Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
SPēD SAPPC: INFOSEC Exam Questions Answered Correctly (Latest Update 2024)
Typology: Exams
1 / 23
This event cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information - Correct Answer ✅Security Infraction The manual that governs the DoD Information Security Program - Correct Answer ✅DoD Manual 5200.01, Volumes 1- The executive order that governs the DoD Information Security Program - Correct Answer ✅E.O. 13526 The Information Security Oversight Office (ISOO) document that governs the DoD Information Security Program - Correct Answer ✅32 CFR Parts 2001 & 2003, "Classified National Security Information; Final Rule" An event that results in or could be expected to result in the loss or compromise of classified information - Correct Answer ✅An event that results in or could be expected to result in the loss or compromise of classified information
Communication or physical transfer of classified or controlled unclassified information to an unauthorized recipient - Correct Answer ✅Unauthorized Disclosure This briefing is given when an individual's employment is terminated, clearance eligibility is withdrawn, or if the individual will be absent from duty for 60 days or more. It is also given to those who have been inadvertently exposed to classified information. - Correct Answer ✅Termination Briefing This briefing that applies to cleared personnel who plan to travel in or through foreign countries, or attend meetings attended by representatives of other countries. - Correct Answer ✅Foreign Travel Briefing This briefing is presented annually to personnel who have access to classified information or assignment to sensitive duties. - Correct Answer ✅Refresher Briefing
Unauthorized disclosure of this information could reasonably be expected to cause serious damage to our national security. - Correct Answer ✅Secret Unauthorized disclosure of this information could reasonably be expected to cause exceptionally grave damage to our national security. - Correct Answer ✅Top Secret Unauthorized disclosure of this information could reasonably be expected to cause damage to our national security. - Correct Answer ✅Confidential The act regarding the withholding information from public release; framework and guidance for evaluation for public release for info to be exempt are from the 9 distro statements
This is defined as unclassified information or classified information (at a lower level) that when the information is combined or associated reveals additional factors that qualifies for classification. - Correct Answer ✅Compilation The term used to identify individuals specifically authorized in writing to make initial classification decisions. - Correct Answer ✅Original Classification Authority This contains classification levels, special requirements and duration instructions for programs, projects, plans, etc. - Correct Answer ✅Security Classification Guides (SCG) The six step process an OCA applies in making classification determinations. 1. Determine if the information is official government information 2. Determine if the information is eligible to be classified 3. Determine if there is a potential for damage to national security if unauthorized release occurs 4. Assign a level of classification 5. Make a decision about the duration of classification 6. Communicate the decision - Correct Answer ✅Original Classification Process
The authorized change in the status of information goes from classified information to unclassified information - Correct Answer ✅Declassification Scheduled, Automatic, Mandatory, Systematic - Correct Answer ✅Declassification systems The declassification system where Permanently Valuable Historical records are declassified when they are 25 years old
The declassification system where an OCA, at the time the information is originally classified, sets a date or event for declassification - Correct Answer ✅Scheduled Declassification People who are in possession of, or who are otherwise charged with safeguarding classified information - Correct Answer ✅Custodians Specific Date, Specific Event, or by the 50X1-HUM Exemption
An unauthorized disclosure of classified information - Correct Answer ✅Actual compromise If classified information appears in the public media, DoD personnel must be careful not to make any statement of comment that would confirm the accuracy or verify the classified status of the information - Correct Answer ✅Neither confirm nor deny The possibility of compromise could exist but it is not known with certainty - Correct Answer ✅Potential Compromise This organization maintains a register of certified security digital facsimiles - Correct Answer ✅DISA, Joint Interoperability Test Command (JITC) The protection resulting from the measures designed to deny unauthorized persons information of value that might be derived from the possession and study of telecommunications and to ensure the authenticity of such communications. - Correct Answer ✅COMSEC
When the document has been sealed within a properly marked inner envelope you must... - Correct Answer ✅Insert the envelope into the outer envelope Defense Courier Service - Correct Answer ✅DCS This kind of information can be sent via USPS express only when it is the most effective means considering security, time, cost, and accountability. - Correct Answer ✅Secret information This kind of information can never be sent via USPS - Correct Answer ✅Top Secret information DCS, First Class mail, registered mail, and certified mail - Correct Answer ✅Methods to send hard copy Confidential information
True or False: Hand carrying classified information should only be done as a last resort - Correct Answer ✅True True or False: Anyone can determine the need for hand carrying classified information - Correct Answer ✅False True or False: When someone is carrying classified information, written authorization is always required - Correct Answer ✅True Courier Authorization Card - Correct Answer ✅DD Form 2501 Burned or shredded to be destroyed. It can also be destroyed with chemicals that destroy the imprints. - Correct Answer ✅Microfiche destruction Ribbons must be burned or shredded - Correct Answer ✅Typewriter ribbon destruction
Must be burned, overwritten, or demagnetized - Correct Answer ✅Floppy disk destruction Must be burned, shredded, or chemically decomposed of - Correct Answer ✅Document destruction Must be burned, shredded, or demagnetized - Correct Answer ✅Videotape destruction The initial briefing given to all personnel on the DoD Information Security Program - Correct Answer ✅Initial Orientation Briefing Most sensitive technology information in DoD research, development, and acquisition programs. DoD selects this to ensure that critical capabilities and the technology that enables those capabilities receives the highest order of protection. - Correct Answer ✅Critical Program Information (CPI)
Elements or components of a Research, Development, and Acquisition (RDA) program that, if compromised, could cause significant degradation in mission effectiveness; shorten the expected combat-effective life of the system; reduce technological advantage; significantly alter program direction; or enable an adversary to defeat, counter, copy, or reverse engineer the technology or capability. Includes information about applications, capabilities, processes and end-items. - Correct Answer ✅CPI elements
of IS by incorporating protection, detection, and reaction capabilities. - Correct Answer ✅Information Assurance The fundamentals of this helps 1. Avoid being targeted by adversaries 2. Protect against social engineering 3. Protect against Insider Threat 4. Protects against Identity Theft - Correct Answer ✅Information Assurance True or False. Information should be classified for the length of time that it is in the best interest of national security to keep it protected. - Correct Answer ✅True The objective of this is to prevent exploitation of US technology and to prevent the development of countermeasures against US Defense systems. It aims to selectively and effectively apply security countermeasures to COP that are cost effective and consistent with risk management principles - Correct Answer ✅Program Protection Planning
This includes Classification Management, foreign disclosure, operations security OPSEC, system security engineering, contract and legal aspects - Correct Answer ✅Program Protection Planning The benefits of this are that it saves money because it places safeguards and countermeasure son what are needed rather than placing unnecessary safeguards on an entire program - Correct Answer ✅Program Protection Planning Contractors who work for DoD RDA that include CPI must use CPI protection measures 1) determine what CPI protection measures are required to protect CPI for specific contracts, 2) identify those CPI protection measures in tier requirement documentation, 3) provide the government contracting activity (GCA) with CPI protection measures and requirements to be included in the resulting solicitations, 4) determine what support the CPI protection will require from DSS - Correct Answer ✅CPI contractual requirements
5200.39 - Critical Program Information Protection - CPI must be identified early in the development, acquisition and sustainment process 5200.39-M - Procedures for the Protection of CPI 5000.02 - Operation of the Defense Acquisition System - it defines with the PPP is required DoDI 5240.11 - Counterintelligence Activities in research, development, and acquisition; establishes policy, assigns responsibility and provides procedures for CI for RDA - Correct Answer ✅CPI Regulations and Requirements CPI is identified by the ________ with the assistance of a working level integrated product team- PM, Program protection lead, key engineers, and key contractor personnel
Operations and Support - Full operational capability (FOC) - Correct Answer ✅Defense Acquisition Cycle - Sustainment CPI must be identified prior to milestone B. CPI identification occurs mainly with in pre-system acquisition
Technology related to weapons of mass destruction example of critical technology, leading edge or critical technology.
It is essential that programs are aware of the threats specific to their CPI; as soon as a program identifies CPI, a counterintelligence threats assessment should be requested in order to ___________ CPI. - Correct Answer ✅Protect Assess intent and capability, - consider where a threat is most likely to exist, could come from: insider threat, espionage, foreign companies, computer network exploitation, technology transfer and from with the supply chain - Correct Answer ✅Assessing Threat Values This plan coordinates and integrates all protection efforts for CPI into a single document, required for all programs with CPI
Quantitative documentation of the risk that a particular country poses to CPI, - produced by DIA, - Evaluates 5 Factors
technology, controls inadvertent loss of technology - Correct Answer ✅Risk Management for CPI
support plan, and anti-tamper plan - Correct Answer ✅Document, Countermeasures The following types of information requires _____________.