SECURITY FUNDAMENTALS PROFESSIONAL CERTIFICATION
EXAM (SFPC) EXAM | QUESTIONS AND ANSWERS | VERIFIED
ANSWERS GRADED A+ | LATEST EXAM UPDATE
Principle incident/
events required to be reported to DoD counterintelligence (CI) organizations -
CORRECT ANSWER - Espionage, Sabotage, Terrorism, Cyber
Indicators of Insider Threat - CORRECT ANSWER - - Failure to report
overseas travel or contact with foreign nationals
- Seeking to gain higher clearance or expand access outside job scope
- Engaging in classified conversations without a need to know
- Working hours inconsistent with job assignment or insistence on working in
private
- Exploitable behavior traits
- Repeated security violations
- Attempting to enter areas not granted access to
- Unexplainable affluence/living above means
- Anomalies (adversary taking actions which indicate they are knowledgeable to
information)
- Illegal downloading of information files
Elements that should be considered in identifying Critical Program Information
- CORRECT ANSWER - Elements which, if compromised, could:
1. Cause significant degradation in mission effectiveness
2. Shorten the expected combat-effective life of the system
3. Reduce technological advantage
4. Significantly alter program direction; or
,5. Enable an adversary to defeat, counter, copy, or reverse engineer the
technology or capability
Assets, Threat, Vulnerability, Risk, Countermeasure - CORRECT ANSWER -
Elements that a security professional should consider when assessing and
managing risks to DoD assets
Three categories of Special Access Programs - CORRECT ANSWER -
Intelligence, Operations, and Support
Three different types of threats to classified information - CORRECT
ANSWER - Insider Threat, Foreign Intelligence Entities (FIE), and
Cybersecurity Threats
Concept of an Insider Threat - CORRECT ANSWER - An employee who may
represent a threat to national security. These threats encompass potential
espionage, violent acts against the government or the nation, and unauthorized
disclosure of classified information, including the vast amounts of classified
data available on interconnected United States government computer networks
and systems.
The purpose of the Foreign Visitor Program - CORRECT ANSWER - To track
and approve access by a foreign entity to information that is classified; and to
approve access by a foreign entity to information that is unclassified, related to
a U.S. Government contract, or plant visits covered by ITAR.
Special Access Program - CORRECT ANSWER - A program established for a
specific class of classified information that imposes safeguarding and access
requirements that exceed those normally required for information at the same
classification level.
Enhanced security requirements for protecting Special Access Programs (SAP)
information. - CORRECT ANSWER - Within Personnel Security:
, - Access Rosters
- Billet Structures (if required)
- Indoctrination Agreement
- Clearance based on an appropriate investigation, completed within the last 5
years
- Individual must materially contribute to the program in addition to having the
need to know
- All individuals with access to SAP are subject to a random counterintelligence
scope polygraph examination
- Polygraph examination, if approved by the DepSecDef, may be used as a
mandatory access determination
- Tier review process
- Personnel must have a SECRET or TOP SECRET clearance
- SF-86 must be current within one year
- Limited access
- Waivers required for foreign cohabitants, spouses, and immediat family
members
Within Industrial Security:
- The SecDef or DepSecDef can approve a carve-out provision to relieve
Defense Security Service (DSS) of industrial security oversight responsibilities
Within Physical Security:
- Access Control
- Maintain a SAP facility
- Access Roster
- All SAPs must have an unclassified nickname/Codeword (optional)
Within Information Security:
- The use of HVASCO
- Transmission requirements (order of precedence).
EXAM (SFPC) EXAM | QUESTIONS AND ANSWERS | VERIFIED
ANSWERS GRADED A+ | LATEST EXAM UPDATE
Principle incident/
events required to be reported to DoD counterintelligence (CI) organizations -
CORRECT ANSWER - Espionage, Sabotage, Terrorism, Cyber
Indicators of Insider Threat - CORRECT ANSWER - - Failure to report
overseas travel or contact with foreign nationals
- Seeking to gain higher clearance or expand access outside job scope
- Engaging in classified conversations without a need to know
- Working hours inconsistent with job assignment or insistence on working in
private
- Exploitable behavior traits
- Repeated security violations
- Attempting to enter areas not granted access to
- Unexplainable affluence/living above means
- Anomalies (adversary taking actions which indicate they are knowledgeable to
information)
- Illegal downloading of information files
Elements that should be considered in identifying Critical Program Information
- CORRECT ANSWER - Elements which, if compromised, could:
1. Cause significant degradation in mission effectiveness
2. Shorten the expected combat-effective life of the system
3. Reduce technological advantage
4. Significantly alter program direction; or
,5. Enable an adversary to defeat, counter, copy, or reverse engineer the
technology or capability
Assets, Threat, Vulnerability, Risk, Countermeasure - CORRECT ANSWER -
Elements that a security professional should consider when assessing and
managing risks to DoD assets
Three categories of Special Access Programs - CORRECT ANSWER -
Intelligence, Operations, and Support
Three different types of threats to classified information - CORRECT
ANSWER - Insider Threat, Foreign Intelligence Entities (FIE), and
Cybersecurity Threats
Concept of an Insider Threat - CORRECT ANSWER - An employee who may
represent a threat to national security. These threats encompass potential
espionage, violent acts against the government or the nation, and unauthorized
disclosure of classified information, including the vast amounts of classified
data available on interconnected United States government computer networks
and systems.
The purpose of the Foreign Visitor Program - CORRECT ANSWER - To track
and approve access by a foreign entity to information that is classified; and to
approve access by a foreign entity to information that is unclassified, related to
a U.S. Government contract, or plant visits covered by ITAR.
Special Access Program - CORRECT ANSWER - A program established for a
specific class of classified information that imposes safeguarding and access
requirements that exceed those normally required for information at the same
classification level.
Enhanced security requirements for protecting Special Access Programs (SAP)
information. - CORRECT ANSWER - Within Personnel Security:
, - Access Rosters
- Billet Structures (if required)
- Indoctrination Agreement
- Clearance based on an appropriate investigation, completed within the last 5
years
- Individual must materially contribute to the program in addition to having the
need to know
- All individuals with access to SAP are subject to a random counterintelligence
scope polygraph examination
- Polygraph examination, if approved by the DepSecDef, may be used as a
mandatory access determination
- Tier review process
- Personnel must have a SECRET or TOP SECRET clearance
- SF-86 must be current within one year
- Limited access
- Waivers required for foreign cohabitants, spouses, and immediat family
members
Within Industrial Security:
- The SecDef or DepSecDef can approve a carve-out provision to relieve
Defense Security Service (DSS) of industrial security oversight responsibilities
Within Physical Security:
- Access Control
- Maintain a SAP facility
- Access Roster
- All SAPs must have an unclassified nickname/Codeword (optional)
Within Information Security:
- The use of HVASCO
- Transmission requirements (order of precedence).
