Download 2026 CLETS & CJIS Exam Study Guide: Practice Test & Certification Prep and more Exams Criminal Justice in PDF only on Docsity!
2026/2027 CLETS Certification Practice
Test: Master CJIS Security, NLETS & NCIC
Protocols with Our Comprehensive Exam
Prep & Study Guide
Description: Ace your 2026/2027 California Law Enforcement Telecommunications System (CLETS) exam. Our definitive study guide features a complete 60-question practice test covering CJIS Security Policy, NCIC procedures, NLETS inquiries, and system-specific protocols. Boost your score with expert explanations and realistic certification prep. Download your key to passing now.
2026 CLETS & CJIS Exam Study Guide: Practice Test &
Certification Prep
Instructions: This examination assesses proficiency in the use of national and state law enforcement telecommunications systems and compliance with associated security policies. Read each question carefully and select the best answer from the options provided. Section 1: System Operations & Capabilities
1. Access to INTERPOL records via the National Law Enforcement Telecommunications System (NLETS) can provide information on which of the following? A. International wanted persons B. Stolen cultural artifacts C. Stolen vehicles and travel documents D. Both A and C Answer: D Explanation: NLETS facilitates international law enforcement communication, providing U.S. agencies with access to INTERPOL data on internationally wanted persons, stolen vehicles, and stolen or fraudulent travel documents. 2. Inquiries made on the California Law Enforcement Telecommunications System (CLETS) Wanted Persons System (WPS) will automatically forward to the National Crime Information Center (NCIC) when which of the following data elements is included? A. Name only B. Name and sex C. Name, sex, and date of birth D. Name and numeric identifier Answer: C Explanation: To ensure an effective interstate search, a CLETS WPS inquiry requires the core identifiers of name, sex, and date of birth to trigger an automatic forward to the NCIC national database.
Explanation: The Department of Motor Vehicles (DMV) maintains vessel registration records. An inquiry into the DMV Vessel Registration file will return information on the registered owner of a boat.
6. A "no record" response from an Interstate Identification Index (III) inquiry indicates: A. The subject has no criminal history in the inquiring state. B. The subject has no criminal history in the FBI’s master file. C. The subject has no criminal history based on fingerprint identification in any participating state or federal system. D. The subject’s record is sealed and cannot be accessed. Answer: C Explanation: A "no record" response from the III specifically means that no criminal history record identifiable by fingerprints was found in the systems of the FBI or any participating state. It does not preclude the existence of non-fingerprint based or local records. 7. The purpose of a Department of Justice (DOJ) stop, restraint, or referral flag encountered during a DMV inquiry is to: A. Indicate the vehicle owner has an outstanding parking ticket. B. Prevent the registration of a stolen vehicle or vessel. C. Flag the driver for mandatory insurance verification. D. Deny all DMV services until the flag is cleared. Answer: B Explanation: These flags are placed by law enforcement to prevent the re-registration of stolen vehicles or boats. When encountered, the agency that placed the flag must be contacted before any DMV action can proceed. 8. The ORION file provides a response to an inquiry based on which of the following? A. Vehicle license plate number B. Vehicle Identification Number (VIN)
C. Both A and B D. Neither A nor B Answer: C Explanation: The ORION file is designed to return information on vehicles using either primary identifier: the license plate number or the Vehicle Identification Number (VIN).
9. An All-Points Bulletin (APB) sent to group code 4500 for a child abduction will: A. Be broadcast statewide only if it meets AMBER Alert criteria. B. Be broadcast statewide regardless of AMBER Alert criteria. C. Only be sent to agencies within a 100-mile radius. D. Require direct approval from the FBI. Answer: B Explanation: Group code 4500 is designated for critical statewide broadcasts, such as child abductions. Its use is not contingent on the incident meeting the specific, more restrictive criteria for an official AMBER Alert. 10. The Automated Archive System (AAS) can be accessed to provide digital images of what type of information? A. Criminal history rapsheets B. California Restraining and Protective Orders (CARPOS) C. Stored CLETS transaction images D. All of the above Answer: D Explanation: The AAS serves as a digital repository, providing authorized users with the capability to retrieve images of official documents, including rapsheets, protective orders, and historical transaction logs.
Explanation: CJI data is highly sensitive. Its dissemination is strictly controlled and is only authorized when it is directly related to the user’s official criminal justice function and the recipient has both a right and a demonstrable need to know the information.
14. Passwords for systems accessing CJI data shall NOT be: A. Changed at least every 90 days B. Shared with any other person C. Transmitted in clear text outside a secure domain D. All of the above Answer: D Explanation: CJIS security standards mandate robust password management, which includes regular rotation, strict non-disclosure, and ensuring passwords are never transmitted unprotected outside a secured network environment. 15. All new employees with direct access to FBI CJI, and relevant IT personnel, must receive security awareness training: A. Within six months of appointment B. Within two years of appointment C. Prior to being granted system access D. Only if they request it Answer: C Explanation: To mitigate risk and ensure compliance, mandatory security awareness training is a prerequisite that must be completed before an individual is granted any access to CJI systems or data. 16. Which of the following is TRUE regarding agency information security policies? A. Agencies are not required to publish internal policies if they follow the CJIS Security Policy. B. Agencies may develop internal policies that are more restrictive than the CJIS Security Policy. C. Penalties for misuse do not need to be defined in internal policy. D. The CJIS Security Policy is a recommendation, not a requirement.
Answer: B Explanation: While the CJIS Security Policy sets the minimum baseline requirements, individual agencies are both encouraged and authorized to implement and publish more stringent internal security policies and procedures tailored to their specific operational environment.
17. A common security threat that involves manipulating individuals into divulging confidential information is known as: A. Network spoofing B. Social engineering C. Data tunneling D. Cryptographic attack Answer: B Explanation: Social engineering is a significant security threat that exploits human psychology, rather than technical weaknesses, to trick authorized personnel into revealing passwords, data, or other sensitive information. 18. Under Penal Code 11142, an individual authorized to receive a record who knowingly furnishes it to an unauthorized person is guilty of: A. A felony B. A misdemeanor C. An infraction D. A civil violation Answer: B Explanation: California Penal Code 11142 clearly defines the unlawful dissemination of confidential criminal offender record information by an authorized person to an unauthorized person as a misdemeanor offense.
Explanation: A database hit is an investigative lead, not conclusive proof. Agency policy and the NCIC Operating Manual require that the inquiring agency confirm the hit with the entering agency via telephone or other authorized means before making an arrest or seizing property.
22. When conducting a preliminary record check on a person who will be riding along with a law enforcement officer, provided that person is not an agency employee, the check is: A. Prohibited under all circumstances B. Permitted only with a signed waiver C. Authorized as part of the screening process D. Only allowed for relatives of officers Answer: C Explanation: Agencies are authorized to conduct limited background checks on non-employee civilians, such as ride-along participants, for safety and security purposes prior to granting them access to sensitive environments or information. 23. The National Crime Information Center (NCIC) policy requires that hit confirmation requests be made using which method? A. Email B. VQ and YR transactions C. NLETS administrative messages D. Certified mail Answer: B Explanation: NCIC protocol mandates the use of specific, secure transaction codes within the telecommunications system for official hit confirmations. The VQ (Validate Hit) and YR (YOUR Record) transactions are designed for this purpose. 24. Access to the Mental Health Firearms Prohibition System (MHFPS) is restricted by Welfare and Institutions Code to which purpose? A. Conducting pre-employment background checks B. Determining eligibility for a concealed carry permit
C. Determining if a person subject to a criminal investigation involving firearms is prohibited from possessing them D. Screening applicants for public housing Answer: C Explanation: Access to MHFPS is narrowly defined by statute. It is strictly for use during a criminal investigation to determine if a specific individual, who is under investigation for firearm-related activity, is subject to a mental health-based prohibition.
25. Law enforcement agencies are authorized to access Criminal Offender Record Information (CORI) through CLETS for which of the following purposes? A. Licensing for private security guards B. Employment background checks for non-criminal justice entities C. Certification for professional licenses D. None of the above; CORI is for criminal justice purposes only. Answer: D Explanation: CORI accessed via CLETS is for official criminal justice purposes only. Its use for civilian licensing, employment, or certification is generally prohibited and would require authorization through a separate process, such as via the DOJ's applicant background check system. Section 4: Database-Specific Protocols & Inquiries 26. The acronym "DSP" appearing on a criminal history record indicates that the record is: A. Disputed and under review B. Based on fingerprints C. Not based on fingerprints D. Sealed or expunged Answer: C
C. Automated Property System (APS) D. National Instant Criminal Background Check System (NICS) Answer: B Explanation: APPS information is integrated within the Supervised Release File (SRF). An inquiry on a subject in the SRF will reveal if they are also flagged in the APPS due to a prohibition.
30. The Texas Department of Public Safety's Border Auto Theft Information Center (BATIC) serves as a liaison for: A. Extraditing fugitives from Mexico. B. Locating and recovering stolen vehicles taken into Mexico. C. Coordinating drug interdiction task forces. D. Sharing intelligence on human trafficking rings. Answer: B Explanation: BATIC is a specialized unit that facilitates cross-border cooperation specifically for vehicle theft, acting as the central point of contact between U.S. agencies and Mexican authorities to locate and repatriate vehicles stolen and transported into Mexico. 31. What is required for all Automated Criminal History System (ACHS) inquiries via CLETS? A. A permissible purpose under law or regulation B. A terminal operator who has completed required training C. The subject's name and at least one other numeric identifier D. All of the above Answer: D Explanation: Accessing criminal history via ACHS is strictly regulated. It requires a lawful purpose, a properly trained and certified operator, and sufficient identifying data on the subject to ensure an accurate search.
32. Which of the following best describes the correct use of race codes in a National Law Enforcement Telecommunications System (NLETS) inquiry? A. Use agency-specific local codes. B. Use NCIC-standardized race codes. C. The field is optional and can be left blank. D. Use descriptive text instead of codes. Answer: B Explanation: To ensure interoperability and accurate matching across state and national systems, all NLETS inquiries must utilize the standardized race code set established by the NCIC. 33. For a supervising agency to receive an automated Notice of Arrest from the DOJ, which condition must be met? A. The arrest must be for a felony. B. The subject must have active SRF, APPS, or registration records. C. The arresting agency must send a special notification. D. The subject must be on parole. Answer: B Explanation: The automated notice system is triggered when an individual with an active record in systems like SRF (Supervised Release), APPS, or CSAR (Sex/Arson Registry) is arrested and their information is entered into the statewide system, automatically notifying the supervising agency. 34. A warrant entered with the code "ENT-2" signifies that the warrant is: A. Entered only into the local agency system. B. Entered into the California system (WPS) and the NCIC. C. An administrative warrant, not for arrest. D. Under review by a judge. Answer: B
C. At all times D. Only if classified information is present Answer: C Explanation: To maintain accountability and prevent unauthorized access or tampering, a policy of continuous escort for all visitors in areas containing CJI systems is a fundamental physical security control.
38. Agencies are required to develop and publish internal information security policies that include: A. Only the minimum CJIS standards B. Penalties for misuse and violations C. Procedures for public data requests D. IT vendor contact lists Answer: B Explanation: A complete internal security program must define specific administrative sanctions and penalties for personnel who violate information security policies, thereby enforcing accountability. 39. FBI CJI data should be treated as sensitive information, and security must be implemented to prevent: A. Unauthorized access B. Unauthorized use C. Unauthorized dissemination D. All of the above Answer: D Explanation: The comprehensive security goal for CJI data is to protect it from all forms of compromise, which includes illegal viewing (access), improper application (use), and unlawful sharing (dissemination).
40. The statement "NLETS criminal history record information can be used as a substitution for the Interstate Identification Index (III)" is: A. True B. False Answer: B Explanation: This is false. NLETS is a messaging system that can request a criminal history from another state. The III is the actual fingerprint-based index of criminal histories. An NLETS response is not a certified III response, which is the gold standard for identification. Section 6: Specialized Systems & Contact Procedures 41. If you encounter a DOJ restraint flag on a boat that your agency has already recovered and cleared, you should contact: A. The NCIC operator B. Your local DMV office C. The DOJ Stolen Vehicle System (SVS) unit D. The originating agency via NLETS Answer: C Explanation: The DOJ's SVS unit is responsible for maintaining statewide stolen vehicle and vessel records. They must be contacted directly to officially clear the restraint flag from the system upon recovery. 42. The Oregon Law Enforcement Data System (LEDS) interface allows CLETS users to directly query which Oregon files? A. Vehicle registration and driver's license only B. Wanted persons and stolen vehicles only C. Vehicle registration, driver's license, wanted persons, stolen vehicles, protection orders, and guns/articles D. Criminal history only Answer: C
Explanation: Final, definitive confirmation of a hit requires direct contact with the entering agency to verify the information against their official, primary case file, ensuring the data is current, accurate, and the warrant or record is still valid. Section 7: Data Accuracy, Audits, and Permissible Use
46. An individual is permitted to inquire into their own record in the Automated Firearms System (AFS) to verify its accuracy. A. True B. False Answer: B Explanation: This is false. Individuals cannot conduct self-queries on law enforcement systems. The process for reviewing and challenging the accuracy of one's own AFS record is conducted through a formal request to the Department of Justice via established legal channels, not through operational terminals. 47. Periodic driver's license checks may be conducted by agencies on employees for whom driving is a job requirement. This is: A. A violation of privacy B. Authorized for ensuring continued licensure and driving privilege C. Only permitted with a court order D. The responsibility of the employee, not the agency Answer: B Explanation: Agencies have a legitimate operational interest and duty to ensure employees whose essential job functions involve driving maintain a valid license. Periodic checks for this purpose are an authorized use of the DMV system. 48. Law enforcement is required to accept a missing person report over the telephone. A. True B. False
Answer: A Explanation: This is true. Policies generally prohibit refusing to take a missing person report. Reports must be accepted in person or by telephone, radio, or other means immediately upon notification, without delay, to initiate a timely investigation.
49. Information obtained from the Interstate Identification Index (III) is: A. Considered criminal history record information (CHRI) B. Not considered CHRI as it is from an index C. For informational purposes only and cannot be used in court D. Always complete and up-to-date Answer: A Explanation: Information received from the III is official criminal history record information (CHRI) and is subject to all laws, regulations, and security requirements governing the use and dissemination of CHRI. 50. The CJIS Security Policy provides: A. Maximum security requirements that cannot be exceeded B. Recommended guidelines for agencies C. Minimum security requirements; agencies can implement stricter controls D. Policies only for federal agencies Answer: C Explanation: The CJIS Security Policy establishes the mandatory minimum security standards for protecting CJI. It serves as a baseline, and individual agencies are expected to, and often do, implement additional safeguards tailored to their specific risk environment.
