CI & Threat Awareness

Question 1

What Act did President Truman sign into law that addresses CI and created the National Security Council
and the Central Intelligence Agency?

Answer 1

The National Security Act of 1947.

Question 2

What is Counterintelligence?

Answer 2

CI is the process of:
- identifying,
- understanding,
- prioritizing, and
- counteracting foreign
intelligence threats the United States faces.

Question 3

Executive Order _______ provides the legal requirement to use all reasonable and lawful means to ensure that the United States receives the best intelligence available. CI is part of this requirement.

Answer 3

12333

Question 4

What two regulations implement Executive Order 12333?

Answer 4

DoD 5200.1-R, the Information Security Program, outlines required security education and training as well as procedures for addressing compromised classified information.
DoD 5200.2-R, the Personnel Security Program, includes requirements for continuing security education and reporting requirements.
In addition, DoD Instruction 5240.6, CI Awareness, Briefing, and Reporting Programs, provides further guidance.
Special requirements for contractors are provided in DoD 5220.22-M, the National Industrial Security Program Operating Manual (NISPOM.)

Question 5

DoD 5220.22-M covers what?

Answer 5

the National Industrial Security Program Operating Manual (NISPOM.)

Question 6

What agency provides CI support to cleared defense contractors?

Answer 6

The DSS CI Office

Question 7

True or False: Information from the DSS CI office can supplement CI support from other government agencies?

Answer 7

True

Question 8

You must protect any information, technology, or system that, if compromised, would:

Answer 8

� Significantly damage national security
� Alter program direction
� Compromise the program or system capabilities
� Shorten the expected life of the system
� Require research, development, testing, and evaluation to counter the loss’s
impact

Question 9

Technology that has both military and commercial use is called

Answer 9

dual use technology

Question 10

Which regulations cover export controlled information?

Answer 10

• International Traffic in Arms Regulations (ITAR)

- Export Administration Regulations

Question 11

Types of CI threats

Answer 11

� Insider threats
� Threats from foreign intelligence service
� Terrorist organizations
� Criminal activities
� Business competitors

Question 12

Five general categories of information collection methodologies.

Answer 12

� Human Intelligence uses people to gather information.
� Signals Intelligence involves the collection of electronic signals, including phone calls and e-mails.
� Imagery Intelligence uses satellite imagery, photographs, and other images to collect information.
� Open Source Intelligence gathers information that is legally and publically available, including information from the news media and Internet.
� Measures and Signatures Intelligence is technically derived intelligence that uses the unique characteristics of fixed and dynamic target sources.

Question 13

Six CI collection methods

Answer 13

� Unsolicited requests
� Joint ventures and research
� Cyber threats
� Visits to facilities
� Seminars, conventions, and exhibits
� Targeting insiders

Question 14

NISPOM states that contractors are required to report certain events that:

Answer 14

� Impact on the status of the facility clearance
� Impact the status of an employee’s personnel security clearance
� Affect proper safeguarding of classified information
� Indicate classified information was lost or compromised

Question 15

What four broad categories of espionage indicators need to be reported?

Answer 15

• recruitment
• information collection
• information transmittal
• suspicious behaviors

Question 16

In espionage cases, the cornerstone of the defense is often:

Answer 16

that the defendant was unaware that the stolen information was classified, export-controlled, or proprietary.

Question 17

Adversaries are interested in anything that may be used to weaken U.S. advantage. What specifically should be protected? Information, Technology, or systems that, if compromised would:

Answer 17

• significantly damage national security
• alter program direction
• compromise program or system capabilities
• shorten life span
• require RDTE to counter impact of loss

Question 18

Technology that has both military and commercial use is known as:

Answer 18

dual-use technology

Question 19

ITAR stands for:

Answer 19

International Traffic in Arms Regulations

Question 20

Five types of collection methodologies

Answer 20

• HUMINT
• SIGINT
• IMINT
• OSINT
• MASINT

Question 21

FBI resources include the Counterintelligence Strategic Partnership as well as InfraGard. Which of these two programs deals with Cyber Threats and Critical Infrastructure?

Answer 21

Infragard

Question 22

Counterintelligence Support Activities (organizations) in the DoD include:

Answer 22

• AFOSI
• INSCOM (Army Intelligence Command)
• NCIS
• DCIS (Defense Criminal Investigative Service)

Question 23

The first line against espionage for an organization is it’s _______________________

Answer 23

personnel

Question 24

Industry security reporting requirements are listed in the _____________

Answer 24

NISPOM, Section 1-302

Question 25

DoD security reporting requirements are listed in DoDI _____________

Answer 25

5240.6, CI Awareness, Briefing, and Reporting Programs (section 6.2)

Question 26

There are four broad reportable event categories. They are…

Answer 26

• Recruitment
• Information Collection (including hacking)
• Information Transmittal
• Suspicious Behaviors

Question 27

Imminent threats should be reported to _______________

Answer 27

the FBI