SFPC EXAM QUESTIONS ANSWERED CORRECTLY LATEST UPDATE 2026
Information Security - Answers To promote the proper and effective way to classify, protect, and
downgrade official information requiring protection in the interest of national security
Also promotes declassification of information no longer requiring protection
EO 8381 - Answers 1940
1st information security executive order
EO 13526 - Answers 2009
Current executive order on information security
Prescribes a uniform system for classifying, safeguarding, and declassifying national security
information
Promotes declassification and public access to information as soon as national security considerations
permit
Established National Declassification Center
Greater openness and transparency
Stronger OCA and derivative classifier training requirements
Derivative classifiers identified by name
Self-inspection programs to review samples of original and derivatively classified documents
Declassification exemptions of 50 and 75 years
ISOO - Answers Information Security Oversight Office
Responsible for overseeing and managing the information security program under the guidance of the
National Security Council (NSC)
NSC provides overall policy direction
ISOO is the operating arm
Annual report to the president about each agency's security classification program, analysis and
reports
SF-311 - Answers Agency Security Classification Management Program Data
USD(I) - Answers Under Secretary of Defense for Intelligence
Has the primary responsibility for providing guidance, oversight, and approval authority of policies
and procedures that govern the DoD Information Security Program
Guidance on Classification Management - marking, handling and protection
ISOO 32 CFR Parts 2001 and 2003 - Answers Classified National Security Information Final Rule
Provides guidance to all government agencies on classification, downgrading, declassification, and
safeguarding of classified national security information
DoD Instruction 5200.01 - Answers Information Security Program and Protection of Sensitive
Compartmented Information
Establishes the basic information security policies for the DoD and provides a high-level framework
for DoD implementation of national policy on classified national security information
Authorizes the publication of DoDM 5200.01 Vol 1-4, the DoD Information Security Program
DoD 5200-1.H - Answers Handbook for Writing Security Classification Guidance
Provides detailed information on how to develop security classification guidance
Classified Information - Answers Requires protection form unauthorized disclosure
To be eligible - must be official government information that is owned by, produced by, produced for,
or under the strict control of the US government
3 Levels of Classification - Answers TS - grave damage to national security
S - serious damage to national security
C - damage to national security
Classification - Answers Determination that information requires protection in the interest of national
security
Either original or derivative
Original Classification - Answers An initial determination that information requires protection against
unauthorized disclosure in the interest of national security
OCA - Answers Original Classification Authority
Request for OCA contains mission justification and position title
Delegated in writing by the president to the occupant of the position, not to an individual by name,
not able to delegate further unless "acting"
Specifies the highest level of the OCA can classify a piece of information and their jurisdiction
, Must go through training prior to exercising their authority and at least 1x a year
A demonstrable and continuing need for such authority at least 2x a year
6 steps to OCA decision process - Answers Gov't Info - Determine if the information is official
government information or has it already been classified by another OCA
Eligibility - determine if the information is eligible for classification (not a smokescreen)
Impact/harm - determine if potential for damage to national security if release occurs
Designation - assign a level of classification
Duration - determine duration of classification
Guidance - communicate decision via SCG or properly marked source document
SCG - Answers Security Classification Guide
A document issued by a OCA that provides derivative classification instructions
Describes the elements of information that must be protected as well as the level and duration of
classification
SCG Format - Answers General instructions
Overall efforts
Performance and capabilities
Specifications
Critical elements
Vulnerabilities and weaknesses
Administrative data
Hardware
CPI - Answers Critical Program Information
Includes both classified military information and controlled unclassified information
Needs to be protected from unauthorized or inadvertent destruction, transfer, alteration, or loss
Compromise of critical program information can significantly alter program direction, shorten combat
effective life of the system, or require additional research, development, test, and evaluation
resources to counter impact of its loss
DoD 5200.39
Compilation - Answers Combining elements of information that are individually unclassified may be
classified if the compiled information reveals an additional association or relationship that qualifies
for classification under DoD policy
OCAs designate when and what types of information are classified through compilation
Explain the basis for classification by compilation on the face of the document or in the text
Mark each portion individually according to its classified content
Derivative Classification - Answers The process of using existing classified information to create new
material and marking that newly developed material consistent with the classification markings that
apply to the source information
The incorporating, paraphrasing, restating, or generating in new form any information that is already
classified
Not an authority, an assumed responsibility
Does not include duplication or reproduction of existing classified information
Must receive training at least once every 2 years
5 Requirements of Derivative Classification - Answers Observe and respect the OCA's original
classification determination
Apply required markings
Use only authorized sources (SCG and source documents)
Use caution when paraphrasing - required knowledge of subject
Take steps to resolve doubts
Authorized Sources - Answers SCG, properly marked source documents, DD254
When there is a conflict, the SCG takes precedence
Extracting - Answers When information is taken directly from an authorized classification guidance
source and is stated verbatim in a new or different document
Paraphrasing/restating - Answers When information is taken from an authorized source and is re-
worded in a new of different document
Be careful to ensure that the classification has not been changed
Generating - Answers When information is taken from an authorized source and generated into
another form or medium, such as a video, DVD, or CD
Information Security - Answers To promote the proper and effective way to classify, protect, and
downgrade official information requiring protection in the interest of national security
Also promotes declassification of information no longer requiring protection
EO 8381 - Answers 1940
1st information security executive order
EO 13526 - Answers 2009
Current executive order on information security
Prescribes a uniform system for classifying, safeguarding, and declassifying national security
information
Promotes declassification and public access to information as soon as national security considerations
permit
Established National Declassification Center
Greater openness and transparency
Stronger OCA and derivative classifier training requirements
Derivative classifiers identified by name
Self-inspection programs to review samples of original and derivatively classified documents
Declassification exemptions of 50 and 75 years
ISOO - Answers Information Security Oversight Office
Responsible for overseeing and managing the information security program under the guidance of the
National Security Council (NSC)
NSC provides overall policy direction
ISOO is the operating arm
Annual report to the president about each agency's security classification program, analysis and
reports
SF-311 - Answers Agency Security Classification Management Program Data
USD(I) - Answers Under Secretary of Defense for Intelligence
Has the primary responsibility for providing guidance, oversight, and approval authority of policies
and procedures that govern the DoD Information Security Program
Guidance on Classification Management - marking, handling and protection
ISOO 32 CFR Parts 2001 and 2003 - Answers Classified National Security Information Final Rule
Provides guidance to all government agencies on classification, downgrading, declassification, and
safeguarding of classified national security information
DoD Instruction 5200.01 - Answers Information Security Program and Protection of Sensitive
Compartmented Information
Establishes the basic information security policies for the DoD and provides a high-level framework
for DoD implementation of national policy on classified national security information
Authorizes the publication of DoDM 5200.01 Vol 1-4, the DoD Information Security Program
DoD 5200-1.H - Answers Handbook for Writing Security Classification Guidance
Provides detailed information on how to develop security classification guidance
Classified Information - Answers Requires protection form unauthorized disclosure
To be eligible - must be official government information that is owned by, produced by, produced for,
or under the strict control of the US government
3 Levels of Classification - Answers TS - grave damage to national security
S - serious damage to national security
C - damage to national security
Classification - Answers Determination that information requires protection in the interest of national
security
Either original or derivative
Original Classification - Answers An initial determination that information requires protection against
unauthorized disclosure in the interest of national security
OCA - Answers Original Classification Authority
Request for OCA contains mission justification and position title
Delegated in writing by the president to the occupant of the position, not to an individual by name,
not able to delegate further unless "acting"
Specifies the highest level of the OCA can classify a piece of information and their jurisdiction
, Must go through training prior to exercising their authority and at least 1x a year
A demonstrable and continuing need for such authority at least 2x a year
6 steps to OCA decision process - Answers Gov't Info - Determine if the information is official
government information or has it already been classified by another OCA
Eligibility - determine if the information is eligible for classification (not a smokescreen)
Impact/harm - determine if potential for damage to national security if release occurs
Designation - assign a level of classification
Duration - determine duration of classification
Guidance - communicate decision via SCG or properly marked source document
SCG - Answers Security Classification Guide
A document issued by a OCA that provides derivative classification instructions
Describes the elements of information that must be protected as well as the level and duration of
classification
SCG Format - Answers General instructions
Overall efforts
Performance and capabilities
Specifications
Critical elements
Vulnerabilities and weaknesses
Administrative data
Hardware
CPI - Answers Critical Program Information
Includes both classified military information and controlled unclassified information
Needs to be protected from unauthorized or inadvertent destruction, transfer, alteration, or loss
Compromise of critical program information can significantly alter program direction, shorten combat
effective life of the system, or require additional research, development, test, and evaluation
resources to counter impact of its loss
DoD 5200.39
Compilation - Answers Combining elements of information that are individually unclassified may be
classified if the compiled information reveals an additional association or relationship that qualifies
for classification under DoD policy
OCAs designate when and what types of information are classified through compilation
Explain the basis for classification by compilation on the face of the document or in the text
Mark each portion individually according to its classified content
Derivative Classification - Answers The process of using existing classified information to create new
material and marking that newly developed material consistent with the classification markings that
apply to the source information
The incorporating, paraphrasing, restating, or generating in new form any information that is already
classified
Not an authority, an assumed responsibility
Does not include duplication or reproduction of existing classified information
Must receive training at least once every 2 years
5 Requirements of Derivative Classification - Answers Observe and respect the OCA's original
classification determination
Apply required markings
Use only authorized sources (SCG and source documents)
Use caution when paraphrasing - required knowledge of subject
Take steps to resolve doubts
Authorized Sources - Answers SCG, properly marked source documents, DD254
When there is a conflict, the SCG takes precedence
Extracting - Answers When information is taken directly from an authorized classification guidance
source and is stated verbatim in a new or different document
Paraphrasing/restating - Answers When information is taken from an authorized source and is re-
worded in a new of different document
Be careful to ensure that the classification has not been changed
Generating - Answers When information is taken from an authorized source and generated into
another form or medium, such as a video, DVD, or CD
