SCENARIO QUESTIONS WITH DETAILED
ANSWERS ACCURATE PREPARATION
GRADED A+
⩥ Enhanced security requirements for protecting Special Access
Program (SAP) information.
Answer: 1. Within Personnel Security:
• Access Rosters; • Billet Structures (if required); • Indoctrination
Agreement; • Clearance based on an appropriate investigation completed
within the last 5 years; • Individual must materially contribute to the
program in addition to having the need to know; • All individuals with
access to SAP are subject to a random counterintelligence scope
polygraph examination; • Polygraph examination, if approved by the
DepSecDef, may be used as a mandatory access determination; • Tier
review process; • Personnel must have a Secret or Top Secret clearance;
• SF-86 must be current within one year; • Limited Access; • Waivers
required for foreign cohabitants, spouses, and immediate family
members.
2. Within Industrial Security: The SecDef or DepSecDef can approve a
carve-out provision to relieve Defense Security Service of industrial
security oversight responsibilities.
,3. Within Physical Security: • Access Control; • Maintain a SAP Facility;
• Access Roster; • All SAPs must have an unclassified nickname/
Codeword (optional).
4. Within Information Security: • The use of HVSACO; • Transmission
requirements (order of precedence).
⩥ Principle incident/events required to be reported to DoD
counterintelligence (CI) organizations.
Answer: espionage, sabotage, terrorism, cyber
⩥ Indicators of insider threats.
Answer: 1. Failure to report overseas travel or contact with foreign
nationals
2. Seeking to gain higher clearance or expand access outside the job
scope
3. Engaging in classified conversations without a need to know
4. Working hours inconsistent with job assignment or insistence on
working in private
5. Exploitable behavior traits
, 6. Repeated security violations
7. Attempting to enter areas not granted access to
8. Unexplained affluence/living above one's means
9. Anomalies (adversary taking actions which indicate they are
knowledgeable to information)
10. Illegal downloads of information/files
⩥ Asset, threat, vulnerability, risk, countermeasures.
Answer: Elements that a security professional should consider when
assessing and managing risks to DoD assets
⩥ The three categories of Special Access Programs.
Answer: acquisition, intelligence, and operations and support
⩥ Responsibilities of the Government SAP Security Officer/Contractor
Program Security Officer (GSSO/CPSO):.
Answer: From Revision 1 Department of Defense Overprint to the
National Industrial Security