Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Protecting DoD Classified Information and Assets, Exams of Computer Security

Various security measures and processes related to the protection of classified information and assets within the department of defense (dod). It covers topics such as physical security surveys and inspections, position sensitivity factors, threat criteria, security requirements for special access programs (saps), the adjudication process, access control measures, the militarily critical technologies list (mctl), the foreign visitor program, the continuous evaluation process, the dd form 254, and the roles of security and information assurance professionals. Definitions, explanations, and lists of key elements in these areas, highlighting the importance of effective risk management and security practices in safeguarding dod's classified information and assets.

Typology: Exams

2023/2024

Available from 07/17/2024

Academic_Affairs
Academic_Affairs 🇺🇸

4.2

(5)

475 documents

1 / 28

Toggle sidebar

Related documents


Partial preview of the text

Download Protecting DoD Classified Information and Assets and more Exams Computer Security in PDF only on Docsity!

APPC CERTIFICATION EXAM 2024- 2025 /SECURITY ASSET

PROTECTION PROFESSIONAL CERTIFICATION ACTUAL

EXAM VERIFIED.

What is the difference between physical security surveys and physical security inspections? - Answer- A physical security survey is a formal record assessment of an installation's overall security posture; whereas a physical security inspection is a formal record of compliance of physical procedures and measures implemented by a unit or activity to protect its assets Describe the purpose, intent, and security professional's role in each step of the Command Cyber Readiness Inspections (CCRI) process - Answer- Defining the scope, the inspection phase, documentation of observations, and reporting findings. A security professional would have responsibilities in defining the scope of the inspection, overseeing the self-inspection and remediation efforts, and coordinating with the CCRI team throughout the remainder of the process List two factors that should be considered when determining position sensitivity - Answer- (1) Level of access to classified information (2) IT level needed (3) Duties associated with position Define the four threat criteria - Answer- A Critical rating indicates that a definite threat exists against the assets and that the adversary has both the capability and intent to launch an attack, and that the subject or similar assets are targeted on a frequent or recurring basis. The rating scale is set at 75-100%. Explain the process for responding to a "spillage" - Answer- 1. Detection (implied)

  1. Notification and preliminary inquiry
  2. Containment and continuity of operations
  3. Formal inquiry
  4. Resolution
  5. Reporting Who could become an insider threat? - Answer- Any person with authorized access to any US government resources. Executive Order 13587? - Answer- Government agencies to establish their own insider threat programs.

Insider threat programs are intended to? - Answer- Deter, Detect, and Mitigate the risk. List an enhanced security requirement for protecting Special Access Program (SAP) Information within Industrial Security? - Answer- The SecDef or DepSecDef can approve a carve-out provision to relieve Defense Security Service of industrial security oversight responsibilities. Explain how the adjudication process contributes to effective risk management of DoD assets - Answer- Determines an individual's loyalty, reliability, and trustworthiness are in the best interest of national security Explain why access control measures are contingent on Force Protection Conditions - Answer- The Force Protection Conditions determine the amount of control measures needed to be taken in response to various levels of threats against military facilities or installations. Define the purpose and function of the militarily critical technologies list (MCTL) - Answer- Serves as a technical reference for the development and implementation of DoD technology, security policies on international transfers of defense-related goods, services, and technologies as administered by the Director, Defense Technology Security Administration (DTSA). Describe how authorization of Limited Access Authority impacts risk to DoD assets - Answer- Increases risk by allowing a foreign national access to classified information. Reduces risk by ensuring Foreign Nationals with a unique or unusual skills set have been properly investigated, adjudicated or vetted before being granted access to specific pieces of classified information only. List three different types of threats to classified information - Answer- (1) Insider threat (2) Foreign Intelligence entities (3) Cybersecurity Threat What is the security professionals' role in pursuing and meeting cyber security goals? - Answer- The role of the cyberspace workforce is to "secure, defend, and preserve data, networks, net-centric capabilities, and other designated systems by ensuring appropriate security controls and measures are in place, and taking internal defense actions" (DoDD 8140.01). Per DoDI 8500.01, Cybersecurity (March 14, 2014), personnel occupying cybersecurity positions must be assigned in writing and trained / qualified in accordance with their role.

Tailoring + 4 Steps - Answer- Modifying the list of security controls within a baseline to align with the organization's mission. Includes: Identifying and designating common controls Appling scoping considerations Selecting compensating controls Assigning control values Scoping - Answer- A part of the tailoring process and refers to reviewing a list of baseline security controls and selecting only those controls that apply to the IT systems you're trying to protect Identify specific baseline administrative and/or physical security controls applicable to each system categorization - Answer- Controls are identified by enumerating the common controls, identifying those relevant to the categorization level as defined in NIST SP 800-53, potentially tailored by the Authorizing Official, and overlays are applied based on the nature of the system. List three (3) factors for determining whether US companies are under Foreign Ownership Control of Influence (FOCI) - Answer- 1. Record of economic and government espionage against the US targets.

  1. Record of enforcement/engagement in unauthorized technology transfer.
  2. Type and sensitivity of the information that shall be accessed.
  3. The source, nature and extent of FOCI.
  4. Record of compliance with pertinent US laws, regulations and contracts.
  5. Nature and bilateral and multilateral security and information exchange agreements.
  6. Ownership or control in whole or part, by a foreign government. How does lack of attention to the concept of compilation of information introduce risks to DoD assets? - Answer- 1. Unauthorized disclosure
  7. Misclassification
  8. Security Violation
  9. Improper safeguarding
  10. Improper dissemination
  11. Improper handling
  12. Improper destruction
  13. Data Spill

List at least three indicators of insider threats - Answer- 1. Failure to report overseas travel or contact with foreign nationals.

  1. Seeking to gain higher clearance or expand access outside the job scope.
  2. Engaging in classified conversations without a need to know.
  3. Working hours inconsistent with job assignment or insistence on working in private.
  4. Exploitable behavior traits.
  5. Repeated security violations.
  6. Attempting to enter areas not granted access to.
  7. Unexplained affluence/living above one's means.
  8. Anomalies (adversary taking actions which indicate they are knowledgeable to information).
  9. Illegal downloads of information/files. Describe the security professional's possible roles in handling a security incident (hint SSRII) - Answer- 1. Secure
  10. Safeguard
  11. Report
  12. Inquire
  13. Investigate List at least three individuals in the personnel security investigation (PSI) process and describe their roles
  • Answer- Facility Security Officer/Security Manager/Security Officer/Security Coordinator/Security Assistant: initiates, reviews, forwards E-Qip investigation to investigation service provider (ISP) Subject: Completes forms and provides additional information if required Investigator: Conducts PSI Adjudicator: Determines security clearance eligibility What are at least three principle incidents/events required to be reported to DoD counterintelligence (CI) organizations? - Answer- 1. Espionage
  1. Sabotage
  1. Terrorism
  2. Cyber
  3. Insider Threat List three elements that a security professional should consider when assessing and managing risks to DoD assets - Answer- 1. Asset
  4. Threat
  5. Vulnerability
  6. Risk
  7. Countermeasures Explain how visitor identification control methods are used to effectively control access to facilities - Answer- Ensure only authorized personnel and materials that enter and exit from an installation or facility are properly identified, verified, and authenticated Briefly define a Special Access Program - Answer- A program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally required for information at the same classification level Identify the three core components of the Risk Assessment process - Answer- 1. Asset criticality
  8. Threat Assessment
  9. Vulnerability Assessment List at least three (3) types of security briefings that help manage risks to DoD assets - Answer- 1. Initial orientation
  10. Annual refresher
  11. Threat awareness
  12. Foreign Travel
  13. Derivative classification
  14. Debriefings
  15. Termination briefing
  16. Counterintelligence briefing

Who determines or identifies when physical security surveys and inspections are required? - Answer- 1. DoD Component Commanders.

  1. Program Managers
  2. Security Managers
  3. Physical Security Specialists/Officers List three transmission and transportation requirements that help manage risks to DoD assets - Answer- 1. Safeguarding
  4. Briefings
  5. Documentation
  6. Personal control
  7. Pre-coordination
  8. Preparing for transportation (packaging)
  9. Utilizing proper methods of transmission/transportation based on classification level
  10. Intended recipients have proper clearance/eligibility and need to know (or access)
  11. Capability to properly store classified information List three types of safeguarding procedures for classified information - Answer- 1. Proper storage
  12. Proper handling
  13. Approved disposition
  14. Proper transmission/transportation methods
  15. Receipt use, when required
  16. Dissemination
  17. Physical security measures
  18. Technical, administrative, and personnel control measures (deleted access control as these measures constitute access control)
  19. Develop emergency plan Describe the purpose of the Foreign Visitor Program - Answer- To track and approve access by a foreign entity to information that is classified; and to approve access by a foreign entity to information that is

unclassified, related to a US Government contract, or contractor/government facility visits covered by International Traffic in Arms Regulations (ITAR) Explain how effective implementation of the continuous evaluation process contributes to management of the risks to DoD assets - Answer- Ensures that individuals with security clearance eligibility and access are continuously assessed through utilization of accessible databases and other lawfully available information; continue to meet adjudicative standards; and that any issues that may arise are promptly reported and addressed Briefly describe the purpose of the DD Form 254 - Answer- Convey security requirements and classification guidance, and provide handling procedures for classified materials received and/or generated under a classified contract List the three categories of Special Access Programs - Answer- 1. Acquisition

  1. Intelligence
  2. Operations and support Identify the five Cognizant Security Agencies (CSAs) and describe their role in the National Industrial Security Program (NISP) - Answer- 1. Department of Defense
  3. Director of National Intelligence
  4. Department of Energy
  5. Nuclear Regulatory Commission
  6. Department of Homeland Security. Role: implement and oversee an Industrial Security Program to safeguard classified information with cleared industry under the respective CSA's jurisdiction. What are the five steps in the DoD risk management model - Answer- 1. Assess Assets
  7. Assess Threats
  8. Assess Vulnerabilities
  9. Assess Risks
  10. Determine Countermeasures

What are 3 core components of the risk assessment process? - Answer- 1. Asset criticality

  1. Threat assessment
  2. Vulnerability assessment What do SAPs aim to achieve? - Answer- 1. Protect technological breakthroughs
  3. Cover exploitation of adversary vulnerabilities
  4. Protect sensitive operational plans
  5. Reduce intelligence on U.S. capabilities What are the SAP Lifecycle - Answer- 1. Establishment (is extra protection warranted?)
  6. Management and Administration (continued need? processed followed?)
  7. Apportionment (proper measures in place? approval received)
  8. Disestablishment (program no longer needed?) What is the five-step OPSEC process? - Answer- 1. Identify critical information 2. Analyze threats 3. Analyze vulnerabilities 4. Assess risks 5. Apply OPSEC countermeasures What are the 5 steps to RMF? - Answer- 1. Identify the critical assets that require protection
  9. Identify undesirable events and expected impacts
  10. Value and prioritize assets based on the consequence of loss
  11. Assess the risks and
  12. Determine countermeasures What the 5 categories of assets? - Answer- 1. People
  13. Information
  14. Equipment
  15. Facilities and
  16. Activities and Operations

Define the four levels of asset impact loss - Answer- 1. Critical indicates that compromise to the assets targeted would have grave consequences leading to loss of life, serious injury, or mission failure. The rating scale is from 50- 100

  1. A High value indicates that a compromise to assets would have serious consequences resulting in the loss of classified or highly sensitive data that could impair operations affecting national interests for a limited period of time. The rating scale is from 13- 50
  2. An asset value of Medium indicates that a compromise to the assets would have moderate consequences resulting in the loss of confidential, sensitive data or costly equipment/property that would impair operations affecting national interests for a limited period of time. The rating scale is from 3- 13
  3. A Low value indicates that there is little or no impact on human life or the continuation of operations affecting national security or national interests. The rating scale is from 1- 3 A High rating indicates that a credible threat against the assets exists, based on our knowledge of the adversary's capability and intent to attack the assets and based on related incidents having taken place at similar facilities. The rating scale is 50-74%. A rating of Medium indicates that there is a potential threat to the assets based on the adversary's desire to compromise the assets and the possibility that the adversary could obtain the capability through a third party who has demonstrated the capability in related incidents. The rating scale is set from 25-49%. A Low rating indicates little or no credible evidence of capability or intent, with no history of actual or planned threats against the assets. The rating scale is set at 0-24%. What is the risk formula? - Answer- RISK = IMPACT x (THREAT x VULNERABILITY) What are the risk countermeasures? - Answer- 1. Manpower
  4. Equipment
  5. Procedures What are the four levels of vulnerability? - Answer- 1. A Critical rating indicates that there are no effective countermeasures currently in place and all known adversaries would be capable of exploiting the asset. Critical is assigned a rating scale of 75-100%.
  1. Assigning a High rating indicates that although there are some countermeasures in place, there are still multiple weaknesses through which many adversaries would be capable of exploiting the asset. The rating scale is set at 50-74%.
  2. A Medium rating indicates that there are effective countermeasures in place, however one weakness does exist which some known adversaries would be capable of exploiting. The rating scale is set at 25- 49%.
  3. Assigning a Low rating indicates that multiple layers of effective countermeasures exist and few or no known adversaries would be capable of exploiting the asset. The low rating scale is set at 0-24%. 5 categories of vulnerability? - Answer- 1. Human
  4. Operational
  5. Information
  6. Facility
  7. Equipment What are the 8 categories of Classified Military Information (CMI)? - Answer- Category 1 includes information related to the organization, training, and employment of U.S. military forces. Category 2 includes information on specific items of equipment already in production, or in service, and the information necessary for their operation, maintenance, and training. Items on the U.S. Munitions List, or USML, fall within this category. Category 3 includes information related to fundamental theories, design, and experimental investigation into possible military applications; it includes engineering data, operational requirements, concepts, and military characteristics required to adopt the item for production. Development ceases when the equipment has completed suitability testing and has been adopted for use or production. Category 4 includes information related to designs, specifications, manufacturing techniques, and such related information necessary to manufacture materiel and munitions.

Category 5 includes information necessary to plan, ensure readiness for, and provide support to the achievement of mutual force development goals or participation in specific combined tactical operations and exercises. It does not include strategic plans and guidance or North American defense information. Category 6 includes information pertaining to U.S. forces in a specific area. Category 7 includes information related to plans, operations, programs, and projects, to include data and equipment, directly related to North American defense Category 8 includes military-related information that pertains to foreign nations. Define Designated Disclosure Authority (DDA) - Answer- An official at the subordinate component level designated by the Head of a DoD Component or the Component's Principal Disclosure Authority to control disclosures of classified military information by his or her organization Define Delegation of Disclosure Authority Letter (DDL) - Answer- a document issued by the appropriate designated disclosure authority explaining classification levels, categories, scope, and limitations of information under a DoD Component's disclosure jurisdiction that may be disclosed to a foreign government or international organization Define Arms Export Control Act (AECA) - Answer- Governs the export of defense articles and services and related technical data and is the legal basis for most international programs. NDP-1 (National Disclosure Policy) - Answer- Contains the procedures for disclosure of U.S. classified military information to foreign governments and international organizations Define General Security of Military Information Agreement (GSOMIA) - Answer- a government-to- government agreement negotiated through diplomatic channels. It states that each party to the agreement will afford to classified information provided by the other the degree of security protection afforded it by the releasing government. Sharing and reporting information is essential to detecting potential insider threats. True or False? - Answer- True Two security professionals - Paul and Ashley - are discussing security program areas.

Paul says that Information Security practitioners train and/or advise Original Classification Authorities in the application of the process for making classification determinations. Ashley says that Physical Security practitioners work with a facility's Antiterrorism Officer to deploy defensive measures designed to reduce the facility's vulnerability from terrorist attacks. - Answer- Paul and Ashley are both correct Two security professionals - Paul and Ashley - are discussing security program areas. Paul says that Information Security practitioners work with a facility's Antiterrorism Officer to deploy defensive measures designed to reduce the facility's vulnerability from terrorist attacks. Ashley says that Personnel Security practitioners train and/or advise Original Classification Authorities in the application of the process for making classification determinations. - Answer- Paul and Ashley are both incorrect SPeD is an abbreviation for? - Answer- Security Professional Education Development SPed is a certification program of what agency? - Answer- Department of Defense Security Fundamentals Professional Certification (SFPC) definition? - Answer- The individual understands foundational security concepts, principles, and practices. (Core Certification for SPed). Security Asset Protection Professional Certification (SAPPC) definition? - Answer- The Individual applies foundational security concepts, principles, and practices. (Core Certification for SPed). Security Program Integration Professional Certification (SPIPC) definition? - Answer- The individual understands and applies risk assessment and security program management based on security concepts, principles, and practices. (Core Certification for SPed). Security Enterprise Professional Certification (SEPC) definition? - Answer- The individual understands and applies concepts, principles, and practices for managing enterprise-wide security.

What are the three principle incident/events required to be reported to DoD Counterintelligence (CI) organizations? - Answer- Espionage, Sabotage, Terrorism & Cyber Policy PMO is an abbreviation for? - Answer- Program Management Office Provides the legal requirements to use lawful means to ensure U. S. receives the best intelligence available? - Answer- E.O. 12333 The manual that includes CI-related requirements for Industry? - Answer- DoD 5220.22-M (NISPOM) Regulation mandating CI-specific training, briefing, and reporting? - Answer- DoDI5240.6: CI Awareness, Briefing, and Reporting Programs Regulation providing procedures to follow when classified information is compromised? - Answer- DoD 5200.1-R: information Security Program What are three principle incidents/events required to report to DoD counterintelligence (CI) organizations? - Answer- Espionage, Sabotage, Terrorism & Cyber Policy List three different types of threats to classified information? - Answer- Insider Threat, Foreign Intelligence Entities (FIE), Cybersecurity Threat List three indicators of insider threats? - Answer- Failure to report overseas travel or contact with foreign nationals. Seeking to gain higher clearance or expand access outside the job scope. Engaging in classified conversations without a need to know. Working hours inconsistent with job assignment or insistence on working in private. Exploitable behavior traits. Repeated security violations. Attempting to enter areas not granted access to.

List three elements that should be considered in identifying Critical Program Information? - Answer- - Cause significant degradation in mission effectiveness

  • Shorten the expected combat-effective life of the system
  • Reduce technological advantage
  • Significantly alter program direction
  • Enable an adversary to defeat, counter, copy, or reverse-engineer the technology or capability. Briefly describe the concept of insider threat? - Answer- An employee who may represent a threat to national security. These threats encompass potential espionage, violent acts against the Government or the nation, and unauthorized disclosure of classified information, including the vast amounts of classified data available on interconnected United States Government computer networks and systems. List three elements that a security professional should consider when assessing and managing risks to DoD assets? - Answer- Asset Threat Vulnerability Risk Countermeasures Describe the purpose of the Foreign Visitor Program? - Answer- To track and approve access by a foreign entity to information that is classified; and to approve access by a foreign entity to information that is unclassified, related to a U.S. Government contract, or plant visits covered by ITAR. Briefly define a Special Access Program (SAP)? - Answer- A program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally required for information at the same classification level. List three enhanced security requirements for protecting Special Access Program (SAP) Information within Personnel Security? - Answer- Access Rosters Billet Structures (if required) Indoctrination Agreement Clearance based on an appropriate investigation completed within the last 5 years Individual must materially contribute to the program in addition to having the need to know All individuals with access to SAP are subject to a random counterintelligence-scope polygraph

Identify the four Cognizant Security Agencies (CSA)? - Answer- Department of Defense (DoD) Director of National Intelligence (DNI) Department of Energy (DoE) Nuclear Regulatory Commission (NRC). Describe the CSA's role in the National Industrial Security Program (NISP)? - Answer- To establish an industrial security program to safeguard classified information under its jurisdiction. List three factors for determining whether U.S. companies are under Foreign Ownership, Control, or Influence (FOCI)? - Answer- Record of economic and government espionage against the U.S. targets Record of enforcement/engagement in unauthorized technology transfer Type and sensitivity of the information that shall be accessed The source, nature and extent of FOCI Record of compliance with pertinent U.S. laws, regulations and contracts Define the purpose and function of the Militarily Critical Technologies List (MCTL)? - Answer- Serves as a technical reference for the development and implementation of DoD technology, security policies on international transfers of defense-related goods, services, and technologies as administered by the Director, Defense Technology Security Administration (DTSA). Formulation of export control proposals and export license review. List three primary authorities governing foreign disclosure of classified military information? - Answer- Arms Export Control Act National Security Decision Memorandum 119 National Disclosure Policy- 1 International Traffic in Arms Regulation (ITAR) E.O.s 12829, 13526 Bilateral Security Agreements DoD 5220.22-M, "NISPOM,"

Briefly describe the purpose of the DD Form 254? - Answer- Convey security requirements and classification guidance, and provide handling procedures for classified material received and/or generated on a classified contract. List the three main policies that govern the DoD Information Security Program? - Answer- E.O. 13526 Information Security Oversight Office (ISOO) 32 CFR Parts 2001 & 2003 Classified National Security Information; Final Rule" DoD Manual 5200.01, Volumes 1- 4 What must an "authorized person" have before being granted access to classified information? - Answer- Favorable determination of eligibility for access Need to know the information Signed SF 312 Nondisclosure Agreement List three classification duration options for originally classified information? - Answer- less than 10 years at 10 years up to 25 years 50X1-HUM (with no date or event) 50X2-WMD (with no date or event 25X (with a date or event) List three authorized sources of security classification guidance that could be used in the derivative classification process? - Answer- Security Classification Guide Properly Marked Source Document Contract Security Classification Specification (DD Form 254) Define derivative classification? - Answer- Incorporating, paraphrasing, restating, or generating in new form information that is already classified and marking the newly developed material consistent with the markings that apply to the source information. Define the difference between a security infraction and a security violation? - Answer- An infraction cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of

classified information; whereas a violation does result in or could be expected to result in the loss or compromise of classified information. Define unauthorized disclosure? - Answer- Communication or physical transfer of classified or controlled unclassified information to an unauthorized recipient. List three types of initial personnel security investigations and to whom they apply? - Answer- ANACI: Civilian NACI: Civilian and Contractor NACLC: Military and Contractor SSBI: Military, Civilian, Contractor Describe the purpose of due process in Personnel Security Program (PSP)? - Answer- Ensures fairness by providing the subject the opportunity to appeal an unfavorable adjudicative determination. List the key procedures for initiating Personnel Security Investigations(PSIs)? - Answer- Validate the need for an investigation Initiate e-QIP Review Personnel Security Questionnaire (PSQ) for completeness Submit electronically to OPM List three DoD position sensitivity types and their investigative requirements? - Answer- Critical Sensitive: SSBI, SSBI-PR, PPR Non-Critical Sensitive: ANACI, NACLC Nonsensitive: NACI Describe the difference between revocation and denial in Personnel Security Program? - Answer- Revocation: A current security eligibility determination is rescinded. Denial: An initial request for security eligibility is not granted. Describe the purpose of a Statement of Reason (SOR)? - Answer- The purpose of the SOR is to provide a comprehensive and detailed written explanation of why a preliminary unfavorable adjudicative determination was made.

List five adjudicative guidelines? - Answer- 1. Allegiance to the United States

  1. Foreign Influence
  2. Foreign Preference
  3. Sexual Behavior
  4. Personal Conduct
  5. Financial Considerations
  6. Alcohol Consumption
  7. Drug Involvement
  8. Psychological Conditions
  9. Criminal Conduct
  10. Handling Protected Information
  11. Outside Activities
  12. Use of Information Technology List three different types of approved classified material storage areas? - Answer- GSA-approved storage containers Vaults (including modular vaults) Open storage area (secure rooms, to include SCIFs and bulk storage areas) List three construction requirements for vault doors? - Answer- Constructed of metal Hung on non-removable hinge pins or with interlocking leaves. Equipped with a GSA-approved combination lock. Emergency egress hardware (deadbolt or metal bar extending across width of door). What is the purpose of intrusion detection systems? - Answer- Detect unauthorized penetration into a secured area. What is the purpose of perimeter barriers? - Answer- Defines the physical limits of an installation, activity, or area, restrict, channel, impede access, or shield activities within the installation from immediate and direct observation.

What is the purpose of an Antiterrorism Program? - Answer- Protect DoD personnel, their families, installations, facilities, information, and other material resources from terrorist acts. List three Force Protection Condition levels? - Answer- Normal, Alpha, Bravo, Charlie, Delta Describe the concept of security-in-depth? - Answer- Layered and complementary security controls sufficient to deter, detect, and document unauthorized entry and movement within an installation or facility. In which security program area would you find practitioners who train and/or advise Original Classification Authorities in the application of the process for making classification determinations? - Answer- Information Security In which security program area would you find practitioners working with a facility's Antiterrorism Officer to deploy defensive measures designed to reduce the facility's vulnerability from terrorist attacks?

  • Answer- Physical Security In which security program area would you find practitioners involved with processes that monitor employees for new information that could affect their security clearance eligibility status? - Answer- Personnel Security CI Foreign Travel Briefing? - Answer- Purpose to increase awareness and personal safety, targeting by foreign intelligence, current travel warnings, & where to seek help if needed. CI Elicitation is a form of social engineering? - Answer- Collecting info from people though conversation. Potential Espionage Indicator Categories? - Answer- Foreign Contracts and Associations Foreign Travel Foreign Preference Anti-American Statements, Activities, and Associations Falsification/Failure to Report Substantive Information Sexual Behavior That Increases Vulnerability to Exploitation

Suspicious Financial Transactions or Undue Affluence Illicit Information Collection or Transmittal Other Counterintelligence Issues List an enhanced security requirement for protecting Special Access Program (SAP) Information within Physical Security? - Answer- Access Control Maintain a SAP Facility Access Roster All SAPs must have an unclassified nickname/Codeword (optional). List an enhanced security requirement for protecting Special Access Program (SAP) Information within Information Security? - Answer- The use of HVSACO Transmission requirements (order of precedence) List five responsibilities of the Government SAP Security Officer/Contractor Program Security Officer (GSSO/CPSO)? - Answer- • Possess a personnel clearance and Program access at least equal to the highest level of

  • Program classified information involved.
  • Provide security administration and management for his/her organization.
  • Ensure personnel processed for access to a SAP meet the prerequisite personnel clearance and/or investigative requirements specified.
  • Ensure adequate secure storage and work spaces.
  • Ensure strict adherence to the provisions of the NISPOM, its supplement, and the Overprint.
  • When required, establish and oversee a classified material control program for each SAP.
  • When required, conduct an annual inventory of accountable classified material.
  • When required, establish a SAPF.
  • Establish and oversee a visitor control program.
  • Monitor reproduction and/or duplication and destruction capability of SAP information
  • Ensure adherence to special communications capabilities within the SAPF.
  • Provide for initial Program indoctrination of employees after their access is approved;

rebrief and debrief personnel as required.

  • Establish and oversee specialized procedures for the transmission of SAP material to and from Program elements.
  • When required, ensure contractual specific security requirements such as TEMPEST Automated Information System (AIS), and Operations Security (OPSEC) are accomplished.
  • Establish security training and briefings specifically tailored to the unique requirements of the SAP. What is the definition of Critical Program Information in DoD? - Answer- Elements or components of a Research, Development, and Acquisition (RDA) program that, if compromised, could cause significant degradation in mission effectiveness; shorten the expected combat-effective life of the system; reduce technological advantage; significantly alter program direction; or enable an adversary to defeat, counter, copy, or reverse engineer the technology or capability. Includes information about applications, capabilities, processes and end-items. Includes elements or components critical to a military system or network mission effectiveness. Includes technology that would reduce the U.S. technological advantage if it came under foreign control. How does lack of attention to the concept of compilation introduce risks to DoD assets? (It can cause) - Answer- • Unauthorized disclosure
  • Misclassification
  • Security violation
  • Improper safeguarding
  • Improper dissemination
  • Improper handling
  • Improper destruction List three transmission and transportation requirements that help manage risks to DoD assets? - Answer- • Safeguarding
  • Briefings
  • Documentation
  • Personal control
  • Utilizing proper methods of transmission/transportation based on classification level
  • Intended recipient(s) have proper clearance/eligibility and need to know (or access)
  • Capability to properly store classified information List three types of security briefings that help manage risks to DoD assets? - Answer- • Initial Orientation
  • Annual Refresher
  • Threat Awareness
  • Foreign Travel
  • Special Training Requirements
  • Derivative Classification
  • Original Classification Authority (OCA)
  • Declassification Authority
  • Debriefings
  • Termination briefing List three disposal and destruction methods used to effectively manage risks to DoD classified information? - Answer- • Cross-cut shredding
  • Burning/ Incinerating
  • Pulverizing
  • Disintegrating
  • Mutilating
  • Degaussing
  • Chemical decomposition
  • Special burn
  • Wet pulping
  • Overwriting
  • Sanding
  • Physical destruction List three types of safeguarding procedures for classified information? - Answer- • Proper storage
  • Proper handling
  • Approved disposition
  • Proper transmission/transportation methods
  • Receipt use, when required
  • Forced entry protection
  • Dissemination
  • Physical security measures
  • Technical, administrative, and personnel control measures (deleted access control as these measures constitute access control)
  • Develop emergency plan Describe the security professional's role in handling a security incident? - Answer- • Secure
  • Safeguard
  • Report
  • Inquire (under unusual circumstances)
  • Investigate (under unusual circumstances)
  • Recommend Describe how the roles of the security professional and the information assurance (IA) professional differ in regard to protecting DoD classified information on information technology (IT) systems. - Answer- • The IA professional must ensure that all DoD information systems maintain appropriate levels of availability, integrity, authentication, confidentiality, and non-repudiation in order to protect and defend DoD information and networks. They must also ensure the systems are certified and accredited.
  • The security professional coordinates with the IA professional during the C&A process. The security professional must be aware of the nature, scope, and schedule of ongoing C&A activities within a given organization, in order to provide timely and relevant classification management direction and to ensure

the physical environment is properly secured and accredited for the operations planned and that users are properly cleared and have all requisite access in time to support the mission. Explain how the adjudication process contributes to effective risk management of DoD assets? - Answer- Ensures that, based upon all available information, an individual's loyalty, reliability, and trustworthiness are such that entrusting assigned persons with eligibility to classified information or sensitive duties is in the best interest of national security. Explain how effective implementation of the continuous evaluation process contributes to management of risks to DoD assets? - Answer- Ensures that individuals with national security eligibility and access are continuously assessed through utilization of accessible databases and other lawfully available information; continue to meet adjudicative standards; and that any issues that may arise are promptly reported. List three factors that should be considered when determining position sensitivity? - Answer- • Level of Access to Classified Information

  • IT level needed
  • Duties associated with position List three individuals in the personnel security investigation (PSI) process and describe their roles? - Answer- • FSO/Security Manager/Human Resource Officer: Initiates, Reviews, Forwards investigation to investigation service provider (ISP)
  • Subject: Completes forms and provides additional information if required
  • Investigator: Conducts PSI
  • Adjudicator: Determines eligibility for National Security access Describe the function of e-QIP in the personnel security program (PSP)? - Answer- • Initiate investigations
  • Complete forms
  • Forward forms to ISP List three factors that a security professional should consider before requesting a Limited Access Authority (LAA)? - Answer- • Can a U.S. citizen perform the duties
  • Is classified access limited to Secret or Confidential
  • Does the person possess a rare or unusual skill or expertise List the five steps in the DoD risk management model? - Answer- Assess Assets Assess Threats Assess Vulnerabilities Assess Risks Determine Countermeasures Identify the three core components of the risk assessment process? - Answer- Asset Criticality Threat Assessment Vulnerability Assessment What is the difference between physical security surveys and physical security inspections? - Answer- A physical security survey is a formal, recorded assessment of an Installation's overall security program; whereas a physical security inspection is a formal, recorded compliance of physical procedures and measures implemented by a unit or activity to protect its assets. Who makes the determination of when physical security surveys and inspections are required? - Answer- DoD Component Commanders. Explain why access control measures are contingent on threat levels? - Answer- Based on threat levels, commanders or directors are responsible for enhancing access control measures to their installations and facilities. Explain how visitor identification control methods are used to effectively control access to facilities? - Answer- Ensure only authorized personnel and materials enter and exit from an installation or facility by identifying, verifying, and authenticating. Contractors visiting the facility do not require check-in at the front desk if they have a Common Access Card (CAC) because other control measures will be in place throughout the facility? True or False - Answer- False