Chapter 19 Flashcards
Why does OPSEC identify, analyze and control critical information indicating friendly actions, whether military operations or other activities
Identify actions that can be observed by adversary intelligence systems
Determine what indicators could be used to derive critical information useful to adversaries
Eliminate the vulnerabilities of friendly actions to adversary exploitation
Closely integrate and synchronize with other influence operations capabilities
_____ must be closely integrated and synchronized with other influence operations capabilities and all aspects of the protect operations
OPSEC
OPSEC is not a collection of specific rules and instructions applicable to every operation T/F
True
What is OPSEC purpose
To eliminate or reduce adversary collection and exploitation of critical information
OPSEC applies to all activities that prepare, sustain or employ forces during which phases of operations
All phases
Why should CC and other decision makers apply OPSEC analysis to the planning, preparation, execution and post execution phases of any operation or activity from the earliest stages of planning
To enhance operational effectiveness
OPSEC analysis helps decision makers weigh the ___ they will accept in specific operational circumstances
Risks
In what four situations are AF forces vulnerable to observation
At peacetime bases and locations
In training or exercises
While moving
When deployed during actual operations
Why is OPSEC incorporated into day to day operations
To ensure a seamless transition to contingency operations
What five distinct steps constitute the OPSEC process
Identify Critical information Analyze threats Analyze vulnerabilities Assess risk Apply appropriate OPSEC measures
What five basic characteristics of OPSEC indicators make them potentially valuable to an adversary
Signatures Associations Profiles Contrasts Exposure
Who is personally and individually responsible for protecting classified information and controlled unclassified Information under their custody and control
All personnel in the AF
Information is only classified to protect
National Security
What are the three levels of classified information
Top secret
Secret
Confidential
By what tow ways may information be classified
Original or derivative classification
Information classified as ___ can cause exceptionally grave damage to national security if it is disclosed
Top secret
Information classifieds as ____ can cause serious damage to national security if it is disclosed
Secret
Information classified as ___ can cause damage to national security if it is disclosed
Confidential
_____ classification is the initial decision by an original classification authority that an item of information could reasonably be expected to cause identifiable or describable damage to the national security subjected to unauthorized disclosure and requires protection in the interest of national security
Original Classification
Who may originally classify information
Only official who are designated in writing
The AF handles its classified information and Controlled Unclassified Information according to AF specific polices T/F
False
What documents provide guidance for managing classified information and controlled unclassified information
DoDM 5200.01 Volumes 1 and 4
DoDM 5200.01 Volumes 2 and 3
AFI 31-401
All cleared DoD personnel are authorized to derivatively classify information provided they have received initial training before making derivative classification decision and a refresher at least once every ___ years
Two
When is information derivatively classified
When it is incorporated, paraphrased, restated or generated in a new form or document
Photocopying, mechanically or electronically reproducing classified material is not derivative classification T/F
True
What is one of the most important respoiinsiblites of a derivative classifier
To observe and respect the classification determinations made by an original classification authority
How should all classified information be clearly identified
By marking, designation or electronic labeling
What are the purposes of marking on classified material
Alert holders to the presence of classified information
Identify the exact information needing protection
Indicate the assigned classification level
Provide any guidance on downgrading and declassification
Give information on the sources and reason for classification
Warn of special access, control or safeguarding requirements
Every classified document must be marked to show the ___ classification of information it contains
Highest
What are the three most common markings on a classified document
Banner lines
Portion marks
Classification authority block
Where are the banner lines placed on a classified document
at the top and bottom of the first page and if applicable on the front cover, title page and outside back cover or last page
What are the three most common portion marks unused on a classified document
TS - Top Secret
S Secret
C Confidential
Where is the classification authority block located on a classified document
On the face of each classified US document unless otherwise stated in DoDM 5200.01 Volumes 1-4
What are the two types of classification authority blocks for classified documents
Original classification and derivative classification
What lines appear in an original classification authority block on a classified document
Classified by
Reason
Downgrade to
Declassify on
What lines appear in a derivative classification authority block on a classified document
Classified by
Derived from
Downgrade to
D3eclassify on
What should you do if there is substantial evidence that a document has been classified erroneously
Submit challenges of classification to your security manager or the classifier of the information
Who is responsible for taking proper precautions to ensure that unauthorized persons do not gain access to classified information
Everyone who works with it
Classified information must be protected at all times by doing what
Storing it using approved means or having it under the personal observation and control of an authorized individual
What must a person have before gaining access to classified information
A security clearance
A signed Standard form 312
A need to know
Classified material must be kept under ___ surveillance by authorized persons cone removed from storage
Constant
What are the three forms used to cover classified information outside of storage
SF 703 - TS
SF 704 - S
SF 705 - C
What form is used to record end of day security checks of classified material
SF 701
What must you do if you find classified material out of proper control
Take custody of and safeguard the material
Immediately notify your commander, supervisor or security manager
What should you do if classified information appears in the public media or you are approached by a media representative
Be carful not to make any statement or comment that confirms its accuracy or verifies the information
What sanctions are DoD military and civilian personnel subject to if they knowingly, willfully or negligently disclose classified information to unauthorized persons
Sanctions include Warning, reprimand, suspension without pay, forfeiture of pay, removal, discharge, loss or denial of access to classified information , removal of classification authority, and actions taken under the UCM and under applicable criminal laws
Who is responsible for determining at origination whether the information may qualify for Controlled Unclassified Information status
The originator of a document
What is the most commonly used Controlled Unclassified Information Category
FOUO
FOUO is a ____ control applied by the DoD to unclassified information when disclosure to the public of that particular record, or portion thereof, would reasonably be expected to cause foreseeable harm to an interest protected by one or more the freedom of information Act exception 2 through 9
Dissemination
When may a person access information designated as FOUO
If he or she has a valid need for access in connection with the accomplishment of a lawful and authorized government purpose
With whom rests the final reasonability for determining whether an individual has a valid need for access to information designated for official us Only status
The individual who has authorized possession , knowledge or control of the information
During work hours, how should For official Use information be stored
Reasonable steps shall be taken to minimize the risk of access by authorized person
If a building is provided security by government or government contract personnel, where should for official Use only Info be stored after working hours
Unlocked containers, desks or cabinets
What program determines the reliability, trustworthiness, good conduct and character of individuals before they have access to classified information or are assigned to sensitive duties
The personnel Security Program
Once you receive a security clearance, are you subject to continual assessment of trustworthiness
Yes
Who grants denies and revokes security clearance eligibility
The DoD Central Adjudication Faculty
Personnel security clearances are recorded within what system
The Joint Personnel Adjudication System (JPAS)
What is the AF policy on industrial security
To specify in its classified contracts government information and sensitive resources that must be protected against compromise or loss while entrusted to industry
Which AFI assigns functional responsibilities and establishes a system of review that identifies outdated inappropriate and unnecessary contractual security requirements
AFI 31-601
To whom do the industrial security policies, requirements and procedures identified in AFI 31-601 apply
AF personnel and on base DoD contractors performing services under the terms of a properly executed contract and associated security agreement or similar document, as determined appropriate by the installation commander
What does the AF integrated Defense Program use to mitigate potential risks and defeat adversary threats within the Base Boundary and Base Security Zone
Multidisciplinary active, passive, offensive and defensive capabilities
Why is it critical to integrate the AF integrated Defense Program with other AF capabilities
To achieve synergistic effects using an all hazards approach
Name eight threats and hazards that the AF integrated Defense program protects against
Terrorist Insiders Criminals Foreign Intelligence and Security Services Chemical, Biological, Radiological, Nuclear and high Yield Explosive attacks Natural and man made disasters Major accidents Releases of hazardous materials Toxic Industrial materials or chemicals
Integrated Defense is a fundamental battle competency T/F
True
The teaming of Integrated Defense forces creates a united, seamless defense stronger than the defensive efforts of individuals or individual units. What does this ensure
That all AMN are trained to defend themselves and integrate into defense operations while in garrison or deployed
Describe the four step process installation commanders use to implement integrated defense operations
Determine and prioritize installation assets
Analyze threats and the operating environment
Assess installation vulnerabilities
Make prudent ID decisions base on risk estimates
Why is the Integrated Defense Risk Management Process (IDRMP) critical
It allows the Installation commander to make the best use of limited resources and personnel to achieve the integrated Defines mission
The goal of Integrated Defense is to ____ security threats throughout the base boundary to ensure unhindered AF operations
Neutralize
through integrated defense, commanders must minimize mission degradation from threat activity within the base boundary. what else must they do
Coordinate necessary security operations support within the Base Security Zone
Minimize injury and loss of life from threat activity
Protect government property and personnel
Who’s coordinated effort is required to provide a seamless progression of protection programs to protect and defend an Air Base
Emergency Management, Antiterrorism and other mission support function forces under the force protection umbrella
The Base boundary is not necessarily the base perimeter. Upon what factors is the BB established
Mission, Enemy, Terrain and weather, troops and support available time available, Civil considerations
While the Base boundary may not necessarily coincide with the fenced perimeter, property lines or legal boundaries the Defense Force commander will strictly adhere to legal, jurisdictional and host nation constraints, Commanders intent and higher echelon orders and directives when conducting operations T/F
True
What AF specific concept and term is used to describe the area of concern around an Air Base and to support the establishment and adjustment of the Base Boundary
Base Security Zone
The base security Zone is the area outside the base perimeter from which a threat can launch an attack using ____ threats against personnel, resources or air craft approaching departing
Standoff Threats
The installation commander should identify the Base Security zone. With whom should they coordinate via the operational chain of command for the BSZ to be identified as the base boundary
Local, state and federal agencies in the CONUS or host nation or area commander OCONUS
What is the installation commander reasonable for if the base Boundary does not include all the base security Zone Terrain
Mitigating through local, state and federal agencies in the Conus or host nation or area commander Oconus, or accepting the risks of enemy attack
what will vary in the Integrate Defense continuum from peacetime to wartime, regardless of the location of our installations
Threats
That base se4curity zone and the base boundary are always the same T/F
False
Who should coordinate with local, state and federal agencies in the CONUS or host nation or area commander OCONOUS to conduct base defense tasks in the terrain outside the Base Boundary, but within the Base Security Zone
The Def3ense force commander (DFC)
If forces/agencies are not available to coordinate base defense tasks within the Base Security Zone, who would the Defense Force commander coordinate with
The appropriate area commander via their operational chain of command
Who should exercise TACON over defense forces operating outside the base boundary
The appropriate Area of Operations Commander
Joint and coalition forces entering the Base Boundary should inform the Area of Operations commander before entering, and monitor the base defense Operations Center communication net while operating in the area T/F
False
The Base Defense Operations Center is the command and control center for ____ operations during routine and emergency operations
Integrated Defense Operations
At all location, home station and deployed the ___ performs the functions of central security control, law enforcement desk or other security forces control centers
Base Defense Operations Center (BDOC)
What are the nine desired effects of integrated defense
Anticipate Deter Detect Assess Warn Defeat Delay Defend Recover
How do commanders achieve the Integrated Defense effect of anticipation
Through intelligence analysis
_____ is an integrated Defense effect achieved through professionally and persistently executing security Tactics, Techniques and procedures
Deter
Commanders achieve the Integrated Defense effect of detect using a variety of ___ processes and observation technologies
Screening
To achieve the integrated Defense effect of assess, commanders ensure all AF personnel are cognizant, ready and aware, and understand threat tactics, techniques and procedures T/F
True
How do commanders achieve the Integrated Defense effect of warn
Through standardized, reliable communications among and between units and personnel
Commanders achieve the integrated defense effect of ___ by applying a multitude of relevant force applications to the threat
Defeat
____ is an integrated Defense effect achieved by deliberately layering defensive applications to progressively weaken or hinder the enemy’s efforts
Delay
How do commanders achieve the integrated Defense effect of defend
Through the coordinated and synchronized for application of all Airmen’s untied efforts against the enemy
_____ is an integrated defense effect achieve suing prudent logistics and consequence management planning
Recover
the nine integrated Defense effects utilize innovative and reliable tactics, techniques and procedures based on what
Integrated Defense Risk Management Process and analysis
the ___ is an action group in which the security forces staff S-2 function coordinates with SME from the intelligence and OSI communities to collaborate and conduct intelligence Preparation of the Operational Environment
Intelligence Fusion Cell
What is the goal of the Intelligence Fusion Cell
To leverage information and intelligence to support timely identification of indicators and warnings of emerging localize threats
Who does the Intelligence Fusion Cell and its products directly support in making immediate, proactive decisions for integrated dense planning by providing information
The Defense force commander (DFC)
In relation to integrated Defense desired effects it is preferred to ____ a threat, but if that doesn’t succeed the next ideal effect would be to ___ the threat
Deter, Detect
Immediate retaliation by forces occurs when a threat has been detected T/F
False
What actions do friendly forces take when a threat cant be eliminated or defeated
The threat must be delayed
Defensive measures must be taken to mitigate the effects of the threat if unable to delay. ___ actions are then implemented to consolidate and reorganize friendly forces and restore operations
Recovery Actions
Intelligence preparation of the Operation Environment (IPOE) is an analytical mythology that provides predictive intelligence to warfighters fro what purpose
Planning and executing operations
Intelligence Preparation of the Operational Environment (IPOE) supports operational decisions by providing analyzed information regarding a threat and environment, achieving the Integrated Defense desired effect of ____
Anticipate
Intelligence Preparation of the Operational environment enables the commander to visuals the spectrum of friendly and adversarial capabilities, weaknesses and what else
How they are affected by environmental factors and the logical predictions of the most likely and most dangerous Enemy Course of Action (ECOA)
What re the four continuous parts of the Intelligence Preparation of the operation Environment process
Define the operating environment
Describe the operating environments effects
Evaluate the enemy
Determine Enemy course of Action
The first part in the intelligent preparation of the Operational Environment process is comprised of comprehensive lists, dispositions and capabilities of forces that contribute to installation security and are available during enemy surges. What else does it consist of
Background data on the operating environment, including history, demographics, socioeconomic data, religious groups, terrain, weather, etc..
What should be included in Part 1 of the Intelligence preparation of the operational environment process for later consideration during war gaming conduct in IPOE part 4
Incident and emergency response plans
In part 2 of the Intelligence Preparation of the Operational Environment process, the collected data is analyzed and the factors affecting operations, equipment and personnel are described. Use color coded ___ charts when possible
Stoplight charts
Historical data, existing intelligence analyses and other reports about adversaries operating in the geographic area of concern are collected ruin part 3 of the intelligence preparation of the Operation environment process. What must be considered about each specific group or adversary
Their capabilities and weaknesses without assuming that all enemy forces collaborate and the effects of the operating environment
In part 4 of the Intelligence Preparation of the operational environment process, establish a prediction of the most likely and most dangerous ECOA and then establish COA through a process of wargameing
Friendly
To whom does the Integrated Defense Risk Management Process provide the ability to produce effects based Integrated Defense Plans by using a standardized model to identify risks and develop risk management strategies
Installation Commanders, integrated Defense Working Groups, defense force commanders and defense planners
The integrated Defense Risk management process identifies at risk assets and aids the ___ in generating the critically assessment and the risk assessment products
Integrated Defense Working Groups
What is an Integrated Defense Risk Management Process risk reduction decisions based upon
A clear understanding of what is important, the estimated threat and how the asset might be damaged or destroyed
The integrated Defense Risk Management Process analyzes an installations defense capabilities and provides options to mitigate security risks. What are some 3exmaples of these options
Additional Tactics, Techniques and procedures, facility hardening and technology insertion
What are the four main integrated defense risk management process components influenced by the evolving situation monitored through the intelligence preparation of the operational environment cycle
Risk Assessment
Risk Tolerance decision
Course of Action determination
Decision and implementation
The four components of the Integrated Defense Risk Management Process are performed in seven steps . name them.
- Develop the critically assessment
2 & 3. Develop the Threat Assessment and Vulnerability Assessment - Develop the Risk assessment
- Risk tolerance Decision
- Present Countermeasure courses of action
- Decision and Implementation
What is accomplished in step 1 of the Integrated Defenses Risk Management Process (IDRMP)
The critically Assessment identifies assets worthy of protection whose loss or damage would have a negative impact on the mission
What types of criteria are fundamental to the evaluation in Step 1 of the Integrated Defense Risk Management Process
Mission criticality, impact on national defense, irreplaceability, monetary value and relative or intrinsic value
During which step of the Integrated Defense Risk Management Process are threat assessments and Vulnerability assessments developed
Steps 2 and 3
Information is required about the operational capability, intentions, activity, operating environment and history to know if adversaries pose a threat. What are some examples of adversaries and their tactics
Hackers, terrorist, criminal and protesters
_____ are weaknesses that can be exploited by an adversary because of inadequate security, lax or complacent personnel trends, vulnerable software or hardware and insufficient security polices or procedures
Vulnerabilities
Identification and evaluation of existing threats and vulnerabilities may be supplemented with other documents, such as AT vulnerability assessment. When are these threats identified
During Parts 1 through 3 of the Intelligence Preparation of the operational Environment process
During which step of the Integrated Defense Risk Management Process is the Risk assessment developed
Step 4
What equation issued to determine quantitative measurement of risk in step 4 of the integrated Defense Risk Management Process
Risk = Asset critically multiplied by
If Information required to assess risks is defined in Step 5 of the Integrated Defense Risk Management Process what should be developed or modified to guide the intelligence community’s collection efforts
A command critical intelligence requirement
In todays resource constrained environment, some risks must be accepted T/F
True
Why are some risks intolerable during Step 5 of the Integrated Defense Risk Management Process
Due to their frequency or severity of consequences
In step 5 of the Integrated Defense Risk Management Process, the installation commanders intent for ____ will define the level of tolerance
Integrated Defense
During which step of the Integrated Def3ensee Risk management process will the integrated defense Working Groups develop countermeasure Courses of Action to remove or mitigate vulnerabilities and reduce unacceptable risks
Step 6
An estimate of risk deduction can be prepared, alone with showing the costs associated with ____ implementation during step 6 of the Integrated Defense Risk Management Process
Course of Action Implementation
What is the most important step in the integrated defense risk management process
Step 7 - Decision and Implementation
What will the installation commander do during step 7 of the Integrated Defense Risk management process
they will select the course of Action that will reduce risks to tolerable levels and direct resources to implement the decision
What is closely tied with Step 7 in the Integrated Defense Risk Management Process
Continuous Assessment
What can decision makers do during step 7 of the Integrated Defense Risk management process by immediately identifying changes to their installations critical assets threats and vulnerabilities
Continually refine the installations risk posture
Integrated defense provides flexible planning and execution opportunities that allow owners or users of Protection Level 1, Protection Level 2, protection Level 3 and protection level 4 assets to become actively involved in what
The defense of their areas
The integrated defense risk management process provides a more precise understanding of how the three risk factors of threat, vulnerability and asset critically relate to each other. Why should commander understand these relationships
It will assist in mitigating, accepting and reducing risks
Operationalize ____ to maintain optimal situational awareness through the base boundary and base security zone by developing a robust intelligence information collaboration, analysis and fusion capability
Force Protection Intelligence
What protection level is assigned to resources who’s los, theft, destruction, misuse or compromise would result in great harm to US strategic capability
PL 1
Give examples of PL 1 resources
Nuclear weapons in storage, mated to a delivery system or in transit, designated Command control and communication facilities, Aircraft designated to transport the President of the US
Which protection level provides maximum means to detect, intercept and defeat a hostel force before it is able to seize, damage or destroy resources
PL1
Which protection level is assigned to resources whose loss, theft, destruction, misuse or compromise would cause significant harm to US war fighting capability
PL 2
Give examples of PL2 Resources
Nonnuclear alert forces, designated space and launch systems, expensive, few in number or one of a kind systems or facilities, and intelligence gather systems
What protection level is assigned to resources who’s loss, theft, destruction, misuse or compromise would damage US war fighting capability
PL3
Give examples of PL3 resources
Non alert resources that can be generated to alert status such as F-16 , selected Command, Control and communications facilities, systems and equipment and non launch critical or non unique space launch system
Which protection level is assigned to resources that do not meet the definitions of the other levels
PL 4
Give examples of PL4 resources
Facilities storing Cat I, II, or III sensitive conventional A A and E, fuels and liquid oxygen storage areas and AF accounting and finance vault areas
How are PL 4 resources secured
By containing them in controlled areas patrolled by armed security forces
Who is responsible for providing physical protection for PL 4 resources
Unit commanders