SPeD General Security Exam terms with Correct Solutions.
SPeD is an abbreviation for? - ✔✔✔ Security Professional Education Development
SPed is a certification program of what agency? - ✔✔✔ Department of Defense
Security Fundamentals Professional Certification (SFPC) - ✔✔✔ The individual
understands foundational security concepts, principles, and practices. (Core Certification
for SPed)
Security Asset Protection Professional Certification (SAPPC) - ✔✔✔ The Individual
applies foundational security concepts, principles, and practices. (Core Certification for
SPed)
Security Program Integration Professional Certification (SPIPC) - ✔✔✔ The individual
understands and applies risk assessment and security program management based on
security concepts, principles, and practices. (Core Certification for SPed)
Security Enterprise Professional Certification (SEPC) - ✔✔✔ The individual understands
and applies concepts, principles, and practices for managing enterprise-wide security
What are the three principle incident/events required to be reported to DoD
Counterintelligence (CI) organizations? - ✔✔✔ Answer: Espionage, Sabotage, Terrorism,
& Cyber Policy: DoD 5220.22M, "NISPOM" - E.O. 12333-DoDI 5200.01, DoD Information
Security and Protection of SCI
PMO is an abbreviation for? - ✔✔✔ Program Management Office
Provides the legal requirements to use lawful means to ensure U. S. receives the best
intelligence available - ✔✔✔ E.O. 12333
The manual that includes CI-related requirements for industry - ✔✔✔ DoD 5220.2.2-M
NISPOM
Regulation mandating CI-specific training, briefing, and reporting - ✔✔✔ DoDI5240.6: CI
Awareness, Briefing, and Reporting Programs
Regulation providing procedures to follow when classified information is compromised -
✔✔✔ DoD 5200.1-R: information Security Program
What are three principle incidents/ events required to report to DoD counterintelligence
(CI) organizations? - ✔✔✔ Espionage Sabotage Terrorism Cyber
List three different types of threats to classified information. - ✔✔✔ 1. Insider Threat
, 2. Foreign Intelligence Entities (FIE)
3. Cybersecurity Threat
List three indicators of insider threats. - ✔✔✔ Failure to report overseas travel or contact
with foreign nationals
Seeking to gain higher clearance or expand access outside the job scope
Engaging in classified conversations without a need to know
Working hours inconsistent with job assignment or insistence on working in private
Exploitable behavior traits
Repeated security violations
Attempting to enter areas not granted access to
List three elements that should be considered in identifying Critical Program Information. -
✔✔✔ Elements which if compromised could:
1. Cause significant degradation in mission effectiveness
2. Shorten the expected combat-effective life of the system
3. Reduce technological advantage
4. Significantly alter program direction
5. Enable an adversary to defeat, counter, copy, or reverse-engineer the technology or
capability.
Briefly describe the concept of insider threat. - ✔✔✔ An employee who may represent a
threat to national security. These threats encompass potential espionage, violent acts
against the Government or the nation, and unauthorized disclosure of classified
information, including the vast amounts of classified data available on interconnected
United States Government computer networks and systems.
List three elements that a security professional should consider when assessing and
managing risks to DoD assets. - ✔✔✔ Asset
Threat
Vulnerability
Risk
Countermeasures
Describe the purpose of the Foreign Visitor Program. - ✔✔✔ To track and approve access
by a foreign entity to information that is classified; and to approve access by a foreign entity
to information that is unclassified, related to a U.S. Government contract, or plant visits
covered by ITAR.
List three categories of Special Access Programs. - ✔✔✔ 1. Acquisition
2. Intelligence
3. Operations and Support
SPeD is an abbreviation for? - ✔✔✔ Security Professional Education Development
SPed is a certification program of what agency? - ✔✔✔ Department of Defense
Security Fundamentals Professional Certification (SFPC) - ✔✔✔ The individual
understands foundational security concepts, principles, and practices. (Core Certification
for SPed)
Security Asset Protection Professional Certification (SAPPC) - ✔✔✔ The Individual
applies foundational security concepts, principles, and practices. (Core Certification for
SPed)
Security Program Integration Professional Certification (SPIPC) - ✔✔✔ The individual
understands and applies risk assessment and security program management based on
security concepts, principles, and practices. (Core Certification for SPed)
Security Enterprise Professional Certification (SEPC) - ✔✔✔ The individual understands
and applies concepts, principles, and practices for managing enterprise-wide security
What are the three principle incident/events required to be reported to DoD
Counterintelligence (CI) organizations? - ✔✔✔ Answer: Espionage, Sabotage, Terrorism,
& Cyber Policy: DoD 5220.22M, "NISPOM" - E.O. 12333-DoDI 5200.01, DoD Information
Security and Protection of SCI
PMO is an abbreviation for? - ✔✔✔ Program Management Office
Provides the legal requirements to use lawful means to ensure U. S. receives the best
intelligence available - ✔✔✔ E.O. 12333
The manual that includes CI-related requirements for industry - ✔✔✔ DoD 5220.2.2-M
NISPOM
Regulation mandating CI-specific training, briefing, and reporting - ✔✔✔ DoDI5240.6: CI
Awareness, Briefing, and Reporting Programs
Regulation providing procedures to follow when classified information is compromised -
✔✔✔ DoD 5200.1-R: information Security Program
What are three principle incidents/ events required to report to DoD counterintelligence
(CI) organizations? - ✔✔✔ Espionage Sabotage Terrorism Cyber
List three different types of threats to classified information. - ✔✔✔ 1. Insider Threat
, 2. Foreign Intelligence Entities (FIE)
3. Cybersecurity Threat
List three indicators of insider threats. - ✔✔✔ Failure to report overseas travel or contact
with foreign nationals
Seeking to gain higher clearance or expand access outside the job scope
Engaging in classified conversations without a need to know
Working hours inconsistent with job assignment or insistence on working in private
Exploitable behavior traits
Repeated security violations
Attempting to enter areas not granted access to
List three elements that should be considered in identifying Critical Program Information. -
✔✔✔ Elements which if compromised could:
1. Cause significant degradation in mission effectiveness
2. Shorten the expected combat-effective life of the system
3. Reduce technological advantage
4. Significantly alter program direction
5. Enable an adversary to defeat, counter, copy, or reverse-engineer the technology or
capability.
Briefly describe the concept of insider threat. - ✔✔✔ An employee who may represent a
threat to national security. These threats encompass potential espionage, violent acts
against the Government or the nation, and unauthorized disclosure of classified
information, including the vast amounts of classified data available on interconnected
United States Government computer networks and systems.
List three elements that a security professional should consider when assessing and
managing risks to DoD assets. - ✔✔✔ Asset
Threat
Vulnerability
Risk
Countermeasures
Describe the purpose of the Foreign Visitor Program. - ✔✔✔ To track and approve access
by a foreign entity to information that is classified; and to approve access by a foreign entity
to information that is unclassified, related to a U.S. Government contract, or plant visits
covered by ITAR.
List three categories of Special Access Programs. - ✔✔✔ 1. Acquisition
2. Intelligence
3. Operations and Support
