General Security

Question 1

Define Counterintelligence

Answer 1

Information gathered and activities conducted to identify, deceive, exploit, disrupt, or protect against espionage, other intelligence activities, sabotage, or assassinations conducted for or on behalf of foreign powers, organizations or persons, or their agents, or international terrorist organizations or activities.

Question 2

Executive Order 12333

Answer 2

Provides the legal requirement to use lawful means to ensure U.S. receives the best intelligence available

Question 3

DoDD 5240.06, Counterintelligence Awareness and Reporting (CIAR)

Answer 3

Regulation mandating the reporting of suspicious activities or potential espionage indicators

Question 4

DoDD 5205.16, Insider Threat Program

Answer 4

Regulation mandating the establishment of an insider threat program

Question 5

What are the Steps of CI Risk Management?

Answer 5

Step 1: Identify Assets

Step 2: Identify Threats

Step 3: Identify Vulnerabilities

Step 4: Assess Risk

Step 5: Develop and Apply Countermeasures

Question 6

Protect any information, technology, or system that, if compromised, would:

Answer 6

• Significantly damage national security
• Alter program direction
• Compromise the program or system capabilities
• Shorten the expected life of the system
• Require research, development, testing, and evaluation to counter the loss’s impact

Question 7

Examples of unclassified information that requires protection

Answer 7

Proprietary

Personal

Critical Program Information

Question 8

What is Militarily Critical Technology?

Answer 8

• Technology that would allow significant advances in the development, production, and use of military capabilities of potential adversaries
• DoD maintains a list of this technology
• Export is strictly controlled by the International Traffic in Arms Regulations (ITAR)

Question 9

What is Dual Use Technology?

Answer 9

• Technology that has both military and commercial use
• May be used to develop weapons and weapons of mass destruction or other military equipment.
• Export is strictly controlled and enforced under the Export Administration Regulations

Question 10

What is the greatest target of our adversaries?

Answer 10

Technology Assets

• Classified and Unclassified

Question 11

Who enforces International Traffic in Arms Regulations (ITAR)?

Answer 11

The Department of State

• Dictates that information and material pertaining to Defense and military-related technologies may not be shared with foreign persons without authorization from the Department of State or special exemption

Question 12

What is the purpose of International Traffic in Arms Regulations (ITAR)?

Answer 12

• Implements the provisions of the Arms Export Control Act (AECA)
• Controls export and import of defense-related articles and services on the U.S. Munitions List

Question 13

Who enforces Export Administration Regulations (EAR)?

Answer 13

The Department of Commerce

Question 14

What is the purpose of Export Administration Regulations (EAR)?

Answer 14

Restricts access to dual use items by countries or persons that might apply such items to uses against U.S. interests

Question 15

List 5 Threat Types

Answer 15

Insider Threats

Foreign Intelligence Service Threats

Terrorist Organizations

Criminal Activities

Business Competitors

Question 16

Name the 5 Categories of Information Collection Methodologies

Answer 16

• Human Intelligence - Uses people to gather information
• Signals Intelligence - Electronic signals, including phone calls and e-mails
• Imagery Intelligence - Satellite imagery, photographs, and other images to collect information
• Open Source Intelligence - Information that is legally and publically available, including information from the news media and Internet
• Measures and Signatures Intelligence - Technically derived intelligence that uses the unique characteristics of fixed and dynamic target sources

Question 17

Name 3 Foreign Intelligence Collection Methods

Answer 17

• Unsolicited requests
• Joint ventures and research
• Cyber threats
• Visits to facilities
• Conferences, conventions, and trade shows
• Targeting insiders

Question 18

What is the most frequently reported method of operation associated with foreign collection activity?

Answer 18

Unsolicited Requests

• Involve emailing, phoning, or mailing directly to individual U.S. individuals rather than to corporate marketing departments

Question 19

Name 4 potential indicators of an unsolicited requestor

Answer 19

• Foreign address
• Never met recipient
• Identifies self as a student or consultant
• Identifies employer as a foreign government
• States that work is being done for a foreign government or program
• Asks about a technology related to a Defense program, project, or contract
• Asks questions about Defense-related programs using acronyms specific to the program
• Insinuates the third party he/she works for is “classified” or otherwise sensitive
• Admits he/she could not get the information elsewhere because it was classified or controlled
• Advises recipient to disregard the request if it causes a security problem
• Advises recipient not to worry about security concerns
• Assures recipient that export licenses are not required or not a problem

Question 20

How should one protect against unsolicited requests?

Answer 20

• View unsolicited requests with suspicion, especially those received on the Internet
• Respond only to people who are known after verifying their identity and address
• If the requester cannot be verified, do not respond in any way and report the incident to security personnel

Question 21

What might be considered suspicious or inappropriate conduct during visits by foreigners?

Answer 21

• Requests for information outside the scope of what was approved for discussion
• Hidden agendas associated with the stated purpose of the visit
• Visitors/students requesting information and becoming irate upon denial
• Individuals bringing cameras and/or video equipment into areas where no photographs are allowed

Question 22

Examples on how to protect against unauthorized access by foreign visitors

Answer 22

Contractors may coordinate with DCSA prior to visit

• Prior to visit, brief hosts and escorts on approved procedures
• Walk visitor route and identify vulnerabilities
• Prior to the visit, notify all employees about the visit, restrictions on the visitors and the nature of the threat
• Debrief personnel in contact with visitors
• Ensure visitors do not bring recording devices, including cell phones, into the facility
• Develop a Technology Control Plan (TCP), that: - Stipulates how a company will control access to its exportcontrolled technology - Outlines the specific information authorized for release - May be required by the National Industrial Security Program Operating Manual (NISPOM) and the International Traffic in Arms Regulations (ITAR) under certain circumstances - Protects: o Classified and export-controlled information o Control access by foreign visitors o Control access by employees who are foreign persons

Question 23

During a foreign visit, restrict the following:

Answer 23

Foreign visitors request for:

• Access to a local area network (LAN)
• Unrestricted facility access
• Company personnel information
• Mailing or faxing documents written in a foreign language to a foreign embassy or foreign country

Question 24

Examples of countermeasues during foreign visits

Answer 24

• Review all documents being faxed or mailed - use a translator, when necessary
• Provide foreign representatives with stand-alone computers
• Share the minimum amount of information appropriate to the scope of the joint venture/research
• Educate employees extensively
• Handle and report elicitation
• Provide sustainment training
• Refuse to accept unnecessary foreign representatives into the facility
• Develop a TCP

Question 25

Define Actual Compromise

Answer 25

An unauthorized disclosure of information

Question 26

Define Potential Compromise

Answer 26

Possibility that compromise could exist but it is not known with certainty.

Question 27

Define Communications Security (COMSEC)

Answer 27

Protection measures designed to secure information derived from the possession or study of communications (telephonic/IT) to ensure the authenticity of such communications

Question 28

What is the DD Form 2501?

Answer 28

Courier Authorization Card

Question 29

List the 4 Identification levels of Assets and Threats

Answer 29

Critical

High

Medium

Low

Question 30

List 5 General Types of Vulnerabilities

Answer 30

Human

Operational

Information

Facility

Equipment

Question 31

List 3 Types of Countermeasures

Answer 31

Manpower

Equipment

Procedural

Question 32

List 3 Types of Countermeasures

Answer 32

Manpower

Equipment

Procedural

Question 33

OPSEC:

What question should be asked when trying to Identify Assets (Step 1)?

Answer 33

What requires protection?

Question 34

OPSEC:

What questions should be asked when Identifying Threats (Step 2)?

Answer 34

Can you identify your adversaries?

Do you know the capabilities and intentions of these adversaries?

Which of these are threats to your security program?

Question 35

OPSEC:

What questions should be asked when Identifying Vulnerabilities (Step 3)?

Answer 35

What types of weaknesses exist that create vulnerabilities?

Question 36

OPSEC:

What questions should be asked when Assessing Risk (Step 4)?

Answer 36

What is the impact of your assets being compromised?

What is the worst that could happen?

Question 37

OPSEC:

What question should be asked when Developing and Applying Countermeasures (Step 5)?

Answer 37

What countermeasures can I develop and apply to mitigate concerns?