SFPC Information Security
Study online at https://quizlet.com/_hwfbhe
1. Critical program information includes both classified military information and
controlled unclassified information:: True
2. Critical program information needs to be protected from unauthorized or
inadvertent destruction, transfer, alteration, or loss:: True
3. Compromise of critical program information can significantly alter program
direction, shorten combat effective life of the system, or require additional
research, development, test, and evaluation resources to counter impact of its
loss:: True
4. SCGs address the possibility that the compilation and aggregation of the COP
may reveal classified information:: True
5. The organizational or command security manager is responsible for develop-
ing, approving, and implementing the Program Protection Plan- a single source
document that specifies all protection efforts designed to deny unauthorized
access to critical program information:: False
6. The preparation and implementation of a Program Protection Plan is based
on effective application of risk avoidance methodology:: False
7. The Program Protection Plan needs to be classified according to its content:-
: True
8. Two security professionals (Jo and Chris) are discussing the policy documents
associated with information classification
-Jo says that EO 13526 calls for basic classification policy that advocates classify-
ing information only when necessary to prevent damage to US national security
and only for as long as necessary, but not for longer than 15 years
-Chris says that DoD 5200.2R is the policy document that established the
baseline information security requirements for the DoD
Who is correct?: Both are incorrect
9. Two security professionals (Jo and Chris) are discussing the topic of classifying
information
-Jo says that information eligible for classification is owned by, produced for, or
is under the strict control of the government
Chris says that the three classification levels differ in the extent of damage one
, SFPC Information Security
Study online at https://quizlet.com/_hwfbhe
can expect from the unauthorized disclosure of the designated information
Who is correct?: Both correct
10. Two security professionals (Jo and Chris) are discussing the topic of classify-
ing information
-Jo says that information can be classified to prevent or delay public release
-Chris says that information ineligible for classification can still be classified if
there is a need to limit dissemination of the information
Who is correct?: Both are incorrect
11. Two security professionals (Jo and Chris) are discussing the topic of original
classification
-Jo says that original classification refers to the initial determination that infor-
mation requires protection against unauthorized disclosure in the interest of
US national security
-Chris says that original classification entails the use of a 6 step process that
results in the information custodian making a classification determination
Who is correct?: Jo is correct
12. Original classification authority is delegated to occupants of a position:: True
13. Delegation of the original classification authority (OCA) needs to specify the
lowest level the OCA can classify a piece of information:: False
14. An OCA cannot issue a SCG until approved by the Information Security
Oversight Office (ISOO):: False
15. Declassified foreign government information may be considered for original
classification by an OCA:: False
16. An OCA can communicate their classification decision by issuing either a
security classification guide or a properly marked source document:: True
17. The original classification process begins with a determination of whether
or not the information is official government information and is not already
classified by another OCA:: True
, SFPC Information Security
Study online at https://quizlet.com/_hwfbhe
18. The original classification process only includes the assignment of a classifi-
cation level to eligible official government information, but not a determination
of how long the classification should last:: False
19. EO 13526 requires the OCA to identify or describe the damage to national
security that could reasonably be expected from the unauthorized disclosure
of the information:: True
20. Prior to making classification determinations using the original classification
process, the OCA must go through required training per DoD 5200.1-R:: True
21. Two security professionals (Jo and Chris) are discussing the topic of deriva-
tive classification
-Jo says that needs to be reviewed and approved by delegates of the OCA
-Chris says that derivative classification refers to an individual's responsibility
to properly mark newly developed material consistent with the classification
markings specified in authorized sources
Who is correct?: Chris is correct
22. The derivative classification process includes the evaluation of the original
classification authority's original classification determination:: False
23. The derivative classification process calls for the use of the authorized
source, such as the DD 254 to apply required markings on derivative docu-
ments:: True
24. The SCG takes precedence when there is a conflict between marking infor-
mation presented in the source document and the SCG:: True
25. Derivative classifiers need to be aware that paraphrasing or restating of
classified information extracted from a classified document could result in
change in classification:: True
26. Two security professionals (Jo and Chris) are discussing the SCG
-Jo says that derivative classifiers use the SCG to determine if something is
classified, its classification level, downgrading and declassification instructions,
special control notices, and other info critical to the proper classification, mark-
ing, and dissemination of the items in question
-Chris says that the SCG is a document issued by the component or agency's
Study online at https://quizlet.com/_hwfbhe
1. Critical program information includes both classified military information and
controlled unclassified information:: True
2. Critical program information needs to be protected from unauthorized or
inadvertent destruction, transfer, alteration, or loss:: True
3. Compromise of critical program information can significantly alter program
direction, shorten combat effective life of the system, or require additional
research, development, test, and evaluation resources to counter impact of its
loss:: True
4. SCGs address the possibility that the compilation and aggregation of the COP
may reveal classified information:: True
5. The organizational or command security manager is responsible for develop-
ing, approving, and implementing the Program Protection Plan- a single source
document that specifies all protection efforts designed to deny unauthorized
access to critical program information:: False
6. The preparation and implementation of a Program Protection Plan is based
on effective application of risk avoidance methodology:: False
7. The Program Protection Plan needs to be classified according to its content:-
: True
8. Two security professionals (Jo and Chris) are discussing the policy documents
associated with information classification
-Jo says that EO 13526 calls for basic classification policy that advocates classify-
ing information only when necessary to prevent damage to US national security
and only for as long as necessary, but not for longer than 15 years
-Chris says that DoD 5200.2R is the policy document that established the
baseline information security requirements for the DoD
Who is correct?: Both are incorrect
9. Two security professionals (Jo and Chris) are discussing the topic of classifying
information
-Jo says that information eligible for classification is owned by, produced for, or
is under the strict control of the government
Chris says that the three classification levels differ in the extent of damage one
, SFPC Information Security
Study online at https://quizlet.com/_hwfbhe
can expect from the unauthorized disclosure of the designated information
Who is correct?: Both correct
10. Two security professionals (Jo and Chris) are discussing the topic of classify-
ing information
-Jo says that information can be classified to prevent or delay public release
-Chris says that information ineligible for classification can still be classified if
there is a need to limit dissemination of the information
Who is correct?: Both are incorrect
11. Two security professionals (Jo and Chris) are discussing the topic of original
classification
-Jo says that original classification refers to the initial determination that infor-
mation requires protection against unauthorized disclosure in the interest of
US national security
-Chris says that original classification entails the use of a 6 step process that
results in the information custodian making a classification determination
Who is correct?: Jo is correct
12. Original classification authority is delegated to occupants of a position:: True
13. Delegation of the original classification authority (OCA) needs to specify the
lowest level the OCA can classify a piece of information:: False
14. An OCA cannot issue a SCG until approved by the Information Security
Oversight Office (ISOO):: False
15. Declassified foreign government information may be considered for original
classification by an OCA:: False
16. An OCA can communicate their classification decision by issuing either a
security classification guide or a properly marked source document:: True
17. The original classification process begins with a determination of whether
or not the information is official government information and is not already
classified by another OCA:: True
, SFPC Information Security
Study online at https://quizlet.com/_hwfbhe
18. The original classification process only includes the assignment of a classifi-
cation level to eligible official government information, but not a determination
of how long the classification should last:: False
19. EO 13526 requires the OCA to identify or describe the damage to national
security that could reasonably be expected from the unauthorized disclosure
of the information:: True
20. Prior to making classification determinations using the original classification
process, the OCA must go through required training per DoD 5200.1-R:: True
21. Two security professionals (Jo and Chris) are discussing the topic of deriva-
tive classification
-Jo says that needs to be reviewed and approved by delegates of the OCA
-Chris says that derivative classification refers to an individual's responsibility
to properly mark newly developed material consistent with the classification
markings specified in authorized sources
Who is correct?: Chris is correct
22. The derivative classification process includes the evaluation of the original
classification authority's original classification determination:: False
23. The derivative classification process calls for the use of the authorized
source, such as the DD 254 to apply required markings on derivative docu-
ments:: True
24. The SCG takes precedence when there is a conflict between marking infor-
mation presented in the source document and the SCG:: True
25. Derivative classifiers need to be aware that paraphrasing or restating of
classified information extracted from a classified document could result in
change in classification:: True
26. Two security professionals (Jo and Chris) are discussing the SCG
-Jo says that derivative classifiers use the SCG to determine if something is
classified, its classification level, downgrading and declassification instructions,
special control notices, and other info critical to the proper classification, mark-
ing, and dissemination of the items in question
-Chris says that the SCG is a document issued by the component or agency's
