SAPPC Certification Study Guide/ 93 Q&A/
Already Graded A+.
Security Fundamentals Professional Certification (SFPC) definition? - Answer: The
individual understands foundational security concepts, principles, and practices.
(Core
Certification for SPed).
Security Asset Protection Professional Certification (SAPPC) definition? - Answer:
The Individual applies foundational security concepts, principles, and practices.
(Core Certification for SPed).
Security Program Integration Professional Certification (SPIPC) definition? -
Answer: The individual understands and applies risk assessment and security
program management based on security concepts, principles, and practices. (Core
Certification for SPed).
Page 1 of 24
,Security Enterprise Professional Certification (SEPC) definition? - Answer: The
individual understands and applies concepts, principles, and practices for
managing enterprise-wide security.
What are the three-principal incident/events required to be reported to DoD
Counterintelligence (CI) organizations? - Answer: Espionage, Sabotage, Terrorism
& Cyber Policy
PMO is an abbreviation for? - Answer: Program Management Office
Provides the legal requirements to use lawful means to ensure U. S. receives the
best intelligence available? - Answer: E.O. 12333
The manual that includes CI-related requirements for Industry? - Answer: DoD
5220.22-M (NISPOM)
Regulation mandating CI-specific training, briefing, and reporting? - Answer:
DoDI5240.6: CI Awareness, Briefing, and Reporting Programs
Regulation providing procedures to follow when classified information is
compromised? - Answer: DoD 5200.1-R: information Security Program
Page 2 of 24
, What are three principle incidents/events required to report to DoD
counterintelligence (CI) organizations? - Answer: Espionage, Sabotage, Terrorism
& Cyber Policy
List three different types of threats to classified information? - Answer: Insider
Threat, Foreign Intelligence Entities (FIE), Cybersecurity Threat
List three indicators of insider threats? - Answer: Failure to report overseas travel
or contact with foreign nationals.
Seeking to gain higher clearance or expand access outside the job scope.
Engaging in classified conversations without a need to know.
Working hours inconsistent with job assignment or insistence on working in
private.
Exploitable behavior traits.
Repeated security violations.
Attempting to enter areas not granted access to.
List three elements that should be considered in identifying Critical Program
Information? - Answer: - Cause significant degradation in mission effectiveness
- Shorten the expected combat-effective life of the system
- Reduce technological advantage
- Significantly alter program direction
- Enable an adversary to defeat, counter, copy, or reverse-engineer the technology
or capability.
Page 3 of 24
Already Graded A+.
Security Fundamentals Professional Certification (SFPC) definition? - Answer: The
individual understands foundational security concepts, principles, and practices.
(Core
Certification for SPed).
Security Asset Protection Professional Certification (SAPPC) definition? - Answer:
The Individual applies foundational security concepts, principles, and practices.
(Core Certification for SPed).
Security Program Integration Professional Certification (SPIPC) definition? -
Answer: The individual understands and applies risk assessment and security
program management based on security concepts, principles, and practices. (Core
Certification for SPed).
Page 1 of 24
,Security Enterprise Professional Certification (SEPC) definition? - Answer: The
individual understands and applies concepts, principles, and practices for
managing enterprise-wide security.
What are the three-principal incident/events required to be reported to DoD
Counterintelligence (CI) organizations? - Answer: Espionage, Sabotage, Terrorism
& Cyber Policy
PMO is an abbreviation for? - Answer: Program Management Office
Provides the legal requirements to use lawful means to ensure U. S. receives the
best intelligence available? - Answer: E.O. 12333
The manual that includes CI-related requirements for Industry? - Answer: DoD
5220.22-M (NISPOM)
Regulation mandating CI-specific training, briefing, and reporting? - Answer:
DoDI5240.6: CI Awareness, Briefing, and Reporting Programs
Regulation providing procedures to follow when classified information is
compromised? - Answer: DoD 5200.1-R: information Security Program
Page 2 of 24
, What are three principle incidents/events required to report to DoD
counterintelligence (CI) organizations? - Answer: Espionage, Sabotage, Terrorism
& Cyber Policy
List three different types of threats to classified information? - Answer: Insider
Threat, Foreign Intelligence Entities (FIE), Cybersecurity Threat
List three indicators of insider threats? - Answer: Failure to report overseas travel
or contact with foreign nationals.
Seeking to gain higher clearance or expand access outside the job scope.
Engaging in classified conversations without a need to know.
Working hours inconsistent with job assignment or insistence on working in
private.
Exploitable behavior traits.
Repeated security violations.
Attempting to enter areas not granted access to.
List three elements that should be considered in identifying Critical Program
Information? - Answer: - Cause significant degradation in mission effectiveness
- Shorten the expected combat-effective life of the system
- Reduce technological advantage
- Significantly alter program direction
- Enable an adversary to defeat, counter, copy, or reverse-engineer the technology
or capability.
Page 3 of 24
