SPēD SAPPC: General Security
Questions and Answers Already Passed
Special Access Program (SAP) ✔✔A program established for a specific class of classified
information that imposes safeguarding and access requirements that exceed those normally
required for information at the same classification level
Enhanced security requirements for protecting Special Access Program (SAP) information ✔✔1.
Within Personnel Security:
• Access Rosters; • Billet Structures (if required); • Indoctrination Agreement; • Clearance based
on an appropriate investigation completed within the last 5 years; • Individual must materially
contribute to the program in addition to having the need to know; • All individuals with access to
SAP are subject to a random counterintelligence scope polygraph examination; • Polygraph
examination, if approved by the DepSecDef, may be used as a mandatory access determination; •
Tier review process; • Personnel must have a Secret or Top Secret clearance; • SF-86 must be
current within one year; • Limited Access; • Waivers required for foreign cohabitants, spouses,
and immediate family members.
2. Within Industrial Security: The SecDef or DepSecDef can approve a carve-out provision to
relieve Defense Security Service of industrial security oversight responsibilities.
,3. Within Physical Security: • Access Control; • Maintain a SAP Facility; • Access Roster; • All
SAPs must have an unclassified nickname/ Codeword (optional).
4. Within Information Security: • The use of HVSACO; • Transmission requirements (order of
precedence).
Principle incident/events required to be reported to DoD counterintelligence (CI) organizations
✔✔espionage, sabotage, terrorism, cyber
Indicators of insider threats ✔✔1. Failure to report overseas travel or contact with foreign
nationals
2. Seeking to gain higher clearance or expand access outside the job scope
3. Engaging in classified conversations without a need to know
4. Working hours inconsistent with job assignment or insistence on working in private
5. Exploitable behavior traits
, 6. Repeated security violations
7. Attempting to enter areas not granted access to
8. Unexplained affluence/living above one's means
9. Anomalies (adversary taking actions which indicate they are knowledgeable to information)
10. Illegal downloads of information/files
Asset, threat, vulnerability, risk, countermeasures ✔✔Elements that a security professional
should consider when assessing and managing risks to DoD assets
The three categories of Special Access Programs ✔✔acquisition, intelligence, and operations
and support
Questions and Answers Already Passed
Special Access Program (SAP) ✔✔A program established for a specific class of classified
information that imposes safeguarding and access requirements that exceed those normally
required for information at the same classification level
Enhanced security requirements for protecting Special Access Program (SAP) information ✔✔1.
Within Personnel Security:
• Access Rosters; • Billet Structures (if required); • Indoctrination Agreement; • Clearance based
on an appropriate investigation completed within the last 5 years; • Individual must materially
contribute to the program in addition to having the need to know; • All individuals with access to
SAP are subject to a random counterintelligence scope polygraph examination; • Polygraph
examination, if approved by the DepSecDef, may be used as a mandatory access determination; •
Tier review process; • Personnel must have a Secret or Top Secret clearance; • SF-86 must be
current within one year; • Limited Access; • Waivers required for foreign cohabitants, spouses,
and immediate family members.
2. Within Industrial Security: The SecDef or DepSecDef can approve a carve-out provision to
relieve Defense Security Service of industrial security oversight responsibilities.
,3. Within Physical Security: • Access Control; • Maintain a SAP Facility; • Access Roster; • All
SAPs must have an unclassified nickname/ Codeword (optional).
4. Within Information Security: • The use of HVSACO; • Transmission requirements (order of
precedence).
Principle incident/events required to be reported to DoD counterintelligence (CI) organizations
✔✔espionage, sabotage, terrorism, cyber
Indicators of insider threats ✔✔1. Failure to report overseas travel or contact with foreign
nationals
2. Seeking to gain higher clearance or expand access outside the job scope
3. Engaging in classified conversations without a need to know
4. Working hours inconsistent with job assignment or insistence on working in private
5. Exploitable behavior traits
, 6. Repeated security violations
7. Attempting to enter areas not granted access to
8. Unexplained affluence/living above one's means
9. Anomalies (adversary taking actions which indicate they are knowledgeable to information)
10. Illegal downloads of information/files
Asset, threat, vulnerability, risk, countermeasures ✔✔Elements that a security professional
should consider when assessing and managing risks to DoD assets
The three categories of Special Access Programs ✔✔acquisition, intelligence, and operations
and support
