Yeoman Chapter 6 Security Flashcards
Define the role of the Department of the Navy Information Security Program Manual.
The Department of the Navy Information Security Program (ISP) Manual, SECNAV M-5510.36, provides the basis for the Navy’s program for safeguarding classified information, outlining procedures and requirements.
How does the Navy ensure the safeguarding of classified information?
The Navy ensures the safeguarding of classified information through established policies and procedures, as well as the adherence to guidelines set forth in the ISP and Personnel Security Program manuals.
List the key individuals involved in the Navy’s security program.
Key individuals involved in the Navy’s security program include the Department of Defense (DoD), Secretary of the Navy (SECNAV), Chief of Naval Operations (CNO), Commanding Officer (CO), command security manager, and the individual personnel with access to classified material.
What are the responsibilities of individuals with access to classified information?
Individuals with access to classified information are responsible for following established policies to protect that information and ensuring it does not fall into the wrong hands.
How should a Yeoman (YN) engage with the Navy’s security program?
As a Yeoman (YN), one must be directly involved in the security program and be aware of the regulations in the security instructions to effectively safeguard classified information.
What is the significance of the DON Personnel Security Program Manual?
The DON Personnel Security Program (PSP) Manual, SECNAV M-5510.30, provides essential procedures and requirements for personnel security actions within the Navy.
Explain the importance of reporting changes in personal circumstances for personnel with classified access.
Personnel with classified access must report changes in financial status, foreign contacts, disciplinary actions, foreign travel, marital status, and name changes to maintain security and mitigate risks.
What techniques should personnel be familiar with to protect classified information?
Personnel should be familiar with techniques and devices used by foreign agencies to obtain classified U.S. information to better protect against espionage.
Advise on the means of transmitting classified material.
Personnel are advised against using non-secure means of transmitting or discussing classified material to prevent unauthorized access.
What is the significance of the Department of the Navy Security Classification Guides?
The Department of the Navy Security Classification Guides outline the procedures for proper classification, upgrading, downgrading, and declassification of information, ensuring consistent security practices.
How does the Navy Security Program educate personnel about their security responsibilities?
The Navy Security Program educates personnel through security orientation, training, and reminders about their responsibilities to protect classified information and comply with security measures.
Describe the responsibility of the SECNAV regarding the DON ISP and PSP.
The SECNAV is responsible for establishing and maintaining the Department of the Navy Information Security Program (DON ISP) and Personnel Security Program (PSP) in compliance with various security directives.
How does the Special Assistant for Naval Investigative Matters and Security contribute to security compliance?
The Special Assistant for Naval Investigative Matters and Security (CNO N09N2) ensures an effective program that complies with all directives issued by higher authority.
Define the role of the Director of Naval Intelligence (DNI) within the DON.
The DNI is the Head of the Intelligence Community Element for the Department of the Navy and is responsible for promulgating policies and procedures for the security, use, and dissemination of Sensitive Compartmented Information (SCI).
What is the responsibility of the Office of Naval Intelligence (ONI) regarding the DON SCI Security Program?
The ONI has been delegated management oversight for the DON SCI Security Program by the Director of Naval Intelligence (DNI).
How does the Director, DoD Consolidated Adjudications Facility (CAF) support personnel security?
The Director, DoD CAF is responsible for adjudicating information from personnel security investigations to determine eligibility for access to classified information and sensitive national security positions.
What is the role of the CO in safeguarding classified material?
The CO is responsible for the proper indoctrination and debriefing of personnel in safeguarding classified material.
As a YN, what is your responsibility regarding personnel security?
As a YN, you are responsible for the proper indoctrination and debriefing of personnel under your supervision, ensuring they are aware of regulations and comply with security policies.
Explain the importance of strict compliance with security regulations.
Strict compliance with security regulations is crucial to ensure the protection of classified information and the integrity of national security operations.
What authority does the Special Security Officer (SSO) Navy hold in the context of SCI security?
The Special Security Officer (SSO) Navy is designated as the Cognizant Security Authority (CSA) responsible for implementing SCI security policies and procedures.
How does the Director, DoD CAF assist DON commands?
The Director, DoD CAF assists DON commands with queries regarding the status of personnel security investigations and issues Letters of Intent (LOI) and Letters of Notification (LON).
Describe the role of a security manager in the Navy and Marine Corps.
The security manager is responsible for managing the command’s security program, ensuring effective communication with the Commanding Officer (CO), and overseeing the handling of classified information.
How must a command designate a security manager?
A command must designate a security manager in writing and forward a copy of the designation letter to the Chief of Naval Operations (CNO) at N09N2.
Define the eligibility criteria for a security manager in the Navy and Marine Corps.
The security manager must be a U.S. citizen, a commissioned officer or a civilian employee at GS-11 or above, and must have undergone a favorably adjudicated Single Scope Background Investigation (SSBI) within the last five years.
What is the preferred method for sending the security manager’s designation letter?
If practical, the command should scan the designation letter and send it via email to navysecurity@ncis.navy.mil, including the Unit Identification Code and return e-mail address.
Explain the possible employment status of a security manager.
A security manager may be assigned as full-time, part-time, or as a collateral duty.
What must Marine Corps commands do with the designation letter for the security manager?
Marine Corps commands will forward the designation letter via Headquarters, Marine Corps (ARS).
How does the security manager interact with the Commanding Officer (CO)?
The security manager has direct access to the CO to ensure effective management of the command’s security program.
What is the significance of the Single Scope Background Investigation (SSBI) for a security manager?
The SSBI is crucial as it ensures that the security manager has been favorably adjudicated, confirming their reliability and trustworthiness to handle classified information.
Describe the role of the security manager in a command.
The security manager is key in developing and administering the command’s Information Security Program (ISP) and Personnel Security Program (PSP), serving as the principal advisor on information and personnel security, and is responsible to the Commanding Officer (CO) for security program management.
How should the security manager be identified within the command?
The command must designate the security manager by name and identify him or her to all members of the command on organization charts, telephone listings, rosters, etc.
Define the reporting structure for the security manager according to SORM.
The Standard Organization and Regulations of the U.S. Navy (SORM) recommends that the security manager report to the Commanding Officer (CO) for functional security matters and to the Executive Officer (XO) for administrative matters.
What training is required for Commanding Officers regarding security managers?
Commanding Officers (COs) are required to obtain formal training for their security managers, which can be satisfied by the Naval Security Manager Course offered by the Deputy Under Secretary of the Navy.
How does the security manager ensure the security program is effective?
The security manager must be cognizant of the command’s security functions and ensure the security program is coordinated and inclusive of all requirements.
List some key duties of the security manager.
Key duties include serving as the CO’s advisor on classified information security, developing written command ISP and PSP procedures, formulating security awareness programs, ensuring security control of visits, and vetting personnel handling classified information.
What is the purpose of the Emergency Action Plan (EAP) developed by the security manager?
The Emergency Action Plan (EAP) integrates emergency destruction bills where required and is part of the written command ISP and PSP procedures.
How does the security manager handle visits to the command?
The security manager ensures security control of visits to and from the command when an authorized visitor requires access to classified information.
What is the security manager’s responsibility regarding personnel handling classified information?
The security manager is responsible for ensuring that all personnel who will handle classified information or be assigned to sensitive duties are appropriately vetted through coordination with the DoD Central Adjudication Facility (CAF) and proper submission of requests.
Explain the importance of the security manager’s role in personnel security.
The security manager serves as the direct representative of the CO in matters pertaining to the eligibility of personnel to access classified information and to be assigned to sensitive duties.
Describe the process for ensuring access to classified information.
Access to classified information is limited to individuals who are eligible and have a ‘need-to-know’ basis.
How is personnel security information recorded and managed?
Personnel security investigations, clearances, and accesses are recorded in the Defense Information System for Security (DISS) and subordinate commands are registered as necessary.
Define the role of continuous evaluation in personnel security.
Continuous evaluation assesses the ongoing eligibility of personnel for access to classified information or sensitive duties.
What is the importance of liaising with the command SSO/SSA?
Maintaining liaison with the command SSO/Special Security Assistant is crucial for ensuring compliance with information and personnel security policies and procedures.
How does the command Information Assurance Manager (IAM) contribute to security?
The IAM coordinates with the command on matters of common concern related to information assurance and security.
What must personnel complete when separating or retiring after accessing classified information?
Personnel must complete a Security Termination Statement (OPNAV 5511/14) before separating or retiring.
Where should the original Security Termination Statement be filed?
The original Security Termination Statement should be filed in the individual’s Electronic Service Record (ESR) or Official Military Personnel Folder (OMPF), with a copy in the command files.
What agreement must personnel execute before gaining access to classified information?
All personnel must execute a Classified Information Nondisclosure Agreement (SF 312) prior to being granted initial access to classified information.
How is the execution of the SF 312 documented?
The execution of the SF 312 is recorded in DISS.
What is the procedure for submitting the original Security Termination Statement in Marine Corps commands?
Marine Corps commands must submit the original Security Termination Statement to the Commandant of the Marine Corps (MMSB-20).
Describe the role of the Special Security Officer (SSO) in the Department of the Navy (DON).
The SSO is the principal advisor to the Commanding Officer (CO) on the Sensitive Compartmented Information (SCI) security program and is responsible for the management and administration of the SCI program.
How does the SSO contribute to the SCI security program?
The SSO oversees the operation and management of the SCI security program, ensuring compliance with relevant regulations and guidelines.
Define the responsibilities of the SSO as outlined in the Sensitive Compartmented Information Administrative Security Manual.
The responsibilities of the SSO include managing and administering the SCI program, as detailed in DoDM 5105.21-V1.
Describe the role of the SSO in relation to SCIF.
The SSO supervises the operation of the special security office and administers the SCI security program, ensuring oversight for local SCIFs and maintaining compliance with applicable directives and regulations.
Define the eligibility requirements for the SSO position.
The SSO must be a U.S. citizen, either a commissioned officer or a civilian employee (GS-9 or above), and must meet the standards outlined in Intelligence Community Directive (ICD) 704.
How does the SSO interact with the security manager?
The SSO administers the SCI program independently but must cooperate and coordinate with the security manager on personnel security matters, sharing information about clearance and access changes.
What are the responsibilities of the SSO regarding SCI dissemination?
The SSO ensures that SCI is disseminated only to personnel authorized access and having an established ‘need-to-know’.
Explain the importance of maintaining the Defense Information Security System (DISS).
The SSO is responsible for maintaining the DISS to accurately reflect all personnel under their cognizance, which is crucial for tracking clearance and access.
What must the security manager do in relation to the SSO’s activities?
The security manager must account for all clearance and access determinations made on command members and keep the SSO informed of any changes affecting eligibility.
List some duties of the SSO.
Duties include supervising the special security office, maintaining SCI directives, ensuring proper handling of SCI, certifying visitor clearances, and managing security actions.
How is SCI security oversight conducted for local SCIFs?
The SSO administers SCI security oversight for other local SCIFs under the organizational SCI security cognizance.
What is required for the destruction of SCI?
The SSO ensures that SCI is destroyed by authorized means as per DoDM 5105.21-V1.
Describe the need for cooperation between the SSO and security manager.
There is a great need for cooperation and coordination between the SSO and security manager, especially regarding personnel security matters and changes in security policies.
Describe the role of SCI security briefings and debriefings.
SCI security briefings and debriefings are conducted to inform personnel about security protocols and to ensure compliance with security measures.
How are Non-disclosure Agreements related to SCI security actions?
Non-disclosure Agreements are obtained to ensure that individuals understand their responsibilities in protecting sensitive information related to SCI.
Define the purpose of annual self-inspections for SCI security officials.
Annual self-inspections are conducted to assess compliance with security protocols and identify areas for improvement in SCI security practices.
What actions are taken in response to SCI security infractions?
SCI security infractions are reported, recommendations are made, and required reports are prepared to address and rectify the issues.
How is the dissemination of product requirements managed in SCI security?
Product requirements are validated and disseminated to authorized users to ensure that only those with the proper clearance have access to sensitive information.
Describe the importance of continuing education in SCI security.
Continuing education in SCI security is crucial to keep all SCI-indoctrinated individuals informed about the latest requirements and guidelines for protecting sensitive information.
What is the significance of accreditation documentation for SCIFs?
Accreditation documentation is essential for ensuring that each Sensitive Compartmented Information Facility (SCIF) meets security standards and is authorized for operation.
How is derogatory information regarding SCI-indoctrinated personnel handled?
Derogatory information from local military law enforcement is reviewed, and appropriate actions are taken to address any security concerns.
What is the role of liaison with non-SCI security officials?
Maintaining liaison with non-SCI security officials is important for coordinating security efforts and ensuring comprehensive protection measures.
Describe the role of the Special Security Representative (SSR) in a facility’s SCI security program.
The SSR is responsible for the day-to-day management and implementation of the facility’s SCI security program and administrative functions for subordinate SCIFs, operating under the direction of the supporting SSO.
Define the responsibilities of the SSR in relation to SCIFs.
The SSR manages and implements the SCI security program and oversees administrative functions for subordinate SCIFs.
How does the SSR interact with the supporting SSO?
The SSR operates under the direction of the supporting SSO, ensuring that the SCI security program is effectively managed.
What is the significance of the SCI Non-Disclosure Agreement, Form 4414?
The SCI Non-Disclosure Agreement, Form 4414, is a legal document that outlines the obligations of individuals regarding the protection of sensitive compartmented information.
Describe the qualifications for a Senior Security Representative (SSR).
The SSR must be an appropriately SCI indoctrinated military commissioned officer, the most senior non-commissioned officer (E-5 or above), or a civilian (GS-7 or above). The local senior intelligence officer may appoint SSRs at a lower grade level with sufficient justification.
How can effective security be accomplished in a command?
Effective security is accomplished by recognizing, understanding, and applying the security requirements that prevent compromise.
What should be done when complacency about safeguarding measures is observed?
Corrective actions should be taken immediately when complacency about using proper safeguarding measures is observed.
Define the purpose of a security education program in handling classified information.
The purpose of the security education program is to ensure that all personnel understand the need and procedures for protecting classified information.
How can a command keep personnel security conscious at all times?
An effective security program can assist in keeping personnel security conscious by using various approaches such as posters, Plan of the Day notices, newsletters, and films.
What is the goal of a security education program?
The goal is to develop fundamental security habits as a natural element of each task.
Describe the importance of instilling self-responsibility in personnel regarding security.
Instilling a sense of self-responsibility in personnel eliminates carelessness, ignorance, or indifference, thereby accomplishing security consciousness.
What should a security education program advise personnel about unauthorized disclosure of classified information?
It should advise personnel of the adverse effects to national security that could result from unauthorized disclosure and their personal, moral, and legal responsibilities to protect classified information.
How should a security education program be developed?
The security education program should be developed based on the command mission and function.
What personal behaviors should personnel avoid to maintain eligibility for access to classified information?
Personnel should avoid personal behavior that could render them ineligible for access to classified information or assignment to sensitive duties.
Describe the requirement for continuous evaluation of personnel regarding classified information.
Supervisors must continuously evaluate personnel for their eligibility to access classified information or be assigned to sensitive duties.
Define the principles and procedures related to classified information.
Personnel should be familiar with the classification, downgrading, declassification, marking, control, accountability, storage, destruction, and transmission of classified information.
How should personnel challenge improper classification decisions?
Personnel should be familiar with the procedures for challenging classification decisions they believe to be improper.
What security requirements should personnel be familiar with for their assignments?
Personnel must understand the security requirements specific to their assignments and identify any restrictions.
Instruct personnel on determining recipient authorization for classified information dissemination.
Personnel must ensure that the recipient is authorized, needs the information for official duties, and can properly protect the information before dissemination.
Advise personnel on discussing classified information securely.
There is a strict prohibition against discussing classified information over unsecured communication methods that may allow interception by unauthorized persons.
Inform personnel about foreign intelligence activities.
Personnel should be aware of the techniques used by foreign intelligence to obtain classified information.
What vulnerabilities do personnel face during foreign travel?
Personnel are particularly vulnerable to compromise during foreign travel and should be informed of this risk.
What should personnel report regarding contacts with individuals?
Personnel must report any contacts with individuals that involve illegal access to classified information or concerns about being targeted for exploitation.
What are the penalties for mishandling classified information?
Personnel should be advised of the penalties associated with engaging in espionage activities and mishandling classified information.
Describe the categories of security education briefings.
Security education/briefings include indoctrination, orientation, and on-the-job training.
Describe the purpose of annual refresher briefings in the context of classified information.
Annual refresher briefings are designed to reinforce the understanding of classified information and the responsibilities associated with its protection among personnel with access.
How does indoctrination occur for individuals within the Department of the Navy (DON)?
Indoctrination occurs during training at the time of accession, and for those who do not go through formal training, the receiving command is responsible for indoctrination.
Define the verbal attestation required for individuals with Top Secret eligibility or SAP/SCI access.
Individuals with Top Secret eligibility or SAP/SCI access must verbally attest to understanding their responsibilities in protecting national security information and adhering to legal and regulatory provisions.
What is the significance of the SF 312 form in relation to classified information?
The SF 312 form informs individuals of the trust placed in them due to their access to classified information and outlines their responsibilities to protect that information from unauthorized disclosure.
How often must personnel with existing Top Secret eligibility or SCI/SAP access provide a verbal attestation?
Personnel must provide a verbal attestation during the required periodic reinvestigation or when granted access to another compartmented program, whichever occurs first.
What role do security managers play in the training of personnel with access to classified information?
Security managers are responsible for recording the training of personnel regarding their responsibilities for access to classified information in the Defense Information System for Security (DISS).
Explain the consequences outlined in the SF 312 for failing to protect classified information.
The SF 312 outlines that failure to meet responsibilities in protecting classified information can lead to serious consequences, including legal repercussions.
What types of briefings are included in the training for personnel with access to classified information?
The training includes annual refresher briefings, counterintelligence briefings, special briefings (such as Foreign Travel, New Requirement, Program, and NATO Security), and indoctrination.
How does the indoctrination process differ for those who do not undergo formal training?
For those who do not undergo formal training, the receiving command is responsible for providing the necessary indoctrination regarding classified information.
What must be done during the verbal attestation process for Top Secret eligibility?
The verbal attestation must be witnessed by one individual in addition to the official presiding over the attestation.
Describe the role of the individual’s security manager or SSO/SSR in the execution of the SF 312 form.
The individual’s security manager or SSO/SSR must personally witness the execution of the SF 312 form, signing and dating the agreement at the time it is executed.
How long is the SF 312 form maintained after signature?
The SF 312 form will be maintained for 70 years from the date of signature.
What action is taken in DISS after an individual executes an SF 312?
An entry will be made in DISS to indicate that the individual has executed an SF 312.
Define the purpose of the SCI Non-Disclosure Agreement Statement (Form 4414).
The SCI Non-Disclosure Agreement Statement (Form 4414) is a legally binding statement that an individual must sign as a condition of access to Sensitive Compartmented Information (SCI) for the protection of SCI.
How long is the SCI non-disclosure statement valid?
The SCI non-disclosure statement is valid for 70 years or until death, whichever comes first.
What is the importance of security orientation for personnel?
Security orientation is crucial for personnel whose job requires access to classified material, ensuring they understand the command security structure and their responsibilities.
Describe the timing of security orientation for new personnel.
The command should conduct the security orientation as soon as possible after an individual reports onboard and before granting access to classified information.
What key topics should be emphasized during security orientation?
Key topics include the command security structure, special security precautions, command security procedures, responsibilities to protect classified information, and obligations to report security violations.
How should supervisors approach on-the-job training regarding security requirements?
Supervisors must ensure that subordinates are aware of security requirements and actively supervise the on-the-job training process to prevent costly errors.
What are the consequences of leaving subordinates to learn security protocols by trial and error?
Leaving subordinates to learn by trial and error can be costly to security and may lead to breaches in the protection of classified information.
Describe the purpose of refresher briefings for personnel with access to classified information.
Refresher briefings are designed to enhance security awareness among personnel who have access to classified information, ensuring they are updated on security policies, procedures, and potential threats.
How often must personnel receive refresher briefings on classified information?
Personnel must receive refresher briefings once a year.
Define the role of supervisory personnel in refresher briefings.
Supervisory personnel are responsible for conducting refresher briefings or equivalent training for all personnel with access to classified information.
What topics should refresher briefings cover?
Refresher briefings should cover new security policies and procedures, counterintelligence reminders, continuous evaluation, command-specific security concerns, Non-Disclosure Agreement requirements, and results of self-inspections or security violation investigations.