunta 28
Pregunta
Key word for (B) Normal FPCON?
Respuesta
-
GENERAL THREAT
-
INCREASED GENERAL THREAT
-
MORE PREDICTABLE THREAT
-
LIKELY
-
IMMINENT
Pregunta 29
Pregunta
Key word for (C) Normal FPCON?
Respuesta
-
GENERAL THREAT
-
INCREASED GENERAL THREAT
-
MORE PREDICTABLE THREAT
-
LIKELY
-
IMMINENT
Pregunta 30
Pregunta
Key word for (D) Normal FPCON?
Respuesta
-
GENERAL THREAT
-
INCREASED GENERAL THREAT
-
MORE PREDICTABLE THREAT
-
LIKELY
-
IMMINENT
Pregunta 31
Pregunta
What are the 5 OPSEC steps?
Respuesta
-
Identify Critical Information
-
Analyze Threats
-
Analyze Vulnerabilities
-
Assess Risks
-
Apply Countermeasures
-
Assess Vulnerabilities
-
Counter Risks
Pregunta 32
Pregunta
What is the purpose of marking classified materials?
Respuesta
-
To alert holders to the presence of classified information, how to properly protect it, and for how long.
-
To deter foreign adversaries from committing actions aimed at accessing such information.
-
To provide guidance for interpretation and analysis of classified information.
-
To alert holders to the methods used to collect classified information.
Pregunta 33
Pregunta
What is included in the markings of classified information?
Respuesta
-
Derivative classifier as the authority to make declassification determinations.
-
Agencies and authorities that have previously accessed the classified information.
-
Document holder as the sole authority to make transfer and dissemination determinations.
-
Sources and reasons for the classification.
Pregunta 34
Pregunta
When a classified data spill occurs, who is responsible for ensuring that policy requirements for addressing an unauthorized disclosure are met?
Respuesta
-
Activity Security Manager
-
Information Assurance Staff
-
Information Assurance Manager
-
Information Assurance Officer
Pregunta 35
Pregunta
The inability to deny you are the sender of an email would be an indication of a lapse in:
Respuesta
-
Non-Repudiation
-
Confidentiality
-
Integrity
-
Availability
Pregunta 36
Pregunta
Which of the following is the first action done to downgrade, declassify or remove classification markings?
Respuesta
-
Through the appropriate chain of command, contact the original classification authority (OCA) to confirm that information does not have an extended classification period.
-
Change the classification authority block to indicate “Declassify ON:” to show the new declassification instructions.
-
Take all classification markings off the document and redistribute.
-
Request a waiver from the Information Security Oversight. Office (ISOO) to remove the declassification markings.
Pregunta 37
Pregunta
What is the purpose of the Personnel Security Program (PSP)?
Respuesta
-
To define original classification for DoD assets and information.
-
To designate individuals for positions requiring access to classified information.
-
To ensure that only loyal, trustworthy, and reliable individuals may access classified information or perform sensitive duties.
-
To describe the safeguarding requirements personnel must employ when handling classified materials at a cleared contractor facility.
Pregunta 38
Pregunta
Which of the following is considered an element of the Personnel Security Program (PSP)?
Respuesta
-
Risk Assessment and Analysis
-
Implementation
-
Classification
-
Continuous Evaluation
Pregunta 39
Pregunta
Which of the following is not qualifying criteria for personnel assigned to nuclear weapons personnel reliability assurance positions?
Respuesta
-
Individual must be a U.S. Citizen
-
Individual has a security clearance eligibility in accordance with the position
-
Individual is subject to a periodic reinvestigation every three years
-
Individual must be continuous evaluated
Pregunta 40
Pregunta
Copies of personnel security investigative reports must be destroyed by DoD recipient organizations, within how many days following completion of the necessary personnel security determination?
Respuesta
-
30 Days
-
45 Days
-
60 Days
-
90 Days
Pregunta 41
Pregunta
Which of the following limitations is true regarding Limited Access Authorization (LAA) to non-U.S. citizens?
Respuesta
-
LAAs shall only be granted access at the Secret and Confidential levels.
-
A favorably completed and adjudicated Tier 3 or National Agency Check with Local Agency Check (NACLC).
-
An LAA is the same as a security clearance eligibility.
-
Access to classified information Is not limited to a specific program or project.
Pregunta 42
Pregunta
___________ is the security system performance goal of immediate indication of deliberate attempts, security probing and warning for inadvertent or mistaken intention is an example of which system security capability?
Respuesta
-
Deterrence
-
Detect
-
Delay
-
Distract
Pregunta 43
Pregunta
Which of the following would be considered a public safety crime?
Respuesta
-
Theft of ammunition shipment for the purpose of criminal or gang related activity.
-
Theft of sensitive, proprietary information relating to US aerospace and defense technologies.
-
Deliberate destruction of DoD assets or interruption of normal operations.
-
Theft of an item and use of it outside of its intended purpose or without permission.
Pregunta 44
Pregunta
Two security professionals – Paul and Ashley – are discussing the security procedures for visits and meetings.
Paul says visits must serve a specific U.S. Government purpose.
Ashley says DoD Components should, as a minimum, establish procedures that include verification of the identity, personnel security clearance, access (if appropriate), and need-to-know for all visitors.
Who is correct?
Respuesta
-
Paul is correct.
-
Ashley is correct.
-
Paul and Ashley are both correct.
-
Paul and Ashley are both incorrect.
Pregunta 45
Pregunta
Executive Order 12829, signed in January 1993, mandated that which of the following entities be responsible for implementing and monitoring the National industrial Security Program (NISP)?
Respuesta
-
Director of the Information Security Oversight Office (ISOO)
-
Secretary of Defense
-
National Security Council (NSC)
-
Director, Defense Security Services (DSS)
Pregunta 46
Pregunta
Which of the following describes a Special Access Program (SAP) that is established to protect sensitive research, development, testing and evaluation, modification, and procurement activities?
Respuesta
-
Research and Technology SAP
-
Operations and Support SAP
-
Acquisition SAP
-
Intelligence SAP
Pregunta 47
Pregunta
Which type of briefing is used to identify security responsibilities, provide a basic understanding of DoD security policies, and explain the importance of protecting government assets?
Respuesta
-
Indoctrination Briefing
-
Original Classification Authority (OCA) Briefing
-
Foreign Travel Briefing
-
Debriefing
Pregunta 48
Pregunta
Which type of briefing is used to reinforce the information provided during the initial security briefing and to keep cleared employees informed of appropriate changes in security regulations?
Respuesta
-
Annual Refresher Briefings
-
Indoctrination Briefings
-
Attestation Briefings
-
Courier Briefings
Pregunta 49
Pregunta
Which step of the Operations Security (OPSEC) process would be applied when conducting exercises, red teaming and analyzing operations?
Respuesta
-
Conduct a Risk Assessment
-
Apply OPSEC Countermeasures
-
Conduct a Threat Analysis
-
Conduct a Vulnerability Analysis
Pregunta 50
Pregunta
Which step of the Operations Security (OPSEC) process would be applied when identifying potential adversaries and the associated capabilities and intentions to collect, analyze, and exploit critical information and indicators?
Respuesta
-
Conduct a Vulnerability Analysis
-
Conduct a Threat Analysis
-
Conduct a Risk Assessment
-
Apply OPSEC Countermeasures
Pregunta 51
Pregunta
Who’s responsibility is it during the categorize steps to identify a potential impact (low, moderate, or high) due to loss of confidentiality, integrity, and availability if a security breach occurs?
Respuesta
-
Information System Owner (ISO)
-
Information Owner (IO)
-
Information System Security Manager (ISSM)
-
Authorizing Official (AO)
Pregunta 52
Pregunta
Which of the following is NOT a category of Information Technology (IT)?
Respuesta
-
Platform Information Technology (PIT)
-
Information Technology Services
-
Information Technology Products
-
Information Technology Applications
Pregunta 53
Pregunta
What step within the Risk Management Framework (RMF) does system categorization occur?
Respuesta
-
Categorize Information System
-
Select Security Controls
-
Implement Security Controls
-
Assess Security Controls
-
Authorize
-
Monitor Security Controls
Pregunta 54
Pregunta
At what step of the Risk Management Framework (RMF) would you develop a system-level continuous monitoring strategy?
Respuesta
-
Categorize Information System
-
Select Security Controls
-
Implement Security Controls
-
Assess Security Controls
-
Authorize
-
Monitor Security Controls
Pregunta 55
Pregunta
One responsibility of the Information System Security Manager (ISSM) during Step 6 of the Risk Management Framework (RMF) is:
Respuesta
-
Review and approve the security plan and system-level continuous monitoring strategy developed and implemented by the DoD Components.
-
Monitor the system for security relevant events and configuration changes that affect the security posture negatively.
-
Determine and documents a risk level in the Security Assessment Report (SAR) for every non-compliant security control in the system baseline.
-
Coordinate the organization of the Information System (IS) and Platform Information Technology (PIT) systems with the Program Manager (PM)/System Manager (SM), Information System Owner (ISO), Information Owner (IO), mission owner(s), Action Officer (AO) or their designated representatives.
¿Quieres crear tus propios Tests gratis con GoConqr? Más información.