Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

SPēD SAPPC: INFOSEC Exam Questions Answered Correctly (Latest Update 2024), Exams of Nursing

SPēD SAPPC: INFOSEC Exam Questions Answered Correctly (Latest Update 2024)

Typology: Exams

2023/2024

Available from 02/17/2024

CarlaHazel
CarlaHazel 🇺🇸

2.5

(2)

261 documents

1 / 23

Toggle sidebar

Related documents


Partial preview of the text

Download SPēD SAPPC: INFOSEC Exam Questions Answered Correctly (Latest Update 2024) and more Exams Nursing in PDF only on Docsity!

Answered Correctly (Latest Update

2024)

This event cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information - Correct Answer ✅Security Infraction The manual that governs the DoD Information Security Program - Correct Answer ✅DoD Manual 5200.01, Volumes 1- The executive order that governs the DoD Information Security Program - Correct Answer ✅E.O. 13526 The Information Security Oversight Office (ISOO) document that governs the DoD Information Security Program - Correct Answer ✅32 CFR Parts 2001 & 2003, "Classified National Security Information; Final Rule" An event that results in or could be expected to result in the loss or compromise of classified information - Correct Answer ✅An event that results in or could be expected to result in the loss or compromise of classified information

Answered Correctly (Latest Update

2024)

Communication or physical transfer of classified or controlled unclassified information to an unauthorized recipient - Correct Answer ✅Unauthorized Disclosure This briefing is given when an individual's employment is terminated, clearance eligibility is withdrawn, or if the individual will be absent from duty for 60 days or more. It is also given to those who have been inadvertently exposed to classified information. - Correct Answer ✅Termination Briefing This briefing that applies to cleared personnel who plan to travel in or through foreign countries, or attend meetings attended by representatives of other countries. - Correct Answer ✅Foreign Travel Briefing This briefing is presented annually to personnel who have access to classified information or assignment to sensitive duties. - Correct Answer ✅Refresher Briefing

Answered Correctly (Latest Update

2024)

Unauthorized disclosure of this information could reasonably be expected to cause serious damage to our national security. - Correct Answer ✅Secret Unauthorized disclosure of this information could reasonably be expected to cause exceptionally grave damage to our national security. - Correct Answer ✅Top Secret Unauthorized disclosure of this information could reasonably be expected to cause damage to our national security. - Correct Answer ✅Confidential The act regarding the withholding information from public release; framework and guidance for evaluation for public release for info to be exempt are from the 9 distro statements

  • Correct Answer ✅Freedom of Information Act (FOIA) This is defined as the incorporating, paraphrasing, restating, or generating in new form any information that is already classified. - Correct Answer ✅Derivative Classification

Answered Correctly (Latest Update

2024)

  1. Observe and respect the OCA original classification determination
  2. Apply required markings
  3. Use only authorized sources
  4. Use caution when paraphrasing or restating classified information extracted form a classified source document
  5. Always take the appropriate steps to resolve any doubts you have - Correct Answer ✅Derivative classification process This is defined as an initial determination that information requires, in the interest of national security, protection against unauthorized disclosure. - Correct Answer ✅Original Classification

Answered Correctly (Latest Update

2024)

This is defined as unclassified information or classified information (at a lower level) that when the information is combined or associated reveals additional factors that qualifies for classification. - Correct Answer ✅Compilation The term used to identify individuals specifically authorized in writing to make initial classification decisions. - Correct Answer ✅Original Classification Authority This contains classification levels, special requirements and duration instructions for programs, projects, plans, etc. - Correct Answer ✅Security Classification Guides (SCG) The six step process an OCA applies in making classification determinations. 1. Determine if the information is official government information 2. Determine if the information is eligible to be classified 3. Determine if there is a potential for damage to national security if unauthorized release occurs 4. Assign a level of classification 5. Make a decision about the duration of classification 6. Communicate the decision - Correct Answer ✅Original Classification Process

Answered Correctly (Latest Update

2024)

The authorized change in the status of information goes from classified information to unclassified information - Correct Answer ✅Declassification Scheduled, Automatic, Mandatory, Systematic - Correct Answer ✅Declassification systems The declassification system where Permanently Valuable Historical records are declassified when they are 25 years old

  • Correct Answer ✅Automatic declassification The declassification system where information exempted from automatic declassification is reviewed for possible declassification - Correct Answer ✅Systematic declassification review The declassification system where the public can ask for classified information be review for declassification and public release - Correct Answer ✅Mandatory Declassification Review (MDR)

Answered Correctly (Latest Update

2024)

The declassification system where an OCA, at the time the information is originally classified, sets a date or event for declassification - Correct Answer ✅Scheduled Declassification People who are in possession of, or who are otherwise charged with safeguarding classified information - Correct Answer ✅Custodians Specific Date, Specific Event, or by the 50X1-HUM Exemption

  • Correct Answer ✅Options an OCA has when determining declassification The process where records automatically become declassified after 25 years - Correct Answer ✅The 25-year rule This type of information does not provide declassification instructions - Correct Answer ✅Restricted Data and Formerly Restricted Data

Answered Correctly (Latest Update

2024)

  1. Properly destroy preliminary drafts, worksheets, and other material after they have served their purpose 2. Use approved secure communications circuits for telephone conversations to discuss classified information 3. Follow proper procedures when copying classified information 4. Use security forms such as SF 701 and SF 702 - Correct Answer ✅Practices to follow when handling classified information Security Container Check Sheet, which is used to record the opening and closing of your security container - Correct Answer ✅SF 702 The Activity Security Checklist intended to verify that you did not accidentally leave classified materials unsecured, as well as, to ensure the area is safe and secure. The blank spaces can be utilized for additional warranted security and safety items, such as a block to remind personnel to complete tasks, such as turning off coffee pots. - Correct Answer ✅SF 701

Answered Correctly (Latest Update

2024)

An unauthorized disclosure of classified information - Correct Answer ✅Actual compromise If classified information appears in the public media, DoD personnel must be careful not to make any statement of comment that would confirm the accuracy or verify the classified status of the information - Correct Answer ✅Neither confirm nor deny The possibility of compromise could exist but it is not known with certainty - Correct Answer ✅Potential Compromise This organization maintains a register of certified security digital facsimiles - Correct Answer ✅DISA, Joint Interoperability Test Command (JITC) The protection resulting from the measures designed to deny unauthorized persons information of value that might be derived from the possession and study of telecommunications and to ensure the authenticity of such communications. - Correct Answer ✅COMSEC

Answered Correctly (Latest Update

2024)

When the document has been sealed within a properly marked inner envelope you must... - Correct Answer ✅Insert the envelope into the outer envelope Defense Courier Service - Correct Answer ✅DCS This kind of information can be sent via USPS express only when it is the most effective means considering security, time, cost, and accountability. - Correct Answer ✅Secret information This kind of information can never be sent via USPS - Correct Answer ✅Top Secret information DCS, First Class mail, registered mail, and certified mail - Correct Answer ✅Methods to send hard copy Confidential information

Answered Correctly (Latest Update

2024)

True or False: Hand carrying classified information should only be done as a last resort - Correct Answer ✅True True or False: Anyone can determine the need for hand carrying classified information - Correct Answer ✅False True or False: When someone is carrying classified information, written authorization is always required - Correct Answer ✅True Courier Authorization Card - Correct Answer ✅DD Form 2501 Burned or shredded to be destroyed. It can also be destroyed with chemicals that destroy the imprints. - Correct Answer ✅Microfiche destruction Ribbons must be burned or shredded - Correct Answer ✅Typewriter ribbon destruction

Answered Correctly (Latest Update

2024)

Must be burned, overwritten, or demagnetized - Correct Answer ✅Floppy disk destruction Must be burned, shredded, or chemically decomposed of - Correct Answer ✅Document destruction Must be burned, shredded, or demagnetized - Correct Answer ✅Videotape destruction The initial briefing given to all personnel on the DoD Information Security Program - Correct Answer ✅Initial Orientation Briefing Most sensitive technology information in DoD research, development, and acquisition programs. DoD selects this to ensure that critical capabilities and the technology that enables those capabilities receives the highest order of protection. - Correct Answer ✅Critical Program Information (CPI)

Answered Correctly (Latest Update

2024)

Elements or components of a Research, Development, and Acquisition (RDA) program that, if compromised, could cause significant degradation in mission effectiveness; shorten the expected combat-effective life of the system; reduce technological advantage; significantly alter program direction; or enable an adversary to defeat, counter, copy, or reverse engineer the technology or capability. Includes information about applications, capabilities, processes and end-items. - Correct Answer ✅CPI elements

  1. Program must identify CPI
  2. Identify any associated threats and vulnerabilities
  3. conduct risks analysis,
  4. develop and implement countermeasures
  5. document it all - Correct Answer ✅Five steps for protecting CPI This refers to the measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non- repudiation. These measures include providing for restoration

Answered Correctly (Latest Update

2024)

of IS by incorporating protection, detection, and reaction capabilities. - Correct Answer ✅Information Assurance The fundamentals of this helps 1. Avoid being targeted by adversaries 2. Protect against social engineering 3. Protect against Insider Threat 4. Protects against Identity Theft - Correct Answer ✅Information Assurance True or False. Information should be classified for the length of time that it is in the best interest of national security to keep it protected. - Correct Answer ✅True The objective of this is to prevent exploitation of US technology and to prevent the development of countermeasures against US Defense systems. It aims to selectively and effectively apply security countermeasures to COP that are cost effective and consistent with risk management principles - Correct Answer ✅Program Protection Planning

Answered Correctly (Latest Update

2024)

This includes Classification Management, foreign disclosure, operations security OPSEC, system security engineering, contract and legal aspects - Correct Answer ✅Program Protection Planning The benefits of this are that it saves money because it places safeguards and countermeasure son what are needed rather than placing unnecessary safeguards on an entire program - Correct Answer ✅Program Protection Planning Contractors who work for DoD RDA that include CPI must use CPI protection measures 1) determine what CPI protection measures are required to protect CPI for specific contracts, 2) identify those CPI protection measures in tier requirement documentation, 3) provide the government contracting activity (GCA) with CPI protection measures and requirements to be included in the resulting solicitations, 4) determine what support the CPI protection will require from DSS - Correct Answer ✅CPI contractual requirements

Answered Correctly (Latest Update

2024)

5200.39 - Critical Program Information Protection - CPI must be identified early in the development, acquisition and sustainment process 5200.39-M - Procedures for the Protection of CPI 5000.02 - Operation of the Defense Acquisition System - it defines with the PPP is required DoDI 5240.11 - Counterintelligence Activities in research, development, and acquisition; establishes policy, assigns responsibility and provides procedures for CI for RDA - Correct Answer ✅CPI Regulations and Requirements CPI is identified by the ________ with the assistance of a working level integrated product team- PM, Program protection lead, key engineers, and key contractor personnel

  • Correct Answer ✅Program Manager

Answered Correctly (Latest Update

2024)

Operations and Support - Full operational capability (FOC) - Correct Answer ✅Defense Acquisition Cycle - Sustainment CPI must be identified prior to milestone B. CPI identification occurs mainly with in pre-system acquisition

  • Correct Answer ✅CPI in Pre-system Acquisition During full-rate production decision review, the team conducts pre-inspection research, which includes reviewing material, identifying who the team needs to interview, and preparing a list of questions. - Correct Answer ✅CPI in System Acquisition The PM reviews for changes or upgrades that differs from original CPI - Correct Answer ✅CPI in Sustainment
  1. Mission risk assessment
  2. "no CPI" memo

Answered Correctly (Latest Update

2024)

  1. Review critical technology
  2. preform critical analysis
  3. review inherited CPI - Correct Answer ✅CPI Identification Process This memo explains the reasoning behind ceasing the identification process. Signed by the PM and provided to the appropriate milestone decision authority - Correct Answer ✅"No CPI" memo The purpose of this assessment is to quickly identify programs that are unlikely to have CPI and to prevent them from unnecessarily continuing the process. The assessment is complete by the program and reviewed by the cognizant protection organization - Correct Answer ✅Mission-risk assessment

Answered Correctly (Latest Update

2024)

Technology related to weapons of mass destruction example of critical technology, leading edge or critical technology.

  • military critical technology list
  • developing science and technology list
  • missile technology control regime
  • low observable/counter-low observable - Correct Answer ✅Review Critical Technology and Sources Existing CPI from inherited subsystems and similar programs is reviewed for continued protection. Horizontal CPI with in the acquisition security database and through discussions with the PM and science and technology leads of the inherited system. - Correct Answer ✅Review Inherited CPI This exists when a foreign interest has a confirmed or assessed intent for acquiring specific classified or sensitive defense information or proprietary or intellectual proper information and the foreign interest has the capability to acquire such information - Correct Answer ✅A threat to CPI

Answered Correctly (Latest Update

2024)

It is essential that programs are aware of the threats specific to their CPI; as soon as a program identifies CPI, a counterintelligence threats assessment should be requested in order to ___________ CPI. - Correct Answer ✅Protect Assess intent and capability, - consider where a threat is most likely to exist, could come from: insider threat, espionage, foreign companies, computer network exploitation, technology transfer and from with the supply chain - Correct Answer ✅Assessing Threat Values This plan coordinates and integrates all protection efforts for CPI into a single document, required for all programs with CPI

  • Correct Answer ✅Program Protection Plan (PPP) Facilitated by the acquisitions security database and assists in determining whether defense technology and CPI are adequately protected. Required for all programs with CPI - Correct Answer ✅Horizontal Protection

Answered Correctly (Latest Update

2024)

Quantitative documentation of the risk that a particular country poses to CPI, - produced by DIA, - Evaluates 5 Factors

  1. Technology competence 2. national level of interest 3. technology transfer 4. ability to assimilate 5. corporate technology protection - Correct Answer ✅Technology Targeting Risk Assessment (TTRA) May be present in how CPI is stored, maintained, ore transmitted, may be present in where CPI is located, -what information can an adversary learn simply by observing, human intelligence and insider threat, foreign involvement - Correct Answer ✅CPI Vulnerabilities Aims to determine the extent of the potential threat to and the risk associated with CPI. To determine the likelihood of a future adverse event, threats to CPI must be analyzed together with the system's potential vulnerabilities and countermeasures - Correct Answer ✅Risk Assessment Identifies in advertent loss of technology, evaluates inadvertent loss of technology, ranks inadvertent loss of

Answered Correctly (Latest Update

2024)

technology, controls inadvertent loss of technology - Correct Answer ✅Risk Management for CPI

  1. Anti-tamper - used to hinder an adversary ability to gain technology or information
  2. information assurance - protects the network on which data resides with access limitations and system accreditation
  3. system and software assurance - safety, reliability, availability, maintain, free from vulnerabilities
  4. Horizontal protection - same level of protection as other CPI programs - Correct Answer ✅Types of CPI Countermeasures All programs with CPI must __________ the _________ used to protect the information. CPI CM are provided by: SCG, technology assessment/control plan, counterintelligence

Answered Correctly (Latest Update

2024)

support plan, and anti-tamper plan - Correct Answer ✅Document, Countermeasures The following types of information requires _____________.

  1. Atomic Energy Info (RD/FRD) - Restricted data and formerly restricted data
  2. Sensitive Compartmental Information (SCI) - intelligence sources, methods or analytical processes
  3. COMSEC - deny unauthorized persons information of value that might be derived from the possession and study of telecommunications - Correct Answer ✅Special Handling