Casey Neville
Quiz por , criado more than 1 year ago

SFPC SPeD Practice Quiz

5116
10
0
Casey Neville
Criado por Casey Neville mais de 2 anos atrás
Fechar

SFPC (Possible Test Questions)

Questão 1 de 55

1

Two security professionals – Jo and Chris – are discussing the contracting process.

Jo says that the Federal Acquisition Regulation governs the process the federal government uses to acquire or purchase goods and services.

Chris says that although the Federal Acquisition Regulation’s intent is to provide uniform and government-wide policies and procedures for acquisition, the Department of Defense has issued a supplemental acquisition regulation called the DFAR.

Who is correct?

Selecione uma das seguintes:

  • Jo is correct.

  • Chris is correct.

  • Jo and Chris are both correct.

  • Jo and Chris are both incorrect.

Explicação

Questão 2 de 55

1

Two security professionals – Jo and Chris – are discussing the Federal Acquisition Regulation (FAR).

Jo says that, to be awarded a contract, a bidder needs to show that his or her organization it meets the FAR provisions of that contract.

Chris says that a bidder can be awarded a contract with FAR provisions if his or her organization can demonstrate that it will be able to comply with those provisions at the time of the contract award.

Who is correct?

Selecione uma das seguintes:

  • Jo is correct.

  • Chris is correct.

  • Jo and Chris are both correct.

  • Jo and Chris are both incorrect.

Explicação

Questão 3 de 55

1

Working papers need to be finalized or destroyed after how many days?

Selecione uma das seguintes:

  • 180 Days

  • 90 Days

  • 30 Days

  • 7 Days

Explicação

Questão 4 de 55

1

FOUO becomes legacy it turns into?

Selecione uma das seguintes:

  • CUI

  • UNCLASSIFIED

  • CIA

  • FBI

Explicação

Questão 5 de 55

1

Banner Line Markings start with what first?

Selecione uma das seguintes:

  • CLASSIFICATION

  • DATE

  • ORIGINATORS NAME

  • ORGANIZATIONS NAME

Explicação

Questão 6 de 55

1

Definition of BIOMETRIC:
"Measurable Physical characteristics or personal behavior traits used to recognize the identity, or verify the claimed identity. Fingerprints, Iris, handwriting, voice recognition."

Selecione uma das seguintes:

  • True

  • False

Explicação

Questão 7 de 55

1

Contractors are automatically authorized to do work at the level of the DD254.

Selecione uma das seguintes:

  • True

  • False

Explicação

Questão 8 de 55

1

What are the 3 SAP categories?

Selecione uma ou mais das seguintes:

  • Aquisition

  • Intelligence

  • Operations and Support

  • Acknowledged

Explicação

Questão 9 de 55

1

Couring information within a hotel room is allowed as long as it’s locked in a safe and the courier is in the room.

Selecione uma das seguintes:

  • True

  • False

Explicação

Questão 10 de 55

1

CNWDI, RD and FRD are categories which fall under which department?

Selecione uma das seguintes:

  • Dept. Of Energy (DOE)

  • Dept. Of Defense (DoD)

  • CIA

  • FBI

Explicação

Questão 11 de 55

1

What is a Security Violation?

Selecione uma das seguintes:

  • An event that results in or could be expected to result in the loss or compromise of classified information

  • This event cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information.

Explicação

Questão 12 de 55

1

What is a Security Infraction?

Selecione uma das seguintes:

  • This event cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information.

  • An event that results in or could be expected to result in the loss or compromise of classified information

Explicação

Questão 13 de 55

1

What is the form number for a Top Secret coversheet?

Selecione uma das seguintes:

  • 703

  • 704

  • 705

  • 702

Explicação

Questão 14 de 55

1

What is the form number for a Secret coversheet?

Selecione uma das seguintes:

  • 703

  • 704

  • 705

  • 701

Explicação

Questão 15 de 55

1

What is the form number for a Confidential coversheet?

Selecione uma das seguintes:

  • 703

  • 704

  • 705

  • 706

Explicação

Questão 16 de 55

1

If someone accidentally gave a foreign entity access to classified information, which guideline would it fall under?

Selecione uma das seguintes:

  • Use of Information Technology Systems

  • Use of Information DoD Systems

  • Use of Classified Systems

  • Use of Unclassified Systems

Explicação

Questão 17 de 55

1

SCATTERED CASTLES:
"Intelligence Community (IC) Personnel Security Database that verifies personnel security access and visit certifications."

Selecione uma das seguintes:

  • True

  • False

Explicação

Questão 18 de 55

1

What is the RMF six-step process?

Selecione uma ou mais das seguintes:

  • Categorize Information Systems

  • Select Security Controls

  • Implement Security Controls

  • Assess Security Controls

  • Authorize Information System

  • Monitor Security Controls

  • Accountability Measures

  • Implement Cyber Controls

  • Risk Assessment

Explicação

Questão 19 de 55

1

Vault doors have non-removable hinge pins.

Selecione uma das seguintes:

  • True

  • False

Explicação

Questão 20 de 55

1

What is the highest classification a contractor can courier overseas?

Selecione uma das seguintes:

  • Unclassified

  • Secret

  • Confidential

  • Top Secret

Explicação

Questão 21 de 55

1

Access for a retired flag/general officer?

Selecione uma das seguintes:

  • 3 Months

  • 3 Years

  • 6 Months

  • 6 Years

Explicação

Questão 22 de 55

1

Industrial is NOT SAP is not a category

Selecione uma das seguintes:

  • True

  • False

Explicação

Questão 23 de 55

1

Who controls the list of approved shredders?

Selecione uma das seguintes:

  • NSA

  • GSA

  • BSA

  • AA

Explicação

Questão 24 de 55

1

What are the threat levels?

Selecione uma ou mais das seguintes:

  • Low

  • Moderate

  • Significant

  • High

  • (D) Delta

  • (C) Charlie

  • (B) Bravo

  • (A) Alpha

  • (N) Normal

Explicação

Questão 25 de 55

1

What are the levels for FPCON?

Selecione uma ou mais das seguintes:

  • Low

  • Moderate

  • Significant

  • High

  • (N) Normal

  • (A) Alpha

  • (B) Bravo

  • (C) Charlie

  • (D) Delta

Explicação

Questão 26 de 55

1

Key word for (N) Normal FPCON?

Selecione uma das seguintes:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE

  • LIKELY

  • IMMINENT

Explicação

Questão 27 de 55

1

Key word for (A) FPCON?

Selecione uma das seguintes:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Explicação

Questão 28 de 55

1

Key word for (B) Normal FPCON?

Selecione uma das seguintes:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Explicação

Questão 29 de 55

1

Key word for (C) Normal FPCON?

Selecione uma das seguintes:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Explicação

Questão 30 de 55

1

Key word for (D) Normal FPCON?

Selecione uma das seguintes:

  • GENERAL THREAT

  • INCREASED GENERAL THREAT

  • MORE PREDICTABLE THREAT

  • LIKELY

  • IMMINENT

Explicação

Questão 31 de 55

1

What are the 5 OPSEC steps?

Selecione uma ou mais das seguintes:

  • Identify Critical Information

  • Analyze Threats

  • Analyze Vulnerabilities

  • Assess Risks

  • Apply Countermeasures

  • Assess Vulnerabilities

  • Counter Risks

Explicação

Questão 32 de 55

1

What is the purpose of marking classified materials?

Selecione uma das seguintes:

  • To alert holders to the presence of classified information, how to properly protect it, and for how long.

  • To deter foreign adversaries from committing actions aimed at accessing such information.

  • To provide guidance for interpretation and analysis of classified information.

  • To alert holders to the methods used to collect classified information.

Explicação

Questão 33 de 55

1

What is included in the markings of classified information?

Selecione uma das seguintes:

  • Derivative classifier as the authority to make declassification determinations.

  • Agencies and authorities that have previously accessed the classified information.

  • Document holder as the sole authority to make transfer and dissemination determinations.

  • Sources and reasons for the classification.

Explicação

Questão 34 de 55

1

When a classified data spill occurs, who is responsible for ensuring that policy requirements for addressing an unauthorized disclosure are met?

Selecione uma das seguintes:

  • Activity Security Manager

  • Information Assurance Staff

  • Information Assurance Manager

  • Information Assurance Officer

Explicação

Questão 35 de 55

1

The inability to deny you are the sender of an email would be an indication of a lapse in:

Selecione uma das seguintes:

  • Non-Repudiation

  • Confidentiality

  • Integrity

  • Availability

Explicação

Questão 36 de 55

1

Which of the following is the first action done to downgrade, declassify or remove classification markings?

Selecione uma das seguintes:

  • Through the appropriate chain of command, contact the original classification authority (OCA) to confirm that information does not have an extended classification period.

  • Change the classification authority block to indicate “Declassify ON:” to show the new declassification instructions.

  • Take all classification markings off the document and redistribute.

  • Request a waiver from the Information Security Oversight. Office (ISOO) to remove the declassification markings.

Explicação

Questão 37 de 55

1

What is the purpose of the Personnel Security Program (PSP)?

Selecione uma das seguintes:

  • To define original classification for DoD assets and information.

  • To designate individuals for positions requiring access to classified information.

  • To ensure that only loyal, trustworthy, and reliable individuals may access classified information or perform sensitive duties.

  • To describe the safeguarding requirements personnel must employ when handling classified materials at a cleared contractor facility.

Explicação

Questão 38 de 55

1

Which of the following is considered an element of the Personnel Security Program (PSP)?

Selecione uma das seguintes:

  • Risk Assessment and Analysis

  • Implementation

  • Classification

  • Continuous Evaluation

Explicação

Questão 39 de 55

1

Which of the following is not qualifying criteria for personnel assigned to nuclear weapons personnel reliability assurance positions?

Selecione uma das seguintes:

  • Individual must be a U.S. Citizen

  • Individual has a security clearance eligibility in accordance with the position

  • Individual is subject to a periodic reinvestigation every three years

  • Individual must be continuous evaluated

Explicação

Questão 40 de 55

1

Copies of personnel security investigative reports must be destroyed by DoD recipient organizations, within how many days following completion of the necessary personnel security determination?

Selecione uma das seguintes:

  • 30 Days

  • 45 Days

  • 60 Days

  • 90 Days

Explicação

Questão 41 de 55

1

Which of the following limitations is true regarding Limited Access Authorization (LAA) to non-U.S. citizens?

Selecione uma das seguintes:

  • LAAs shall only be granted access at the Secret and Confidential levels.

  • A favorably completed and adjudicated Tier 3 or National Agency Check with Local Agency Check (NACLC).

  • An LAA is the same as a security clearance eligibility.

  • Access to classified information Is not limited to a specific program or project.

Explicação

Questão 42 de 55

1

___________ is the security system performance goal of immediate indication of deliberate attempts, security probing and warning for inadvertent or mistaken intention is an example of which system security capability?

Selecione uma das seguintes:

  • Deterrence

  • Detect

  • Delay

  • Distract

Explicação

Questão 43 de 55

1

Which of the following would be considered a public safety crime?

Selecione uma das seguintes:

  • Theft of ammunition shipment for the purpose of criminal or gang related activity.

  • Theft of sensitive, proprietary information relating to US aerospace and defense technologies.

  • Deliberate destruction of DoD assets or interruption of normal operations.

  • Theft of an item and use of it outside of its intended purpose or without permission.

Explicação

Questão 44 de 55

1

Two security professionals – Paul and Ashley – are discussing the security procedures for visits and meetings.

Paul says visits must serve a specific U.S. Government purpose.

Ashley says DoD Components should, as a minimum, establish procedures that include verification of the identity, personnel security clearance, access (if appropriate), and need-to-know for all visitors.
Who is correct?

Selecione uma das seguintes:

  • Paul is correct.

  • Ashley is correct.

  • Paul and Ashley are both correct.

  • Paul and Ashley are both incorrect.

Explicação

Questão 45 de 55

1

Executive Order 12829, signed in January 1993, mandated that which of the following entities be responsible for implementing and monitoring the National industrial Security Program (NISP)?

Selecione uma das seguintes:

  • Director of the Information Security Oversight Office (ISOO)

  • Secretary of Defense

  • National Security Council (NSC)

  • Director, Defense Security Services (DSS)

Explicação

Questão 46 de 55

1

Which of the following describes a Special Access Program (SAP) that is established to protect sensitive research, development, testing and evaluation, modification, and procurement activities?

Selecione uma das seguintes:

  • Research and Technology SAP

  • Operations and Support SAP

  • Acquisition SAP

  • Intelligence SAP

Explicação

Questão 47 de 55

1

Which type of briefing is used to identify security responsibilities, provide a basic understanding of DoD security policies, and explain the importance of protecting government assets?

Selecione uma das seguintes:

  • Indoctrination Briefing

  • Original Classification Authority (OCA) Briefing

  • Foreign Travel Briefing

  • Debriefing

Explicação

Questão 48 de 55

1

Which type of briefing is used to reinforce the information provided during the initial security briefing and to keep cleared employees informed of appropriate changes in security regulations?

Selecione uma das seguintes:

  • Annual Refresher Briefings

  • Indoctrination Briefings

  • Attestation Briefings

  • Courier Briefings

Explicação

Questão 49 de 55

1

Which step of the Operations Security (OPSEC) process would be applied when conducting exercises, red teaming and analyzing operations?

Selecione uma das seguintes:

  • Conduct a Risk Assessment

  • Apply OPSEC Countermeasures

  • Conduct a Threat Analysis

  • Conduct a Vulnerability Analysis

Explicação

Questão 50 de 55

1

Which step of the Operations Security (OPSEC) process would be applied when identifying potential adversaries and the associated capabilities and intentions to collect, analyze, and exploit critical information and indicators?

Selecione uma das seguintes:

  • Conduct a Vulnerability Analysis

  • Conduct a Threat Analysis

  • Conduct a Risk Assessment

  • Apply OPSEC Countermeasures

Explicação

Questão 51 de 55

1

Who’s responsibility is it during the categorize steps to identify a potential impact (low, moderate, or high) due to loss of confidentiality, integrity, and availability if a security breach occurs?

Selecione uma das seguintes:

  • Information System Owner (ISO)

  • Information Owner (IO)

  • Information System Security Manager (ISSM)

  • Authorizing Official (AO)

Explicação

Questão 52 de 55

1

Which of the following is NOT a category of Information Technology (IT)?

Selecione uma das seguintes:

  • Platform Information Technology (PIT)

  • Information Technology Services

  • Information Technology Products

  • Information Technology Applications

Explicação

Questão 53 de 55

1

What step within the Risk Management Framework (RMF) does system categorization occur?

Selecione uma das seguintes:

  • Categorize Information System

  • Select Security Controls

  • Implement Security Controls

  • Assess Security Controls

  • Authorize

  • Monitor Security Controls

Explicação

Questão 54 de 55

1

At what step of the Risk Management Framework (RMF) would you develop a system-level continuous monitoring strategy?

Selecione uma das seguintes:

  • Categorize Information System

  • Select Security Controls

  • Implement Security Controls

  • Assess Security Controls

  • Authorize

  • Monitor Security Controls

Explicação

Questão 55 de 55

1

One responsibility of the Information System Security Manager (ISSM) during Step 6 of the Risk Management Framework (RMF) is:

Selecione uma das seguintes:

  • Review and approve the security plan and system-level continuous monitoring strategy developed and implemented by the DoD Components.

  • Monitor the system for security relevant events and
    configuration changes that affect the security posture
    negatively.

  • Determine and documents a risk level in the Security Assessment Report (SAR) for every non-compliant security control in the system baseline.

  • Coordinate the organization of the Information System (IS) and Platform Information Technology (PIT) systems with the Program Manager (PM)/System Manager (SM), Information System Owner (ISO), Information Owner (IO), mission owner(s), Action Officer (AO) or their designated representatives.

Explicação

Anterior
Verificar resposta
Próximo