Download SFPC Practice Test Questions with Complete Verified Solutions 2024/2025 and more Exams Security Analysis in PDF only on Docsity! SFPC Practice Test Questions with Complete Verified Solutions 2024/2025 Which of the following security program areas would you find practitioners who train and/ or advise Original Classification Authorities in the application of the process for making classification determinations? A. Information Security B. Physical Security C. Personnel Security D. Industrial Security A. Information Security Which of the following security program areas would you find practitioners working with a facility's Antiterrorism Officer to deploy defensive measures designed to reduce the facility's vulnerability from terrorist attacks? A. Information Security B. Physical Security C. Personnel Security D. Industrial Security B. Physical Security Which of the following security programs areas would you find practitioners involved with processes that monitor employees for new information that could affect their security clearance eligibility status? A. Foreign Disclosure B. Information Security C. International Security D. Operations Security E. Personnel Security F. Physical Security G. Research and Technology Protection H. Information Assurance E. Personnel Security Two security professionals - Paul and Ashley - are discussing security program areas. Paul says that Information Security practitioners train and/or advise Original Classification Authorities in the application of the process for making classification determinations. Ashley says that Physical Security practitioners work with a facility's Antiterrorism Officer to deploy defensive measures designed to reduce the facility's vulnerability from terrorist attacks. Who is correct? A. Paul is correct B. Ashley is correct C. Paul and Ashley are both correct D. Paul and Ashley are both incorrect C. Paul and Ashley are both correct Two security professionals - Paul and Ashley - are discussing security program areas. Paul says that Information Security practitioners work with a facility's Antiterrorism Officer to deploy defensive measures designed to reduce the facility's vulnerability from terrorist attacks. Ashley says that Personnel Security practitioners train and/or advise Original Classification Authorities in the application of the process for making classification determinations. Who is correct? A. Paul is correct B. Ashley is correct C. Paul and Ashley are both correct D. Paul and Ashley are both incorrect D. Paul and Ashley are both incorrect Which of the following is a true statement regarding the special handling requirements of Foreign Government Information (FGI)? a. When the classification marking on a document containing FGI is not in English, or when the foreign government marking requires a different degree of protection than the same U.S. classification designation, a U.S. marking that results in a degree of protection equivalent to that required by the foreign government shall be applied. b. A U.S. document containing FGI cannot be declassified or downgraded below the highest level of FGI contained in the document without the permission of the foreign government or international organization that originated the information. c. Those holding security clearances issued by the U.S. government cannot access U.S. documents containing FGI without written consent from the originating foreign government. d. The receiving DoD Components must maintain records for 1 year of the receipt, internal d. Karen was working a mission related to Mexican Drug cartel operating out of Playa Carmen. Her husband planned a golf trip with friends to that area. She advised him not to go, and believing that it was a safety issue, she provided sensitive details about the cartel to make sure that he did not go. C The inability to deny you are the sender of an email would be an indication of a lapse in:** a. Non-Repudiation b. Confidentiality c. Integrity d. Availability A. Non-repudiation Unauthorized disclosure and loss of privacy is a lapse in:** a. Confidentiality b. Integrity c. Availability d. Authentication A Which of the following is the first action done to downgrade, declassify or remove classification markings? a. Through the appropriate chain of command, contact the original classification authority (OCA) to confirm that information does not have an extended classification period. b. Change the classification authority block to indicate "Declassify ON:" to show the new declassification instructions. c. Take all classification markings off the document and redistribute. d. Request a waiver from the Information Security Oversight. Office (ISOO) to remove the declassification markings. A All of the following are requirements to perform classified activities from non-traditional locations (e.g., the employees home), EXCEPT: a. The employee must be trained to operate classified information systems. b. The employee must be trained on protection and storage of classified information and Communications Security (COMSEC) materials. c. The employee must receive written approval for use of classified information and equipment at home. d. The employee must have an office space that meets requirements comparable to the Sensitive Compartmented Information Facility (SCIF). B What is the purpose of the Personnel Security Program (PSP)? a. To define original classification for DoD assets and information. b. To designate individuals for positions requiring access to classified information. c. To ensure that only loyal, trustworthy, and reliable individuals may access classified information or perform sensitive duties. d. To describe the safeguarding requirements personnel must employ when handling classified materials at a cleared contractor facility. C DoD reciprocally accepts existing national security eligibility determinations or clearances from other Government agencies in accordance with which of the following policy documents? a. Office of Management and Budget Memorandum M-05-24, "Implementation of Homeland Security Presidential Directive (HSPD) 12 - Policy for a Common Identification Standard for Federal Employees and Contractors,". b. Executive Order 13467, "Reforming Processes Related to Suitability for Government Employment, Fitness for Contractor Employees, and Eligibility for Access to Classified National Security Information". c. Sections 301 and 7532 of title 5, United States Code. d. Executive Order 13526, "Classified National Security Information". B Review of Tier 5 on an individual disclosed that the subject had been a member of an anarchist organization dedicated to disestablishing existing Federal laws and overthrowing the U.S. government by any means necessary, including violence. Although the subject terminated his membership with the organization upon learning he would be investigated for a clearance for his new position, he still maintains social contact with several members of the anarchist organization. Based on this information, which of the following adjudicative guidelines is most appropriate for an adjudicator to apply to the case? a. Psychological Conditions b. Foreign Preference c. Allegiance to the United States d. Criminal Activity C 19. Which of the following is considered an element of the Personnel Security Program (PSP)? a. Risk Assessment and Analysis b. Implementation c. Classification d. Continuous Evaluation D Limited access to classified information for specific programs may be approved for non-U.S. citizens only under which of the following conditions? a. The subject is eligible to access material marked by a foreign government that is equivalent to a U.S. Top Secret classification marking. b. The subject will only have one-time access to specific material, after which the material will be appropriately destroyed or returned to the originating U.S. agency c. The subject will only have access to classified U.S. documents containing Foreign Government Information (FGI) originating from the foreign country of which the subject is a citizen. d. The prior 10 years of the subject's life can be appropriately investigated. D Which of the following is the investigative requirement for access to Single Integrated Operational Plan-Extremely Sensitive Information (SIOP- ESI)? a. Individual has a valid favorably adjudicated Tier 5 or Single Scope Background (SSBI) Investigation. b. Individual has a valid favorable adjudicated Tier 3 or National Agency Check with Local Agency Check (NACLC) investigation. c. Individual has a valid favorably adjudicated Tier 3 or Access National Agency Check with Written Inquiries and Credit Check (ANACI) investigation. d. Individual has a valid favorably adjudicated Tier. A Which of the following is not qualifying criteria for personnel assigned to nuclear weapons personnel reliability assurance positions? a. Individual must be a U.S. Citizen b. Individual has a security clearance eligibility in accordance with the position c. Individual is subject to a periodic reinvestigation every three years d. Individual must be continuous evaluated C Which of the following is correct regarding the investigation requirement for initial assignment to a Presidential Support Activities (i.e. Yankee White) Category 2 position? a. Favorably completed Tier 5/Single Scope Background Investigation (SSBI) within 36 months preceding selection. b. Favorably completed Tier 3/National Agency Check with Local Agency Check (NACLC) within 36 months preceding selection. ___________is the security system performance goal of immediate indication of deliberate attempts, security probing and warning for inadvertent or mistaken intention is an example of which system security capability? a. Detect b. Assessment c. Deterrence d. Delay C Two security professionals - Paul and Ashley - are discussing secure rooms, containers, and vaults. Paul says weapons or sensitive items such as funds, jewels, or precious metals should not be stored in the same security container as classified information. Ashley says the General Service Administration approves security containers used to store classified information. Who is correct? a. Paul is correct b. Ashley is correct c. Paul and Ashley are both correct d. Paul and Ashley are both incorrect C Which of the following is not a distinct phase of the Intrusion Detection System? a. Detection b. Control c. Assessment d. Response B Which of the following would be considered a public safety crime? a. Theft of ammunition shipment for the purpose of criminal or gang related activity. b. Theft of sensitive, proprietary information relating to US aerospace and defense technologies. c. Deliberate destruction of DoD assets or interruption of normal operations. d. Theft of an item and use of it outside of its intended purpose or without permission. A Which of the following best describes the goal of the Physical Security Program? a. To ensure that industry safeguards the classified information in their possession, while performing work on contracts, bids, or research and development efforts on behalf of the government. b. To protect assets against compromise resulting from activities such as espionage, sabotage, terrorism, damage or loss, and criminal. c. To ensure that only loyal, trustworthy, and reliable individuals may access classified information or perform sensitive duties. d. To create uniform policies and procedures for defense acquisition by all executive agencies. B Preventing unauthorized access to information and equipment, safeguarding DoD assets against espionage and criminal activity, and providing the means to counter threats when preventative measures are ignored, best characterize the primary functions of which of the following programs or processes? a. Physical Security Program b. Operations Security (OPSEC) process c. Security incident response process d. Personnel Security Program A The process of integrating active and passive complementary physical security measures to ensure the protection of DoD assets is known as which of the following concepts? a. Area security b. Threat-vulnerability assessment c. Security-in-depth d. Point security C The stealing of sensitive, proprietary information related to U.S. aerospace and defense technologies with the intent to provide such information to a foreign adversary is an example of which type of threat to DoD assets? a. Criminal activity b. Economic espionage c. Treason d. Terrorism B When a Terrorism Threat Level is escalated from LOW to MODERATE, a DoD Component Head should employ which of the following countermeasures? a. Cease all flying except for specifically authorized operational sorties. b. Direct the execution of advance site reviews to facilitate the antiterrorism planning process. c. Encourage dependent family members to complete Level I Antiterrorism Awareness Training before any travel outside the continental United States (OCONUS). d. Conduct an immediate Terrorism Vulnerability Assessment for off-installation housing, schools, daycare centers, transportation. C Requests for authorizing disclosure of classified information during visits must include all the following information, EXCEPT: a. The explanation of the government purpose to perform when disclosing classified information. b. The subject of the meeting, scope of classified topics and classification level c. Expected time and location of the meeting. d. The main content of the invitation to send to the participants. C Two security professionals - Paul and Ashley - are discussing the security procedures for visits and meetings. Paul says visits must serve a specific U.S. Government purpose. Ashley says DoD Components should, as a minimum, establish procedures that include verification of the identity, personnel security clearance, access (if appropriate), and need-to-know for all visitors. Who is correct? a. Paul is correct b. Ashley is correct c. Paul and Ashley are both correct d. Paul and Ashley are both incorrect A Executive Order 12829, signed in January 1993, mandated that which of the following entities be responsible for implementing and monitoring the National industrial Security Program (NISP)? a. Director of the Information Security Oversight Office (ISOO) b. Secretary of Defense c. National Security Council (NSC) d. Director, Defense Security Services (DSS) A What is the role of the government contracting activity (GCA), or cleared prime contractor, when a contractor that does not have a Facility Clearance (FCL) wants to bid on a Request for Proposal (RFP) that requires access to classified information? a. The GCA must issue a formal letter rejecting the contractor's bid since the contractor does not have the requisite FCL. b. The contractor must submit a sponsorship request to DSS, who will decide whether to allow the contractor to bid on the contract. c. The GCA must sponsor the contractor for a facility security clearance by submitting a sponsorship request to DSS, which initiates the facility clearance process. d. The GCA must ensure that the all owners and senior management of the uncleared contractor are U.S. citizens and are eligible to be processed for a personnel security clearance. C What is the purpose of the Federal Acquisition Regulations (FAR)? a. To codify and publish uniform policies and procedures for acquisition by all executive agencies. b. To manage DoD funds and prioritize the development of vital research and technology. to collect, analyze, and exploit critical information and indicators? a. Conduct a Vulnerability Analysis b. Conduct a Threat Analysis c. Conduct a Risk Assessment d. Apply OPSEC Countermeasures B Please determine which of the following is an element of an Operations Security (OPSEC) Assessment. a. Small in scale and focused on evaluating the effectiveness of the OPSEC program. b. Conducted on an annual basis. c. Uses external resources collectively to conduct with or without the use of indigenous resources. d. Determines the likelihood that critical information can be protected based on procedures that are currently in place. C To provide access to Social Media sites, the DoD agency must provide all of the following, EXCEPT: a. Protection against malware and advance threats. b. Blocked access to prohibited sites and content. c. Individual compliance with Joint Ethics Regulations and guidelines. d. Constant monitoring to deter inappropriate site access. D Who's responsibility is it during the categorize steps to identify a potential impact (low, moderate, or high) due to loss of confidentiality, integrity, and availability if a security breach occurs?** a. Information System Owner (ISO) b. Information Owner (IO) c. Information System Security Manager (ISSM) d. Authorizing Official (AO) B Please determine which of the following is an example of reportable foreign intelligence contacts, activities, indicators, and behaviors. a. Authorizing others to acquire unauthorized access to classified or sensitive information systems. b. Unauthorized downloads or uploads of sensitive data. c. Network spillage incidents or information compromise. d. Use of DoD account credentials by unauthorized parties. A Limiting nonsecure computer e-mail messages to nonmilitary activities and not providing operational information in nonsecure e-mail messages are functions of which OPSEC measure? a. Operational and Logistic Measures b. Technical Measures c. Administrative Measures d. Operations Security and Military Deception B Which of the following is NOT a category of Information Technology (IT)?** a. Platform Information Technology (PIT) b. Information Technology Services c. Information Technology Products d. Information Technology Applications D What step within the Risk Management Framework (RMF) does system categorization occur?** a. Categorize Information System b. Select Security Controls c. Implement Security Controls d. Assess Security Controls e. Authorize f. Monitor Security Controls A At what step of the Risk Management Framework (RMF) would you develop a system-level continuous monitoring strategy?" ** a. Categorize Information System b. Select Security Controls c. Implement Security Controls d. Assess Security Controls e. Authorize f. Monitor Security Controls B One responsibility of the Information System Security Manager (ISSM) during Step 6 of the Risk Management Framework (RMF) is:** a. Review and approve the security plan and system-level continuous monitoring strategy developed and implemented by the DoD Components. b. Monitor the system for security relevant events and configuration changes that affect the security posture negatively. c. Determine and documents a risk level in the Security Assessment Report (SAR) for every non- compliant security control in the system baseline. d. Coordinate the organization of the Information System (IS) and Platform Information Technology (PIT) systems with the Program Manager (PM)/System Manager (SM), Information System Owner (ISO), Information Owner (IO), mission owner(s), Action Officer (AO) or their designated representatives. B What family of controls does Security Functionality Verification belong to?** a. System and Communications Protection b. Maintenance c. System and Information Integrity d. Audit and Accountability C What does "AO" stand for? Authorizing Official What is a SAR as related to cyber security? System Assessment Report What activities occur when authorizing the system? (select all that apply) a. Implement decommissioning strategy b. Develop, review, and approve Security Assessment Plan c. Prepare the Plan of Action and Milestones (POA&M) d. Submit security authorization package C & D What activities occur when assessing security controls? (Select all that apply) A. prepare the plan of action and milestones (POA&M) B. conduct final risk determination C. Develop, plan, and approve Security Assessment Plan D. Prepare Security Assessment Report C & D What activities occur when monitoring security controls? (Select all that apply) A. Prepare the Plan of Action and Milestones (POA&M) B. Develop, review, and approve Security Assessment Plan C. Implement decommissioning strategy D. Determine impact of changes C & D C Select Security Controls D Authorize System E Implement Security Controls F Categorize System C & E Which of the following are the activities that occur when performing RMF Step 2, Select Security Controls? (Select all that apply) A Common Control Identification B Monitoring Strategy C Security Baseline and Overlay Selection D Security Plan and Review Approval All of the above What activities occur during implementation of security controls? (Select all that apply) A Communicate updates to appropriate audiences B Seek approvals from CIO C Create appropriate training and communication plans D Ensure consistency with DoD architectures E Document security control implementation in the security plan F Identify security controls available for inheritance D, E & F Which steps of the RMF are designed to evaluate risk? (Select all that apply) A Select Security Controls B Assess Security Controls C Monitor Security Controls D Authorize System E Categorize System F Implement Security Controls B, C & D What activities occur when assessing security controls? (Select all that apply) A Prepare the Plan of Action and Milestones (POA&M) B Conduct final risk determination C Develop, plan, and approve Security Assessment Plan D Prepare Security Assessment Report (SAR) C & D Select ALL of the correct responses. What activities occur during implementation of security controls? A Ensure consistency with DoD architectures B Document security control implementation in the security plan C Seek approvals from CIO D Identify security controls available for inheritance E Communicate updates to appropriate audiences F Create appropriate training and communication plans A, B & D Which role leads the day-to-day defense? A Authorizing Official (AO) B US Cyber Command (USCYBERCOM) C Security personnel D DoD Chief Information Officer (CIO) B The cybersecurity attributes are confidentiality, integrity, availability, authentication, and: A Validity B Non-repudiation C Architecture D Stability B True or false? Cybersecurity is important so that risk is eliminated. True False False Select ALL of the correct responses. What are the Risk Management Framework (RMF) steps designed to mitigate risk? A Categorize System B Select Security Controls C Implement Security Controls D Assess Security Controls B & C What activities occur in Step 4 of the Risk Management Framework (RMF), Assess Security Controls? A Develop, plan, and approve Security Assessment Plan B Prepare the Security Assessment Report (SAR) C Conduct remediation actions on non-compliant security controls D All of the above D Select ALL of the correct responses. What are all cybersecurity attributes susceptible to? A Vulnerabilities B Threats C Disclosure D Authorization A & B Select ALL of the correct responses. Which of the following are cybersecurity skill standards needed by security personnel? A Identify and manage all cybersecurity concepts B Explain their role in protecting DoD's information systems C Identify fundamental cybersecurity concepts that are related to the protection of classified and controlled unclassified information D Conduct assessment and evaluation of all IT systems B & C Which steps of the Risk Management Framework (RMF) are designed to evaluate risk? A. Assess Security Controls, Monitor Security Controls, Categorize System B. Assess Security Controls, Implement Security Controls, Authorize System C. Implement Security Controls, Monitor Security Controls, Authorize System D. Assess Security Controls, Monitor Security Controls, Authorize System D In which step of the Risk Management Framework (RMF) would you implement the decommissioning strategy? A. Step 3 - Implement security controls B. Step 4 - Assess security controls C. Step 5 - Authorize system D. Step 6 - Monitor security controls D What evolving threats are attempts by hackers to damage or destroy a computer network or system? A. Insider Threat B. Social Media C. Cyber Attack D. Mobile Computing C What is the first step in the Risk Management Framework (RMF)? A. Categorize System