Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
47 Cards in this Set
- Front
- Back
|
What is the directive that govern personnel security
|
Executive Order (EO) 12968
|
|
|
What is TS and the Color
|
TOP SECRET (ORANGE)
Classification level applied to information whose unauthorized disclosure could reasonably be expected to cause exceptionally grave damage to the national security. |
|
|
What is SECRET and the Color
|
SECRET (RED)
Classification level applied to information whose unauthorized disclosure could reasonably be expected to cause serious damage to the national security. |
|
|
What is CONFIDENTIAL and the Color
|
CONFIDENTIAL (BLUE)
Classification level applied to information whose unauthorized disclosure could reasonably be expected to cause damage to the national security. |
|
|
What is UNCLASSIFIED and the Color
|
UNCLASSIFIED (GREEN)
Classification level applied to information whose unauthorized disclosure would reasonably be expected to cause no damage to the national security. |
|
|
What is need to know
|
access to the information must be necessary for the conduct of one's official duties.
|
|
|
How often do TOP SECRET get updated
|
updated every 5 years by a PR
|
|
|
How often do Secret/Confidential get updated
|
the investigation is updated every 10 and 15-years, respectively.
|
|
|
How often do Sensitive Compartmented Information (SCI) get updated
|
every 5 years
|
|
|
What is a SAER and its puropse
|
Security Access Eligibility Report:
Used when trying to get an SCI clearance but have to explain something in detail (Negative marks on a credit report). |
|
|
Identify the events that should be reported to the SSO.
|
REPORT TO SSO:
Financial issues. Legal issues. U/A. Mental Illness. Marriage to a foreign national. Anything that could question your character, integrity, physical and mental health needs to be reported. |
|
|
Identify who has overall authority of, and controls access to, a SCIF.
|
The Special Security Officer (SSO) will be responsible for the operation of the Sensitive Compartmented information Facility (SCIF)
|
|
|
What is SF-700
|
SF-700 (Security Container Information):
Form that contains vital information about the security container in which it is located. This information includes location, container number, lock serial number, and contact information if the container is found open and unattended. Cover page of this form is required to be posted on the inside of a container. The rest of the form (envelope) contains the safe combination (securely packaged) and is an accountable item which shall be stored in a separate container of equal or greater classification level. |
|
|
What is SF-701
|
SF-701 (Activity Security Checklist):
Checklist that is filled out at the end of each day to ensure that classified materials are secured properly and allows for employee accountability in the event that irregularities are discovered. |
|
|
What is SF-702
|
SF-702 (Security Container Check Sheet):
Provides a record of the names and times that persons have opened, closed and checked a particular container (safe) that holds classified information. |
|
|
What is SF-703
|
SF-703 Top Secret Cover Sheet
Cover sheets are placed on top of documents to clearly identify the classification level of the document and protect classified information from inadvertent disclosure. |
|
|
What is SF-153
|
SF-153 (COMSEC Material Report)
Used to document the: Transfer; Inventory; Destruction; Hand Receipt; or Other conditions of Communications Security (COMSEC) material. |
|
|
What is SF-312
|
SF-312 (Classified Information Nondisclosure Agreement)
A contractual agreement between the U.S. Government and a cleared employee that must be executed as a condition of access to classified information. By signing the SF-312, the cleared employee agrees never to disclose classified information to an unauthorized person even if the information has already been leaked. |
|
|
when safe combinations should be changed.
|
Safe combinations should be changed:
1. At least once every two years 2. Sooner if the combination has been compromised 3. Sooner if an individual who holds the combination transfers from the command or otherwise no longer requires it. |
|
|
What is an FDO and state their responsibilities.
|
FOREIGN DISCLOSURE OFFICE (FDO)
Military information is a national security asset which must be conserved and protected and may be shared with foreign representatives only when there is a clearly defined advantage to the United States. It is United States policy to avoid creating false impressions of its readiness to make defense articles, technologies, services or information available. Only designated foreign disclosure officers (FDOs) may approve the disclosure of classified and controlled unclassified military information to foreign representatives |
|
|
What is the purpose of the DCS
|
Defense Courier Service (DCS):
Is an established, staffed, maintained, and operated international network of couriers and courier stations for the expeditious, cost-effective and secure transmission/transportation of qualified classified documents and material. In all instances, security of material shall be of paramount importance. |
|
|
Describe the procedures for preparing hard copy classified material for transportation via
|
Shall not weigh over 300 pounds, or exceed dimensions 45 1/2" X 26" X 22", except those items for which the physical structure prohibits breakdown into smaller units.
The minimum size of a "flat" (envelope) entered into the DCS shall meet the standard 8 1/2" X 11" in size; small boxes and/or packages shall have a minimum total dimension of 26”. Items shall be addressed with the standardized DCS two-line address; the Army/Air Post Office, the Fleet Post Office, and the street addresses shall not be used. Envelopes, labels, or tags with visible "postage and fees paid“ indicia shall not be used. Security classification markings, special security caveats, and other extraneous markings must not appear on the outer wrapper. Nickname and/or special project markings previously approved by the DCS must be placed on the outer wrapper. Detailed information on wrappings, marking, and preparing material for movement is available from the servicing DCS station. Generally, all packaging materials are permissible if they afford contents with concealment and protection, preclude physical and/or visual access, are sturdy, and pose no hazard to handlers. Use of metal strapping is specifically prohibited. U.S. Postal Service bags, pouches, or sacks shall not be used for DCS material. DCS Material which is Hand-Carried: Individuals designated to hand-carry DCS material aboard aircraft are considered to have direct access to the material, and must have a Top Secret clearance and access to SCI. |
|
|
What are the 5 THREATCON recognition and Force Protection levels and discuss what each represents
|
THREATCON (5 levels):
1. Normal: No known threat indicated. 2. Alpha: General threat of possible terrorist activity against installations and personnel. The exact nature and extent are unpredictable, and circumstances do not justify full implementation of THREATCON BRAVO. Implication of selected THREATCON BRAVO measures as a result of intelligence or as a deterrent may be necessary. 3. Bravo: An increased and more predictable threat of terrorist action. 4. Charlie: An incident has occurred or that intelligence has been received indicating that some form of terrorist action is imminent. 5. Delta: A terrorist attack has occurred or that intelligence indicates that a terrorist action against a specific location is likely. Normally, this THREATCON is declared as a localized warning. |
|
|
What are the 5 levels of FPCON?
|
FPCON (5 levels):
1. Normal: Applies when a general global threat of possible terrorist activity exists and warrants a routine security posture. At a minimum, access control will be conducted at all DoD installations and facilities. 2. Alpha: Applies when there is an increased general threat of possible terrorist activity against personnel or facilities, and the nature and extent of the threat are unpredictable. Alpha measures must be capable of being maintained indefinitely. 3. Bravo: Applies when an increased or more predictable threat of terrorist activity exists. Sustaining BRAVO measures for a prolonged period may affect operational capability and military-civil relationships with local authorities. 4. Charlie: Applies when an incident occurs or intelligence is received indicating some form of terrorist action or targeting against personnel or facilities is likely. Prolonged implementation of CHARLIE measures may create hardship and affect the activities of the unit and its personnel. 5. Delta: Applies in the immediate area where a terrorist attack has occurred or when intel has been received that terrorist action against a specific location or person is imminent. This FPCON is usually declared as a localized condition. FPCON DELTA measures are not intended to be sustained for an extended duration. |
|
|
What is RAM
|
Random Anti-Terrorism Measure (RAM):
RAM programs may include (but not limited to): Increased ID checks Random vehicle inspections Random bag/personnel inspections |
|
|
Stat the purpose of an EAP
|
Emergency Action Plan (EAP):
Every command that holds classified COMSEC or Controlled Cryptographic Items (CCI) material must prepare and maintain a current, written emergency plan for safeguarding such material in the event of an emergency. Plans should cover safeguard steps to take for natural disasters likely to occur in the commands local region (e.g., hurricanes in the South, tornados and floods in the mid-West, wild fires in the West, etc.). |
|
|
state the purpose of Emergency Destruction Procedures
|
Emergency Destruction Plan (EDP):
Two Types: Precautionary Destruction: Hostile action is possible/probable and this is a process to destroy keying material and non-essential manuals in an effort to reduce the amount of material on hand (to prepare for expected Complete destruction). Complete Destruction: Hostile action is imminent and all material must be destroyed in priority order. |
|
|
who can give the order to initiate Emergency Destruction.
|
ONLY THE COMMANDING OFFICER can give the order to commence emergency destruction
|
|
|
Explain how, and in what order, material is destroyed during Emergency Destruction.
|
Emergency Destruction Priorities (in order from top to bottom):
1. Superseded keying material and secondary variables. 2. TOP SECRET primary keying material. 3. SECRET, CONFIDENTIAL, and Unclassified primary keying material. 4. Future (reserve on board) keying material for use one or two months in the future. 5. Non-essential classified manuals: 6. Maintenance manuals. 7. Operating manuals. 8. Administrative manuals. |
|
|
Define SCI
|
Sensitive Compartmented Information (SCI):
|
|
|
List the items prohibited in a SCIF and the security risks associated with them.
|
The following items are PROHIBITED in SCIFs:
Personally owned photographic, video, and audio recording equipment. Due to Espionage, TEMPEST, compromise of data concerns. Personally owned computers and associated media. Due to Espionage, compromise of data concerns. |
|
|
Define the difference between a security violation and a practice dangerous to security.
|
Security Violation:
Compromise of classified information to persons not authorized to receive it or a serious failure to comply with the provisions of security regulations and likely to result in a compromise. A security violation requires investigation. Practices Dangerous to Security (PDS): Practices which have the potential to jeopardize the security of COMSEC Material if allowed to continue. There are two types: Reportable: The action must be reported outside of command. Non-Reportable: The action must be reported to the Commanding Officer. |
|
|
Explain the security requirements for the SCIF
|
SCIF (Sensitive Compartmented Information Facility):
Accreditation concerns (follow the SCIF Accreditation Checklist contained in Director of Central Intelligence Directive (DCID) 6/9): Physical construction concerns (follow Fixed Facility Checklist in DCID 6/9): |
|
|
when does the vault recertificatefied
|
Recurring inspections are required every 24 months.
|
|
|
Why do we need Access List
|
A verified and approved list of personnel authorized to gain access to classified material or a classified space. Even though personnel may possess the applicable security clearance required to view material or enter a space those personnel must also have the “need to know”. The Access List is a way of proving “need to know” and ensuring the right persons access the right material.
|
|
|
Why do we need Required Documentation Logs
|
Utilized to account for personnel actions and material transactions which are later maintained and archived for historical account.
|
|
|
Why do we need TPI
|
Requires the participation of two people to provide a means of restricting access to sensitive material. When dealing with CRYPTO it requires at least two people, with authorized access to keying material. They must be in constant view of each other and the COMSEC material requiring TPI whenever the material is accessed and handled. Each person must be capable of detecting incorrect or unauthorized security procedures with respect to the task being performed.
|
|
|
Explain the DoD escort policy
|
Escort of an under cleared person:
1. If you are an escort you are required to stay with that individual or group you are escorting until they leave. In addition you are to ensure they stay out of secure spaces unless authorized. 2. The movement of all visitors shall be If an escort is required controlled to ensure that access to classified information is deliberate and consistent with the purpose of the visit. For the visitor, a military, civilian or a cleared contractor assigned to the command being visited may be assigned escort duties. 3. As a matter of convenience and courtesy, flag officers, general officers and their civilian equivalents are not required to sign visitor records or display identification badges when being escorted as visitors. Identification of these senior visitors by escorts will normally be sufficient. The escort should be present at all times to avoid challenge and embarrassment and to ensure that necessary security controls are met. If the visitor is not being escorted, all normal security procedures will apply. |
|
|
Discuss the procedures for sanitizing an area.
|
Sanitizing:
The removal of classified information from the media or equipment such that data recovery using any known technique or analysis is prevented. Sanitizing shall include the removal of data from the media, as well as the removal of all classified labels, markings, and activity logs. Properly sanitized media may be subsequently declassified upon observing the organization’s respective verification and review procedures. |
|
|
What is COMSEC
|
COMSEC (Communications Security): Protective measures taken to deny unauthorized persons information derived from telecommunications of the U.S. Government concerning national security, and to ensure the authenticity of such telecommunications. [NOTE: COMSEC includes crypto-security, emission security, transmission security, and physical security of COMSEC material and COMSEC information.
|
|
|
What is INFOSEC
|
INFOSEC (Information Security): The system of policies, procedures, and requirements established under the authority of E.O. 12958, as Amended, to protect information that, if subjected to unauthorized disclosure, could reasonably be expected to cause damage to the national security.
|
|
|
Who is the SSO what is his/her job
|
Serves as the focal point for the receipt, control and accountability of SCI and oversees SCI security functions for subordinate SCIFS. The SSO will be a military commissioned officer, warrant officer, or civilian (GS-9 or above).
Examples of duties: Supervises the operation of the Special Security Office and administers the SCI security program to include SCI security oversight for the other local SCIFs under the organizational SCI security cognizance. Maintains applicable SCI directives, regulations, manuals, and guidelines to adequately discharge SSO duties and responsibilities. Ensures all SCI is properly accounted for, controlled, transmitted, transported, packaged, and safeguarded. Ensures all SCI is destroyed in authorized destruction facilities and in accordance with DoD 5105.21-M-1. Ensures SCI is disseminated only to persons authorized access to the material and having an established need-to-know. Serves as the official channel for passing SCI access certification |
|
|
Identify who can be a CSM.
|
Command Security Manager (CSM):
1. Can be an Officer or civilian employee, GS-11 or above, with sufficient authority and staff to manage the program for the command. 2. Must be a U.S. citizen. 3. Must have been the subject of a favorably adjudicated SSBI completed within the previous 5 years. |
|
|
What is JPAS
|
Joint Personnel Adjudication System (JPAS):
Automated system of record for personnel security management within the DoD, providing a means to record and document personnel security actions. |
|
|
What is DONCAF
|
Department of the Navy Central Adjudication Facility (DONCAF):
A Naval Criminal Investigative Service (NCIS) organization responsible for determining who within the Department of the Navy is: 1. Eligible to hold a security clearance. 2. Eligible to have access to Sensitive Compartmented Information (SCI). 3. Eligible to be assigned to sensitive duties. |
|
|
State the levels of INFOCON and what each signifies
|
Information Security Condition (5 levels):
INFOCON 5: Describes a situation where there is no apparent hostile activity against computer networks. Operational performance of all information systems is monitored, and password systems are used as a layer of protection. INFOCON 4: Describes an increased risk of attack. Increased monitoring of all network activities is mandated, and all DOD end users must make sure their systems are secure. Internet usage may be restricted to government sites only, and backing up files to removable media is ideal. INFOCON 3: Describes when a risk has been identified. Security review on important systems is a priority, and the Computer Network Defense (CND) system's alertness is increased. All unclassified dail-up connections are disconnected. INFOCON 2: Describes when an attack has taken place but the Computer Network Defense system is not at its highest alertness. Non-essential networks may be taken offline, and alternate methods of communication may be implemented. INFOCON 1: Describes when attacks are taking place and the Computer Network Defense system is at maximum alertness. Any compromised systems are isolated from the rest of the network. |
|
|
Explain why the U.S. Navy only uses “.mil” email addresses on government systems.
|
The Navy uses .MIL for its e-mail addresses because the U.S. Department of Defense has exclusive use of this domain.
|
