Computer Security
A program manager questions why information from a legacy technology system is still classified. You explain the technology system will be declassified when the program is supported is declassified. This is an example of which type of declassification system?
a. Systematic Declassification
b. Scheduled Declassification
c. Automatic Declassification
d. Petitioned Declassification
A new junior member of your security team wants to learn about physical security planning and implementation. Which of the following would you identify for her as components of physical security planning and implementation?
a. the risk management process
b. facility installation construction
c. physical security planning documents
d. oversight
C only
B, C and D only
B and C only
A, B, C, and D
You are working with a contractor and are reviewing the document that outlines in detail what be required to complete the contract. You are reviewing the _______________.
a. DD form 254: DD contract Security Classification Specification
b. DD form 441: DOD Security Agreement
c. Statement of Work (SOW)
As the newly-appointed physical security officer for a government facility you are informed that a register of the combination for all the various secured areas and storage containers that use combination locks are stored in a file cabinet in the executive assistants office. Is this compliant with combination control requirements?
a. No, No register combination should be created.
b. No. Combination should be posted on the exterior of their respective containers.
c. Yes. It is imperative that all employee can access the combination
d. No. Only a minimum number of authorized persons should know the combination to a given container
The physical security officer requests your assistance in conducting a Risk Management assessment. As part of the process, you note that increased physical security measures should be implemented. This is an example of which step in the Risk management process?
a. Assess vulnerabilities
b. Assess Assets
c. Determine countermeasures options
The contracting officer’s Representative (COR) sent a draft copy of a Statement of Work for contractor support to be performed on the installation. The project does not require access to classified information. He included a list of possible requirements to be followed by the contractor. Which of the following is required of contractor personnel working on a government installation?
a. Submit to a minimal background investigation for installation access.
b. Sign an SF 312 Classified Information Nondisclosure Agreement
c. Submit to a background investigation for access to government information systems.
A and C only
A,B, and C
A and B only
A only
An engineer at your facility questions the marking on classified diagram. Which of the following markings are required on classified diagrams?
a. The agency, officer of origin, and date of the diagram
b. Classification challenge procedures
c. The overall classification of the diagram
A, B, and C
B and C only
A and C only
C only
The installation commander has tasked you with evaluating the security measure implemented to protect a nuclear weapon storage facility on the installation. You find the facility uses a variety of security measures, including perimeter fencing and signage, continuous and emergency lighting, active barriers and the pedestrian and vehicle points of entry, guards, and manual and automated access control measures. The security measures employed at this facility are an example of ________________.
a. Enclaving
b. Operation security
c. Security in depth
d. Point security
You are reviewing classification requirements. In order to be classified, information must meet which of the following criteria?
a. The information must be owned by, produced by, produced for, or under the strict control of the U.S government.
b. The information must be determined that its unauthorized disclosure could cause damage to national security.
c. Disclosure of the information could cause undue stress to relations with friendly nations.
d. The classification level of the information must be designated.
You are conducting a Risk Management assessment. Which of the following activities are are required to support the Risk Management Process?
a. Conduct a cost analysis
b. Conduct a benefits analysis
c. Make Risk Management Decisions
A and C only
B and C only
A and B only
A, B, and C
As the newly appointed physical security officer for a government facility, you are informed that the keys for all the various secured areas and storage containers that use keyed locks are stored in a locked file cabinet in the security office along with the key and lock control register. Is this compliant with key control requirements?
a. Yes, all keys should be stored with the lock and key register.
b. No. All keys should be secured with the lock and key register.
c. Yes, It is imperative that access to keys be restricted to only security personnel.
d. No. Keys should be stored at the same level of protection as required for the material to which they provide access.