SFPC EXAM QUESTIONS AND ANSWERS
(VERIFIED AND UPDATED)
What is the definition of "unauthorized disclosure?" - ANS unauthorized disclosure:
Communication or physical transfer of classified or controlled unclassified information to an
unauthorized recipient.
What are the differences between a security infraction and a security violation? What are the
similarities? - ANS Infraction: An infraction is a security incident involving failure to comply
with requirements (i.e., the provisions of References (d) and (f), this Manual or other applicable
security policy) which cannot reasonably be expected to, and does not, result in the loss,
suspected compromise, or compromise of classified information. An infraction may be
unintentional or inadvertent. While it does not constitute a security violation, if left
uncorrected, can lead to security violations or compromises. It requires an inquiry to facilitate
immediate corrective action but does not require an in-depth investigation.
Violation: Violations are security incidents that indicate knowing, willful, and negligent for
security regulations, and result in, or could be expected to result in, the loss or compromise of
classified information. Security violations require an inquiry and/or investigation.
How are security incident inquiries similar to an investigation? How are they different? -
ANS Inquiry: The head of the activity or activity security manager having security cognizance
shall initiate an inquiry into the actual or potential compromise promptly to determine the facts
and circumstances of the incident, and to characterize the incident as an infraction or a
violation. At conclusion of the inquiry, a narrative of findings is provided in support of
recommended additional investigative or other actions by the activity.
@2026/2027 ALLRIGHTS RESERVED.
(VERIFIED AND UPDATED)
What is the definition of "unauthorized disclosure?" - ANS unauthorized disclosure:
Communication or physical transfer of classified or controlled unclassified information to an
unauthorized recipient.
What are the differences between a security infraction and a security violation? What are the
similarities? - ANS Infraction: An infraction is a security incident involving failure to comply
with requirements (i.e., the provisions of References (d) and (f), this Manual or other applicable
security policy) which cannot reasonably be expected to, and does not, result in the loss,
suspected compromise, or compromise of classified information. An infraction may be
unintentional or inadvertent. While it does not constitute a security violation, if left
uncorrected, can lead to security violations or compromises. It requires an inquiry to facilitate
immediate corrective action but does not require an in-depth investigation.
Violation: Violations are security incidents that indicate knowing, willful, and negligent for
security regulations, and result in, or could be expected to result in, the loss or compromise of
classified information. Security violations require an inquiry and/or investigation.
How are security incident inquiries similar to an investigation? How are they different? -
ANS Inquiry: The head of the activity or activity security manager having security cognizance
shall initiate an inquiry into the actual or potential compromise promptly to determine the facts
and circumstances of the incident, and to characterize the incident as an infraction or a
violation. At conclusion of the inquiry, a narrative of findings is provided in support of
recommended additional investigative or other actions by the activity.
@2026/2027 ALLRIGHTS RESERVED.
