Casey Neville
Test por , creado hace más de 1 año

SFPC SPeD Practice Quiz

5897
11
0
Casey Neville
Creado por Casey Neville hace más de 2 años
Cerrar

SFPC (Possible Test Questions)

Pregunta 1 de 55

1

Two security professionals – Jo and Chris – are discussing the contracting process.

Jo says that the Federal Acquisition Regulation governs the process the federal government uses to acquire or purchase goods and services.

Chris says that although the Federal Acquisition Regulation’s intent is to provide uniform and government-wide policies and procedures for acquisition, the Department of Defense has issued a supplemental acquisition regulation called the DFAR.

Who is correct?

Selecciona una de las siguientes respuestas posibles:

  • Jo is correct.

  • Chris is correct.

  • Jo and Chris are both correct.

  • Jo and Chris are both incorrect.

Explicación

Pregunta 2 de 55

1

Two security professionals – Jo and Chris – are discussing the Federal Acquisition Regulation (FAR).

Jo says that, to be awarded a contract, a bidder needs to show that his or her organization it meets the FAR provisions of that contract.

Chris says that a bidder can be awarded a contract with FAR provisions if his or her organization can demonstrate that it will be able to comply with those provisions at the time of the contract award.

Who is correct?

Selecciona una de las siguientes respuestas posibles:

  • Jo is correct.

  • Chris is correct.

  • Jo and Chris are both correct.

  • Jo and Chris are both incorrect.

Explicación

Pregunta 3 de 55

1

Working papers need to be finalized or destroyed after how many days?

Selecciona una de las siguientes respuestas posibles:

  • 180 Days

  • 90 Days

  • 30 Days

  • 7 Days

Explicación

Pregunta 4 de 55

1

FOUO becomes legacy it turns into?

Selecciona una de las siguientes respuestas posibles:

  • CUI

  • UNCLASSIFIED

  • CIA

  • FBI

Explicación

Pregunta 5 de 55

1

Banner Line Markings start with what first?

Selecciona una de las siguientes respuestas posibles:

  • CLASSIFICATION

  • DATE

  • ORIGINATORS NAME

  • ORGANIZATIONS NAME

Explicación

Pregunta 6 de 55

1

Definition of BIOMETRIC:
"Measurable Physical characteristics or personal behavior traits used to recognize the identity, or verify the claimed identity. Fingerprints, Iris, handwriting, voice recognition."

Selecciona una de las siguientes respuestas posibles:

  • True

  • False

Explicación

Pregunta 7 de 55

1

Contractors are automatically authorized to do work at the level of the DD254.

Selecciona una de las siguientes respuestas posibles:

  • True

  • False

Explicación

Pregunta 8 de 55

1

What are the 3 SAP categories?

Selecciona una o más de las siguientes respuestas posibles:

  • Aquisition

  • Intelligence

  • Operations and Support

  • Acknowledged

Explicación

Pregunta 9 de 55

1

Couring information within a hotel room is allowed as long as it’s locked in a safe and the courier is in the room.

Selecciona una de las siguientes respuestas posibles:

  • True

  • False

Explicación

Pregunta 10 de 55

1

CNWDI, RD and FRD are categories which fall under which department?

Selecciona una de las siguientes respuestas posibles:

  • Dept. Of Energy (DOE)

  • Dept. Of Defense (DoD)

  • CIA

  • FBI

Explicación

Pregunta 11 de 55

1

What is a Security Violation?

Selecciona una de las siguientes respuestas posibles:

  • An event that results in or could be expected to result in the loss or compromise of classified information

  • This event cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information.

Explicación

Pregunta 12 de 55

1

What is a Security Infraction?

Selecciona una de las siguientes respuestas posibles:

  • This event cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information.

  • An event that results in or could be expected to result in the loss or compromise of classified information

Explicación

Pregunta 13 de 55

1

What is the form number for a Top Secret coversheet?

Selecciona una de las siguientes respuestas posibles:

  • 703

  • 704

  • 705

  • 702

Explicación

Pregunta 14 de 55

1

What is the form number for a Secret coversheet?

Selecciona una de las siguientes respuestas posibles:

  • 703

  • 704

  • 705

  • 701

Explicación

Pregunta 15 de 55

1

What is the form number for a Confidential coversheet?

Selecciona una de las siguientes respuestas posibles:

  • 703

  • 704

  • 705

  • 706

Explicación

Pregunta 16 de 55

1

If someone accidentally gave a foreign entity access to classified information, which guideline would it fall under?

Selecciona una de las siguientes respuestas posibles:

  • Use of Information Technology Systems

  • Use of Information DoD Systems

  • Use of Classified Systems

  • Use of Unclassified Systems

Explicación

Pregunta 17 de 55

1

SCATTERED CASTLES:
"Intelligence Community (IC) Personnel Security Database that verifies personnel security access and visit certifications."

Selecciona una de las siguientes respuestas posibles:

  • True

  • False

Explicación

Pregunta 18 de 55

1

What is the RMF six-step process?

Selecciona una o más de las siguientes respuestas posibles:

  • Categorize Information Systems

  • Select Security Controls

  • Implement Security Controls

  • Assess Security Controls

  • Authorize Information System

  • Monitor Security Controls

  • Accountability Measures

  • Implement Cyber Controls

  • Risk Assessment

Explicación

Pregunta 19 de 55

1

Vault doors have non-removable hinge pins.

Selecciona una de las siguientes respuestas posibles:

  • True

  • False

Explicación

Pregunta 20 de 55

1

What is the highest classification a contractor can courier overseas?

Selecciona una de las siguientes respuestas posibles:

  • Unclassified

  • Secret

  • Confidential

  • Top Secret

Explicación

Pregunta 21 de 55

1

Access for a retired flag/general officer?

Selecciona una de las siguientes respuestas posibles:

  • 3 Months

  • 3 Years

  • 6 Months

  • 6 Years

Explicación

Pregunta 22 de 55

1

Industrial is NOT SAP is not a category

Selecciona una de las siguientes respuestas posibles:

  • True

  • False

Explicación

Pregunta 23 de 55

1

Who controls the list of approved shredders?

Selecciona una de las siguientes respuestas posibles:

  • NSA

  • GSA

  • BSA

  • AA

Explicación

Pregunta 24 de 55

1

What are the threat levels?

Selecciona una o más de las siguientes respuestas posibles:

  • Low

  • Moderate

  • Significant

  • High

  • (D) Delta

  • (C) Charlie

  • (B) Bravo

  • (A) Alpha

  • (N) Normal

Explicación

Pregunta 25 de 55

1

What are the levels for FPCON?

Selecciona una o más de las siguientes respuestas posibles:

  • Low

  • Moderate

  • Significant

  • High

  • (N) Normal

  • (A) Alpha

  • (B) Bravo

  • (C) Charlie

  • (D) Delta

Explicación

Pregunta 26 de 55

1

Key word for (N) Normal FPCON?

Selecciona una de las siguientes respuestas posibles:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE

  • LIKELY

  • IMMINENT

Explicación

Pregunta 27 de 55

1

Key word for (A) FPCON?

Selecciona una de las siguientes respuestas posibles:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Explicación

Pregunta 28 de 55

1

Key word for (B) Normal FPCON?

Selecciona una de las siguientes respuestas posibles:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Explicación

Pregunta 29 de 55

1

Key word for (C) Normal FPCON?

Selecciona una de las siguientes respuestas posibles:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Explicación

Pregunta 30 de 55

1

Key word for (D) Normal FPCON?

Selecciona una de las siguientes respuestas posibles:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Explicación

Pregunta 31 de 55

1

What are the 5 OPSEC steps?

Selecciona una o más de las siguientes respuestas posibles:

  • Identify Critical Information

  • Analyze Threats

  • Analyze Vulnerabilities

  • Assess Risks

  • Apply Countermeasures

  • Assess Vulnerabilities

  • Counter Risks

Explicación

Pregunta 32 de 55

1

What is the purpose of marking classified materials?

Selecciona una de las siguientes respuestas posibles:

  • To alert holders to the presence of classified information, how to properly protect it, and for how long.

  • To deter foreign adversaries from committing actions aimed at accessing such information.

  • To provide guidance for interpretation and analysis of classified information.

  • To alert holders to the methods used to collect classified information.

Explicación

Pregunta 33 de 55

1

What is included in the markings of classified information?

Selecciona una de las siguientes respuestas posibles:

  • Derivative classifier as the authority to make declassification determinations.

  • Agencies and authorities that have previously accessed the classified information.

  • Document holder as the sole authority to make transfer and dissemination determinations.

  • Sources and reasons for the classification.

Explicación

Pregunta 34 de 55

1

When a classified data spill occurs, who is responsible for ensuring that policy requirements for addressing an unauthorized disclosure are met?

Selecciona una de las siguientes respuestas posibles:

  • Activity Security Manager

  • Information Assurance Staff

  • Information Assurance Manager

  • Information Assurance Officer

Explicación

Pregunta 35 de 55

1

The inability to deny you are the sender of an email would be an indication of a lapse in:

Selecciona una de las siguientes respuestas posibles:

  • Non-Repudiation

  • Confidentiality

  • Integrity

  • Availability

Explicación

Pregunta 36 de 55

1

Which of the following is the first action done to downgrade, declassify or remove classification markings?

Selecciona una de las siguientes respuestas posibles:

  • Through the appropriate chain of command, contact the original classification authority (OCA) to confirm that information does not have an extended classification period.

  • Change the classification authority block to indicate “Declassify ON:” to show the new declassification instructions.

  • Take all classification markings off the document and redistribute.

  • Request a waiver from the Information Security Oversight. Office (ISOO) to remove the declassification markings.

Explicación

Pregunta 37 de 55

1

What is the purpose of the Personnel Security Program (PSP)?

Selecciona una de las siguientes respuestas posibles:

  • To define original classification for DoD assets and information.

  • To designate individuals for positions requiring access to classified information.

  • To ensure that only loyal, trustworthy, and reliable individuals may access classified information or perform sensitive duties.

  • To describe the safeguarding requirements personnel must employ when handling classified materials at a cleared contractor facility.

Explicación

Pregunta 38 de 55

1

Which of the following is considered an element of the Personnel Security Program (PSP)?

Selecciona una de las siguientes respuestas posibles:

  • Risk Assessment and Analysis

  • Implementation

  • Classification

  • Continuous Evaluation

Explicación

Pregunta 39 de 55

1

Which of the following is not qualifying criteria for personnel assigned to nuclear weapons personnel reliability assurance positions?

Selecciona una de las siguientes respuestas posibles:

  • Individual must be a U.S. Citizen

  • Individual has a security clearance eligibility in accordance with the position

  • Individual is subject to a periodic reinvestigation every three years

  • Individual must be continuous evaluated

Explicación

Pregunta 40 de 55

1

Copies of personnel security investigative reports must be destroyed by DoD recipient organizations, within how many days following completion of the necessary personnel security determination?

Selecciona una de las siguientes respuestas posibles:

  • 30 Days

  • 45 Days

  • 60 Days

  • 90 Days

Explicación

Pregunta 41 de 55

1

Which of the following limitations is true regarding Limited Access Authorization (LAA) to non-U.S. citizens?

Selecciona una de las siguientes respuestas posibles:

  • LAAs shall only be granted access at the Secret and Confidential levels.

  • A favorably completed and adjudicated Tier 3 or National Agency Check with Local Agency Check (NACLC).

  • An LAA is the same as a security clearance eligibility.

  • Access to classified information Is not limited to a specific program or project.

Explicación

Pregunta 42 de 55

1

___________ is the security system performance goal of immediate indication of deliberate attempts, security probing and warning for inadvertent or mistaken intention is an example of which system security capability?

Selecciona una de las siguientes respuestas posibles:

  • Deterrence

  • Detect

  • Delay

  • Distract

Explicación

Pregunta 43 de 55

1

Which of the following would be considered a public safety crime?

Selecciona una de las siguientes respuestas posibles:

  • Theft of ammunition shipment for the purpose of criminal or gang related activity.

  • Theft of sensitive, proprietary information relating to US aerospace and defense technologies.

  • Deliberate destruction of DoD assets or interruption of normal operations.

  • Theft of an item and use of it outside of its intended purpose or without permission.

Explicación

Pregunta 44 de 55

1

Two security professionals – Paul and Ashley – are discussing the security procedures for visits and meetings.

Paul says visits must serve a specific U.S. Government purpose.

Ashley says DoD Components should, as a minimum, establish procedures that include verification of the identity, personnel security clearance, access (if appropriate), and need-to-know for all visitors.
Who is correct?

Selecciona una de las siguientes respuestas posibles:

  • Paul is correct.

  • Ashley is correct.

  • Paul and Ashley are both correct.

  • Paul and Ashley are both incorrect.

Explicación

Pregunta 45 de 55

1

Executive Order 12829, signed in January 1993, mandated that which of the following entities be responsible for implementing and monitoring the National industrial Security Program (NISP)?

Selecciona una de las siguientes respuestas posibles:

  • Director of the Information Security Oversight Office (ISOO)

  • Secretary of Defense

  • National Security Council (NSC)

  • Director, Defense Security Services (DSS)

Explicación

Pregunta 46 de 55

1

Which of the following describes a Special Access Program (SAP) that is established to protect sensitive research, development, testing and evaluation, modification, and procurement activities?

Selecciona una de las siguientes respuestas posibles:

  • Research and Technology SAP

  • Operations and Support SAP

  • Acquisition SAP

  • Intelligence SAP

Explicación

Pregunta 47 de 55

1

Which type of briefing is used to identify security responsibilities, provide a basic understanding of DoD security policies, and explain the importance of protecting government assets?

Selecciona una de las siguientes respuestas posibles:

  • Indoctrination Briefing

  • Original Classification Authority (OCA) Briefing

  • Foreign Travel Briefing

  • Debriefing

Explicación

Pregunta 48 de 55

1

Which type of briefing is used to reinforce the information provided during the initial security briefing and to keep cleared employees informed of appropriate changes in security regulations?

Selecciona una de las siguientes respuestas posibles:

  • Annual Refresher Briefings

  • Indoctrination Briefings

  • Attestation Briefings

  • Courier Briefings

Explicación

Pregunta 49 de 55

1

Which step of the Operations Security (OPSEC) process would be applied when conducting exercises, red teaming and analyzing operations?

Selecciona una de las siguientes respuestas posibles:

  • Conduct a Risk Assessment

  • Apply OPSEC Countermeasures

  • Conduct a Threat Analysis

  • Conduct a Vulnerability Analysis

Explicación

Pregunta 50 de 55

1

Which step of the Operations Security (OPSEC) process would be applied when identifying potential adversaries and the associated capabilities and intentions to collect, analyze, and exploit critical information and indicators?

Selecciona una de las siguientes respuestas posibles:

  • Conduct a Vulnerability Analysis

  • Conduct a Threat Analysis

  • Conduct a Risk Assessment

  • Apply OPSEC Countermeasures

Explicación

Pregunta 51 de 55

1

Who’s responsibility is it during the categorize steps to identify a potential impact (low, moderate, or high) due to loss of confidentiality, integrity, and availability if a security breach occurs?

Selecciona una de las siguientes respuestas posibles:

  • Information System Owner (ISO)

  • Information Owner (IO)

  • Information System Security Manager (ISSM)

  • Authorizing Official (AO)

Explicación

Pregunta 52 de 55

1

Which of the following is NOT a category of Information Technology (IT)?

Selecciona una de las siguientes respuestas posibles:

  • Platform Information Technology (PIT)

  • Information Technology Services

  • Information Technology Products

  • Information Technology Applications

Explicación

Pregunta 53 de 55

1

What step within the Risk Management Framework (RMF) does system categorization occur?

Selecciona una de las siguientes respuestas posibles:

  • Categorize Information System

  • Select Security Controls

  • Implement Security Controls

  • Assess Security Controls

  • Authorize

  • Monitor Security Controls

Explicación

Pregunta 54 de 55

1

At what step of the Risk Management Framework (RMF) would you develop a system-level continuous monitoring strategy?

Selecciona una de las siguientes respuestas posibles:

  • Categorize Information System

  • Select Security Controls

  • Implement Security Controls

  • Assess Security Controls

  • Authorize

  • Monitor Security Controls

Explicación

Pregunta 55 de 55

1

One responsibility of the Information System Security Manager (ISSM) during Step 6 of the Risk Management Framework (RMF) is:

Selecciona una de las siguientes respuestas posibles:

  • Review and approve the security plan and system-level continuous monitoring strategy developed and implemented by the DoD Components.

  • Monitor the system for security relevant events and
    configuration changes that affect the security posture
    negatively.

  • Determine and documents a risk level in the Security Assessment Report (SAR) for every non-compliant security control in the system baseline.

  • Coordinate the organization of the Information System (IS) and Platform Information Technology (PIT) systems with the Program Manager (PM)/System Manager (SM), Information System Owner (ISO), Information Owner (IO), mission owner(s), Action Officer (AO) or their designated representatives.

Explicación