Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
69 Cards in this Set
- Front
- Back
|
Directives that govern Personnel Security
|
– Department of Defense (DoD) 5200.2–R – Ref c
– EO 10450 Security Requirements for Government Employees – EO 12968 Access to Classified Information – Ref a – ICD 704 – NAVSUP to DoD DIR 5105.21.M–1 – SECNAV M–5510.36 – Ref e |
|
|
Classification Categories and the color codes
|
– TOP SECRET Orange containing information whose unauthorized disclosure could be expected to cause exceptionally grave damage to the national security.
– SECRET Red could cause serious damage to the national security. – CONFIDENTIAL Blue could cause damage to the national security. – UNCLASSIFIED Green generally available to anyone. |
|
|
What is 'need to know'
|
– determination that access to classified material is required by another person to perform a specific task and not provided solely on the individual’s office, rank, position, or clearance eligibility.
|
|
|
Type of Investigations and periodicity
|
– Top Secret requires SSBI Single Scope Background Investigation every 5 years.
– Secret needs NACLC National Agency Check with Local Agency and Credit Checks every 10 years. – Confidential needs NACLC every 15 years. – SCI Sensitive Compartmented Information require a Prenominating interview. |
|
|
SAER
|
Security Access Eligibility Report
- used to report to DoNCAF Department of the Navy Central Adjudication Facility any information which might affect individual eligibility or access to SCI. |
|
|
Events to be reported to the SSO
|
– Involvement in activities or sympathetic association with persons which/who unlawfully practice or advocate the overthrow or alteration of the United States Government by unconstitutional means.
– Foreign influence concerns or close personal association with foreign nationals. – Foreign citizenship or foreign monetary interests. – Sexual behavior that is criminal or reflects a lack of judgment or discretion. – Unwillingness to comply with rules and regulations or to cooperate with security processing. – Unexplained affluence or excessive indebtedness. – Alcohol abuse. – Illegal or improper drug use/involvement. – Apparent mental or emotional disorder. – Criminal conduct. – Noncompliance with security requirements. – Engagement in outside activities which could cause a conflict of interest. – Misuse of information technology systems. – Change in marital status. |
|
|
Who has overall authority of a SCIF.
|
Commanding Officer
|
|
|
Who Controls Access to a SCIF.
|
SSO
– responsible for the security control, use, and operation of the Sensitive Compartmented Information Facility (SCIF). |
|
|
SF700
|
Security Container Information
– used to record safe and door lock combinations. |
|
|
SF701
|
Activity Security Checklist
– used at the end of the day to ensure classified materials are secured properly and provides for accountability. |
|
|
SF702
|
Security Container Checksheet
– records names and times personnel have opened, closed, or checked containers holding classified info. |
|
|
SF703
|
Top Secret Coversheet
– Coversheet for Top secret materials. |
|
|
SF153
|
Comsec Material Report
– Acquisition or transfer of secure communications devices. |
|
|
SF312
|
Classified Information Nondisclosure Agreement
– a contractual agreement between the US Government and a cleared employee that must be executed as a condition of access to classified information. – By signing the SF–312, the cleared employee agrees never to disclose classified information to an unauthorized person. |
|
|
When do Safe Combinations change
|
– When lock is first installed or used.
– When any person having knowledge of the combination no longer requires access. – When compromised or believed to be compromised. – When the combination has been taken out of service. – When any repair work has been performed on the combination lock. – At least once every two years. |
|
|
FDO
|
Foreign Disclosure Office
– approves the disclosure of classified and controlled unclassified military information to foreign representatives. |
|
|
DCS
|
Defense Courier Service
– establish, staff, operate, and maintain an international network of couriers and courier stations for the expeditious, cost effective, and secure transmission of qualified classified documents and material. |
|
|
Procedures for preparing hard copy classified material for Transportation via DCS
|
– Double wrapped with prescribed opaque material.
– Properly marked classification and address. – The minimum size is an 8”x 11” flat envelope. – Single items will not normally exceed 150 pounds. – All seams will be reinforced with same tape–gummed Kraft paper tape. |
|
|
Procedures for preparing hard copy classified material for Transportation via Handcarry
|
– Use a classified material cover sheet, file folder, or other covering to prevent inadvertent disclosure when hand carrying classified information within the command.
– Double–wrap the classified information when hand carrying outside the command. – A locked briefcase may serve as the outer cover, except when hand carrying aboard commercial aircraft. – The security manager shall provide written authorization to all individuals escorting or hand carrying classified information. |
|
|
TSCO
|
Top Secret Control Officer
– maintains a system of accountability to record the receipt, reproduction, transfer, transmission, downgrading, declassification and destruction of command Top Secret information, less SCI and other special types of classified information. – Ensure that inventories of Top Secret information are conducted at least once annually or more frequently when circumstances warrant. |
|
|
THREATCON and Force Protection levels
|
– THREATCON NORMAL – Local security measures designed for implementation when there is no credible threat of terrorist activity, routine security posture designed to defeat the routine criminal threat.
– THREATCON ALPHA – General readiness. – THREATCON BRAVO – Somewhat predictable threat with increased security measures, maintained for weeks or months. – THREATCON CHARLIE – Known Terrorist threat made, maintained for short periods. – THREATCON DELTA – Specific target known and declared or terrorist event has occurred, maintained for limited time. |
|
|
RAM
|
Random Antiterrorism Measures
– consist of random implementations of higher FPCON measures in consideration of the local terrorist capabilities. – Random use of other physical security measures should be used to supplement FPCON measures. |
|
|
EAP
|
Emergency Action Plan
– plan for the protection of classified information in case of a natural disaster or civil disturbance. – May be prepared in conjunction with the command's disaster preparedness plan. – Emergency plans provide for the protection of classified information in a way that will minimize the risk of personal injury or loss of life. |
|
|
EDP
|
Emergency Destruction Procedure
– Prevent uncleared personnel accessing classified material in case of emergency, ie. fire, natural disaster, civil disturbance, terrorism, or enemy attack. |
|
|
Who can give the order to initiate Emergency Destruction
|
Commanding Officer or Officer In Charge
|
|
|
State the Process of Emergency Destruction (how and in what order).
|
– Priority One – All cryptographic equipment and documents.
– Priority Two – All operational SCI codeword material which might divulge targets and successes, documents dealing with US SCI activities and documents concerning compartmented projects and other sensitive intelligence materials and all TOP SECRET collateral. – Priority Three – Less sensitive administrative SCI material and collateral classified material not included above by any reasonable means available – burn, shred, smash, degauss, jettison, etc. |
|
|
SCI
|
Sensitive Compartmented Information
– classified information concerning or derived from intelligence sources, methods, or analytical processes and required to be handled within formal access control systems established by the DCI. |
|
|
Items prohibited in a SCIF
|
– Personally owned photographic, video, and audio recording equipment.
– Personally owned computers and associated media. |
|
|
Security Violations vs Practices Dangerous to Security
|
– Security Violation – compromise of classified information to persons not authorized to receive it or a serious failure to comply with security regulations and is likely to result in compromise. MUST BE REPORTED IMMEDIATELY.
– Practice Dangerous to Security – failure to comply with security regulations causing a potential compromise of classified information. NOT REQUIRED TO BE REPORTED. |
|
|
Security Requirements for a SCIF.
|
– Needs to be Permanent, needs Guards, Secure entryways, and a Fence.
|
|
|
Security Requirements for a T–SCIF.
|
– is Temporary, needs Secure entryways, Guards (if applicable), and a Fence (if applicable).
– Temporary Secure Working Area (TSWA) is a temporarily accredited facility used no more than 40 hours monthly for the handling, discussion, and/or processing of SCI, but where SCI should not be stored. |
|
|
Vault Recertification and Recurring Inspections
|
–SCI security officials will conduct self–inspections of their SCIFs at least annually.
– Other inspections shall be based on threat, physical modifications, sensitivity of programs, and past security performance. – Inspections may occur at any time, announced or unannounced. – The completed fixed facility checklist will be reviewed during the inspection to ensure continued compliance. |
|
|
Why the need for access lists, documentation logs, and two–person integrity.
|
– To ensure only properly authorized personnel access the classified material, annotate when documents were accessed for accountability, and to ensure material remains uncompromised during transit.
|
|
|
The DoD escort policy.
|
– movement of all visitors controlled to ensure access to classified information is deliberate and consistent with the purpose of the visit.
– non–SCI indoctrinated personnel entering a SCIF must be continuously escorted by an indoctrinated employee who is familiar with the security procedures of that SCIF. |
|
|
Procedure for sanitizing an area.
|
– Sanitizing is a two–step process.
1- Removing data from the media and removing all classified labels, markings, and activity logs. 2- Removing all classified material from view so as to not be visible to uncleared personnel. |
|
|
COMSEC
|
Communications Security
– discipline of preventing unauthorized interceptors from accessing telecommunications in an intelligible form, while still delivering content to the intended recipients. |
|
|
INFOSEC
|
Information Security
– means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. |
|
|
COMPUSEC
|
Computer Security
– a branch of computer technology known as information security as applied to computers and networks. – The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. |
|
|
PSP
|
Personnel Security Program
– measures taken to ensure personnel have proper clearance levels, are properly indoctrinated, instructed, and trained to protect classified material. |
|
|
ATFP
|
Anti–Terrorism Force Protection
– security portion of a much larger operational concept known as force protection which synchronizes select security programs into comprehensive defensive measures to protect personnel, information, and critical resources against asymmetrical threat attacks. – it targets foreign and domestic terrorist threats, as well as those criminals, violent protesters, saboteurs, and foreign intelligence agents who support terrorism, promote conditions beneficial to the conduct of terrorist operations, or otherwise mount operations to further their own agendas at the expense of the DOD and its mission. |
|
|
ICD system
|
– Intel Community Directives
– the principal means by which the DNI provides guidance, policy, and direction to the Intelligence Community. |
|
|
SSO Navy
|
– The Director, Security and Corporate Services (ONI–05) which oversees SSO OPS.
|
|
|
Duties and Responsibilities of SSO.
|
– Responsible for maintaining the security of SCI material and providing advice to the CO or OIC on SSO program related matters.
|
|
|
CSM and who can be one.
|
Command Security Manager
– must be an officer or civilian employee (GS–11 or higher), a US citizen, and completed an SSBI. |
|
|
Duties and responsibilities of a CSM.
|
Command Security Manager
– Responsible for the administration of a command information and personnel security programs. – liaison with SSO on investigations, SCI access, eligibility evaluation, and policy and procedure changes - develops EAP. – Ensures all violations are reported and recorded when necessary. |
|
|
JPAS
|
Joint Personnel Adjudication System (JPAS)
– the official personnel security clearance database management system for the Department of Defense, provides "real–time" information regarding clearance, access and investigative status to authorized DoD security personnel and other interfacing organizations. |
|
|
DoN CAF and Responsibilities of.
|
Department of the Navy Central Adjudication Facility (DoN CAF)
– responsible for determining who within the Department of the Navy is eligible to hold a security clearance, to have access to Sensitive Compartmented Information (SCI), or to be assigned to sensitive duties. |
|
|
How long can a Commanding Officer administratively suspend access before DoN CAF revokes a clearance.
|
– 90 days unless otherwise permitted.
|
|
|
Levels of INFOCON
|
INFOCON 5, 4, 3, 2, and 1.
|
|
|
INFOCON 5
|
– no apparent hostile activity against computer networks.
|
|
|
INFOCON 4
|
– increased risk of attack against computer networks.
|
|
|
INFOCON 3
|
– risk of attack against computer networks has been identified.
|
|
|
INFOCON 2
|
– attack on computer networks has occurred, non–essential networks may be taken offline.
|
|
|
INFOCON 1
|
– attack on computer networks is taking place and Computer Network Defense system is at maximum alertness, compromised systems are isolated from rest of network.
|
|
|
Security rules and procedures for magnetic and electronic media.
|
– All such devices bearing classified information must be conspicuously marked with the highest level of classification stored on the device and any special control notices that apply to the information.
|
|
|
Explain why US Navy only uses '.mil' email addresses on government systems.
|
– DoD has exclusive use of the .mil domain which provides increased security.
|
|
|
Agency that Conducts Clearance Interviews
|
– OPM (Office of Personnel Management)
|
|
|
CAPCO |
Controlled Access Program Coordination Office (CAPCO) - division of Special Security Center responsible for oversight and management of all IC controlled access programs provided by the SCI and SAP Management Branch, and oversight and management of the IC classification and control markings standard provided by the CCM Branch. |
|
|
DD 254 |
DD 254 - a contractual specification, the vehicle that provides a contractor the security classification guidance necessary to perform on a classified contract. |
|
|
TMS |
Task Management System (TMS) - ONI internal tasking system on JWICS. |
|
|
Who has authority to declassify imagery. |
Director of National Intelligence DNI |
|
|
ONI Echelon II commanders can approve awards up to what level.
|
Navy and Marine Corps Commedation Medal and Navy and Marine Corps Achievement Medal
|
|
|
Publication for Awards Guidance.
|
SECNAVINST 1650.1H
|
|
|
SBP
|
Survivor Benefit Plan SBP
- provides uniformed service members who are entitled to retired pay, with the opportunity in the event of their death, to provide 55 percent of their gross retired pay as an annuity payable to their designated beneficiaries. |
|
|
Publication which Governs Advancement.
|
BUPERINST 1430.16F
|
|
|
How is Leave accounted for.
|
E-leave on NSIPS.
|
|
|
How are Prohibited Websites Blocked.
|
Security firewalls have been put in place at all gateways between the OSIS and the Internet.
- continually monitored using automated tools to detect penetrations and attempts to modify server software. |
|
|
Purpose of the Sensitive Compartmental Information (SCI) Caveat.
|
Sensitive Compartmented Information SCI
- classified information concerned with or derived from intelligence sources, methods, or analytical processes that is required to be handled within formal access control systems established by the Director of National Intelligence (DNI). |
|
|
OPNAVFORM 5216
|
OPNAVFORM 5216
- Correspondence Material Form used to document transfer and receipt of classified information. |
