106 Security Flashcards

1
Q

What is the purpose of personnel security?

A

To authorize initial and continued access to classified information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Define TOP SECRET and the color code to identify it

A

Could cause EXCEPTIONALLY GRAVE damage to national security / ORANGE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Define SECRET and the color code to identify it

A

Could cause SERIOUS DAMAGE damage to national security / RED

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Define CONFIDENTIAL and the color code to identify it

A

Could cause DAMAGE to national security / BLUE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define UNCLASSIFIED and the color code to identify it

A

Technically not a classification level, but is used for documents that do not have a classification listed / GREEN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Explain “Need to know”

A

Access to specific classified info in order to perform or assist in a lawful and authorized governmental function

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What type of investigation and how often is an update for access for a Top Secret/SCI needed?

A

SSBI every 5 years

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What type of investigation and how often is an update for access for a Secret clearance needed?

A

National Agency Check with Local Agency & Credit Checks (NACLC) every 10 years

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What type of investigation and how often is an update for access for a Confidential clearance needed?

A

National Agency Check with Local Agency & Credit Checks (NACLC) every 15 years

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a SAER and its purpose?

A

SAER: Security Access Eligibility Report; used to report to DONCAF any info that might affect someone’s continued eligibility for access to SCI
i.e. Married a foreign National, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Identify the events that should be reported to the SSO

A
  • Unexplained affluence or excessive indebtedness
  • Alcohol abuse
  • Illegal or improper drug use/involvement
  • Apparent mental or emotional disorder(s)
  • Criminal conduct
  • Personal conduct
  • Non compliance with security regulations
  • Misuse of technology systems
  • Foreign influence/close and personal association with foreign nationals
  • Foreign citizenship or foreign monetary interest
  • Unofficial foreign travel
  • Sexual behavior that is criminal or reflects a lack of judgement or discretion
  • Involvement in activities or sympathetic association with persons which/who unlawfully practice or advocate overthrow or alteration of the U.S. Gov’t by unconstitutional means
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Who has overall authority of and controls access to a SCIF?

A

CO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Identify the use of the following forms:

  • SF700
  • SF701
  • SF702
  • SF703
  • SF153
  • SF312
A
  • SF700: Security container envelope; used to record safe and door lock combos
  • SF701: Activity security checklist; used at end of day to ensure classified materials are secured properly and provides for accountability. Retained for at least 90 days
  • SF702: Security container cheeksheet (container open/closure form)
  • SF703: TOP SECRET coversheet
  • SF153: COMSEC Material Report; acquisition/transfer of secure communications devices
  • SF312: Classified Information Nondisclosure Agreement (DD 1847-1 SCI Nondisclosure agreement); contractual agreement with the gov’t and a cleared employee that must be executed as a condition of access to classified info
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

When should safe combinations be changed?

A
  • When lock is initially placed
  • Person that no longer requires access knows code
  • Combination compromise
  • Combination is out of service
  • Maintenance was performed on lock
  • When designated by the CSA/SIO or owner of safe
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the responsibilities of a FDO?

A

FDO: Foreign Disclosure Official; approves disclosure to foreign representatives.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

State the purpose of the DCS?

A

Defense Courier Service; provides safe transport of sensitive/classified material

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Describe the procedures for preparing hard copy classified material for transportation via DCS and Hand carry

A

DCS: DOUBLE WRAPPED; No classification markings on outside wrapping

Hand carry: double-wrap classified info when carrying outside the command (a locked briefcase will serve)

18
Q

What are the responsibilities of the TSCO?

A

TSCO: Top Secret Control Officer; responsible for safe keeping/storage of TS material within a command

19
Q

State the THREATCON recognitions and Force Protection levels and what they represent

A
  • Alpha: General readiness (Increased general threat of possible terrorist activity)
  • Bravo: Somewhat predictable threat (Increased or more predictable threat of terrorist activity)
  • Charlie: Known terrorist threat made (Incident occurs)
  • Delta: Specific target known and declared or terrorist event has occurred (Applies to immediate area where terrorist attack has occurred)
20
Q

Explain what a RAM is

A

Random Anti-terrorism Measure: random implementation of higher FPCON measures

21
Q

What is an EAP and its purpose?

A

EAP: Emergency Action Plan; protection of classified info that minimizes risk of personal injury or loss of life

  • SCI destroyed first
  • Who destroys what and where
22
Q

How and in what order is material destroyed during Emergency Destruction?

A
  • All material/equipment shall be destroyed by any means available: burning, shredding, smashing, jettison, etc.
  • Priority 1: All cryptographic equipment and documents
  • Priority 2: All operational SCI codeword material which might divulge targets and successes, documents dealing with US SCI activities and documents, TOP SECRET material, and other sensitive material
  • Priority 3: Less sensitive SCI material and collateral material not included above (everything else)
23
Q

Define SCI

A

Sensitive Compartmented Information

24
Q

List the items prohibited in a SCIF

A
  • Personally owned photographic, video, and audio recoding equipment
  • Personally owned computers and associated media
  • Any items that pose a risk of disclosure or transport of classified information
  • Explosives and/or weapons
25
Q

Describe the difference between a security violation and a practice dangerous to security

A

Security violation: A compromise of classified information

Practice dangerous to security: A failure to comply with security regulations

26
Q

Explain the security requirements for the following:

  • SCIF
  • T-SCIF
A
  • SCIF: An accredited area where SCI may be stored/used

- T-SCIF: Accredited area used for a limited time to meet tactical, emergency, or immediate operational requirements

27
Q

Explain vault recertification and recurring inspections

A

Vault recertification and recurring inspections are conducted to ensure SCIFs are meeting ICD 705 standards

28
Q

Discuss the need for access list, required documentation logs, and two-person integrity

A

To ensure only properly authorized personnel access the classified material, annotate when documents were accessed for accountability, and to ensure material remains uncompromised during transit

29
Q

What is the DoD escort policy?

A
  • Movement of all visitors shall be controlled to ensure that access to classified info is deliberate and consistent with the purpose of the visit
  • All persons must be escorted by qualified and cleared personnel throughout their visit
30
Q

Discuss the procedures for sanitizing an area

A

Two-step process:

  • Removing data from media & removing all classified labels, markings & activity logs
  • Removing all classified material from view, so its not visible to uncleared persons
31
Q

Discuss each of the following:

  • COMSEC
  • INFORMATIONSEC
  • COMPUSEC
A
  • COMSEC: Communications Security (protecting our Communications)
  • INFORMATIONSEC: Information Security (ensuring info is not compromised)
  • COMPUSEC: Computer Security (ensuring our computers are secure)
32
Q

State the purpose of the ICD system

A

ICD: Intelligence Community Directives; The principle means by which the DNI provides guidance, policy, and direction to the IC

33
Q

Identify SSO Navy

A

Director, Security and Corporate Services (ONI-5); overseas SSO operations (for the DON)

34
Q

List the duties/responsibilities of the SSO

A

Responsible for maintaining the security of SCI material

35
Q

Who can be a CSM (Command Security Manager)?

A
  • Must be an officer or civilian employee (GS-11 or higher)
  • U.S. Citizen
  • Completed SSBI; (favorably adjudicated w/in past 5 years prior to assignment)
36
Q

What are the duties/responsibilities of the CSM?

A

Responsible for the administration of the command’s info and personnel security programs; (not related to SCI, SAPs or IT programs)

37
Q

Explain JPAS and its purpose

A

JPAS: Joint Personnel Adjudication System; Provides “real-time” information regarding clearance, access, eligibility and investigative status to authorized DoD security personnel

38
Q

Explain DONCAF and its purpose

A

DONCAF: Dept of Navy Central Adjudication Facility; Responsible for determining who in the DON is eligible to hold a security clearance, to have access to SCI, or to be assigned to sensitive duties

39
Q

State the levels of INFOCON and what they signify

A

INFOCON 1: Attacks are taking place; Computer Network Defense system is at maximum alertness
INFOCON 2: Attack has taken place but system isn’t at its highest alertness
INFOCON 3: Risk has been identified
INFOCON 4: Increased risk of attack on computer networks
INFOCON 5: no apparent hostile activity

40
Q

How long can a Commanding Officer administratively suspend access before DONCAF revokes a clearance?

A

90 days

41
Q

Discuss the security rules/procedures for magnetic and electronic media

A

Must be conspicuously marked with highest level of classification

42
Q

Why does the U.S. Navy only used “.mil” email addresses on gov’t systems

A

DoD has exclusive use of “.mil” domain to provide increased security