SPēD SFPC – Security Fundamentals Professional Certification
| Full Coverage of All Exam Areas | Comprehensive Study and
Review Material
This document provides complete coverage of all subject areas required for the SPēD SFPC
(Security Fundamentals Professional Certification) exam, part of the Department of Defense’s
Security Professional Education Development (SPēD) program. It includes key concepts,
definitions, and review material across personnel security, physical security, information
security, and industrial security. Designed to aid both initial exam preparation and final review,
this guide ensures readiness across the full SFPC competency model.
Principle incident/
events required to be reported to DoD counterintelligence (CI) organizations - CORRECT -
espionage, sabotage, terrorism, cyber
Indicators of insider threats - CORRECT - 1. Failure to report overseas travel or
contact with foreign nationals
2. Seeking to gain higher clearance or expand access outside the job scope
3. Engaging in classified conversations without a need to know
4. Working hours inconsistent with job assignment or insistence on working in private
5. Exploitable behavior traits
,6. Repeated security violations
7. Attempting to enter areas not granted access to
8. Unexplainable affluence/living above one's means
9. Anomalies (adversary taking actions which indicate they are knowledgeable to information)
10. Illegal downloads of information/files
Elements that
should be considered in
identifying Critical Program
Information - CORRECT - Elements which if compromised could:
1. cause significant degradation in mission effectiveness,
2. shorten the expected combat-effective life of the system
3. reduce technological advantage
4. significantly alter program direction; or
5. enable an adversary to defeat, counter, copy, or reverseengineer the technology or capability.
asset, threat, vulnerability, risk, countermeasures - CORRECT - Elements that a
security professional should
consider when assessing and
managing risks to DoD assets
, The three categories of
Special Access Programs - CORRECT - acquisition, intelligence, and operations and
support
Three different types
of threats to classified
information - CORRECT - Insider Threat, Foreign Intelligence Entities (FIE) and
Cybersecurity Threat
The concept of an insider threat - CORRECT - An employee who may represent a
threat to
national security. These threats encompass potential espionage, violent acts against the
Government or the nation, and unauthorized disclosure of classified information, including the
vast amounts of classified data available on interconnected United States Government
computer networks and systems.
The purpose of the
Foreign Visitor Program - CORRECT - To track and approve access by a foreign
entity to information that is classified; and to approve access by a foreign entity to information
that is unclassified, related to a U.S. Government contract, or plant visits covered by ITAR.
Special Access
Program - CORRECT - A program established for a specific class of
classified information that imposes safeguarding and access requirements that exceed those
normally required for information at the same classification level.
Enhanced security requirements for protecting Special Access Program (SAP) information -
CORRECT - Within Personnel Security:
• Access Rosters;
| Full Coverage of All Exam Areas | Comprehensive Study and
Review Material
This document provides complete coverage of all subject areas required for the SPēD SFPC
(Security Fundamentals Professional Certification) exam, part of the Department of Defense’s
Security Professional Education Development (SPēD) program. It includes key concepts,
definitions, and review material across personnel security, physical security, information
security, and industrial security. Designed to aid both initial exam preparation and final review,
this guide ensures readiness across the full SFPC competency model.
Principle incident/
events required to be reported to DoD counterintelligence (CI) organizations - CORRECT -
espionage, sabotage, terrorism, cyber
Indicators of insider threats - CORRECT - 1. Failure to report overseas travel or
contact with foreign nationals
2. Seeking to gain higher clearance or expand access outside the job scope
3. Engaging in classified conversations without a need to know
4. Working hours inconsistent with job assignment or insistence on working in private
5. Exploitable behavior traits
,6. Repeated security violations
7. Attempting to enter areas not granted access to
8. Unexplainable affluence/living above one's means
9. Anomalies (adversary taking actions which indicate they are knowledgeable to information)
10. Illegal downloads of information/files
Elements that
should be considered in
identifying Critical Program
Information - CORRECT - Elements which if compromised could:
1. cause significant degradation in mission effectiveness,
2. shorten the expected combat-effective life of the system
3. reduce technological advantage
4. significantly alter program direction; or
5. enable an adversary to defeat, counter, copy, or reverseengineer the technology or capability.
asset, threat, vulnerability, risk, countermeasures - CORRECT - Elements that a
security professional should
consider when assessing and
managing risks to DoD assets
, The three categories of
Special Access Programs - CORRECT - acquisition, intelligence, and operations and
support
Three different types
of threats to classified
information - CORRECT - Insider Threat, Foreign Intelligence Entities (FIE) and
Cybersecurity Threat
The concept of an insider threat - CORRECT - An employee who may represent a
threat to
national security. These threats encompass potential espionage, violent acts against the
Government or the nation, and unauthorized disclosure of classified information, including the
vast amounts of classified data available on interconnected United States Government
computer networks and systems.
The purpose of the
Foreign Visitor Program - CORRECT - To track and approve access by a foreign
entity to information that is classified; and to approve access by a foreign entity to information
that is unclassified, related to a U.S. Government contract, or plant visits covered by ITAR.
Special Access
Program - CORRECT - A program established for a specific class of
classified information that imposes safeguarding and access requirements that exceed those
normally required for information at the same classification level.
Enhanced security requirements for protecting Special Access Program (SAP) information -
CORRECT - Within Personnel Security:
• Access Rosters;
