SFPC TEST ACTUAL EXAM QUESTIONS AND VERIFIED DETAILED ANSWERS
|ALREADY GRADED A+| 2024/2025 UPDATE
What is the responsibility of the Information Security Oversight Office, ISOO? - ✔ANSWER
To oversee and manage the information security policy under NSC (National Security Council)
What is the responsibility of the National Security Council (NSC)? - ✔ANSWER To provide
the overall policy direction for the Information Security Program. It also assists the president in
developing and issuing National Security Policies.
NSC exercises its guidance through primarily who? - ✔ANSWER ISOO
What is the USD(I) and their responsibility? - ✔ANSWER The Under Secretary of Defense for
Intelligence has the primary responsibility for providing guidance, oversight, and approval
authority of policies and procedures that govern the DoD Information Security Program (by
issuing the DoD Instruction 5200.01).
Which of the following best describes the goal of the Physical Security Program?
a. To ensure that industry safeguards the classified information in their possession, while
performing work on contracts, bids, or research and development efforts on behalf of the
government.
b. To protect assets against compromise resulting from activities such as espionage, sabotage,
terrorism, damage or loss, and criminal.
c. To ensure that only loyal, trustworthy, and reliable individuals may access classified
information or perform sensitive duties.
d. To create uniform policies and procedures for defense acquisition by all executive agencies. -
✔ANSWER B
Preventing unauthorized access to information
,and equipment, safeguarding DoD assets against espionage and criminal activity, and providing
the means to counter threats when preventative measures are ignored, best characterize the
primary functions of which of the following programs or processes? a. Physical Security Program
b. Operations Security (OPSEC) process
c. Security incident response process
d. Personnel Security Program - ✔ANSWER A
The process of integrating active and passive complementary physical security measures to
ensure the protection of DoD assets is known as which of the following concepts?
a. Area security
b. Threat-vulnerability assessment
c. Security-in-depth
d. Point security - ✔ANSWER C
The stealing of sensitive, proprietary information related to U.S. aerospace and defense
technologies with the intent to provide such information to a foreign adversary is an example of
which type of threat to DoD assets?
a. Criminal activity
b. Economic espionage
c. Treason
d. Terrorism - ✔ANSWER B
When a Terrorism Threat Level is escalated from LOW to MODERATE, a DoD Component Head
should employ which of the following countermeasures?
a. Cease all flying except for specifically authorized operational sorties.
b. Direct the execution of advance site reviews to facilitate the antiterrorism planning process.
c. Encourage dependent family members to complete Level I Antiterrorism Awareness Training
before any travel outside the continental United States (OCONUS).
d. Conduct an immediate Terrorism Vulnerability Assessment for off-installation housing,
schools, daycare centers, transportation. - ✔ANSWER C
, Requests for authorizing disclosure of classified information during visits must include all the
following information, EXCEPT:
a. The explanation of the government purpose to perform when disclosing classified
information.
b. The subject of the meeting, scope of classified topics and classification level
c. Expected time and location of the meeting.
d. The main content of the invitation to send to the participants. - ✔ANSWER C
Two security professionals - Paul and Ashley
- are discussing the security procedures for visits and meetings. Paul says visits must serve a
specific U.S. Government purpose. Ashley says DoD Components should, as a minimum,
establish procedures that include verification of the identity, personnel security clearance,
access (if appropriate), and need-to-know for all visitors. Who is correct?
a. Paul is correct
b. Ashley is correct
c. Paul and Ashley are both correct
d. Paul and Ashley are both incorrect - ✔ANSWER A
Executive Order 12829, signed in January 1993, mandated that which of the following entities
be responsible for implementing and monitoring the National industrial Security Program
(NISP)?
a. Director of the Information Security Oversight Office (ISOO)
b. Secretary of Defense
c. National Security Council (NSC)
d. Director, Defense Security Services (DSS) - ✔ANSWER A
What is the role of the government contracting activity (GCA), or cleared prime contractor,
when a contractor that does not have a Facility Clearance (FCL) wants to bid on a Request
, for Proposal (RFP) that requires access to classified information? a. The GCA must issue a formal
letter rejecting the contractor's bid since the contractor does not have the requisite FCL.
b. The contractor must submit a sponsorship request to DSS, who will decide whether to allow
the contractor to bid on the contract.
c. The GCA must sponsor the contractor for a facility security clearance by submitting a
sponsorship request to DSS, which initiates the facility clearance process.
d. The GCA must ensure that the all owners and senior management of the uncleared
contractor are U.S. citizens and are eligible to be processed for a personnel security clearance. -
✔ANSWER C
What is the purpose of the Federal Acquisition Regulations (FAR)?
a. To codify and publish uniform policies and procedures for acquisition by all executive
agencies.
b. To manage DoD funds and prioritize the development of vital research and technology.
c. To provide small businesses and minority owned companies an opportunity to compete in the
government acquisition process.
d. To promote uniform standards and best practices of technology acquisition across U.S.
industry. - ✔ANSWER A
What is the role of the security professional during the "Award Contract" step of the
contracting process?
a. To ensure the appropriate classification level for the bid, and to define unique security
requirements associated with the product.
b. To interface with the Cognizant Security Organization (CSO) to ensure oversight is performed
and review results of and previous assessments on behalf of component.
c. To ensure that the contractor follows proper safeguarding and disposition guidance.
d. To review and define the specific security requirements with the contracting officer -
specifically, block 13 of DD Form 254. - ✔ANSWER D
What is the purpose of DD Form 254?
|ALREADY GRADED A+| 2024/2025 UPDATE
What is the responsibility of the Information Security Oversight Office, ISOO? - ✔ANSWER
To oversee and manage the information security policy under NSC (National Security Council)
What is the responsibility of the National Security Council (NSC)? - ✔ANSWER To provide
the overall policy direction for the Information Security Program. It also assists the president in
developing and issuing National Security Policies.
NSC exercises its guidance through primarily who? - ✔ANSWER ISOO
What is the USD(I) and their responsibility? - ✔ANSWER The Under Secretary of Defense for
Intelligence has the primary responsibility for providing guidance, oversight, and approval
authority of policies and procedures that govern the DoD Information Security Program (by
issuing the DoD Instruction 5200.01).
Which of the following best describes the goal of the Physical Security Program?
a. To ensure that industry safeguards the classified information in their possession, while
performing work on contracts, bids, or research and development efforts on behalf of the
government.
b. To protect assets against compromise resulting from activities such as espionage, sabotage,
terrorism, damage or loss, and criminal.
c. To ensure that only loyal, trustworthy, and reliable individuals may access classified
information or perform sensitive duties.
d. To create uniform policies and procedures for defense acquisition by all executive agencies. -
✔ANSWER B
Preventing unauthorized access to information
,and equipment, safeguarding DoD assets against espionage and criminal activity, and providing
the means to counter threats when preventative measures are ignored, best characterize the
primary functions of which of the following programs or processes? a. Physical Security Program
b. Operations Security (OPSEC) process
c. Security incident response process
d. Personnel Security Program - ✔ANSWER A
The process of integrating active and passive complementary physical security measures to
ensure the protection of DoD assets is known as which of the following concepts?
a. Area security
b. Threat-vulnerability assessment
c. Security-in-depth
d. Point security - ✔ANSWER C
The stealing of sensitive, proprietary information related to U.S. aerospace and defense
technologies with the intent to provide such information to a foreign adversary is an example of
which type of threat to DoD assets?
a. Criminal activity
b. Economic espionage
c. Treason
d. Terrorism - ✔ANSWER B
When a Terrorism Threat Level is escalated from LOW to MODERATE, a DoD Component Head
should employ which of the following countermeasures?
a. Cease all flying except for specifically authorized operational sorties.
b. Direct the execution of advance site reviews to facilitate the antiterrorism planning process.
c. Encourage dependent family members to complete Level I Antiterrorism Awareness Training
before any travel outside the continental United States (OCONUS).
d. Conduct an immediate Terrorism Vulnerability Assessment for off-installation housing,
schools, daycare centers, transportation. - ✔ANSWER C
, Requests for authorizing disclosure of classified information during visits must include all the
following information, EXCEPT:
a. The explanation of the government purpose to perform when disclosing classified
information.
b. The subject of the meeting, scope of classified topics and classification level
c. Expected time and location of the meeting.
d. The main content of the invitation to send to the participants. - ✔ANSWER C
Two security professionals - Paul and Ashley
- are discussing the security procedures for visits and meetings. Paul says visits must serve a
specific U.S. Government purpose. Ashley says DoD Components should, as a minimum,
establish procedures that include verification of the identity, personnel security clearance,
access (if appropriate), and need-to-know for all visitors. Who is correct?
a. Paul is correct
b. Ashley is correct
c. Paul and Ashley are both correct
d. Paul and Ashley are both incorrect - ✔ANSWER A
Executive Order 12829, signed in January 1993, mandated that which of the following entities
be responsible for implementing and monitoring the National industrial Security Program
(NISP)?
a. Director of the Information Security Oversight Office (ISOO)
b. Secretary of Defense
c. National Security Council (NSC)
d. Director, Defense Security Services (DSS) - ✔ANSWER A
What is the role of the government contracting activity (GCA), or cleared prime contractor,
when a contractor that does not have a Facility Clearance (FCL) wants to bid on a Request
, for Proposal (RFP) that requires access to classified information? a. The GCA must issue a formal
letter rejecting the contractor's bid since the contractor does not have the requisite FCL.
b. The contractor must submit a sponsorship request to DSS, who will decide whether to allow
the contractor to bid on the contract.
c. The GCA must sponsor the contractor for a facility security clearance by submitting a
sponsorship request to DSS, which initiates the facility clearance process.
d. The GCA must ensure that the all owners and senior management of the uncleared
contractor are U.S. citizens and are eligible to be processed for a personnel security clearance. -
✔ANSWER C
What is the purpose of the Federal Acquisition Regulations (FAR)?
a. To codify and publish uniform policies and procedures for acquisition by all executive
agencies.
b. To manage DoD funds and prioritize the development of vital research and technology.
c. To provide small businesses and minority owned companies an opportunity to compete in the
government acquisition process.
d. To promote uniform standards and best practices of technology acquisition across U.S.
industry. - ✔ANSWER A
What is the role of the security professional during the "Award Contract" step of the
contracting process?
a. To ensure the appropriate classification level for the bid, and to define unique security
requirements associated with the product.
b. To interface with the Cognizant Security Organization (CSO) to ensure oversight is performed
and review results of and previous assessments on behalf of component.
c. To ensure that the contractor follows proper safeguarding and disposition guidance.
d. To review and define the specific security requirements with the contracting officer -
specifically, block 13 of DD Form 254. - ✔ANSWER D
What is the purpose of DD Form 254?
