SAPPC Certification Study Set Questions with Correct Answers

SAPPC Certification Study Set Questions with Correct Answers Sharing and reporting information is essential to detecting potential insider threats. True or False? - CORRECT ANSWER-True Two security professionals - Paul and Ashley - are discussing security program areas. Paul says that Information Security practitioners train and/or advise Original Classification Authorities in the application of the process for making classification determinations. Ashley says that Physical Security practitioners work with a facility's Antiterrorism Officer to deploy defensive measures designed to reduce the facility's vulnerability from terrorist attacks. - CORRECT ANSWER-Paul and Ashley are both correct Two security professionals - Paul and Ashley - are discussing security program areas. Paul says that Information Security practitioners work with a facility's Antiterrorism Officer to deploy defensive measures designed to reduce the facility's vulnerability from terrorist attacks. Ashley says that Personnel Security practitioners train and/or advise Original Classification Authorities in the application of the process for making classification determinations. - CORRECT ANSWER-Paul and Ashley are both incorrect SPeD is an abbreviation for? - CORRECT ANSWER-Security Professional Education Development SPed is a certification program of what agency? - CORRECT ANSWER-Department of Defense Security Fundamentals Professional Certification (SFPC) definition? - CORRECT ANSWER-The individual understands foundational security concepts, principles, and practices. (Core Certification for SPed). Security Asset Protection Professional Certification (SAPPC) definition? - CORRECT ANSWER-The Individual applies foundational security concepts, principles, and practices. (Core Certification for SPed). Security Program Integration Professional Certification (SPIPC) definition? - CORRECT ANSWER-The individual understands and applies risk assessment and security program management based on security concepts, principles, and practices. (Core Certification for SPed). Security Enterprise Professional Certification (SEPC) definition? - CORRECT ANSWER-The individual understands and applies concepts, principles, and practices for managing enterprise-wide security. What are the three principle incident/events required to be reported to DoD Counterintelligence (CI) organizations? - CORRECT ANSWER-Espionage, Sabotage, Terrorism & Cyber Policy PMO is an abbreviation for? - CORRECT ANSWER-Program Management Office Provides the legal requirements to use lawful means to ensure U. S. receives the best intelligence available? - CORRECT ANSWER-E.O. 12333 The manual that includes CI-related requirements for Industry? - CORRECT ANSWER-DoD 5220.22-M (NISPOM) Regulation mandating CI-specific training, briefing, and reporting? - CORRECT ANSWER-DoDI5240.6: CI Awareness, Briefing, and Reporting Programs Regulation providing procedures to follow when classified information is compromised? - CORRECT ANSWER-DoD 5200.1-R: information Security Program What are three principle incidents/events required to report to DoD counterintelligence (CI) organizations? - CORRECT ANSWER-Espionage, Sabotage, Terrorism & Cyber Policy List three different types of threats to classified information? - CORRECT ANSWER-Insider Threat, Foreign Intelligence Entities (FIE), Cybersecurity Threat List three indicators of insider threats? - CORRECT ANSWER-Failure to report overseas travel or contact with foreign nationals. Seeking to gain higher clearance or expand access outside the job scope. Engaging in classified conversations without a need to know. Working hours inconsistent with job assignment or insistence on working in private. Exploitable behavior traits. Repeated security violations. Attempting to enter areas not granted access to. List three elements that should be considered in identifying Critical Program Information? - CORRECT ANSWER-- Cause significant degradation in mission effectiveness - Shorten the expected combat-effective life of the system - Reduce technological advantage - Significantly alter program direction - Enable an adversary to defeat, counter, copy, or reverse-engineer the technology or capability. Briefly describe the concept of insider threat? - CORRECT ANSWER-An employee who may represent a threat to national security. These threats encompass potential espionage, violent acts against the Government or the nation, and unauthorized disclosure of classified information, including the vast amounts of classified data available on interconnected United States Government computer networks and systems. List three elements that a security professional should consider when assessing and managing risks to DoD assets? - CORRECT ANSWER-Asset Threat Vulnerability Risk Countermeasures Describe the purpose of the Foreign Visitor Program? - CORRECT ANSWER-To track and approve access by a foreign entity to information that is classified; and to approve access by a foreign entity to information that is unclassified, related to a U.S. Government contract, or plant visits covered by ITAR. Briefly define a Special Access Program (SAP)? - CORRECT ANSWER-A program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally required for information at the same classification level. List three enhanced security requirements for protecting Special Access Program (SAP) Information within Personnel Security? - CORRECT ANSWER-Access Rosters Billet Structures (if required) Indoctrination Agreement Clearance