CORESHIELD: HIGH-YIELD REVIEW FOR
THE SECURITY FUNDAMENTALS
PROFESSIONAL CERTIFICATE – A+
2026/2027
Assets, Threat, Vulnerability, Risk, Countermeasure - THE
CORRECT ANSWER-Elements that a security professional should
consider when assessing and managing risks to DoD assets
Three categories of Special Access Programs - THE CORRECT
ANSWER-Intelligence, Operations, and Support
Three different types of threats to classified information - THE
CORRECT ANSWER-Insider Threat, Foreign Intelligence Entities
(FIE), and Cybersecurity Threats
Concept of an Insider Threat - THE CORRECT ANSWER-An employee
who may represent a threat to national security. These threats
encompass potential espionage, violent acts against the
government or the nation, and unauthorized disclosure of
classified information, including the vast amounts of classified
data available on interconnected United States government
computer networks and systems.
The purpose of the Foreign Visitor Program - THE CORRECT ANSWER-
To track and approve access by a foreign entity to information
that is classified; and to approve access by a foreign entity to
,information that is unclassified, related to a U.S. Government
contract, or plant visits covered by ITAR.
Special Access Program - THE CORRECT ANSWER-A program
established for a specific class of classified information that
imposes safeguarding and access requirements that exceed
those normally required for information at the same
classification level.
Enhanced security requirements for protecting Special Access
Programs (SAP) information. - THE CORRECT ANSWER-Within
Personnel Security:
- Access Rosters
- Billet Structures (if required)
- Indoctrination Agreement
- Clearance based on an appropriate investigation, completed
within the last 5 years
- Individual must materially contribute to the program in
addition to having the need to know
- All individuals with access to SAP are subject to a random
counterintelligence scope polygraph examination
- Polygraph examination, if approved by the DepSecDef, may be
used as a mandatory access determination
- Tier review process
- Personnel must have a SECRET or TOP SECRET clearance
- SF-86 must be current within one year
- Limited access
- Waivers required for foreign cohabitants, spouses, and
immediat family members
,Within Industrial Security:
- The SecDef or DepSecDef can approve a carve-out provision to
relieve Defense Security Service (DSS) of industrial security
oversight responsibilities
Within Physical Security:
- Access Control
- Maintain a SAP facility
- Access Roster
- All SAPs must have an unclassified nickname/Codeword
(optional)
Within Information Security:
- The use of HVASCO
- Transmission requirements (order of precedence).
Responsibilities of the Government SAP Security
Officer/Contractor Program Security Officer (GSSO/CPSO) - THE
CORRECT ANSWER-From revision 1 DoD Overprint to the NISPOM
Supplement - 1 April 2004:
- Possess a personnel clearance and program access at least
equal to the highest level of Program classified information
involved.
- Provide security administration and management for his/her
orgranization
- Ensure personnel processed for access to a SAP meet the
prerequisite personnel clearance and/or investigative
requirements specified
- Ensure adequate secure storage and work spaces
- Ensure strict adherence to the provisions of the NISPOM, its
supplement, and the Overprint
, - When required, establish an oversee a classified material
control program for each SAP
-When required, conduct an annual inventory of accountable
classified material
- When required, establish a SAPF
- Establish and oversee a visitor control program
- Monitor reproduction and/or duplication and destruction
capability of SAP information
- Ensure adherence to special communications capabilities
within the SAPF
- Provide for initial program indoctrination of employees after
their access is approved; re-brief and de-brief personnel as
required
- Establish and oversee specialized procedures for the
transmission of SAP material to and from program elements
- When required, ensure contractual specific security
requirements such as TEMPEST, Automated Information
System (AIS), and Operation Security (OPSEC) are
accomplished.
- Establish security training and briefings specifically tailored to
the unique requirements of the SAP
The Four Cognizant Security Agencies (CSAs) - THE CORRECT
ANSWER-Department of Defense
(DoD), Director of National Intelligence (DNI), Department of
Energy (DoE), and the Nuclear Regulatory Commission (NRC).
Cognizant Security Agencies (CSA)s' role in the National
Industrial Security Program (NISP) - THE CORRECT ANSWER-
THE SECURITY FUNDAMENTALS
PROFESSIONAL CERTIFICATE – A+
2026/2027
Assets, Threat, Vulnerability, Risk, Countermeasure - THE
CORRECT ANSWER-Elements that a security professional should
consider when assessing and managing risks to DoD assets
Three categories of Special Access Programs - THE CORRECT
ANSWER-Intelligence, Operations, and Support
Three different types of threats to classified information - THE
CORRECT ANSWER-Insider Threat, Foreign Intelligence Entities
(FIE), and Cybersecurity Threats
Concept of an Insider Threat - THE CORRECT ANSWER-An employee
who may represent a threat to national security. These threats
encompass potential espionage, violent acts against the
government or the nation, and unauthorized disclosure of
classified information, including the vast amounts of classified
data available on interconnected United States government
computer networks and systems.
The purpose of the Foreign Visitor Program - THE CORRECT ANSWER-
To track and approve access by a foreign entity to information
that is classified; and to approve access by a foreign entity to
,information that is unclassified, related to a U.S. Government
contract, or plant visits covered by ITAR.
Special Access Program - THE CORRECT ANSWER-A program
established for a specific class of classified information that
imposes safeguarding and access requirements that exceed
those normally required for information at the same
classification level.
Enhanced security requirements for protecting Special Access
Programs (SAP) information. - THE CORRECT ANSWER-Within
Personnel Security:
- Access Rosters
- Billet Structures (if required)
- Indoctrination Agreement
- Clearance based on an appropriate investigation, completed
within the last 5 years
- Individual must materially contribute to the program in
addition to having the need to know
- All individuals with access to SAP are subject to a random
counterintelligence scope polygraph examination
- Polygraph examination, if approved by the DepSecDef, may be
used as a mandatory access determination
- Tier review process
- Personnel must have a SECRET or TOP SECRET clearance
- SF-86 must be current within one year
- Limited access
- Waivers required for foreign cohabitants, spouses, and
immediat family members
,Within Industrial Security:
- The SecDef or DepSecDef can approve a carve-out provision to
relieve Defense Security Service (DSS) of industrial security
oversight responsibilities
Within Physical Security:
- Access Control
- Maintain a SAP facility
- Access Roster
- All SAPs must have an unclassified nickname/Codeword
(optional)
Within Information Security:
- The use of HVASCO
- Transmission requirements (order of precedence).
Responsibilities of the Government SAP Security
Officer/Contractor Program Security Officer (GSSO/CPSO) - THE
CORRECT ANSWER-From revision 1 DoD Overprint to the NISPOM
Supplement - 1 April 2004:
- Possess a personnel clearance and program access at least
equal to the highest level of Program classified information
involved.
- Provide security administration and management for his/her
orgranization
- Ensure personnel processed for access to a SAP meet the
prerequisite personnel clearance and/or investigative
requirements specified
- Ensure adequate secure storage and work spaces
- Ensure strict adherence to the provisions of the NISPOM, its
supplement, and the Overprint
, - When required, establish an oversee a classified material
control program for each SAP
-When required, conduct an annual inventory of accountable
classified material
- When required, establish a SAPF
- Establish and oversee a visitor control program
- Monitor reproduction and/or duplication and destruction
capability of SAP information
- Ensure adherence to special communications capabilities
within the SAPF
- Provide for initial program indoctrination of employees after
their access is approved; re-brief and de-brief personnel as
required
- Establish and oversee specialized procedures for the
transmission of SAP material to and from program elements
- When required, ensure contractual specific security
requirements such as TEMPEST, Automated Information
System (AIS), and Operation Security (OPSEC) are
accomplished.
- Establish security training and briefings specifically tailored to
the unique requirements of the SAP
The Four Cognizant Security Agencies (CSAs) - THE CORRECT
ANSWER-Department of Defense
(DoD), Director of National Intelligence (DNI), Department of
Energy (DoE), and the Nuclear Regulatory Commission (NRC).
Cognizant Security Agencies (CSA)s' role in the National
Industrial Security Program (NISP) - THE CORRECT ANSWER-
