Download NISP EXAM STUDY SET QUESTIONS AND CORRECT ANSWERS 100% VERIFIED!! and more Exams Advanced Education in PDF only on Docsity!
NISP EXAM STUDY SET QUESTIONS AND CORRECT ANSWERS
100 % VERIFIED!!
Integrating CI and threat awareness into a security program helps to accomplish which of the following?
Select all that apply.
□ Assist DoD in maintaining a tactical advantage over foreign intelligence operatives
□ Protect valuable company assets from loss and compromise
□ Identify which assets need protecting
□ Establish countermeasures - ANSWER □ Protect valuable company assets from loss and compromise
□ Identify which assets need protecting
□ Establish countermeasures
CI is the information gathered and activities conducted to protect against what?
Select all that apply.
□ Espionage, sabotage, terrorism
□ Assassinations conducted for or on behalf of foreign governments, organizations, or persons
□ Activities by large companies to obtain operating capital within a foreign country
□ International terrorist activities - ANSWER □ Espionage, sabotage, terrorism
□ Assassinations conducted for or on behalf of foreign governments, organizations, or persons
□ International terrorist activities
DoD 5220.22-M NISPOM does which of the following for industry?
Select all that apply.
□ Controls the disclosure of classified information to contractors
□ Identifies the cost associated with particular contracts
□ Protects special classes of classified information
□ Requires contractors to hire counterintelligence special agents - ANSWER □ Controls the disclosure of classified information to contractors
□ Protects special classes of classified information
The NISPOM requires that adverse information concerning cleared employees and any suspicious contacts be reported to DCSA.
Select the best answer.
o True
o False - ANSWER TRUE
CI helps security officials to manage risk in which of the following ways? Select all that apply.
□ Focus on assets and identify the threats to them
□ Identify vulnerabilities
□ Develop and apply countermeasures
□ Develop investigation procedures
□ Develop security classification guides - ANSWER □ Focus on assets and identify the threats to them
□ Identify vulnerabilities
□ Develop and apply countermeasures
Which of the following are foreign collection methods?
□ Requests for information
□ Suspicious Network Activity
Foreign Visits - ANSWER Brief hosts and escorts on approved procedures
Solicitation and Seeking Employment - ANSWER share the minimum amount of information appropriate to the scope of venture
DCSA CI Directorate - ANSWER Trends related to what is targeted and methods used
Government Contracting Agency - ANSWER Threat assessment for your current contract
Federal Bureau of Investigations - ANSWER Identify the current national security concerns that may affect your facility
State or Local Law Enforcement - ANSWER Determine the types of crimes that are being committed at facilities close to your company
Which of the following activities can you use to promote CI awareness within your facility?
□ Enlist your DCSA CI Special Agent to brief employees
□ Post CI-related material throughout the workplace
□ Share actual targeting examples with employees
□ Remind employees that anyone who appears "foreign" is a threat - ANSWER We can promote CI awareness within your facility by enlisting your DCSA CI Special Agent to brief employees, post CI-related material throughout the workplace, and share actual targeting examples with employees.
Foreign travel increases the risk of FIE targeting.
o True
o False - ANSWER True
Although employees may be targeted at any time or any place, FIEs have greater access
to employees during foreign travel.
The National Industrial Security Program Operating Manual (NISPOM) requires employees of cleared industry to report which of the following events?
□ Suspicious contacts
□ Lost or compromised classified information
□ Actions/events that may affect the status of an employee's personnel security clearance
□ Actions/events that may affect the status of the facility's clearance
□ Actual, probable, or possible espionage, sabotage, terrorism, of subversive activities
- ANSWER NISPOM requires employees of cleared industry to report suspicious contacts lost or compromised classified information, actions or events that may affect the status of an employee's personnel security clearance, actions or events that may affect the status of the facility's clearance, and actual, probable, or possible espionage, sabotage, terrorism, of subversive activities.
Which of the following groups are vulnerable to foreign intelligence entity targeting?
□ Information technology
□ Facility management
□ Employees traveling abroad
□ Administrative assistants - ANSWER Information technology, facility management, employees traveling abroad and administrative assistants are all groups vulnerable to foreign intelligence entity targeting.
You learn from a security bulletin that a foreign country is using university students applying for low level jobs to gain entry into companies in your industry. Which group might you alert first?
o Human Resources
o Information Technology
o Business Development
o Engineers and Research & Development - ANSWER You would alert Human Resources
Reporting is a form of self-monitoring that reduces the need of Government inspections at your facility.
Reporting helps to disrupt foreign collection activity.
Reporting identifies threats so that countermeasures can be developed.
Reporting eliminates all risk. - ANSWER Reporting helps to disrupt foreign collection activity.
Reporting identifies threats so that countermeasures can be developed.
Hello. This is Victor from Facilities Management. I'm in the Engineering Department. None of the engineers are here and the classified storage container is open. It's not just unlocked; the drawer is pulled out and there are several folders visible.
To whom should you report this incident?
□ FSO
□ FBI
□ DCSA
□ Local Law Enforcement - ANSWER NISPOM 1-301 requires employees of cleared industry to report all events that indicate classified information may have been compromised to the FSO, FBI and Cognizant Security Authority (DCSA for industry).
Visits/Meetings in the NISP
When the visit authorization letter method is being used, what is the hosting organization required to file to verify the visitor company's status? - ANSWER Facility Verification Request (FVR)
In order to approve a visit request when there is no contract between the visitor's organization and the host organization, what requirements must the host organization complete? - ANSWER Inform the Government Contracting Activity (GCA) of the visitor's organization Facility Clearance X
. Obtain disclosure authorization from the Government Contracting Activity (GCA) and confirm visitor's organization Facility Clearance?
For whom must visitor records be maintained on NATO-related visits? - ANSWER All visitors
Access controls provide access to classified information is consistent with the ____________ for the visit and prevent ______________. - ANSWER Authorized purpose; unauthorized disclosure
What must a U.S. contractor provide an employee who is traveling overseas to work on a classified project? - ANSWER Threat awareness and anti-terrorism/force protection security briefings
To be an authorized person in the NISP, which of the following is required? - ANSWER Prsnl Sec Clr and need-to-know
Which of the following are security briefing topics for visitors? - ANSWER a. How to handle classified documents, such as procedures and equipment for accessing and photocopying, as well as storage
b. Reporting requirements for security violations, such as loss or compromise of classified material
d. Physical security procedures and access areas
What are the FSO responsibilities of the host organization when a visit request is received? - ANSWER c. Confirm the visitor's PCL and need-to-know
d. Determine the need for the visit by examining the purpose and justification statements on the visit request
An individual's access level is directly related to the employer organization's Facility Clearance level and the level of access needed for the individual to do his or her job - ANSWER TRUE
Which of the following are the host organization's security control responsibilities? - ANSWER a. Ensure notes and recordings are classified, safeguarded, and transmitted
What is the purpose of end-of-day security checks? - ANSWER To ensure that classified material has been properly stored and that the security container has been secured
Which of the following is NOT a requirement for a classified visit to a U.S. contractor's cleared facility? - ANSWER The contractor must maintain a visitor record
Regardless of the visit duration, all visitors, whether government employees or contractors, must follow the _____ organization's security procedures - ANSWER host
Once approval has been given for an incoming visit by a foreign national, what must the U.S. contractor do? - ANSWER Establish procedures to limit disclosure/access in accordance with the export authorization
If a visitor's organization does not use the DoD System of Record, how can the host organization verify a visitor's Personnel Security Clearance and need-to-know? - ANSWER Visitor Authorization Letter (VAL)
What system may be used to verify a company's Facility Clearance status? - ANSWER Industrial Security Facilities Database (ISFD)
Who verifies the Facility Clearance for a classified meeting? - ANSWER Defense Security Service (DSS) X
Which of the following are common requirements for incoming, outgoing, and NATO-related international visits? - ANSWER b. Submission of a visit request
c. An export authorization before disclosing to a foreign person any classified information or controlled unclassified information
The need for access may be outlined in the ________, but it may also be determined based on an assessment from the host organization. - ANSWER DD Form 254
NATO briefings require a signed certificate. - ANSWER TRUE
Who sponsors classified meetings in the NISP? - ANSWER GCA
An employee's _____ cannot exceed the level of the employer's _____. - ANSWER classified access; Facility Clearance
When receiving a long-term incoming foreign visitor, what is the U.S. contractor required to do to limit disclosure/access to export-controlled information - ANSWER Document the procedures in a Technology Control Plan and implement them at the cleared facility
Government employees temporarily stationed at a contractor facility ______ control of their work products to the contractor - ANSWER do not have to relinquish
What is a final security control in the NISP when the purpose of a visit has been accomplished? - ANSWER Recovery of all classified information
What security control measures must the host organization implement for a classified meeting? - ANSWER Physical security controls for the control of, access to, and dissemination of the classified information to be presented
A best practice to maintain security control in the NISP is to provide building maps with directions to the classified area. - ANSWER FALSE
All incoming and outgoing international visits require _____________. - ANSWER an export authorization
_______________is responsible for obtaining authorization to share it in a classified meeting and providing a copy to the _________________ sponsoring the meeting. - ANSWER Each organization planning to share classified information; government agency
