106 Security Flashcards
Discuss the purpose of personnel security.
Purpose of personnel security is to authorize initial and continued access to classified information and/or initial and continued assignment to sensitive duties to those persons whose loyalty, reliability and trustworthiness are such that entrusting them with classified information or assigning them to sensitive duties is clearly consistent with the interests of national security. Additionally, the PSP ensures that no final unfavorable personnel security determination will be made without compliance with all procedural requirements.
TOP SECRET
(ORANGE) highest level, compromise would cause “exceptionally grave damage” to national security.
SECRET
(RED) compromise would cause “serious damage” to national security.
CONFIDENTIAL
(BLUE) lowest level, would cause “damage” to national security.
UNCLASSIFIED
(GREEN) can be released without clearance, but is sometimes restricted—SBU (Sensitive, But Unclassified), FOUO (For Official Use Only), or NOFORN (No Foreign Officials).
Explain what is meant by ‘need to know’.
Limits materials to personnel who have the appropriate clearance and a necessity for the information to perform their duties.
State the type of investigation and how often it is updated for access to the following classification levels. (TOP SECRET)
SSBI – 5 years
State the type of investigation and how often it is updated for access to the following classification levels. (SECRET)
NACLC – 10 and 15 years
State the type of investigation and how often it is updated for access to the following classification levels. (CONFIDENTIAL)
NACLC – 10 and 15 years
State the type of investigation and how often it is updated for access to the following classification levels. (SCI)
SSBI – 5 years
Identify what a (SAER) is and its purpose.
Security Access Eligibility Report is used to identify changes in a person’s eligibility for a security clearance.
Identify the events that should be reported to the SSO.
Any unlawful or criminal acts, foreign travel, changes in marital status, financial difficulties, and, but not limited to, any contact with foreign peoples or officials.
Identify who has overall authority of, and controls access to, a SCIF.
Special Security Officer (SSO).
SF700
security container information.
SF701
activity security checklist.
SF702
container checklist.
SF703
Top Secret Cover Sheet (SF704-Secret Cover Sheet & SF705-Confidential Cover Sheet)
SF153
COMSEC (CMS) Report.
SF312
classified information Non-Disclosure Agreement (NDA).
State when safe combinations should be changed.
- When first placed in use.
- When someone transfers out of the facility.
- When subjected to compromise.
- When taken out of service.
State the responsibilities of the DDA
The DDA has the authority and responsibility to control disclosures of Classified Military Information (CMI) and Controlled Unclassified Information (CUI) to foreign governments and international organizations and their representatives or persons sponsored by them.
State the purpose of the DCS.
Defense Courier Service: tasked with establishment, staffing, maintaining and operating an international network of couriers for secure transmission of classified documents and materials (USPS).
Describe the procedures for preparing hard copy classified material for transportation via (DCS)
classified documents and material shall be addressed with the standardized DCS two-line address. Envelopes, labels, or tags with visible “postage and fees paid” indicia shall not be used. Security classification markings, special security caveats, and other extraneous markings must not appear on the outer wrapper. Nickname and/or special project markings previously approved by the DCS must be placed on the outer wrapper.
Describe the procedures for preparing hard copy classified material for transportation via (Handcarry)
when transferring information inside a facility, use a coversheet. If it must be carried outdoors, double-wrap the item.
State the THREATCON recognition and Force Protection levels and discuss what each represents.
- NORMAL: general threat of terrorist activity is possible.
- ALPHA: threat of possible terrorist activity is unpredictable.
- BRAVO: a predictable terrorist activity exists.
- CHARLIE: a terrorist attack is imminent.
- DELTA: terrorist attack is occurring or just occurred.
Random Antiterrorism Measures (RAM)
used to deter possible terror plot by changing force protection posture (i.e. gate changes, hour changes, shift rotation changes, etc.).
PSP
Physical Security Program, provides authorized access to classified material.
ATFP
Anti-Terrorism Force Protection, provides a safe and secure environment for and deter acts of terrorism against DOD personnel, assets, and facilities.
Explain and state the purpose of an EAP.
Emergency Action Plan: establishes procedures to protect classified information and communications security materials during emergency situations such as abandoning ship or natural disasters. Can only be initiated by the Commanding Officer or the highest ranking official
Explain and state the purpose of Emergency Destruction Procedures.
Prescribes policy and procedures for planning, protecting, and destroying COMSEC material during emergency conditions
State who can give the order to initiate Emergency Destruction.
The Commanding Officer or other responsible official must be aware of and approve the emergency plan as outlined in the CO’s battle orders.
Explain how, and in what order, material is destroyed during Emergency Destruction.
Items are destroyed in the following order by burning, shredding, destroying, sinking, or physically smashing equipment.
- Priority One– Top Secret information
- Priority Two–Secret information
- Priority Three–Confidential information
Define SCI.
Sensitive Compartmented Information. Classified information concerning or derived from intelligence sources, methods, or analytical processes that is required to be handled within formal access control systems
Describe the Items that are PROHIBITED EXCEPT FOR OFFICIAL DUTY In a SCIF
- PROHIBITED EXCEPT FOR OFFICIAL DUTY:
a. Two-way transmitting equipment.
b. Recording equipment (audio, video, optical). Associated media will be controlled.
c. Test, measurement, and diagnostic equipment.
Describe the Items that are explicitly PROHIBITED IN SCIFs
- PROHIBITED IN SCIFs:
a. Personally owned photographic, video, and audio recording equipment.
b. Personally owned computers and associated media.
explain differences between PDS vs Security Violation
- PDS: A failure to comply with the provisions of security regulations causing a potential compromise of classified information
- Security Violation: A compromise of classified information to persons not authorized to receive it or a serious failure to comply with the provisions of security regulations which is likely to result in compromise.
Explain the security requirements for a SCIF
a solid, permanent facility that is sound-proof, one primary entrance with an automatic closing door, vents/ducts that are protected with bars, as well as opaque windows or no windows.
Explain the security requirements for a T-SCIF
Tactical SCIF has physical barriers like a facilities SCIF, but also has physically armed sentries standing guard over the space.
Explain vault recertification and recurring inspections.
For Secret and above, recertification and inspections occur every six months. For Confidential and below, every nine months.
Discuss the need for access lists, required documentation logs, and two-person integrity.
All of these are required for accountability purposes and to prevent the loss or theft of materials.
Explain the DOD escort policy.
The movement of all visitors shall be controlled to ensure that access to classified information is deliberate and consistent with the purpose of the visit.
Discuss the procedures for sanitizing an area.
The removal of information from the media or equipment such that data recovery using any known technique or analysis is prevented.
Discuss each of the following, giving their definition and the purpose of each:
a. COMSEC:
b. INFOSEC:
c. COMPUSEC:
a. COMSEC: Communications Security, protects classified and unclassified voice, video, and data systems.
b. INFOSEC: Information Security, protects US information and information systems.
c. COMPUSEC: Computer Security, protects computing systems against compromise.
State the purpose of the ICD system.
Principal means by which the DNI provides guidance, policy, and direction, and instruction to the Intelligence Community.
Identify SSO Navy
Special Security Officer for the Navy has been designated as the Cognizant Security Authority (CSA), and is responsible for implementing SCI security policy and procedures.
106.31 List the duties and responsibilities of the SSO
The SSO is responsible for the operation (i.e. security, control, use, etc.) of all command Sensitive Compartmented Information Facilities (SCIFs).
Identify who can be a CSM
The command security manager must be an officer or a civilian employee, GS-11 or above, with sufficient authority and staff to manage the program for the command.
State the duties and responsibilities of a CSM.
The CSM ensures that the security programs are coordinated and inclusive of all requirements as outlined in SECNAVINST-M-5510.36. (See section 204 for more information)
Explain and state the purpose of JPAS.
Joint Personnel Adjudication System: provides centralized, integrated system to assist verification of a person’s security clearance status and eligibility.
106.35 Explain and state the responsibilities of DODCAF.
Department of the Navy Central Adjudication Facility reports directly to DIRNCIS and conducts clearance verification to enhance national security and protect government information.
106.36 Discuss how long a Commanding Officer can administratively suspend access before DODCAF revokes a clearance.
30 days.
106.37 Discuss the security rules and procedures for magnetic and electronic media.
- Must be properly stored and labeled
- Must be degaussed and/or properly destroyed
- Records of materials and their destruction must be maintained
