Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

SFPC EXAM 2025-2026 WITH ACTUAL EXAM QUESTIONS AND CORRECT ANSWERS (VERIFIED ANSWERS) SECU, Exams of Computer Security

SFPC EXAM 2025-2026 WITH ACTUAL EXAM QUESTIONS AND CORRECT ANSWERS (VERIFIED ANSWERS) SECURITY FUNDAMENTALS PROFESSIONAL CERTIFICATION (SFPC) REAL EXAM TEST BANK (BRAND NEW!!)

Typology: Exams

2024/2025

Available from 06/18/2025

wangui-waigwa
wangui-waigwa 🇺🇸

308 documents

1 / 25

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
SFPC EXAM 2025-2026 WITH ACTUAL EXAM
QUESTIONS AND CORRECT ANSWERS
(VERIFIED ANSWERS) SECURITY
FUNDAMENTALS PROFESSIONAL
CERTIFICATION (SFPC) REAL EXAM TEST
BANK (BRAND NEW!!)
Which of the following statements are true of storage containers and facilities?
a) Storage containers and facilities protect valuable and/or sensitive assets by delaying unauthorized
entry.
b)They are categorized by how well they delay different types of unauthorized entry.
c) They are important to our national security and to the safety of the general public.
d) They are required only for the storage of classified information.
a) Storage containers and facilities protect valuable and/or sensitive assets by delaying unauthorized
entry.
b)They are categorized by how well they delay different types of unauthorized entry.
c) They are important to our national security and to the safety of the general public.
Which of the following would be factors you would need to consider when selecting storage containers
and facilities?
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19

Partial preview of the text

Download SFPC EXAM 2025-2026 WITH ACTUAL EXAM QUESTIONS AND CORRECT ANSWERS (VERIFIED ANSWERS) SECU and more Exams Computer Security in PDF only on Docsity!

SFPC EXAM 2025-2026 WITH ACTUAL EXAM

QUESTIONS AND CORRECT ANSWERS

(VERIFIED ANSWERS) SECURITY

FUNDAMENTALS PROFESSIONAL

CERTIFICATION (SFPC) REAL EXAM TEST

BANK (BRAND NEW!!)

Which of the following statements are true of storage containers and facilities? a) Storage containers and facilities protect valuable and/or sensitive assets by delaying unauthorized entry. b)They are categorized by how well they delay different types of unauthorized entry. c) They are important to our national security and to the safety of the general public. d) They are required only for the storage of classified information. a) Storage containers and facilities protect valuable and/or sensitive assets by delaying unauthorized entry. b)They are categorized by how well they delay different types of unauthorized entry. c) They are important to our national security and to the safety of the general public. Which of the following would be factors you would need to consider when selecting storage containers and facilities?

a) Whether the TOP SECRET material being stored is a set of documents or a weapon system b) If the material is being stored in a war zone or now c) Whether a document is CONFIDENTIAL or TOP SECRET d) Whether the items being stored are conventional AA&E or nuclear weapons All Apply: a) Whether the TOP SECRET material being stored is a set of documents or a weapon system b) If the material is being stored in a war zone or now c) Whether a document is CONFIDENTIAL or TOP SECRET d) Whether the items being stored are conventional AA&E or nuclear weapons In the DoD, classified information may be stored in a non-GSA-approved container. T/F True COMSEC material is stored in GSA-approved containers. T/F True

b) Number label c) Cabinet identification label d) GSA-approved label e) Warning label b) Number label For containers manufactured beginning April 2007, which label is attached to the top inside of the control drawer and states that any modification of the container that is not in accordance with Federal Standard 809 will invalidate the GSA approval of the container? a) Test certification label b) Number label c) Cabinet identification label d) GSA-approved label e) Warning label e) Warning label

Top Secret information can only be stored in a GSA-approved security container, secure room, or vault. T/F True Vaults are more secure than secure rooms. T/F True Vault doors are made of hardened steel and must retain their original gray color. T/F True Vaults are more secure than modular vaults. T/F False Secure rooms and vaults may both be authorized for the open storage of classified information. T/F True Which of the following are required practices when using storage containers? a) safeguard keys, locks, and combinations at the same level of the classified information being stored b) Change combinations when anyone with knowledge of the combination no longer requires access and when the container or lock has been subject to possible compromise.

Who provides accreditation for SCIFs? a) Director of National Intelligence (DNI) b) Central Intelligence Agency (CIA) c) Defense Intelligence Agency (DIA) d) General Services Administration (GSA) e) Department of Defense (DoD) c) Defense Intelligence Agency (DIA) Which of the following statements are true of SCIFs? a) They are used by the intelligence community to store classified information b) They are used by the DoD to store AA&E c) They are used to store sensitive compartmented information d) They are used to store nuclear weapons a) They are used by the intelligence community to store classified information c) They are used to store sensitive compartmented information

Warning signs must be posted at each boundary of a restricted area and must be conspicuous to those approaching on foot or by vehicle. T/F True The use of master key systems is acceptable in the storage of AA&E. T/F False The use of deadly force is authorized against anyone who enters a nuclear storage facility without proper authorization. T/F True Securing drainage structures must be considered if they cross the fence line of an AA&E storage area. T/F True The continual barrier concept is commonly employed in nuclear storage facilities. T/F True What are the 5 elements of PERSEC?

  1. Designation
  2. Investigation

What are the 4 civilian personnel designations?

  1. Special-sensitive
  2. Critical-sensitive
  3. Noncritical-sensitive
  4. Nonsensitive What are special-sensitive positions? Civilian position with potential for inestimable damage to NS or inestimable adverse impact to the efficiency of the DoD/Military; consists of SCI, SAP, or positions the DoD component head determines to be at a higher level of security What are critical-sensitive positions? A civilian NS position that has the potential to cause exceptionally grave damage to NS; consists of TOP SECRET duties, fiduciary duties or designation from DoD component head What are noncritical sensitive positions? A civilian NS position with the potential to cause significant or serious damage to NS; consists of positions requiring access to CONFIDENTIAL/SECRET info Define the Hatch Act of 1939

Established the initial guidelines for personnel security - requiring employees to pledge allegiance to the US What are the objectives of Joint Clearance and Access Verification System (JCAVS)?

  1. Update security accesses
  2. Allow communication amongst other offices and CAFs
  3. Facilitate management tasks (personnel actions/reports/notifications) What is the objective of JPAS? JPAS uses a centralized database with computer processing and application programs for standard DoD PERSEC processes. Comprises JCAVS and JAMS Define and describe CATS Case Adjudication Tracking System - used by DoD CAF adjudicators to review electronic PSIs completed by NBIB What is DISS and what two programs does it replace? Defense Information System for Security. It replaces CATS and JPAS What are the 4 information advisements required under the Privacy Act of 1974?
  4. Under what authority is the information being gathered?
  5. What is the principal purpose for gathering the information?

Scheduled Declassification Occurs when the instructions assigned by the OCA are followed (instructions consist of either a date or event) Automatic Declassification Classified records that have been determined to have permanent historical value under Title 44 of USC are automatically declassified on Dec 31 of the year that is 25 years from the date of its original classification Mandatory Declassification Review Initiates a declassification review as requested from the public. The originating agency must respond to the request in a timely manner What the 6 Steps of Original Classification?

  1. Government info confirmation
  2. Eligibility
  3. Impact
  4. Designate classification level
  5. Duration
  6. Guidance What are the 5 types of government inspection ratings?
  7. Superior
  1. Commendable
  2. Satisfactory
  3. Marginal
  4. Unsatisfactory Define vulnerability weakness that could be exploited to gain unauthorized access to information or an information system What are the 3 types of Risk Management (IA)?
  5. Risk Assessment - identifying controls
  6. Risk Mitigation - implementing controls
  7. Evaluation - as needed / scheduled What are the 4 characteristics of controls?
  8. Testable
  9. Measurable
  10. Assignable
  11. Accountable What are the 6 steps of RMF Assessment & Authorization?
  12. Categorize system

What are the requirements for initial assignment to a Presidential Support Activities (Yankee White) Category 2 position? Favorable completion of T5 SSBI within 36 months preceding selection What is the purpose of the Federal Acquisition Regulation (FAR)? To codify and publish uniform policies and procedures for acquisition by all executive agencies What is the role of the Special Access Program Oversight Committee (SAPOC) during the maintenance phase of the SAP lifecycle? To review existing programs annually to determine whether to revalidate them as SAPs Define acquisition SAP A SAP established to protect sensitive research, development, testing, and evaluation, modification, and procurement activities Define intelligence SAP A SAP established primarily to protect the planning and execution of especially sensitive intelligence or CI operations or collection activities Define operations and support SAP

A SAP established primarily to protect the planning for, execution of, and support to especially sensitive military operations. An operations and support SAP may protect organizations, property, operational concepts, plans, or activities Define Security-in-Depth Layered and complementary security controls sufficient to deter, detect, and document unauthorized entry and movement within the facility What is the purpose of Intrusion Detection System (IDS) Deter, detect, and document What are the components of IDS? Sensors, control or transmission units, monitor units, and computer monitoring stations List and define the four operational phases of IDS

  1. Detection: begins as soon as a detector or sensor reacts to the stimuli
  2. Reporting: begins when the premise control unit (PCU) receives signals from sensors in the protected area and incorporates the signals into a communication scheme
  3. Dispatch: the first phase requiring human interaction - operator initiates the appropriate response
  4. Response/Assessment: initiated once a response force is dispatched and continues when they arrive at the scene of the alarm

What are the objectives of physical security? Identify assets, identify threats, identify vulnerabilities What are host organization responsibilities for facility visits? Determine the need for the visit, confirm visitor PCL, determine NTK, control visitor access during visit When must you obtain an export authorization for discussion of classified information with international visitors? Both incoming and outgoing international visits. Access control procedures should ensure that the disclosure of, and access to, export-controlled articles and related information is limited to those that are approved by an export authorization. When is Technology Control Plan (TCP) needed for long-term visitors? A TCP is required to control access by foreign nationals assigned to, or employed by, cleared contractor facilities. When should you provide threat awareness training for international visits? Both incoming and outgoing visits. Personnel interacting with foreign visitors should receive threat awareness briefings and personnel going overseas must receive threat awareness and antiterrorism/force protection security briefings.

What are 5 steps of the OPSEC process?

  1. Identify critical information
  2. Analyze threats and adversaries
  3. Analyze vulnerabilities
  4. Conduct risk assessment
  5. Choose/apply countermeasures What do operational and logistical countermeasures (OPSEC) do? They randomize the performance of functions and operational missions What do technical countermeasures (OPSEC) do? Limit nonsecure computer e-mail messages to nonmilitary activities. Do not provide operational information in nonsecure e-mail messages What are the 5 criteria for OPSEC survey assessment?
  6. Purpose
  7. Scale
  8. Frequency
  9. Resources
  10. Design