Download SFPC Exam 2025 | Security Fundamentals Professional Certification Exam and more Exams Security Analysis in PDF only on Docsity!
SFPC Exam 2025 | Security Fundamentals Professional
Certification Exam | All Questions and Correct Answers
| Graded A+ | Verified Answers | Latest Version
Which policy document provides guidance to all government agencies on classification, downgrading, declassification, and safeguarding of classified national security information? ---------CORRECT ANSWER-----------------ISOO 32 CFR Parts 2001 and 2003, Classified National Security Information; Final Rule Which policy document prescribes a uniform system for classifying, safeguarding, and declassifying national security information? ---------CORRECT ANSWER-----------------E.O. 13526, Classified National Security Information What are the 6 steps for an OCA to classify information? ---------CORRECT ANSWER-----------------1) Confirm the info is owned/controlled by the Gov
- Confirm the info is eligible for classification
- Determine impact
- Determine classification level
- Determine classification duration
- Provide guidance What are the 4 steps to determine if information is eligible for classification? ---------CORRECT ANSWER-----------------1) Is the information official?
- Is it under any prohibitions or limitations?
- Is it already classified?
- Does it fall into one of the 8 categories of classified information? List 4 of the 8 categories of classified information. ---------CORRECT ANSWER-------- ---------1) Military plans, weapon systems
- FGI (Foreign Government Information)
- Intelligence activities/sources/methods
- Foreign relations/activities
- Science/Technology or economic matters relating to National Security
- Safeguarding nuclear material or facilities
- Vulnerabilities or capabilities related to national security
- WMD What's not a reason to classify information? ---------CORRECT ANSWER----------------
- Concealment of a crime or error
- Preventing embarrassment
- Restrain competition
- Prevent or delay public release
When will Agency grant a request for OCA? ---------CORRECT ANSWER----------------- Requests will be granted only when any existing Security Classification Guides are insufficient to address the information in question, and when it is impractical to refer decisions to another OCA. What topics must be covered in a derivative classification briefing? --------- CORRECT ANSWER-----------------At a minimum, the training must cover the principles of derivative classification, classification levels, duration of classification, identification and markings, classification prohibitions and limitations, sanctions, classification challenges, security classification guides, and information sharing. What are your responsibilities when derivatively classifying information? ---------CORRECT ANSWER-----------------To observe and respect the original classification authority's decision and only use authorized sources to determine derivative classification. List and define the 3 methods used to derivatively classifying information. --------- CORRECT ANSWER-----------------1) Extracting: taken directly from an authorized source.
- Paraphrasing: re-worded in a new or different document.
- Generating: taken from one form and generated into in another form or medium (such as document to video).
List and define the 3 key concepts you must use to determine the classification LEVEL of the material you create. ---------CORRECT ANSWER-----------------1) Contained In: information used from an authorized source with no additional interpretation or analysis.
- Revealed by: information that is not clearly or explicitly stated in the source document, but a reader can deduce the classified information from the new document by performing some level of additional interpretation or analysis.
- Compilation: combining or associating unclassified individual elements of information to reveal an additional association or relationship that warrants a classified level of protection. What factors should you consider before granting state-of-the-art status? ---------CORRECT ANSWER-----------------Consider whether (1) the information is known in other countries or (2) if the information has been published. Also consider (3) what has already been accomplished in the field. And, (4) remember to solicit the opinions of technical experts in the field. Define Net-National-Advantage: ---------CORRECT ANSWER----------------- Information that is or will be valuable to the U.S., either directly or indirectly. Who can declassify DoD info? ---------CORRECT ANSWER-----------------1, Secretary of Defense, 2, Secretaries of the Military Departments, 3, officials delegated by the OCA,
jurisdiction. ---------CORRECT ANSWER-----------------TRUE. They are assigned a specific realm in which they are qualified to make original classification decisions. What must an OCA be trained in? ---------CORRECT ANSWER-----------------OCA responsibilities, classification principles, to include avoidance of over- classification, proper safeguarding of classified information, and the criminal, civil, and administrative penalties for failing to protect classified information from unauthorized disclosure. What is the responsibility of the Information Security Oversight Office, or ISOO? ---------CORRECT ANSWER-----------------To oversee and manage the information security program, under the guidance of the National Security Council, or NSC. What is the responsibility of the National Security Council, or NSC? --------- CORRECT ANSWER-----------------To provide the overall policy direction for the Information Security Program. It assists the President in developing and issuing National Security Policies, and it guides and directs the implementation and application of the Executive Order. The NSC exercises its guidance primarily through the ISOO. What is the USD(I) and their responsibility? ---------CORRECT ANSWER----------------- The Under Secretary of Defense for Intelligence has the primary responsibility for providing guidance, oversight, and approval authority of policies and procedures
that govern the DoD Information Security Program (by issuing the DoD Instruction 5200.01) The three levels of classified information are designated by what executive order? ---------CORRECT ANSWER-----------------EO 13526 What are the 5 requirements for Derivative Classification? ---------CORRECT ANSWER-----------------1) Observe and respect the OCAs original class determination.
- Apply the required markings
- Only use authorized sources
- Use caution when paraphrasing
- Always take the appropriate steps to resolve any doubts you have What are the 4 types of Declassification Systems? ---------CORRECT ANSWER-------- ---------Scheduled, automatic, mandatory, and systematic. What is Scheduled Declassification? ---------CORRECT ANSWER----------------- Instructions consist of either a date or event for declassification.
What are the purposes of the SF701 and SF 702? ---------CORRECT ANSWER---------- -------The SF 701, or the Activity Security Checklist, is used to record your End of Day checks. The SF 702, or the Security Container Check Sheet, is used to record the opening and closing of your security container. What does the term Information System refer to? ---------CORRECT ANSWER-------- ---------Refers to a set of information resources organized for the collection, storage, processing, maintenance, use, sharing, dissemination, disposition, display, or transmission of information. What is COMSEC? ---------CORRECT ANSWER-----------------Communications Security, or COMSEC, is defined as the protection resulting from all measures designed to deny unauthorized persons, information of value that might be derived from the possession and study of telecommunications, and to ensure the authenticity of such communications. COMSEC includes crypto security, emission security, transmission security, and physical security of COMSEC material and information. How is classified information prepared for transportation? ---------CORRECT ANSWER-----------------Classified material needs to be prepared for shipment, packaged, and sealed in ways that minimize risk of accidental exposure and facilitates detection of tampering.
Requirements to Hand Carry classified information ---------CORRECT ANSWER------- ----------1) Should only be done as a last resort
- Written authorization is required
- Courier must be briefed What must be included in a Courier Briefing? ---------CORRECT ANSWER--------------- --1) Courier's liability for the materials
- Material cannot be left unattended
- Should not be opened en route (unless customs)
- No public discussion
- Follow an authorized travel route and schedule
- In case of ER, protect classified material
- All travel documents must be valid and current When can Secret information can be sent via USPS? ---------CORRECT ANSWER------ -----------Only when it is the most effective means considering security, time, cost, and accountability. List 3 approved methods for destroying classified material. ---------CORRECT ANSWER-----------------Burning, shredding, pulverizing, disintegrating, pulping, melting, chemical decomposition, and mutilation to preclude recognition.
What is FOIA? ---------CORRECT ANSWER-----------------The Freedom of Information Act, or FOIA, recognizes the need to withhold certain types of information from public release and, therefore, establishes the guidance and framework for evaluating information for release to the public. The FOIA provides that, for information to be exempt from mandatory release, it must first fit into one of nine qualifying categories and there must be a legitimate Government purpose served by withholding it. What is STIP? ---------CORRECT ANSWER-----------------STIP stands for the DoD Scientific and Technical Information Program. STIP is not a control marking. STIP was established to improve and enhance the acquisition of data sources to prevent redundant research to disseminate technical information efficiently to prevent the loss of technical information to U.S. adversaries and competitors and last, but no less important, STIP was established to aid the transfer of technical information to qualified researchers in U.S industry and government agencies. List 5 common briefings. ---------CORRECT ANSWER-----------------1) Initial
- Indoctrination (access to special types of class data, such as SCI/G/H/etc.)
- Annual Refresher
- Debriefing
- Courier
- NATO
- Non-Disclosure Briefing (unauthorized access)
- Foreign Travel Briefing
- Attestation (SAP briefing)
- Antiterrorism/Force Protection (AT/FP) What must an initial briefing accomplish? ---------CORRECT ANSWER----------------- Define classified information and CUI; explain the importance of protecting such information; provide a basic understanding of security policies and principles; notify personnel of their responsibilities within the security program, and inform them of the administrative, civil, and/or criminal sanctions that can be applied when appropriate; provide individuals enough information to ensure the proper protection of classified information and CUI in their possession, including actions to be taken if such information is discovered unsecured, a security vulnerability is noted, or a person has been seeking unauthorized access to such information; and inform personnel of the need for review of ALL unclassified DoD information prior to its release to the public. What must a debriefing accomplish? ---------CORRECT ANSWER----------------- Emphasizes an individual's continued responsibility to protect classified information to which they have had access; instructions for reporting any unauthorized attempt to gain access to such information; advised on the prohibition against retaining material once they depart the organization; reminded of the potential civil and criminal penalties for the failure to fulfill their continuing security responsibilities. In what circumstance is a Foreign Travel briefing required? ---------CORRECT ANSWER-----------------1) For individuals with SCI/SAP access
- Attendance at meetings where foreign nationals are likely to be present
Security Violation ---------CORRECT ANSWER-----------------An event that results in or could be expected to result in the loss or compromise of classified information Unauthorized Disclosure ---------CORRECT ANSWER-----------------Communication or physical transfer of classified or controlled unclassified information to an unauthorized recipient Termination Briefing ---------CORRECT ANSWER-----------------This briefing is given when an individual's employment is terminated, clearance eligibility is withdrawn, or if the individual will be absent from duty for 60 days or more. It is also given to those who have been inadvertently exposed to classified information. Foreign Travel Briefing ---------CORRECT ANSWER-----------------This briefing that applies to cleared personnel who plan to travel in or through foreign countries, or attend meetings attended by representatives of other countries. Refresher Briefing ---------CORRECT ANSWER-----------------This briefing is presented annually to personnel who have access to classified information or assignment to sensitive duties.
Secret ---------CORRECT ANSWER-----------------Unauthorized disclosure of this information could reasonably be expected to cause serious damage to our national security. Top Secret ---------CORRECT ANSWER-----------------Unauthorized disclosure of this information could reasonably be expected to cause exceptionally grave damage to our national security. Confidential ---------CORRECT ANSWER-----------------Unauthorized disclosure of this information could reasonably be expected to cause damage to our national security. Derivative Classification ---------CORRECT ANSWER-----------------This is defined as the incorporating, paraphrasing, restating, or generating in new form any information that is already classified. Original Classification ---------CORRECT ANSWER-----------------This is defined as an initial determination that information requires, in the interest of national security, protection against unauthorized disclosure. Compilation ---------CORRECT ANSWER-----------------This is defined as unclassified information or classified
Systematic declassification review ---------CORRECT ANSWER-----------------The declassification system where information exempted from automatic declassification is reviewed for possible declassification Mandatory Declassification Review (MDR) ---------CORRECT ANSWER----------------- The declassification system where the public can ask for classified information be review for declassification and public release Scheduled Declassification ---------CORRECT ANSWER-----------------The declassification system where an OCA, at the time the information is originally classified, sets a date or event for declassification Custodians ---------CORRECT ANSWER-----------------People who are in possession of, or who are otherwise charged with safeguarding classified information Options an OCA has when determining declassification ---------CORRECT ANSWER-- ---------------Specific Date, Specific Event, or by the 50X1-HUM Exemption The 25-year rule ---------CORRECT ANSWER-----------------The process where records automatically become declassified after 25 years
Restricted Data and Formerly Restricted Data ---------CORRECT ANSWER-------------- ---This type of information does not provide declassification instructions Practices to follow when handling classified information ---------CORRECT ANSWER-----------------1. Properly destroy preliminary drafts, worksheets, and other material after they have served their purpose
- Use approved secure communications circuits for telephone conversations to discuss classified information
- Follow proper procedures when copying classified information
- Use security forms such as SF 701 and SF 702 SF 702 ---------CORRECT ANSWER-----------------Security Container Check Sheet - used to record the opening and closing of your security container SF 701 ---------CORRECT ANSWER-----------------The Activity Security Checklist intended to verify that you did not accidentally leave classified materials unsecured, as well as, to ensure the area is safe and secure. The blank spaces can be utilized for additional warranted security and safety items, such as a block to remind personnel to complete tasks, such as turning off coffee pots.
