Sharing and reporting information is essential to detecting potential insider threats. True or False?
True
Two security professionals - Paul and Ashley - are discussing security program areas.
Paul says that Information Security practitioners train and/or advise Original Classification A...
sharing and reporting information is essential to detecting potential insider threat
two security professionals paul and ashley are discussing security pr
Geschreven voor
SAPPC
SAPPC
1
beoordeling
Door: sblimage • 2 jaar geleden
Door: YANCHY • 2 jaar geleden
Thanks for the review
Verkoper
Volgen
YANCHY
Ontvangen beoordelingen
Voorbeeld van de inhoud
SAPPC Certification Study Guide
Sharing and reporting information is essential to detecting potential insider threats. True or False? correct answerTrue
Two security professionals - Paul and Ashley - are discussing security program areas.
Paul says that Information Security practitioners train and/or advise Original Classification Authorities in the application of the process for making classification determinations.
Ashley says that Physical Security practitioners work with a facility's Antiterrorism Officer to deploy defensive measures designed to reduce the facility's vulnerability from terrorist attacks. correct answerPaul and Ashley are both correct
Two security professionals - Paul and Ashley - are discussing security program areas. Paul says that Information Security practitioners work with a facility's Antiterrorism Officer to deploy defensive measures designed to reduce the facility's vulnerability from terrorist attacks.
Ashley says that Personnel Security practitioners train and/or advise Original Classification Authorities in the application of the process for making classification determinations. correct answerPaul and Ashley are both incorrect
SPeD is an abbreviation for? correct answerSecurity Professional Education Development
SPed is a certification program of what agency? correct answerDepartment of Defense
Security Fundamentals Professional Certification (SFPC) definition? correct answerThe individual understands foundational security concepts, principles, and practices. (Core Certification for SPed).
Security Asset Protection Professional Certification (SAPPC) definition? correct answerThe Individual applies foundational security concepts, principles, and practices. (Core Certification for SPed).
Security Program Integration Professional Certification (SPIPC) definition? correct answerThe individual understands and applies risk assessment and security program management based on security concepts,
principles, and practices. (Core Certification for SPed).
Security Enterprise Professional Certification (SEPC) definition? correct answerThe individual understands and applies concepts, principles, and practices for managing enterprise-wide security.
What are the three principle incident/events required to be reported to DoD Counterintelligence (CI) organizations? correct answerEspionage, Sabotage, Terrorism & Cyber Policy
PMO is an abbreviation for? correct answerProgram Management Office
Provides the legal requirements to use lawful means to ensure U. S. receives the best intelligence available? correct answerE.O. 12333
The manual that includes CI-related requirements for Industry? correct answerDoD 5220.22-M (NISPOM)
Regulation mandating CI-specific training, briefing, and reporting? correct answerDoDI5240.6: CI Awareness, Briefing, and Reporting Programs
Regulation providing procedures to follow when classified information is compromised? correct answerDoD 5200.1-R: information Security Program
What are three principle incidents/events required to report to DoD counterintelligence (CI) organizations? correct answerEspionage, Sabotage, Terrorism & Cyber Policy List three different types of threats to classified information? correct answerInsider Threat, Foreign Intelligence Entities (FIE), Cybersecurity Threat
List three indicators of insider threats? correct answerFailure to report overseas travel or contact with foreign nationals.
Seeking to gain higher clearance or expand access outside the job scope.
Engaging in classified conversations without a need to know.
Working hours inconsistent with job assignment or insistence on working in private.
Exploitable behavior traits.
Repeated security violations.
Attempting to enter areas not granted access to.
List three elements that should be considered in identifying Critical Program Information? correct answer- Cause significant degradation in mission effectiveness
- Shorten the expected combat-effective life of the system
- Reduce technological advantage
- Significantly alter program direction
- Enable an adversary to defeat, counter, copy, or reverse-engineer the technology or capability.
Briefly describe the concept of insider threat? correct answerAn employee who may represent a threat to national security. These threats encompass potential espionage, violent acts against the Government or the nation, and unauthorized disclosure of classified information, including the vast amounts of classified data available on interconnected United States Government computer networks and systems.
List three elements that a security professional should consider when assessing and managing risks to DoD assets? correct answerAsset
Threat
Vulnerability
Risk
Countermeasures
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
√ Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, Bancontact of creditcard voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper YANCHY. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €18,18. Je zit daarna nergens aan vast.