SFPC UPDATED EXAM SCRIPT 2026 QUESTIONS AND
SOLUTIONS RATED A+
✔✔Responsibilities of the Government SAP Security Officer/Contractor Program
Security Officer (GSSO/
CPSO) - ✔✔From Revision 1 Department of Defense Overprint to the National
Industrial Security Program Operating Manual Supplement - 1 April
2004:
• Possess a personnel clearance and Program access at least equal to
the highest level of Program classified information involved.
• Provide security administration and management for his/her
organization.
• Ensure personnel processed for access to a SAP meet the prerequisite
personnel clearance and/or investigative requirements specified.
• Ensure adequate secure storage and work spaces.
• Ensure strict adherence to the provisions of the NISPOM, its
supplement, and the Overprint.
• When required, establish and oversee a classified material control
program for each SAP.
• When required, conduct an annual inventory of accountable
classified material.
• When required, establish a SAPF.
• Establish and oversee a visitor control program.
• Monitor reproduction and/or duplication and destruction capability
of SAP information
• Ensure adherence to special communications capabilities within the
SAPF.
• Provide for initial Program indoctrination of employees after their
access is approved; rebrief and debrief personnel as required.
• Establish and oversee specialized procedures for the transmission of
SAP material to and from Program elements
• When required, ensure contractual specific security requirements
such as TEMPEST Automated Information System (AIS), and
Operations Security (OPSEC) are accomplished.
• Establish security training and briefings specifically tailored to the
unique requirements of the SAP.
✔✔The four Cognizant
Security Agencies (CSAs) - ✔✔Department of Defense
(DoD), Director of National Intelligence (DNI), Department of Energy (DoE), and the
Nuclear Regulatory Commission (NRC).
✔✔Cognizant Security Agencies (CSA)s' role in the National Industrial Security
Program (NISP). - ✔✔Establish an industrial security program to safeguard classified
information under its
,jurisdiction.
✔✔Critical Program Information
in DoD - ✔✔1. U.S. capability elements that contribute to the warfighter's advantage
throughout the
life cycle, which if compromised or subject
to unauthorized disclosure, decrease the advantage.
2. Elements or components of a Research, Development, and Acquisition (RDA)
program that, if compromised, could cause significant degradation in mission
effectiveness; shorten the expected combat-effective life of the system;
reduce technological advantage; significantly alter program direction; or enable an
adversary to defeat, counter, copy, or reverse engineer the technology or capability.
Includes information
about applications, capabilities, processes and
end-items. Includes elements or components critical to a military system or network
mission effectiveness. Includes technology that would
reduce the U.S. technological advantage if it came under foreign control.
✔✔Primary authorities governing foreign disclosure of classified military information -
✔✔1. Arms Export Control Act
2. National Security Decision Memorandum 119
3. National Disclosure Policy-1
4. International Traffic in Arms Regulation (ITAR)
5. E.O.s 12829, 13526
6. Bilateral Security Agreements
7. DoD 5220.22-M, "NISPOM,"
✔✔The purpose of the DD Form 254 - ✔✔Convey security requirements, classification
guidance and provide handling procedures for classified material received and/or
generated on a classified contract.
✔✔Factors for determining
whether U.S. companies are under Foreign Ownership, Control or Influence
(FOCI) - ✔✔1. Record of economic and government
espionage against the U.S. targets
2. Record of enforcement/engagement
in unauthorized technology transfer
3. Type and sensitivity of the information that shall be accessed
4. The source, nature and extent of FOCI
5. Record of compliance with pertinent U.S. laws, regulations and contracts
6. Nature of bilateral & multilateral security & information exchange
agreements
7. Ownership or control, in whole or part, by a foreign government
, ✔✔The purpose and the function of the Militarily Critical Technologies List (MCTL). -
✔✔1. Serves as a technical reference for the development and implementation of DoD
technology, security policies on international transfers of
defense-related goods, services, and technologies as administered by the Director,
Defense Technology Security
Administration (DTSA).
2. Formulation of export control proposals and export license review
✔✔Security Infraction - ✔✔This event cannot reasonably be expected to and does not
result in the loss, compromise, or suspected compromise of classified information
✔✔DoD Manual 5200.01, Volumes 1-4 - ✔✔The manual that governs the DoD
Information Security Program
✔✔E.O. 13526 - ✔✔The executive order that governs the DoD Information Security
Program
✔✔32 CFR Parts 2001 & 2003,
"Classified National Security
Information; Final Rule" - ✔✔The Information Security Oversight Office (ISOO)
document that governs the DoD Information Security Program
✔✔Security Violation - ✔✔An event that results in or could be expected to result in the
loss or compromise of
classified information
✔✔Unauthorized Disclosure - ✔✔Communication or physical
transfer of classified or controlled unclassified information to an unauthorized recipient
✔✔SSBI - ✔✔Initial investigation for military, contractors, and civilians:
· Special-Sensitive positions
· Critical-Sensitive positions1
· LAA
· Top Secret clearance eligibility
· IT-I duties
✔✔ANACI - ✔✔Initial investigation for civilians:
· Noncritical-Sensitive positions2
· Confidential and Secret clearance eligibility
· IT-II duties
✔✔NACLC - ✔✔Initial National Agency Check with Law and Credit for military and
contractors:
· Secret or Confidential clearance eligibility
· All military accessions and appointments
SOLUTIONS RATED A+
✔✔Responsibilities of the Government SAP Security Officer/Contractor Program
Security Officer (GSSO/
CPSO) - ✔✔From Revision 1 Department of Defense Overprint to the National
Industrial Security Program Operating Manual Supplement - 1 April
2004:
• Possess a personnel clearance and Program access at least equal to
the highest level of Program classified information involved.
• Provide security administration and management for his/her
organization.
• Ensure personnel processed for access to a SAP meet the prerequisite
personnel clearance and/or investigative requirements specified.
• Ensure adequate secure storage and work spaces.
• Ensure strict adherence to the provisions of the NISPOM, its
supplement, and the Overprint.
• When required, establish and oversee a classified material control
program for each SAP.
• When required, conduct an annual inventory of accountable
classified material.
• When required, establish a SAPF.
• Establish and oversee a visitor control program.
• Monitor reproduction and/or duplication and destruction capability
of SAP information
• Ensure adherence to special communications capabilities within the
SAPF.
• Provide for initial Program indoctrination of employees after their
access is approved; rebrief and debrief personnel as required.
• Establish and oversee specialized procedures for the transmission of
SAP material to and from Program elements
• When required, ensure contractual specific security requirements
such as TEMPEST Automated Information System (AIS), and
Operations Security (OPSEC) are accomplished.
• Establish security training and briefings specifically tailored to the
unique requirements of the SAP.
✔✔The four Cognizant
Security Agencies (CSAs) - ✔✔Department of Defense
(DoD), Director of National Intelligence (DNI), Department of Energy (DoE), and the
Nuclear Regulatory Commission (NRC).
✔✔Cognizant Security Agencies (CSA)s' role in the National Industrial Security
Program (NISP). - ✔✔Establish an industrial security program to safeguard classified
information under its
,jurisdiction.
✔✔Critical Program Information
in DoD - ✔✔1. U.S. capability elements that contribute to the warfighter's advantage
throughout the
life cycle, which if compromised or subject
to unauthorized disclosure, decrease the advantage.
2. Elements or components of a Research, Development, and Acquisition (RDA)
program that, if compromised, could cause significant degradation in mission
effectiveness; shorten the expected combat-effective life of the system;
reduce technological advantage; significantly alter program direction; or enable an
adversary to defeat, counter, copy, or reverse engineer the technology or capability.
Includes information
about applications, capabilities, processes and
end-items. Includes elements or components critical to a military system or network
mission effectiveness. Includes technology that would
reduce the U.S. technological advantage if it came under foreign control.
✔✔Primary authorities governing foreign disclosure of classified military information -
✔✔1. Arms Export Control Act
2. National Security Decision Memorandum 119
3. National Disclosure Policy-1
4. International Traffic in Arms Regulation (ITAR)
5. E.O.s 12829, 13526
6. Bilateral Security Agreements
7. DoD 5220.22-M, "NISPOM,"
✔✔The purpose of the DD Form 254 - ✔✔Convey security requirements, classification
guidance and provide handling procedures for classified material received and/or
generated on a classified contract.
✔✔Factors for determining
whether U.S. companies are under Foreign Ownership, Control or Influence
(FOCI) - ✔✔1. Record of economic and government
espionage against the U.S. targets
2. Record of enforcement/engagement
in unauthorized technology transfer
3. Type and sensitivity of the information that shall be accessed
4. The source, nature and extent of FOCI
5. Record of compliance with pertinent U.S. laws, regulations and contracts
6. Nature of bilateral & multilateral security & information exchange
agreements
7. Ownership or control, in whole or part, by a foreign government
, ✔✔The purpose and the function of the Militarily Critical Technologies List (MCTL). -
✔✔1. Serves as a technical reference for the development and implementation of DoD
technology, security policies on international transfers of
defense-related goods, services, and technologies as administered by the Director,
Defense Technology Security
Administration (DTSA).
2. Formulation of export control proposals and export license review
✔✔Security Infraction - ✔✔This event cannot reasonably be expected to and does not
result in the loss, compromise, or suspected compromise of classified information
✔✔DoD Manual 5200.01, Volumes 1-4 - ✔✔The manual that governs the DoD
Information Security Program
✔✔E.O. 13526 - ✔✔The executive order that governs the DoD Information Security
Program
✔✔32 CFR Parts 2001 & 2003,
"Classified National Security
Information; Final Rule" - ✔✔The Information Security Oversight Office (ISOO)
document that governs the DoD Information Security Program
✔✔Security Violation - ✔✔An event that results in or could be expected to result in the
loss or compromise of
classified information
✔✔Unauthorized Disclosure - ✔✔Communication or physical
transfer of classified or controlled unclassified information to an unauthorized recipient
✔✔SSBI - ✔✔Initial investigation for military, contractors, and civilians:
· Special-Sensitive positions
· Critical-Sensitive positions1
· LAA
· Top Secret clearance eligibility
· IT-I duties
✔✔ANACI - ✔✔Initial investigation for civilians:
· Noncritical-Sensitive positions2
· Confidential and Secret clearance eligibility
· IT-II duties
✔✔NACLC - ✔✔Initial National Agency Check with Law and Credit for military and
contractors:
· Secret or Confidential clearance eligibility
· All military accessions and appointments
