DCSA Security Rating Process
Questions And Answers Graded A+
____________Vulnerabilities place or have placed classified information at imminent
risk of loss or compromise. These types of vulnerabilities require __________ corrective
action.
Select one:
a. Critical; No
b. Critical; Immediate
c. Acute; Phased
d. Acute; Immediate - answerNot B
One of the primary means of determining and communicating to the Government
Contracting Activities the requisite level of assurance that NISP Contractors are eligible
for access to classified information and have processes and procedures in place to
properly safeguard classified information is through:
Select one:
a. The Certification and Accreditation process
b. The recurring Security Review process
c. The Mitigation Follow-up Action process
d. The initial facility security clearance process - answerNot A
Characterize the following as either a NISP Enhancement or Best Practice: Use of file
or scripts that track and/or block unauthorized USB connections and review/auditing of
report outputs.
Select one:
a. Best Practice
b. NISP Enhancement - answerb. NISP Enhancement
Select the personnel who receive the Security Review Results Letter after a Security
Review has been conducted and the security rating determined.(Select all that apply)
Select one or more:
a. ISSM
b. FSO
c. SMO
d. GCA - answerb. FSO
c. SMO
The ___________ is the official written notification to the contractor's Senior
Management Official (SMO) of the overall rating of the contractor's security posture.
Select one:
a. Rating Matrix Worksheet
Questions And Answers Graded A+
____________Vulnerabilities place or have placed classified information at imminent
risk of loss or compromise. These types of vulnerabilities require __________ corrective
action.
Select one:
a. Critical; No
b. Critical; Immediate
c. Acute; Phased
d. Acute; Immediate - answerNot B
One of the primary means of determining and communicating to the Government
Contracting Activities the requisite level of assurance that NISP Contractors are eligible
for access to classified information and have processes and procedures in place to
properly safeguard classified information is through:
Select one:
a. The Certification and Accreditation process
b. The recurring Security Review process
c. The Mitigation Follow-up Action process
d. The initial facility security clearance process - answerNot A
Characterize the following as either a NISP Enhancement or Best Practice: Use of file
or scripts that track and/or block unauthorized USB connections and review/auditing of
report outputs.
Select one:
a. Best Practice
b. NISP Enhancement - answerb. NISP Enhancement
Select the personnel who receive the Security Review Results Letter after a Security
Review has been conducted and the security rating determined.(Select all that apply)
Select one or more:
a. ISSM
b. FSO
c. SMO
d. GCA - answerb. FSO
c. SMO
The ___________ is the official written notification to the contractor's Senior
Management Official (SMO) of the overall rating of the contractor's security posture.
Select one:
a. Rating Matrix Worksheet
