










Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
Describe the purpose, intent, and security professional's role in each step of the Command Cyber Readiness Inspections (CCRI) process Correct Answer: Defining the scope, the inspection phase, documentation of observations, and reporting findings. A security professional would have responsibilities in defining the scope of the inspection, overseeing the self-inspection and remediation efforts, and coordinating with the CCRI team throughout the remainder of the process List two factors that should be considered when determining position sensitivity Correct Answer: (1) Level of access to classified information (2) IT level needed (3) Duties associated with position Explain the process for responding to a "spillage" Correct Answer: 1. Detection (implied) 2. Notification and preliminary inquiry 3. Containment and continuity of operations
Typology: Exams
1 / 18
This page cannot be seen from the preview
Don't miss anything!
Describe the purpose, intent, and security professional's role in each step of the Command Cyber Readiness Inspections (CCRI) process Correct Answer: Defining the scope, the inspection phase, documentation of observations, and reporting findings. A security professional would have responsibilities in defining the scope of the inspection, overseeing the self-inspection and remediation efforts, and coordinating with the CCRI team throughout the remainder of the process List two factors that should be considered when determining position sensitivity Correct Answer: (1) Level of access to classified information (2) IT level needed (3) Duties associated with position Explain the process for responding to a "spillage" Correct Answer: 1. Detection (implied)
List three (3) factors for determining whether US companies are under Foreign Ownership Control of Influence (FOCI) Correct Answer: 1. Record of economic and government espionage against the US targets.
Correct Answer: 1. Failure to report overseas travel or contact with foreign nationals.
List three elements that a security professional should consider when assessing and managing risks to DoD assets Correct Answer: 1. Asset
List at least three (3) types of security briefings that help manage risks to DoD assets Correct Answer: 1. Initial orientation
related to a US Government contract, or contractor/government facility visits covered by International Traffic in Arms Regulations (ITAR) Explain how effective implementation of the continuous evaluation process contributes to management of the risks to DoD assets Correct Answer: Ensures that individuals with security clearance eligibility and access are continuously assessed through utilization of accessible databases and other lawfully available information; continue to meet adjudicative standards; and that any issues that may arise are promptly reported and addressed Briefly describe the purpose of the DD Form 254 Correct Answer: Convey security requirements and classification guidance, and provide handling procedures for classified materials received and/or generated under a classified contract List the three categories of Special Access Programs Correct Answer: 1. Acquisition
Define the four threat criteria Correct Answer: A Critical rating indicates that a definite threat exists against the assets and that the adversary has both the capability and intent to launch an attack, and that the subject or similar assets are targeted on a frequent or recurring basis. The rating scale is set at 75-100%. A High rating indicates that a credible threat against the assets exists, based on our knowledge of the adversary's capability and intent to attack the assets and based on related incidents having taken place at similar facilities. The rating scale is 50-74%. A rating of Medium indicates that there is a potential threat to the assets based on the adversary's desire to compromise the assets and the possibility that the adversary could obtain the capability through a third party who has demonstrated the capability in related incidents. The rating scale is set from 25-49%. A Low rating indicates little or no credible evidence of capability or intent, with no history of actual or planned threats against the assets. The rating scale is set at 0-24%. What is the risk formula? Correct Answer: RISK = IMPACT x (THREAT x VULNERABILITY) What are the risk countermeasures? Correct Answer: 1. Manpower
Category 5 includes information necessary to plan, ensure readiness for, and provide support to the achievement of mutual force development goals or participation in specific combined tactical operations and exercises. It does not include strategic plans and guidance or North American defense information. Category 6 includes information pertaining to U.S. forces in a specific area. Category 7 includes information related to plans, operations, programs, and projects, to include data and equipment, directly related to North American defense Category 8 includes military-related information that pertains to foreign nations. Define Designated Disclosure Authority (DDA) Correct Answer: An official at the subordinate component level designated by the Head of a DoD Component or the Component's Principal Disclosure Authority to control disclosures of classified military information by his or her organization Define Delegation of Disclosure Authority Letter (DDL) Correct Answer: a document issued by the appropriate designated disclosure authority explaining classification levels, categories, scope, and limitations of information under a DoD Component's disclosure jurisdiction that may be disclosed to a foreign government or international organization