Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

SAPPC EXAM | QUESTIONS & ANSWERS (VERIFIED) | LATEST UPDATE | GRADED A+, Exams of Labor and Social Security Law

Special Access Program (SAP) Correct Answer: A program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally required for information at the same classification level Enhanced security requirements for protecting Special Access Program (SAP) information Correct Answer: 1. Within Personnel Security: • Access Rosters; • Billet Structures (if required); • Indoctrination Agreement; • Clearance based on an appropriate investigation completed within the last 5 years; • Individual must materially contribute to the program in addition to having the need to know; • All individuals with access to SAP are subject to a random counterintelligence

Typology: Exams

2024/2025

Available from 06/19/2025

tizian-kylan
tizian-kylan 🇺🇸

2.7

(21)

3.8K documents

1 / 75

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1
SAPPC EXAM | QUESTIONS & ANSWERS
(VERIFIED) | LATEST UPDATE | GRADED
A+
Special Access Program (SAP)
Correct Answer: A program established for a specific class of classified information
that imposes safeguarding and access requirements that exceed those normally
required for information at the same classification level
Enhanced security requirements for protecting Special Access Program (SAP)
information
Correct Answer: 1. Within Personnel Security:
• Access Rosters; • Billet Structures (if required); • Indoctrination Agreement; •
Clearance based on an appropriate investigation completed within the last 5 years; •
Individual must materially contribute to the program in addition to having the need to
know; • All individuals with access to SAP are subject to a random counterintelligence
scope polygraph examination; • Polygraph examination, if approved by the DepSecDef,
may be used as a mandatory access determination; • Tier review process; • Personnel
must have a Secret or Top Secret clearance; • SF-86 must be current within one year; •
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b

Partial preview of the text

Download SAPPC EXAM | QUESTIONS & ANSWERS (VERIFIED) | LATEST UPDATE | GRADED A+ and more Exams Labor and Social Security Law in PDF only on Docsity!

SAPPC EXAM | QUESTIONS & ANSWERS

(VERIFIED) | LATEST UPDATE | GRADED

A+

Special Access Program (SAP) Correct Answer: A program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally required for information at the same classification level Enhanced security requirements for protecting Special Access Program (SAP) information Correct Answer: 1. Within Personnel Security:

  • Access Rosters; • Billet Structures (if required); • Indoctrination Agreement; • Clearance based on an appropriate investigation completed within the last 5 years; • Individual must materially contribute to the program in addition to having the need to know; • All individuals with access to SAP are subject to a random counterintelligence scope polygraph examination; • Polygraph examination, if approved by the DepSecDef, may be used as a mandatory access determination; • Tier review process; • Personnel must have a Secret or Top Secret clearance; • SF-86 must be current within one year; •

Limited Access; • Waivers required for foreign cohabitants, spouses, and immediate family members.

  1. Within Industrial Security: The SecDef or DepSecDef can approve a carve-out provision to relieve Defense Security Service of industrial security oversight responsibilities.
  2. Within Physical Security: • Access Control; • Maintain a SAP Facility; • Access Roster; • All SAPs must have an unclassified nickname/ Codeword (optional).
  3. Within Information Security: • The use of HVSACO; • Transmission requirements (order of precedence). Principle incident/events required to be reported to DoD counterintelligence (CI) organizations Correct Answer: espionage, sabotage, terrorism, cyber Indicators of insider threats Correct Answer: 1. Failure to report overseas travel or contact with foreign nationals
  4. Seeking to gain higher clearance or expand access outside the job scope
  5. Engaging in classified conversations without a need to know

Responsibilities of the Government SAP Security Officer/Contractor Program Security Officer (GSSO/CPSO): Correct Answer: From Revision 1 Department of Defense Overprint to the National Industrial Security Program Operating Manual Supplement - 1 April 2004:

  • Possess a personnel clearance and Program access at least equal to the highest level of Program classified information involved.
  • Provide security administration and management for his/her organization.
  • Ensure personnel processed for access to a SAP meet the prerequisite personnel clearance and/or investigative requirements specified.
  • Ensure adequate secure storage and work spaces.
  • Ensure strict adherence to the provisions of the NISPOM, its supplement, and the Overprint.
  • When required, establish and oversee a classified material control program for each SAP.
  • When required, conduct an annual inventory of accountable classified material.
  • When required, establish a SAPF.
  • Establish and oversee a visitor control program.
  • Monitor reproduction and/or duplication and destruction capability of SAP information
  • Ensure adherence to special communications capabilities within the SAPF.
  • Provide for initial Program indoctrination of employees after their access is approved; rebrief and debrief personnel as required.
  • Establish and oversee specialized procedures for the transmission of SAP material to and from Program elements.
  • When required, ensure contractual specific security requirements such as TEMPEST Automated Information System (AIS), and Operations Security (OPSEC) are accomplished.
  • Establish security training and briefings specifically tailored to the unique requirements of the SAP. List three primary authorities governing foreign disclosure of classified military information Correct Answer: 1. Arms Export Control Act
  1. National Security Decision Memorandum 119
  2. National Disclosure Policy- 1
  3. International Traffic in Arms Regulation (ITAR)
  4. E.O.s 12829, 13526
  5. Bilateral Security Agreements
  6. DoD 5220.22-M, "NISPOM" Three different types of threats to classified information Correct Answer: Insider Threat, Foreign Intelligence Entities (FIE) and Cybersecurity Threat The concept of an insider threat
  1. Protect sensitive operational plans
  2. Reduce intelligence on U.S. capabilities Protection Level Correct Answer: This communicates how the SAP is acknowledged and protected. Acknowledged Correct Answer: This protection level describes a SAP whose existence may be openly recognized. Its purpose may be identified. However, the details of the program (including its technologies, materials, and techniques) are classified as dictated by their vulnerability to exploitation and the risk of compromise. The funding is generally unclassified. Unacknowledged Correct Answer: This protection level describes a SAP whose existence and purpose are protected. The details, technologies, materials, and techniques are classified as dictated by their vulnerability to exploitation and the risk of compromise. The program funding is often classified, unacknowledged, or not directly linked to the program. SAP Lifecycle Correct Answer: 1. Establishment (is extra protection warranted?)
  3. Management and Administration (continued need? processed followed?)
  4. Apportionment (proper measures in place? approval received)
  1. Disestablishment (program no longer needed?) Component-level SAP Central Offices Correct Answer: Exist for each military component, the Joint Chiefs of Staff, Defense Advanced Research Projects Agency (DARPA), and Missile Defense Agency (MDA) Special Access Program Oversight Committee (SAPOC) Correct Answer: The final SAP approving body chaired by the Deputy Secretary of Defense Senior Review Group (SRG) Correct Answer: This group ensures there are no duplicative efforts across SAPs DoD Special Access Central Office (SAPCO) Correct Answer: DoD SAP legislative liaison that notifies Congress of SAP approval Authorization, Appropriations, and Intelligence Congressional Correct Answer: Congressional committees granted SAP access OSD-level SAP Central Offices Correct Answer: Exercise oversight authority for the specific SAP category under their purview.

DD 1847

Correct Answer: SCI Indoctrination Memo - Used to precisely identify individuals when it is necessary to certify their access to SCI DD 1847- 1 Correct Answer: SCI NDA - used to precisely identify individuals when it is necessary to certify their access to SCI, non-disclosure agreement DD 1848 Correct Answer: SCI Debrief memo - A memo that records the fact that and individual was debriefed on a SCI SAP DD 1870 Correct Answer: Request for personnel security investigation SSBI, PR, SII or ENAC DD 2024 Correct Answer: DoD SCG Data Elements - this form is executed by the originator of each SCG issued pursuant to the req of DoD 5200.1-R, info sec program regulation to report: - approval (promulgation) of a new SCG; - revision of a SCG; reissuance; accomplishment of the biennial review; - cancellation; - correction of data on previously submitted form

DD 2056

Correct Answer: Telephone monitoring notification decal. Used to notify a user that the telephone is subject to monitoring at all times, used of that telephone constitutes consent to monitoring DD 2501 Correct Answer: Courier Authorization - used to identify appropriately cleared personnel 1) recurrent need, 2) signed by appropriate security person, 3) Forms are controlled to preclude unauthorized use, 4) issued for no more than 1 year, 5) followed approved processes for SCI or SAP DIS FL 381-R Correct Answer: Letter of notification of facility security clearance. This document notifies a facility that they are cleared to handle classified material DISCO Form 2 Correct Answer: Request for Forms - additional PSQ and NAQ forms may be ordered from DISCO with this form DISCO Form 560 Correct Answer: Letter of Consent - Used by DISCO to notify a contractor that a PCL or limited access authorization has been granted to an employee

SF 153

Correct Answer: COMSEC Material Report - Used to track the disposition of classified material, transfer, inventory, destruct, receipt or other SF 311 Correct Answer: Agency Information Security Program Data - data collection form that every executive branch agency submits on an annual basis to report the total # of OCA's, classification decisions, mandatory review request, and declass decision for that particular agency. The data collected is reported in the annual report to the president. SF 312 (SF 189 and 189A) Correct Answer: Classified information nondisclosure agreement - a contractual agreement between the U.S. government and a cleared employee in which the employee agrees never to disclose classified information to an unauthorized person SF 328 Correct Answer: Certificate Pertaining to Foreign Interest - The NISPON requr3is this form be submitted during the initial facility clearance process and when significant changes occur to information previously forwarded SF 700 Correct Answer: Security Container Information - 2 part form consisting of an envelope w/a tear off tab and cover sheet. The cover sheet and face of envelope

provide space for information about activity, container, type of lock and who to contact if container is left open SF 703, 704, 705 Correct Answer: Top Secret cover sheet SF 704 Correct Answer: Secret cover sheet SF 705 Correct Answer: Confidential cover sheet SF 706, 707, 708, 709, 710 Correct Answer: 706 - TS media label; 707 - S media label; 708 - Confidential media label; 709 - Classified media label; 710 Unclassified media label. If a media contains classified or unclassified data SF 711 Correct Answer: Data Description Label - used to identify additional safeguarding controls pertaining to classified information that is stored or contained on various forms of media DCS Form 1

adversaries. It is an analytical, risk-based process that incorporates five distinct elements: critical information identification, threat analysis, vulnerability analysis, risk assessment, and OPSEC countermeasures. OPSEC Countermeasures Correct Answer: Methods and means to gain and maintain essential secrecy about critical information Adversary Correct Answer: An individual, group, organization, or government that must be denied critical information Critical Information Correct Answer: Specific facts about friendly intentions, capabilities, and activities vitally needed by adversaries for them to plan and act effectively to guarantee failure or unacceptable consequences for friendly mission accomplishment The five-step OPSEC process Correct Answer: 1. Identify critical information 2. Analyze threats 3.Analyze vulnerabilities 4. Assess risks 5.Apply OPSEC countermeasures Ways to protect critical information

Correct Answer: Disclose information about your mission and organization judiciously and on a need-to-know basis. 1. Do not discuss your work in public places or where others can overhear your conversation 2. Do not discuss critical information on unencrypted telephones 3. Do not include critical information in unencrypted e-mail messages 4. Do not reveal critical information, indicators, or personal information on the Internet 5. Shred paper documents before placing them in the trash 6. Refer all inquiries from the press to your organization's public affairs office OPSEC countermeasures Correct Answer: 1. Minimize predictable patterns 2. Conceal indicators that may point to critical information 3. Make indicators seem unimportant 4. May be as simple as choosing not to talk about something 5. Protect critical information Five categories of risk process assets Correct Answer: 1. Assess assets (identify value of asset and degree of impact if asset is damaged or lost) 2. Assess threats (type and degree of threat) 3. Assess vulnerabilities (identification and extent of vulnerabilities) 4. Assess risks (calculation of risks) 5. Determine countermeasures (security countermeasure options that can reduce or mitigate risks cost effectively Five categories of assets Correct Answer: 1. People 2. Information 3. Equipment 4. Facilities 5. Activities & Operations

32 CFR Parts 2001 & 2003, "Classified National Security Information; Final Rule" Correct Answer: The Information Security Oversight Office (ISOO) document that governs the DoD Information Security Program Security Violation Correct Answer: An event that results in or could be expected to result in the loss or compromise of classified information Unauthorized Disclosure Correct Answer: Communication or physical transfer of classified or controlled unclassified information to an unauthorized recipient Termination Briefing Correct Answer: This briefing is given when an individual's employment is terminated, clearance eligibility is withdrawn, or if the individual will be absent from duty for 60 days or more. It is also given to those who have been inadvertently exposed to classified information. Foreign Travel Briefing Correct Answer: This briefing that applies to cleared personnel who plan to travel in or through foreign countries, or attend meetings attended by representatives of other countries.

Refresher Briefing Correct Answer: This briefing is presented annually to personnel who have access to classified information or assignment to sensitive duties. Secret Correct Answer: Unauthorized disclosure of this information could reasonably be expected to cause serious damage to our national security. Top Secret Correct Answer: Unauthorized disclosure of this information could reasonably be expected to cause exceptionally grave damage to our national security. Confidential Correct Answer: Unauthorized disclosure of this information could reasonably be expected to cause damage to our national security. Freedom of Information Act (FOIA) Correct Answer: The act regarding the withholding information from public release; framework and guidance for evaluation for public release for info to be exempt are from the 9 distro statements Derivative Classification