Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
60 Cards in this Set
- Front
- Back
|
Discuss the purpose of personal security.
|
to authorize initial and continued access to classified information and/or initial and continued assignment to sensitive duties to those persons whose loyalty, reliability and trustworthiness are such that entrusting them with classified information or assigning them to sensitive duties is clearly consistent with the interests of national security.
|
|
|
Define TOP SECERT and its color code.
|
unauthorized disclosure could reasonably be expected to cause EXCEPTIONALLY GRAVE DAMAGE to the national security.
ORANGE |
|
|
Define SECERT and its color code.
|
unauthorized disclosure could reasonably be expected to cause SERIOUS DAMAGE to the national security.
RED |
|
|
Define CONFIDENTIAL and its color code.
|
unauthorized disclosure could reasonably be expected to cause DAMAGE to the national security.
BLUE |
|
|
Define UNCLASSIFIED and its color code.
|
generally available to anyone
GREEN |
|
|
Explain what is meant by need to know.
|
A determination by an authorized holder of classified information that access to specific classified material in their possession is required by another person to perform a specific and authorized function to carry out a national task
|
|
|
State the type of investigation and how often it is updated for access to TOP SECRET.
|
Single Scope Background Investigation (SSBI) - Every 5 years
|
|
|
State the type of investigation and how often it is updated for access to SECRET.
|
National Agency Check with Local Agency and Credit Checks (NACLC) – Every 10 Years
|
|
|
State the type of investigation and how often it is updated for access to CONFIDENTIAL.
|
National Agency Check with Local Agency and Credit Checks (NACLC) – Every 15 years
|
|
|
State the type of investigation and how often it is updated for access to SCI.
|
Pre-nomination Interview
|
|
|
Identify what SAER is and its purpose.
|
( Security Access Eligibility Report) is used to report to DoNCAF any information which might affect an individual’s continued eligibility for access to SCI.
|
|
|
Identify the events that should be reported to the SSO.
|
-Involvement in activities or sympathetic association with persons which/who unlawfully practice or advocate the overthrow or alteration of the United States Government by unconstitutional means.
-Foreign influence concerns/close personal association with foreign nationals. -Foreign citizenship or foreign monetary interests. -Sexual behavior that is criminal or reflects a lack of judgment of discretion. -Unwillingness to comply with rules and regulations or to cooperate with the security processing. -Unexplained affluence or excessive indebtedness. Alcohol abuse. -Illegal or improper drug use/involvement. -Apparent mental or emotional disorder(s). -Criminal conduct. -Noncompliance with security requirements. -Engagement in outside activities which could cause a conflict of interest. -Misuse of information technology systems. -Change in marital status. |
|
|
Identify who has overall authority of and controls access to, a SCIF.
|
The CO
|
|
|
Identify the use of SF700
|
SF700 - Security Container Information – used to record safe and door lock combinations.
|
|
|
Identify the use of SF701
|
SF701 – Activity Security Checklist – used at the end of the day to ensure classified materials are secured properly and provides accountability.
|
|
|
Identify the use of SF702
|
SF702 – Security Container Checklist – records names and times personnel have opened, closed or checked containers holding classified information.
|
|
|
Identify the use of SF703
|
SF703 – Top Secret (Coversheet) – Coversheet for Top Secret materials.
|
|
|
Identify the use of SF153
|
SF153 – COMSEC Material Report – Acquisition/transfer of secure COMMS Devices.
|
|
|
Identify the use of SF312
|
SF312 – Classified Information Nondisclosure Agreement – is a contractual agreement between the U.S. Government and a cleared employee that must be executed as a condition of access to classified information. By signing the SF-312, the cleared employee agrees never to disclose classified information to an unauthorized person.
|
|
|
State when safe combinations should be changed.
|
When lock is first installed/used
When compromised or believed to be compromised Whenever deemed necessary |
|
|
State the responsibilities of the DDA
|
Delegations of Disclosure Authority
DDAs may approve or deny disclosures of Classified Military Information (CMI) and Controlled unclassified Information (CUI) for which they are the originating authority or for which they have been delegated disclosure authority, in compliance with this manual. |
|
|
Stae the purpose of DCS.
|
The Defense Courier Service establishes, staffs, operates, and maintains an international network of couriers and courier stations for expeditious, cost effective, and secure transmission of qualified classified documents and material.
|
|
|
Describe the procedures for preparing hard copy classified material for transport via DCS.
|
- Per Reference – The DoD components and contractors, to the maximum extent possible, shall use the USTRANSCOM’s Courier network to transport material requiring escort.
- Double wrapped with prescribed opaque material. - Properly marked classification and address. - The minimum size is an 8” X 11” flat envelope. - Single items will not normally exceed 150 pounds. - All seams will be reinforced with the prescribed tape-gummed Kraft paper tape. |
|
|
Describe the procedures for preparing hard copy classified material for transport via handcarry.
|
- Use a classified material cover sheet, file folder, or other covering to prevent inadvertent disclosure when hand carrying classified information within the command.
- Double-wrap the classified information when hand carrying outside the command. A locked briefcase may serve as the outer cover, except when hand carrying aboard commercial aircraft. - The Security manager shall provide written authorization to all individuals escorting or hand carrying classified information |
|
|
State the responsibilities of the TSCO.
|
The Top Secret Control Officer maintains a system of accountability (e.g., registry) to record the receipt, reproduction, transfer, transmission, downgrading, declassification and destruction of command Top Secret information, less SCI, and other special types of classified information.
Ensure that inventories of Top Secret information are conducted at least once annually, or more frequently when circumstances warrant |
|
|
State the THREATCON recognition and Force Protection Levels and discuss what each represents.
|
- THREATCON/FP Alpha – General readiness.
- THREATCON/FP Bravo – Somewhat predictable threat. Increased security measures. Can be maintained for weeks or months. - THREATCON/FP Charlie – Known Terrorist threat made. Can be maintained for short periods. - THREATCON/FP Delta – Specific target known and declared, or terrorist event has occurred. Can only be maintained for a limited time. |
|
|
Define RAM
|
Random Antiterrorism Measures (RAM), at a minimum, shall consist of the random implementation of higher FPCON measures in consideration of the local terrorist capabilities. Random use of other physical security measures should be used to supplement FRCON measures.
|
|
|
Define ATFP.
|
security program formed to protect personnel, information, and critical resources from outside attacks
|
|
|
Explain and state the purpose of an Emergency Action Plan (EAP).
|
- A plan for the protection of classified information in case of a natural disaster or civil disturbance. This plan may be prepared in conjunction with the command’s disaster preparedness plan.
- Emergency plans provide for the protection of classified information in a way that will minimize the risk of personal injury or loss of life. |
|
|
Explain and state the purpose of Emergency Destruction procedures.
|
Prevent un-cleared personnel from access to classified material in case of emergency such as fire, natural disaster, civil disturbance, terrorist activities, or enemy attack.
|
|
|
State who can give the order to initiate Emergency Destruction plan.
|
The highest ranking person on station.
|
|
|
Explain in what order and how, material is destroyed during Emergency Destruction.
|
- Priority One – All cryptographic equipment and documents.
- Priority Two – All operational SCI codeword material which might divulge targets and successes, documents dealing with US SCI activities and documents concerning compartmented projects and other sensitive intelligence materials and all TOP SECRET collateral. - Priority Three – Less sensitive administrative SCI material and collateral classified material not included above. - Any reasonable means available. Burning, shredding, smashing degaussing, magnets, jettison, etc. |
|
|
Define Sensitive Compartmented Information (SCI).
|
Sensitive Compartmented Information: Classified information concerning or derived from intelligence sources, methods, or analytical processes and required to handled within formal access control systems established by the DCI.
|
|
|
List items prohibited in the Secret Compartmented Information Facility (SCIF).
|
Personally owned photographic, video, and audio recording equipment.
Personally owned computers and associated media. |
|
|
Define the difference between a security violation and a practice dangerous to security.
|
- Security Violation is a compromise of classified information to persons not authorized to receive it or a serious failure to comply with security regulations and is likely to result in compromise.
-- Deliberate or accidental exposure of SCI resulting from loss, theft, or capture -- Must be reported immediately - Practice Dangerous to Security is a failure to comply with security regulations causing a potential compromise of classified information. -- A courier carrying classified documents stopping at a public establishment to conduct personal business -- Failing to change security container combinations as required -- Not required to be reported |
|
|
Explain the security requirements for SCIF.
|
SCIF:
- Permanent - Guards - Secure entryways - Fence |
|
|
Explain the security requirements for T-SCIF.
|
T- SCIF:
- Temporary - Guards (if applicable) - Fence (if applicable) - Secure entryway |
|
|
Explain vault recertification and recurring inspections.
|
SCI security officials will conduct self-inspections of their SCIFs at least annually. Other inspections shall be based on threat, physical modifications. Sensitivity of programs, and past security performance. Inspections may occur at any, announced or unannounced. The completed fixed facility checklist will be reviewed during the inspection to ensure continued compliance.
|
|
|
Discuss the need for access lists, required documentation logs and two-person integrity.
|
To ensure only properly authorized personnel access the classified material, annotate when documents were accessed for accountability, and to ensure material remains uncompromised during transit.
|
|
|
Explain the DoD escort policy.
|
- The movement of all visitors shall be controlled to ensure that access to classified information is deliberate and consistent with the purpose of the visit.
- Non-SCI indoctrinated personnel entering a SCIF must be continuously escorted by indoctrinated employee who is familiar with the security procedures of that SCIF. |
|
|
Discuss the procedures for sanitizing an area.
|
- Sanitizing Equipment is a two-step process that includes removing data from the media and removing all classified labels, markings, and activity logs.
- Sanitizing spaces is removing all classified material from view (placing in vaults, drawers, etc) so as to not be visible to un-cleared personnel. |
|
|
Discuss COMSEC, giving their definition and the purpose.
|
Communication Security
|
|
|
Discuss INFOSEC, giving their definition and the purpose.
|
Information Security
|
|
|
Discuss COMPUSEC, giving their definition and the purpose.
|
Computer Security
|
|
|
State the purpose of the Intelligence Community Directives System (ICDs).
|
Intelligence Community Directives (ICDs) are the principle means by which the DNI provides guidance, policy, and direction to the Intelligence Community.
|
|
|
Identify Special Security Office (SSO) Navy.
|
The Director, Security and Corporate Services (ONI-5)
Oversees SSO operations |
|
|
List the duties and responsibilities of the SSO.
|
Responsible for maintaining the security of SCI material and providing advice to the CO or OIC on the related matters of the SSO program.
|
|
|
Identify who can be a Command Security Manager (CSM).
|
Must be an officer or civilian employee (GS-11 or higher), a US Citizen, and completed an SSBI.
|
|
|
State the duties and responsibilities of the CSM.
|
Responsible for administration of the Commands information and personnel security programs.
- Maintains liaison with SSO IRT investigations, SCI access, eligibility evaluation, policy and procedure changes. - Ensures security threats, compromises, and other violations are reported, recorded, and investigated when necessary. - Develops visitor control procedures and disclosure of classified information to foreign nationals. - Develops EAP and written Command information and personnel security procedures. - Serves as the CO’s advisor and direct representative in matters of security of classified information. |
|
|
Explain and state the purpose of the Joint Personnel Adjudication System (JPAS).
|
- The Joint Personnel Adjudication System (JPAS) is the official personnel security clearance database management system for the Department of Defense.
- JPAS automates both core and CAF-unique functionality and provides “real-time” information regarding clearance, access and investigative status to authorized DoD security personnel and other interfacing organizations. |
|
|
Explain and state the responsibilities of Department of the Navy Central Adjudication Facility (DONCAF).
|
- DoNCAF – Department of the Navy Central Adjudication Facility.
- DoNCAF is responsible for determining who within the Department of the Navy is eligible to hold a security clearance, to have access to Sensitive Compartmented Information (SCI), or to be assigned to sensitive duties. |
|
|
Discuss how long a Commanding Officer can administratively suspend access before DONCAF revokes a clearance.
|
90 Days
DoNCAF does not automatically revoke a clearance after a 90 day local suspension. After 90 days the CO has to make a decision to give access back or report to DoNCAF in JPAS the suspension, at which time a SAER with eligibility recommendation needs to be done. DoNCAF is the only authority to grant access back once this action is taken. |
|
|
How many levels of INFOCON.
|
INFOCON 1, INFOCON 2, INFOCON 3, INFOCON 4, INFOCON 5
|
|
|
What is INFOCON 5
|
INFOCON 5 describes a situation where there is no apparent hostile activity against computer networks. Operational performance of all information systems is monitored, and password systems are used as a layer of protection.
|
|
|
What is INFOCON 4
|
INFOCON 4 describes an increased risk of attack. Increased monitoring of all network activities is mandated, and all Department of Defense end users must be restricted to government sites only, and backing up files to removable media is ideal.
|
|
|
What is INFOCON 3
|
INFOCON 3 describes when a risk has been identified. Security review on important systems is a priority, and the Computer Network Defense system’s alertness is increased. All unclassified dial-up connections are disconnected.
|
|
|
What is INFOCON 2
|
INFOCON 2 describes when an attack has taken place but the Computer Network Defense system is not at its highest alertness. Non-essential networks may be taken offline, and alternate methods of communication may implemented.
|
|
|
What is INFOCON 1
|
INFOCON 1 describes when attacks are taking place and the Computer Network Defense system is at maximum alertness. Any compromised systems are isolated from the rest of the Network.
|
|
|
Discuss the security rules and procedures for magnetic and electronic media.
|
All such devices bearing classified information must be conspicuously marked with the highest level of classification stored on the device and any special control notices that apply to the information.
|
|
|
Explain why the U.S. Navy only uses “.mil” email addresses on government systems.
|
DoD has exclusive use of the “mil” domain. Provides for increased security.
|
