SAPPC Study Guide 2023 Solved 100%

Describe the purpose, intent, and security professional's role in each step of the Command Cyber Readiness Inspections (CCRI) process - ANSWER-Defining the scope, the inspection phase, documentation of observations, and reporting findings. A security professional would have responsibilities in defining the scope of the inspection, overseeing the self-inspection and remediation efforts, and coordinating with the CCRI team throughout the remainder of the process List two factors that should be considered when determining position sensitivity - ANSWER-(1) Level of access to classified information (2) IT level needed (3) Duties associated with position Explain the process for responding to a "spillage" - ANSWER-1. Detection (implied) 2. Notification and preliminary inquiry 3. Containment and continuity of operations 4. Formal inquiry 5. Resolution 6. Reporting Explain how the adjudication process contributes to effective risk management of DoD assets - ANSWER-Determines an individual's loyalty, reliability, and trustworthiness are in the best interest of national security Explain why access control measures are contingent on Force Protection Conditions - ANSWER-The Force Protection Conditions determine the amount of control measures needed to be taken in response to various levels of threats against military facilities or installations. Define the purpose and function of the militarily critical technologies list (MCTL) - ANSWER-Serves as a technical reference for the development and implementation of DoD technology, security policies on international transfers of defense-related goods, services, and technologies as administered by the Director, Defense Technology Security Administration (DTSA). Describe how authorization of Limited Access Authority impacts risk to DoD assets - ANSWER-Increases risk by allowing a foreign national access to classified information. Reduces risk by ensuring Foreign Nationals with a unique or unusual skills set have been properly investigated, adjudicated or vetted before being granted access to specific pieces of classified information only. List three different types of threats to classified information - ANSWER-(1) Insider threat (2) Foreign Intelligence entities (3) Cybersecurity Threat