Protecting Assets in the NISP Flashcards

1
Q

Which of the following are foreign collection methods?

A

Requests for Information
Suspicious network activity
Seeking employment
Foreign visits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Match corresponding activities with foreign collection methods

A

Unsolicited and direct requests often submitted via email–> Requests for Information

Application to degree programs associated with cleared facilities or programs–>Academic Solicitation

Involves establishing emotional relationship with the target–>Elicitation and recruitment

May use joint ventures or research partnerships–>Academic solicitation

Exchange employees or foreign business associates–>Exchange employees or foreign business associates

Experts may receive all-expenses-paid invitations to lecture–>Conferences, conventions, and trade shows

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Match potential countermeasures with foreign collection methods

A

Conduct audits at least weekly–>suspicious network activities

Use mock-ups instead of actual equipment–>conferences, conventions, and trade shows

Brief hosts and escorts on approved procedures–>foreign visits

Share the minimum amount of information appropriate to the scope of the venture–>solicitation and seeking employment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

You decide you need three specific types of information for the training session that you are planning. Match the info that you need with source from which you can obtain information:

A

Trends related to what is targeted and methods used–>DCSA CI Directorate

Threat assessment for your current contract–>Government Contracting Activity

Identify the current national security concerns that may affect your facility–>FBI

Determine the types of crimes that are being committed at facilities close to your company–>State or local law enforcement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Countermeasures and threat reporting

A

You learn from a security bulletin that a foreign country is using university students applying for low level jobs to gain entry into companies in you industry. Who do you alert–>HR

Foreign entities stepped up attempts to purchase export-controlled tech, including tech your facility develops. Who do you alert–>Business Development

You learn of a threat from a business competitor to steal blueprints and schematics. Who do you alert?–> Engineers and/or R&D

Increase in cyber-attacks against companies in your industry Who do you alert?–>Information Technology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The purpose of CI is to ________

A

Respond to foreign intelligence entity threats

Detect foreign intelligence entity threats

Prevent foreign intelligence entity threats

CI117_V2_1.1_003

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Personnel from this group are targeted because of their access to the company’s supply chain

A

??? Manufacturing, R&D or Purchasing?

CI117_2.2_014:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

NISPOM requires all contractors to do all of teh following for CI training except what?

A

Use DCSA resources, train employees upon initial access to classified, or follow NISPOM training requirements WHICH ONE

CI117_3.3_028

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Risk management process

A

CI117_1.3_009

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Strategies for the implementation of countermeasures

A

CI117_2.2_014:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly