106 Flashcards
106.1 Discuss the purpose of personnel security [ref. a, chapter 1-1]
- The purpose of the personnel security program is to make a reasonable determination that individuals granted access to classified information or assigned to sensitive positions are and will remain loyal, trustworthy, and reliable.
106.2 Define the following classification categories, how they differ, and the color codes
used to identify each one [ref. a, chapter 1-1]
a. TOP SECRET - Orange. Exceptionally grave damage to the national security.
b. SECRET- Red. Serious damage to the national security.
c. CONFIDENTIAL - Blue. Damage to the national security.
d. UNCLASSIFIED - Green. Publications and documents available to the general public.
106.3 Explain what is meant by ‘need to know’ [ref. a, appendix 9-2]
- You may have the clearance, but you may not necessarily need to know the information. A ‘need to know’ is based on job description and/or requirements. Just because you are cleared, doesn’t mean you have the right to obtain the information unless it pertains to what you are tasked.
106.4 State the type of investigation and how often it is updated for access to the following classification levels [ref. a, chapter 6-4]
a. Top Secret - SSBI - 5 years
b. Secret - NACLC/ANACI - 10 years
c. Confidential - NACLC/ANACI - 15 years
d. SCI - SSBI - 5 years
106.5 Identify what a SAER is and its purpose [ref. b]
- Security Access Eligibility Report - Used to identify an incident or any change in eligibility if an employee is still eligible for the security clearance.
106.6 Identify the events that should be reported to the SSO [ref. b]
- Financial issues
- Legal issues
- U/A
- Mental Illness
- Marriage to a foreign national
- Anything that could question your character, integrity, physical and mental health needs to be reported.
106.7 Identify who has overall authority of, and controls access to, a SCIF [ref. a, chapter 2-9]
- SSO – Special Security Officer
106.8 Identify the use of the following forms: [ref. c] SF-700; 701; 702; 703; 153; 312
a. SF700 – Security Container Information
b. SF701 – Activity Security Checklist
c. SF702 – Security Container Check Sheet
d. SF703 – Top Secret Cover Sheet (Orange)
e. SF153 – Comsec Material Report
f. SF312 – Classified Information Nondisclosure Agreement
106.9 State when safe combinations should be changed. [ref. a, chapter 10-12]
- When a combination lock is first installed or used.
- Combination has been subjected, or believed to have been subjected to compromise.
- If maintenance is performed on the safe .
- If the Combination is subject to (or suspected of) compromise.
- When the safe is taken out of service.
- Every two years.
- At other times when considered necessary by the CSA
106.10 What is a DDA and state their responsibilities. [ref. o]
- Designated Disclosure Authority has the authority and responsibility to control disclosures of CMI and CUI to foreign governments and international organizations and their representatives or persons sponsored by them.
106.11 State the purpose of the DCS. [ref. d, chapter 1.1.3.1]
- Defense Courier Service is used for the transportation of sensitive classified materials which cannot be transported through public or private means. This is to include SCI and other sensitive material. DCS is operated by the U.S. Transportation Command.
106.12 Describe the procedures for preparing hard copy classified material for transportation:
a. 1. DCS Defense Courier Service
No item entering the DCS shall weigh over 300 pounds. Items shall be addressed with the standardized DCS two-line address; the Army/Air Post Office, the Fleet Post Office, and the street addresses shall not be used. Envelopes, labels, or tags with visible “postage and fees paid” indications shall not be used. Security classification markings, special security caveats, and other extraneous markings must not appear on the outer wrapper. Nickname and/or special project markings previously approved by the DCS must be placed on the outer wrapper.
b. 2. Hand carry [ref. e, chapter 9]
Use a classified material cover sheet, file folder, or other covering to prevent inadvertent disclosure when hand carrying classified information within the command. Double-wrap the classified information when hand carrying outside the command. A locked briefcase may serve as the outer cover, except when hand carrying aboard commercial aircraft.
106.13 State the responsibilities of the TSCO. [ref. e, chapter 2-3]
- Top Secret Control Officer – Must be an Officer, E-7/GS-7 or above. The Security Manager may serve as the TSCO. Responsible for Maintaining accountability and an annual inventory of all Top Secret material.
106.14 State the THREATCON recognition and Force Protection levels and discuss what each represents. [ref. f]
a. THREATCON NORMAL – No known threat indicated.
b. THREATCON ALPHA - General threat of possible terrorist activity against installations and personnel.
c. THREATCON Bravo – Increased and more predictable threat of terrorist action.
d. THREATCON Charlie – An incident has occurred or a terrorist action is imminent.
e. THREATCON Delta – Terrorist attack has occurred.
a. FPCON Normal - No current terrorist activity.
b. FPCON Alpha - Small and general terrorist activity that is not predictable.
c. FPCON Bravo - Somewhat predictable terrorist threat.
d. FPCON Charlie – An incident has occurred terrorist activity is imminent.
e. FPCON Delta - Terrorist attack is taking place or has just occurred.
106.15 Explain the following terms. RAM; PSP; ATFP
a. RAM -Random Antiterrorism Measures. To maximize the effectiveness and deterrence value, RAM should be implemented without a set pattern, either in terms of the measure selected, time, place, or other variables.
b. PSP -Personnel Security Program: Used to authorize initial and continued access to classified information and/or initial and continued assignment to sensitive duties.
c. ATFP -Anti-Terrorism Force Protection: Actions taken to prevent or mitigate hostile actions against Department of Defense personnel (to include family members), resources, facilities and critical information.
106.16 Explain and state the purpose of an EAP. [ref. g, appendix l]
- Emergency Action Plan - A plan for the protection of classified material in the event of natural disasters (e.g., fire, flood, tornado, and earthquakes). The purpose of an EAP is to ensure safety of personnel and security of cryptologic material in any emergency. An EAP Coordinator will be designated in writing by the CO.
106.17 Explain and state the purpose of Emergency Destruction Procedures.
- Prescribes policy and procedures for planning, protecting, and destroying COMSEC material during emergency conditions. Planning must take into consideration its potential effect on national security should holdings fall into hostile hands (e.g., terrorist attack, rioting, or civil uprising). There are two kinds of Emergency Destruction Procedures – Precautionary and Complete.
106.18 State who can give the order to initiate Emergency Destruction.
- The Commanding Officer.
106.19 Explain how, and in what order, material is destroyed during Emergency Destruction
- Various methods and equipment may be used to destroy classified information that Includes burning, cross-cut shredding, wet-pulping, mutilation, chemical decomposition, or pulverizing. Priority one – Top Secret, priority two – Secret, priority three - Confidential
106.20 Define SCI. [ref. a, Appendix a]
- Sensitive Compartmented Information - Information and material that requires special controls for restricted handling within formal access control systems.
106.21 List the items prohibited in a SCIF and the security risks associated with them. [ref. h]
- No device that transmits, receives, records or stores data is authorized into a SCIF without prior approval (i.e CO or SSO or ISSM). Photography is not allowed in or around a SCIF without CO approval. The ISSM must approve ALL IT software prior to its use in a SCIF.
106.22 Define the difference between a security violation and a practice dangerous to security. [ref. b]
- Security Violation – a compromise of classified info to persons not authorized to receive it. A security violation requires investigation.
- PDS – A failure to comply with the provisions of security regulations which causes a potential compromise of classified information.
106.23 Explain the security requirements for the following: SCIF; T-SCIF
- SCIF [ref. j, i]
- Category I: When an exterior wall is common with an uncontrolled area. (i.e. not controlled at a SECRET or equivalent proprietary)
- Category II: When the exterior of a SCIF is in a controlled area.
- T-SCIF [ref. h]
- A Tactical SCIF shall have the appearance and construction standards of a standard shipping container and will contain lights, AC outlets, data ports and a HVAC system with the only inputs being power, phone/data and outside air.
106.24 Explain vault recertification and recurring inspections. [ref. b]
- The container or vault door must be inspected and recertified by a person specifically trained and authorized by the GSA before it can be used to protect classified material. Upon completion of the inspection, a “GSA Approved Recertified Security Container” label will be applied.
