General Questions II Flashcards
Identify the four Cognizant Security Agencies (CSAs) and describe their role in the National Industrial Security Program (NISP).
The four CSAs are:
� Department of Defense (DoD)
� Director of National Intelligence (DNI)
� Department of Energy (DoE)
� Nuclear Regulatory Commission (NRC).
Each establish an industrial security program to safeguard classified information under its jurisdiction.
What is the definition of Critical Program Information in DoD?
� U.S. capability elements that contribute to the warfighter’s advantage throughout the life cycle, which if compromised or subject to unauthorized disclosure, decrease the advantage.
� Elements or components of a Research, Development, and Acquisition (RDA) program that, if compromised, could cause significant degradation in mission effectiveness; shorten the expected combat-effective life of the system; reduce technological advantage; significantly alter program direction; or enable an adversary to defeat, counter, copy, or reverse engineer the technology or capability.
List three primary authorities governing foreign disclosure of classified military information.
� Arms Export Control Act
� National Security Decision Memorandum 119
� National Disclosure Policy-1
� International Tra c in Arms Regulation (ITAR)
� E.O.s 12829, 13526
� Bilateral Security Agreements
� DoD 5220.22-M, “NISPOM,
Briefly describe the purpose of the DD Form 254.
Convey security requirements, classification guidance and provide handling procedures for classified material received and/or generated on a classified contract.
List three factors for determining whether U.S. companies are under Foreign Ownership, Control or Influence (FOCI).
� Record of economic and government espionage against the U.S. targets
� Record of enforcement/engagement in unauthorized technology transfer
� Type and sensitivity of the information that shall be accessed
� The source, nature and extent of FOCI
� Record of compliance with pertinent U.S. laws, regulations and contracts
� Nature of bilateral & multilateral security & information exchange agreements
� Ownership or control, in whole or part, by a foreign government
Define the purpose and the function of the Militarily Critical Technologies List (MCTL).
� Serves as a technical reference for the development and implementation of DoD technology, security policies on international transfers of defense-related goods, services, and technologies as administered by the Director, Defense Technology Security Administration (DTSA).
� Formulation of export control proposals and export license review
List the three main policies that govern the DoD Information Security Program.
� E.O. 13526
� Information Security Oversight Office (ISOO)
32 CFR Parts 2001 & 2003, “Classified National Security Information; Final Rule”
� DoD Manual 5200.01, Volumes 1-4
What must an “authorized person” have before being granted access to classified information?
Have:
� Favorable determination of eligibility for access
� A need to know the information
� Signed SF 312 Nondisclosure Agreement
List three classification duration options for originally classified information.
� Date or event that is: � Less than 10 years � At 10 years � Up to 25 years � 50X1-HUM (with no date or event) � 50X2-WMD (with no date or event) � 25X (with a date or event)
List three authorized sources of security classification guidance that could be used in the derivative classification process.
� Security Classi cation Guide
� Properly Marked Source Document
� Contract Security Classification Specification (DD254)
Define derivative classification.
Incorporating, paraphrasing, restating, or generating in new form information that is already classified and marking the newly developed material consistent with the markings that apply to the source information.
Define the difference between a security infraction and a security violation.
An infraction cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information;
whereas a violation does result in or could be expected to result in the loss or compromise of classified information.
Define unauthorized disclosure.
Communication or physical transfer of classified or controlled unclassified information to an unauthorized recipient.
List three types of initial personnel security investigations and to whom they apply.
� SSBI: Military, Civilian, Contractor
� ANACI: Civilian
� NACLC: Military and Contractor
� NACI: Civilian and Contractor
Describe the purpose of due process in Personnel Security Program (PSP).
Ensures fairness by providing the subject the opportunity to appeal an unfavorable adjudicative determination.
List the key procedures for initiating Personnel Security Investigations (PSIs).
� Validate the need for an investigation
� Initiate e-QIP
� Review SF86 for completeness
� Submit electronically to OPM
List three DoD position sensitivity types and their investigative requirements.
� Critical Sensitive: SSBI, SSBI-PR, PPR
� Non-Critical Sensitive: ANACI, NACLC
� Nonsensitive: NACI