Security Specialist online course Flashcards
Hijacking is a good example of which threat type?
Terrorist
Which of the following is NOT an authorized source of classification
guidance?
DD Form 441
Acquiring technological secrets and selling them to foreign intelligence
operatives is a good example of which threat type?
Insider
Robbery is a good example of which threat type?
Criminal
A project manager stops by your office. Several members of his team
recently experienced difficult events in their personal lives, and he is worried
about them. Which of the following is not a perceived life crisis?
Car breaking down while driving home from work on a cold, rainy
night
What is the partnership between the U.S. Government and industry to
protect classified information?
The National Industrial Security Program (NISP)
Which of the following is NOT a Cognizant Security Agency (CSA) for the
National Industrial Security Program (NISP)?
Department of Treasury
Who has the authority to enter into, administer, and terminate contracts?
Contracting Officer (CO)
The___security program identifies the materials, processes, and
information requiring protection.
Information
Why does the Information Security Program (ISP) exist?
To mitigate the risk of unauthorized disclosure of protected
information
Which official, listed below, cannot authorize an individual in writing - original classification authority (OCA)?
The Security Manager
What is the incorporating, paraphrasing, restating, or generating in new form
information already classified?
Derivative classification
Which of the following is NOT an authorized source of classification
guidance?
DD Form 441
What is taking information from an authorized source of classification
guidance and re-wording it in a new or different document?
Paraphrasing (or restating)
What are the three required elements on a derivatively classified document?
Portion marking, banner marking (overall marking), classification
authority block
Which of the following is a determination to re- designate classified
information to a lower level of classification?
Downgrading
When information no longer requires protection, it is
Declassified
Derivative classifiers make declassification determinations.
False
What are the four systems for declassification?
Scheduled, Automatic, Mandatory Review, Systematic Review
All of the following are factors in determining a method of transporting
classified materials
Size of package
Time requirement
Weight of material
What are the four components of a distribution statement?
Authorized audience, reason for control, date of determination,
controlling office
The Freedom of Information Act (FOIA) contains how many exemptions:
Nine
What agency maintains the equipment evaluated product listing (EPL) for
destroying classified materials?
National Security Agency
What is the formula used to determine access to classified information?
Access = Clearance + SF 312 + Need-to-Know
Which of the following is NOT an authorized area for classified information?
Non-classified Internet Protocol (IP) Router Network (NIPRnet)
What Standard Form (SF) records security container information?
700
What Standard Form (SF) records the activity’s end-of-day security checks?
701
What Standard Form (5F) records the activity’s security container checks?
702
Part 1 of the SF 700 is not classified. It contains personally identifiable
information (PIl), protected by sealing Part 1 in an opaque envelope. What is
the statement printed on the outside of the envelope?
Security Container Information
What vulnerability could a meeting or conference involving classified
information present?
Unauthorized Disclosure (UD)
Security education, training, and awareness (SETA) is NOT important during a classified meeting or conference.
False
Who is responsible for the overall management, functioning, and
effectiveness of the information security program (ISP)?
Head of the DoD Component
What is an internal review and evaluation of an activities information security program (ISP)?
Staff Assisted Visit (SAV)
What is a “no fault” look at aspects of the information security program (ISP)?
Self-inspection
What is an approved permanent exclusion or deviation from an information
security standard or requirement?
Exception
What compromises national security?
National defense and foreign relations
Which of the following is NOT a cybersecurity attribute?
Controllability
Enclaving is creating an area of higher security within a larger area of lower
or more general security.
True
What is the fifth step in the risk management process?
Determine countermeasures
What is the fifth step in the risk management process?
Determine countermeasures
What is the standard default combination for locks (electromechanical)
meeting FF-L-2740?
50-25-50
Whose responsibility is physical security?
Commander or Director
What Federal Specification must combination locks on vault doors, secure
rooms, and security containers follow to protect classified information?
FF-L-2740
The adjudicative process is an examination of a sufficient period of a
person’s life to make an affirmative determination that the person is an
acceptable security risk.
True
An authorized agency initiates a request for a national security eligibility
utilizing
SF-86 (eQIP)
What is the purpose of the Personnel Security Program (PSP)?
To make reasonable determination individuals granted access to
classified information are loyal, trustworthy, and reliable.
How many National Security Adjudicative Guidelines are there?
13
What type of security investigation would be required to make a Top Secret
eligibility determination for an individual in a critical sensitive position?
Tier 5
What type of security investigation would be required to make a Secret
eligibility determination for an individual in a non-critical sensitive position?
NACLC
