All Areas I Flashcards
Indicators of insider threats
- Failure to report overseas travel or contact with foreign nationals
- Seeking to gain higher clearance or expand access outside the job scope
- Engaging in classified conversations without a need to know
- Working hours inconsistent with job assignm
Elements that
should be considered in
identifying Critical Program
Information
Elements which if compromised could:
- cause significant degradation in mission effectiveness,
- shorten the expected combat-effective life of the system
- reduce technological advantage
- significantly alter program direction; or
- enable an adversa
asset, threat, vulnerability, risk, countermeasures
Elements that a
security professional should
consider when assessing and
managing risks to DoD assets
The three categories of
Special Access Programs
acquisition, intelligence, and operations and support
Three different types
of threats to classified
information
Insider Threat, Foreign Intelligence Entities (FIE) and Cybersecurity Threat
The concept of an insider threat
An employee who may represent a threat to
national security. These threats encompass potential espionage, violent acts against the Government or the nation, and unauthorized disclosure of classified information, including the vast amounts of classified da
The purpose of the
Foreign Visitor Program
To track and approve access by a foreign entity to information that is classified; and to approve access by a foreign entity to information that is unclassified, related to a U.S. Government contract, or plant visits covered by ITAR.
Special Access
Program
A program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally required for information at the same classification level.
Enhanced security requirements for protecting Special Access Program (SAP) information
Within Personnel Security:
� Access Rosters;
� Billet Structures (if required);
� Indoctrination Agreement;
� Clearance based on an appropriate investigation completed within the last 5
years;
� Individual must materially contribute to the program in addi
Responsibilities of the Government SAP Security Officer/Contractor Program
Security Officer (GSSO/
CPSO)
From Revision 1 Department of Defense Overprint to the National
Industrial Security Program Operating Manual Supplement - 1 April
2004:
� Possess a personnel clearance and Program access at least equal to
the highest level of Program classified information
The four Cognizant Security Agencies (CSAs)
Department of Defense
DoD), Director of National Intelligence (DNI), Department of Energy (DoE), and the Nuclear Regulatory Commission (NRC
Cognizant Security Agencies (CSA)s’ role in the National Industrial Security Program (NISP).
Establish an industrial security program to safeguard classified information under its
jurisdiction.
Critical Program Information
in DoD
- U.S. capability elements that contribute to the warfighter’s advantage throughout the
life cycle, which if compromised or subject
to unauthorized disclosure, decrease the advantage. - Elements or components of a Research, Development, and Acquisition
Primary authorities governing foreign disclosure of classified military information
- Arms Export Control Act
- National Security Decision Memorandum 119
- National Disclosure Policy-1
- International Traffic in Arms Regulation (ITAR)
- E.O.s 12829, 13526
- Bilateral Security Agreements
- DoD 5220.22-M, “NISPOM,
The purpose of the DD Form 254
Convey security requirements, classification guidance and provide handling procedures for classified material received and/or generated on a classified contract.
Factors for determining
whether U.S. companies are under Foreign Ownership, Control or Influence
(FOCI)
1. Record of economic and government espionage against the U.S. targets 2. Record of enforcement/engagement in unauthorized technology transfer 3. Type and sensitivity of the information that shall be accessed 4. The source, nature and extent of FOCI 5. R
The purpose and the function of the Militarily Critical Technologies List (MCTL).
- Serves as a technical reference for the development and implementation of DoD technology, security policies on international transfers of
defense-related goods, services, and technologies as administered by the Director, Defense Technology Security
Adm
Security Infraction
This event cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information
DoD Manual 5200.01, Volumes 1-4
The manual that governs the DoD Information Security Program
E.O. 13526
The executive order that governs the DoD Information Security Program
32 CFR Parts 2001 & 2003,
“Classified National Security
Information; Final Rule
The Information Security Oversight Office (ISOO) document that governs the DoD Information Security Program
Security Violation
An event that results in or could be expected to result in the loss or compromise of
classified information
Unauthorized Disclosure
Communication or physical
transfer of classified or controlled unclassified information to an unauthorized recipien
SSBI
Initial investigation for military, contractors, and civilians: � Special-Sensitive positions � Critical-Sensitive positions1 � LAA � Top Secret clearance eligibility � IT-I duties
ANACI
Initial investigation for civilians:
� Noncritical-Sensitive positions2
� Confidential and Secret clearance eligibility
� IT-II duties
NACLC
Initial National Agency Check with Law and Credit for military and contractors:
� Secret or Confidential clearance eligibility
� All military accessions and appointments
� IT-II duties
� IT-III duties (military only)
NACI
National Agency Check with Inquiries for civilians and contractors:
� Non-Sensitive positions
� Low Risk
� HSPD-12 Credentialing
NAC
The fingerprint check portion of a PSI
The purpose of due process in
Personnel Security Program (PSP)
Ensures fairness by providing the
subject the opportunity to appeal an
unfavorable adjudicative determination
The key procedures for initiating
Personnel Security Investigations (PSIs)
- Validate the need for an investigation
- Initiate e-QIP
- Review Personnel Security Questionnaire (PSQ) for completeness
- Submit electronically to OPM
DoD position sensitivity types
and their investigative requirements.
- Critical Sensitive
- Non-Critical Sensitive
- Non-Sensitive
Investigative requirement for a Critical- Sensitive position
SSBI, SSBI-PR, or PPR
Investigative requirement for a Non-Critical Sensitive position
ANACI or NACLC
Investigative requirement for a Non-Sensitive position
NACI
The term when current security clearance eligibility determination is rescinded
Revocation
The term when an initial request for security clearance eligibility is not granted
Denial
SOR
Statement of Reasons
What is the purpose of the Statement of Reasons (SOR)?
The purpose of the SOR is to provide a comprehensive and detailed written explanation of why a preliminary unfavorable adjudicative determination was made.
The 13 Adjudicative Guidelines
- Allegiance to the United States
- Foreign Influence
- Foreign Preference
- Sexual Behavior
- Personal Conduct
- Financial Considerations
- Alcohol Consumption
- Drug Involvement
- Psychological Conditions
- Criminal Conduct
- Handling Prote
Three different types of approved classified
material storage areas.
- GSA-approved storage containers
- Vaults (including modular vaults)
- Open storage area (secure rooms, to include SCIFs and bulk storage areas)
Construction requirements for vault doors
- Constructed of metal
- Hung on non-removable hinge pins or with
interlocking leaves. - Equipped with a GSA-approved combination lock.
- Emergency egress hardware (deadbolt or metal bar extending across width of door).
The purpose of intrusion detection systems
To detect unauthorized penetration into a secured area