Download Industrial Security Oversight Credential (ISOC) Exam 2025 Questions and Correct Answers (V and more Exams Water and Wastewater Engineering in PDF only on Docsity!
Industrial Security Oversight Credential (ISOC) Exam
2025 Questions and Correct Answers (Verified
Answers) Plus Rationales
These questions reflect updated guidance from NISPOM, DoD Manuals, and security clearance processes (latest 2025 format).
1. What is the primary purpose of the National Industrial Security Program (NISP)? A. To manage military contracts B. To ensure classified information is protected C. To safeguard national security information in industry D. To establish federal employment procedures
The NISP ensures that classified information entrusted to industry is
properly safeguarded to protect national security.
2. Which document serves as the foundation for the NISP? A. DoD 5200.2-R B. Executive Order 12829 C. Intelligence Reform Act D. FAR Subpart 4.
EO 12829 established the National Industrial Security Program,
directing how classified information is protected in industry.
3. What does FCL stand for in the context of industrial security? A. Federal Contractual License B. Facility Compliance List C. Facility Clearance D. Final Clearance Level
An FCL is an administrative determination that a facility is eligible to
access classified information.
4. Who is responsible for implementing the security program at a cleared contractor facility? A. CEO B. DSS Agent C. Facility Security Officer (FSO) D. Contract Officer
The FSO is appointed to ensure the facility complies with NISPOM
requirements and oversees all security duties.
5. Which agency is primarily responsible for administering the NISP? A. Department of Energy B. Defense Counterintelligence and Security Agency (DCSA) C. Department of Justice D. Federal Bureau of Investigation
The DCSA is the lead agency for administering industrial security on
behalf of the DoD and other federal entities.
6. What is the DD Form 441 used for? A. Security Agreement between the government and contractor
D. Upon request only
Classified holdings must be inventoried annually to verify accountability
and prevent loss.
10. What must a contractor do if they discover a security violation? A. Wait for the next audit B. Immediately report it to DCSA and mitigate C. Report it to the CEO D. Keep it internal unless loss occurs
Violations must be reported immediately to ensure prompt mitigation
and investigation.
11. What is the purpose of a Visit Authorization Letter (VAL)? A. Request a background check B. Notify employee absence C. Grant temporary classified access for visitors D. Record visitor names
A VAL is required for visiting cleared individuals to access classified
information.
12. What is an example of classified information? A. Employee timesheets B. Unmarked corporate emails C. Top Secret project plans marked accordingly D. Corporate logos
Only information that is officially classified and marked accordingly is
considered classified.
13. Which marking is correct for classified documents? A. CLASSIFIED B. SECRET C. PROTECTED D. OFFICIAL USE ONLY
Proper classification markings such as SECRET must appear on all
classified documents.
14. What is the maximum duration for interim clearance? A. Indefinite until final is granted or denied B. 6 months C. 1 year D. It does not expire
Interim clearances remain valid unless rescinded or a final
determination is made.
15. What action should be taken if an employee leaves the company? A. Deactivate their badge only B. Give them access if they return C. Terminate classified access and debrief them D. Nothing
Debriefing and terminating classified access ensures that former
employees no longer have access to classified information.
19. Which form initiates a background investigation for a clearance? A. DD Form 254 B. SF- 86 C. OF- 612 D. SF- 312
The SF-86 is the official form used to gather background information for
personnel security investigations.
20. How often must the Insider Threat Training be conducted? A. Every 6 months B. As needed C. Annually D. One time only
Annual training is mandated for employees with access to classified
information to recognize and report threats.
21. What is the purpose of the DD Form 254? A. To record a classified mailing B. To request a facility clearance C. To provide security guidance on a classified contract D. To authorize a visit to a cleared facility
The DD Form 254 outlines the security requirements for a classified
contract and is mandatory for contractors.
22. How should Top Secret documents be transmitted? A. Regular mail B. Email with encryption C. Approved courier or secure electronic system D. Fax
Top Secret materials must be transmitted via authorized means such as
couriers cleared to the same level.
23. What must be done before destroying classified material? A. Inform the original classifier B. Wait for the contract to end C. Use an approved destruction method D. Submit a destruction request
Classified materials must be destroyed using NSA-approved methods
such as shredding, pulverizing, or incinerating.
24. What is required for an employee to access classified information? A. Signature of the supervisor B. Monthly report C. Need-to-know and proper clearance D. Public trust position
Access requires both an appropriate clearance level and a demonstrated
need-to-know.
25. What must happen if a classified document is found unsecured? A. Destroy it immediately B. Secure it and report the incident
C. Defense Counterintelligence and Security Agency (DCSA) D. CIA
DCSA conducts background investigations for most DoD clearance
applicants.
29. What is Continuous Evaluation (CE)? A. Annual training on security B. Ongoing review of cleared individuals outside of periodic reinvestigations C. A new type of clearance D. Monthly tests of knowledge
CE is a real-time vetting system used to monitor individuals with active
clearances for potential risks.
30. Who must sign the SF-312 Non-Disclosure Agreement? A. CEO B. FSO C. The individual granted access to classified information D. Contracting Officer
Individuals must sign the SF-312 before they are granted access to
classified materials.
31. What is the main purpose of the National Industrial Security Program Operating Manual (NISPOM)? A. Detail hiring procedures B. Outline procedures for safeguarding classified information
C. Describe business contracts D. Provide financial audits
The NISPOM guides contractors on how to properly protect classified
information.
32. What does a Security Violation involve? A. Working unauthorized overtime B. Failure to protect classified information C. Asking a coworker about pay D. Missing a staff meeting
Security violations occur when classified information is not properly
safeguarded.
33. What is the required level of physical protection for storing Top Secret information? A. File cabinet with key B. Locked drawer C. GSA-approved container with IDS and response D. Password-protected file
Top Secret storage requires a GSA-approved safe plus Intrusion
Detection System (IDS) and response by trained personnel.
34. What is the proper marking for classified emails? A. No marking needed B. Add "Confidential" in the subject only C. Banner markings and classification at the top and bottom D. Use different font
FOUO falls under CUI and requires safeguarding even though it is not
classified.
38. What is the responsibility of the Information Systems Security Manager (ISSM)? A. Oversee training B. Destroy documents C. Manage classified IT systems security D. Host site visits
The ISSM ensures all classified information systems comply with security
standards and risk management protocols.
39. How often must cleared employees receive security refresher training? A. Every 3 years B. Annually C. Upon hire only D. Monthly
Annual refresher training ensures continued understanding of
responsibilities and updates in security protocols.
40. What is an example of an adverse information report? A. Late to work B. Arrest for DUI C. Failed a work test D. Vacation request
Adverse information like arrests must be reported as it could impact the
individual's eligibility to access classified info.
41. What must be done before using a classified system? A. Update virus definitions B. Ensure accreditation and user training C. Add user to contact list D. Rename the server
Systems used for classified information must be accredited, and users
must be trained prior to use.
42. What is the standard form for classified material control logs? A. SF- 703 B. SF- 85 C. SF- 702 D. DD- 441
SF-702 is used for recording security checks on containers storing
classified material.
43. What is a Security Infraction? A. Same as a violation B. Failure to follow procedures that does not result in a compromise C. A felony D. Any type of loss
47. Who sets security classification guidance for a program? A. FSO B. Original Classification Authority (OCA) C. DCSA D. Contract Manager
Only OCAs have the authority to establish classification guidance.
48. How long must the SF-312 be retained? A. 3 years B. 70 years or for the life of the individual C. 1 year D. Until contract ends
SF-312s must be retained for life of the individual or 70 years, whichever
is longer.
49. Who is responsible for determining whether a subcontractor requires access to classified information? A. The government agency B. The ISSM C. The prime contractor D. The general counsel
Prime contractors must determine if classified access is needed and
request the appropriate documentation.
50. What is the first action when foreign ownership, control, or influence (FOCI) is suspected? A. Ignore unless confirmed
B. Remove the employee C. Notify DCSA immediately D. Conduct internal audit
FOCI situations must be reported to DCSA, as they can affect the
facility's eligibility for clearance.
51. What type of security clearance is typically required to access SCI (Sensitive Compartmented Information)? A. Secret B. Confidential C. Top Secret with SCI eligibility D. Interim Secret
SCI requires a Top Secret clearance plus additional eligibility for
compartmented access.
52. What does the term "classification by compilation" mean? A. Using outdated classifications B. Unclassified data, when combined, reveals classified info C. Top Secret data hidden in code D. Mislabeling documents
Even if individual elements are unclassified, their combination may
warrant classification.
53. How long is an Interim Secret clearance valid? A. 1 year
C. Facility Security Officer (FSO) D. Janitorial staff
The FSO or security personnel must authorize off-site classified
discussions in controlled environments.
57. When must security education training for new employees be completed? A. Within 30 days B. After 6 months C. Before gaining access to classified info D. Before first paycheck
Initial training is mandatory before granting access to classified
material.
58. What is an OPSEC concern? A. Unauthorized email B. Personnel security C. Revealing critical information through unclassified channels D. Document mislabeling
Operations Security (OPSEC) aims to prevent adversaries from piecing
together sensitive info through public or unclassified means.
59. Which of the following is a valid method for transmitting Secret documents? A. Regular email B. FedEx C. Registered U.S. mail with return receipt (within U.S.) D. Interoffice memo
Secret documents can be sent via U.S. mail with proper tracking when
staying within U.S. borders.
60. Which color border is used for the SF-704 (Top Secret cover sheet)? A. Green B. Orange C. Blue D. Red
SF-704 has an orange border and identifies Top Secret material.
61. What is the purpose of Two-Person Integrity (TPI)? A. HR control B. Watch supervisor C. Prevent a single individual from accessing classified info alone D. Speed up clearance processing
TPI ensures two authorized individuals are present to access particularly
sensitive classified info, enhancing accountability.
62. What is a courier letter? A. Mail delivery instructions B. Authorization to hand-carry classified material C. Shipping schedule D. Password list
A courier letter authorizes someone to personally carry classified
information during travel.
