106 Security

Question 1

What is the purpose of personnel security?

Answer 1

To authorize initial and continued access to classified information

Question 2

Define TOP SECRET and the color code to identify it

Answer 2

Could cause EXCEPTIONALLY GRAVE damage to national security / ORANGE

Question 3

Define SECRET and the color code to identify it

Answer 3

Could cause SERIOUS DAMAGE damage to national security / RED

Question 4

Define CONFIDENTIAL and the color code to identify it

Answer 4

Could cause DAMAGE to national security / BLUE

Question 5

Define UNCLASSIFIED and the color code to identify it

Answer 5

Technically not a classification level, but is used for documents that do not have a classification listed / GREEN

Question 6

Explain “Need to know”

Answer 6

Access to specific classified info in order to perform or assist in a lawful and authorized governmental function

Question 7

What type of investigation and how often is an update for access for a Top Secret/SCI needed?

Answer 7

SSBI every 5 years

Question 8

What type of investigation and how often is an update for access for a Secret clearance needed?

Answer 8

National Agency Check with Local Agency & Credit Checks (NACLC) every 10 years

Question 9

What type of investigation and how often is an update for access for a Confidential clearance needed?

Answer 9

National Agency Check with Local Agency & Credit Checks (NACLC) every 15 years

Question 10

What is a SAER and its purpose?

Answer 10

SAER: Security Access Eligibility Report; used to report to DONCAF any info that might affect someone’s continued eligibility for access to SCI
i.e. Married a foreign National, etc.

Question 11

Identify the events that should be reported to the SSO

Answer 11

• Unexplained affluence or excessive indebtedness
• Alcohol abuse
• Illegal or improper drug use/involvement
• Apparent mental or emotional disorder(s)
• Criminal conduct
• Personal conduct
• Non compliance with security regulations
• Misuse of technology systems
• Foreign influence/close and personal association with foreign nationals
• Foreign citizenship or foreign monetary interest
• Unofficial foreign travel
• Sexual behavior that is criminal or reflects a lack of judgement or discretion
• Involvement in activities or sympathetic association with persons which/who unlawfully practice or advocate overthrow or alteration of the U.S. Gov’t by unconstitutional means

Question 12

Who has overall authority of and controls access to a SCIF?

Answer 12

CO

Question 13

Identify the use of the following forms:

• SF700
• SF701
• SF702
• SF703
• SF153
• SF312

Answer 13

• SF700: Security container envelope; used to record safe and door lock combos
• SF701: Activity security checklist; used at end of day to ensure classified materials are secured properly and provides for accountability. Retained for at least 90 days
• SF702: Security container cheeksheet (container open/closure form)
• SF703: TOP SECRET coversheet
• SF153: COMSEC Material Report; acquisition/transfer of secure communications devices
• SF312: Classified Information Nondisclosure Agreement (DD 1847-1 SCI Nondisclosure agreement); contractual agreement with the gov’t and a cleared employee that must be executed as a condition of access to classified info

Question 14

When should safe combinations be changed?

Answer 14

• When lock is initially placed
• Person that no longer requires access knows code
• Combination compromise
• Combination is out of service
• Maintenance was performed on lock
• When designated by the CSA/SIO or owner of safe

Question 15

What are the responsibilities of a FDO?

Answer 15

FDO: Foreign Disclosure Official; approves disclosure to foreign representatives.

Question 16

State the purpose of the DCS?

Answer 16

Defense Courier Service; provides safe transport of sensitive/classified material

Question 17

Describe the procedures for preparing hard copy classified material for transportation via DCS and Hand carry

Answer 17

DCS: DOUBLE WRAPPED; No classification markings on outside wrapping

Hand carry: double-wrap classified info when carrying outside the command (a locked briefcase will serve)

Question 18

What are the responsibilities of the TSCO?

Answer 18

TSCO: Top Secret Control Officer; responsible for safe keeping/storage of TS material within a command

Question 19

State the THREATCON recognitions and Force Protection levels and what they represent

Answer 19

• Alpha: General readiness (Increased general threat of possible terrorist activity)
• Bravo: Somewhat predictable threat (Increased or more predictable threat of terrorist activity)
• Charlie: Known terrorist threat made (Incident occurs)
• Delta: Specific target known and declared or terrorist event has occurred (Applies to immediate area where terrorist attack has occurred)

Question 20

Explain what a RAM is

Answer 20

Random Anti-terrorism Measure: random implementation of higher FPCON measures

Question 21

What is an EAP and its purpose?

Answer 21

EAP: Emergency Action Plan; protection of classified info that minimizes risk of personal injury or loss of life

• SCI destroyed first
• Who destroys what and where

Question 22

How and in what order is material destroyed during Emergency Destruction?

Answer 22

• All material/equipment shall be destroyed by any means available: burning, shredding, smashing, jettison, etc.
• Priority 1: All cryptographic equipment and documents
• Priority 2: All operational SCI codeword material which might divulge targets and successes, documents dealing with US SCI activities and documents, TOP SECRET material, and other sensitive material
• Priority 3: Less sensitive SCI material and collateral material not included above (everything else)

Question 23

Define SCI

Answer 23

Sensitive Compartmented Information

Question 24

List the items prohibited in a SCIF

Answer 24

• Personally owned photographic, video, and audio recoding equipment
• Personally owned computers and associated media
• Any items that pose a risk of disclosure or transport of classified information
• Explosives and/or weapons

Question 25

Describe the difference between a security violation and a practice dangerous to security

Answer 25

Security violation: A compromise of classified information

Practice dangerous to security: A failure to comply with security regulations

Question 26

Explain the security requirements for the following:

• SCIF
• T-SCIF

Answer 26

• SCIF: An accredited area where SCI may be stored/used

- T-SCIF: Accredited area used for a limited time to meet tactical, emergency, or immediate operational requirements

Question 27

Explain vault recertification and recurring inspections

Answer 27

Vault recertification and recurring inspections are conducted to ensure SCIFs are meeting ICD 705 standards

Question 28

Discuss the need for access list, required documentation logs, and two-person integrity

Answer 28

To ensure only properly authorized personnel access the classified material, annotate when documents were accessed for accountability, and to ensure material remains uncompromised during transit

Question 29

What is the DoD escort policy?

Answer 29

• Movement of all visitors shall be controlled to ensure that access to classified info is deliberate and consistent with the purpose of the visit
• All persons must be escorted by qualified and cleared personnel throughout their visit

Question 30

Discuss the procedures for sanitizing an area

Answer 30

Two-step process:

• Removing data from media & removing all classified labels, markings & activity logs
• Removing all classified material from view, so its not visible to uncleared persons

Question 31

Discuss each of the following:

• COMSEC
• INFORMATIONSEC
• COMPUSEC

Answer 31

• COMSEC: Communications Security (protecting our Communications)
• INFORMATIONSEC: Information Security (ensuring info is not compromised)
• COMPUSEC: Computer Security (ensuring our computers are secure)

Question 32

State the purpose of the ICD system

Answer 32

ICD: Intelligence Community Directives; The principle means by which the DNI provides guidance, policy, and direction to the IC

Question 33

Identify SSO Navy

Answer 33

Director, Security and Corporate Services (ONI-5); overseas SSO operations (for the DON)

Question 34

List the duties/responsibilities of the SSO

Answer 34

Responsible for maintaining the security of SCI material

Question 35

Who can be a CSM (Command Security Manager)?

Answer 35

• Must be an officer or civilian employee (GS-11 or higher)
• U.S. Citizen
• Completed SSBI; (favorably adjudicated w/in past 5 years prior to assignment)

Question 36

What are the duties/responsibilities of the CSM?

Answer 36

Responsible for the administration of the command’s info and personnel security programs; (not related to SCI, SAPs or IT programs)

Question 37

Explain JPAS and its purpose

Answer 37

JPAS: Joint Personnel Adjudication System; Provides “real-time” information regarding clearance, access, eligibility and investigative status to authorized DoD security personnel

Question 38

Explain DONCAF and its purpose

Answer 38

DONCAF: Dept of Navy Central Adjudication Facility; Responsible for determining who in the DON is eligible to hold a security clearance, to have access to SCI, or to be assigned to sensitive duties

Question 39

State the levels of INFOCON and what they signify

Answer 39

INFOCON 1: Attacks are taking place; Computer Network Defense system is at maximum alertness
INFOCON 2: Attack has taken place but system isn’t at its highest alertness
INFOCON 3: Risk has been identified
INFOCON 4: Increased risk of attack on computer networks
INFOCON 5: no apparent hostile activity

Question 40

How long can a Commanding Officer administratively suspend access before DONCAF revokes a clearance?

Answer 40

90 days

Question 41

Discuss the security rules/procedures for magnetic and electronic media

Answer 41

Must be conspicuously marked with highest level of classification

Question 42

Why does the U.S. Navy only used “.mil” email addresses on gov’t systems

Answer 42

DoD has exclusive use of “.mil” domain to provide increased security