Classified Information Security and Personnel Security Procedures, Exams of Law

An overview of the key concepts and procedures related to the security of classified information and personnel security in the united states government. It covers topics such as the foreign visitor program, special access programs, security infractions, security violations, classification levels, personnel security investigations, security clearance eligibility processes, security containers, secure facilities, classification authorities, declassification, handling of classified information, and methods for transmitting classified information. The document aims to educate readers on the complex regulatory framework and best practices for protecting sensitive national security information.

Typology: Exams

2024/2025

Available from 09/28/2024

LectDavid
LectDavid 🇬🇧

3

(5)

1.3K documents

1 / 40

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
SPēD SFPC EXAM: All Areas
Indicators of insider threats - (answer)-1. Failure to report overseas travel
or contact with foreign nationals
2. Seeking to gain higher clearance or expand access outside
job scope 3. Engaging in classified conversations without NTK
4. Working inconsistent
hours 5. Exploitable
behavior traits 6.
Repeated security
violations
7. Unexplainable affluence/living above one's
means 8. Illegal downloads of information/files
Elements that should be considered in identifying Critical
Program Information - (answer)-Elements which if
compromised could:
1. cause significant degradation in mission
effectiveness, 2. shorten expected combat-
effective life of system
3. reduce technological advantage
4. significantly alter program direction; or
5. enable adversary to defeat, counter, copy, or reverse engineer
technology/capability.
Elements that security professional should consider when assessing and
managing risks to DoD assets (risk management process) - (answer)-1.
Assess assets
2. Assess threats
3. Assess Vulnerabilities
4. Assess risks
5. Determine countermeasure
options 6. Make RM decision
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28

Partial preview of the text

Download Classified Information Security and Personnel Security Procedures and more Exams Law in PDF only on Docsity!

SPēD SFPC EXAM: All Areas

Indicators of insider threats - (answer)-1. Failure to report overseas travel or contact with foreign nationals

  1. Seeking to gain higher clearance or expand access outside job scope 3. Engaging in classified conversations without NTK
  2. Working inconsistent hours 5. Exploitable behavior traits 6. Repeated security violations
  3. Unexplainable affluence/living above one's means 8. Illegal downloads of information/files Elements that should be considered in identifying Critical Program Information - (answer)-Elements which if compromised could:
  4. cause significant degradation in mission effectiveness, 2. shorten expected combat- effective life of system
  5. reduce technological advantage
  6. significantly alter program direction; or
  7. enable adversary to defeat, counter, copy, or reverse engineer technology/capability. Elements that security professional should consider when assessing and managing risks to DoD assets (risk management process) - (answer)-1. Assess assets
  8. Assess threats
  9. Assess Vulnerabilities
  10. Assess risks
  11. Determine countermeasure options 6. Make RM decision

The three categories of Special Access Programs - (answer)-acquisition, intelligence, and operations & support Types of threats to classified information - (answer)-Insider Threat, Foreign Intelligence Entities (FIE), criminal activities, cyber threats, business competitors The concept of an insider threat - (answer)-An employee who may represent a threat to national security. These threats encompass potential espionage, violent acts against the Government or the nation, and unauthorized disclosure of classified information The purpose of the Foreign Visitor Program - (answer)-To track and approve access by a foreign entity to information that is classified; and to approve access by a foreign entity to information that is unclassified, related to a U.S. Government contract, or plant visits covered by ITAR. Special Access Program - (answer)-A program established for a specific class of

Responsibilities of the Government SAP Security Officer/Contractor Program Security Officer (GSSO/ CPSO) - (answer)-• Possess personnel clearance and Program access at least equal to highest level of Program classified information involved.

  • Provide security administration and management for organization.
  • Ensure personnel processed for access to SAP meet prerequisite personnel clearance and/or investigative requirements specified.
  • Ensure adequate secure storage and work spaces.
  • Ensure strict adherence to the provisions of NISPOM, its supplement, and the Overprint.
  • When required, establish and oversee classified material control program for each SAP.
  • When required, conduct an annual inventory of accountable classified material.
  • When required, establish SAPF.
  • Establish and oversee visitor control program.
  • Monitor reproduction/duplication/destruction capability of SAP information
  • Ensure adherence to special communications capabilities within SAPF.
  • Provide for initial Program indoctrination of employees after access is approved; rebrief and debrief personnel
  • Establish and oversee specialized procedures for transmission of SAP material to and from Program elements
  • When required, ensure contractual specific security requirements are accomplished.
  • Establish security training and briefings specifically tailored to unique requirements of SAP. The five Cognizant Security Agencies (CSAs) - (answer)-Department of Defense (DoD), Director of National Intelligence (DNI), Department of Energy (DoE), Department of Homeland Security (DHS) and the Nuclear Regulatory Commission (NRC). Cognizant Security Agencies (CSA)s' role in the National Industrial Security Program (NISP). - (answer)-Establish general industrial security programs and oversee/administer security requirements Primary authorities governing foreign disclosure of classified military information - (answer)-1. Arms Export Control Act
  1. National Security Decision Memorandum 119 3. National Disclosure Policy-
  2. International Traffic in Arms Regulation (ITAR) 5. E.O.s 12829, 13526
  3. Bilateral Security Agreements 7. DoD 5220.22-M, "NISPOM,"

defense-related goods, services, and technologies as administered by the Director, Defense Technology Security Administration (DTSA).

  1. Formulation of export control proposals and export license review Security Infraction - (answer)-Failure to comply with security requirements which cannot reasonably be expected to and does not result in loss, compromise, or suspected compromise of classified information DoD Manual 5200.01, Volumes 1-3 - (answer)-Manual that governs DoD Information Security Program DoDI 5200.01 - (answer)-Authorizes the publication of DoDM 5200.01 Vol 1- 3, the DoD Information Security Program E.O. 13526 - (answer)-Executive order that governs DoD Information Security Program ISOO 32 CFR Parts 2001 & 2003, "Classified National Security Information; Final Rule" - (answer)-Provides guidance to all government agencies on classification, downgrading, declassification, and safeguarding of classified national security information Security Violation - (answer)-Knowing, willful, or negligent action that results in or could be expected to result in loss, suspected compromise, or compromise of classified information Unauthorized Disclosure - (answer)-Communication or physical transfer of classified or controlled unclassified information (CUI) to unauthorized recipient Three classification levels - (answer)-TS - grave damage to national security S - serious damage to national security

C - damage to national security Single Scope Background Investigation (SSBI) - (answer)-For military, contractors, and civilians: · Critical/Special-Sensitive · TS, "Q" info, war-related plans, policymaking, revenue and funds, SCI, SAPs · Equivalent to Tier 5 Access National Agency Check with Inquiries (ANACI) - (answer)-For civilians: · Noncritical-Sensitive positions · Confidential/Secret, "L" info, systems containing PII · Equivalent to Tier 3

Agreement to never disclose classified information to an unauthorized person Procedures for initiating Personnel Security Investigations (PSIs) - (answer)-1. Validate need for investigation 2. Initiate e-QIP

  1. Review Personnel Security Questionnaire (PSQ) for completeness 4. Submit electronically to OPM T/F: Only U.S. citizens may be granted a security clearance. - (answer)-True T/F: A security clearance guarantees that any individual will be granted access to classified information. - (answer)-False. Individual must also have NTK and sign a SF 312.

T/F: Any individual with an official need to know to conduct assigned duties will be granted a clearance. - (answer)-False. The granting of a clearance is based on the favorable determination of an individual's integrity, loyalty, and trustworthiness by examining them against the 13 adjudicative guidelines. T/F: Non U.S. citizens are restricted from gaining access to classified. - (answer)-False. While non-U.S. citizens are restricted from receiving security clearances, they can gain limited access to classified information through a Limited Access Authorization (LAA). Only goes up to Secret level (NOT TOP SECRET). T/F: Non-US citizens are restricted from receiving security clearances. - (answer)-True. T/F: An individual must have a need for regular access to classified or sensitive information to establish a need for a security clearance. - (answer)-True. T/F: Ease of movement within a facility is an acceptable justification for obtaining a security clearance. - (answer)-False. Seeking ease of movement is not an acceptable justification for obtaining a security clearance. DoD position sensitivity types - (answer)-1. Critical/Special Sensitive--> TS 2. Non-Critical Sensitive--> Confidential and Secret

  1. Non-Sensitive--> not national security positions T/F: Civilians in non-sensitive positions may receive security clearances. - (answer)- False. Only individuals in sensitive positions receive security clearances. Investigative requirement for a Critical/Special-Sensitive position -
  1. Financial Considerations
  2. Alcohol Consumption
  3. Drug Involvement
  4. Psychological Conditions 10.Criminal Conduct 11.Handling Protected Information 12. Outside Activities
  5. Use of Information Technology Systems Categories of approved classified material storage locations - (answer)-Storage Containers
  6. Security containers (e.g., field safes, cabinets) 2. Vaults (including modular vaults)
  7. Open storage area (secure area/secure room) Storage Facilities
  8. SCIF (SCI information)
  9. AA&E storage facility (arms, ammunition, and explosives) 3. Nuclear storage facility (nuclear weapons) Construction requirements for vault doors - (answer)-1. Constructed of hardened steel 2. Hung on non-removable hinge pins or with interlocking leaves.
  10. Equipped with a GSA-approved combination lock.
  11. Emergency egress hardware (deadbolt or metal bar extending across width of door). The purpose of intrusion detection systems - (answer)-To deter, detect, and document unauthorized entry into secured areas The purpose of barriers - (answer)--Define physical limits of installation -Channel traffic

-Impede access -Shield activities within installation from direct observation The purpose of an Antiterrorism Program - (answer)-Protect DoD personnel, their families, installations, facilities, information, and other material resources from terrorist acts Force Protection Condition (FPCONS) levels - (answer)-Measures taken to protect personnel and assets from attack; issued by COCOMs and installation commanders/facility directors Levels: Normal, Alpha, Bravo, Charlie, Delta The concept of security-in-depth - (answer)-Layered and complementary security controls sufficient to deter, detect, and document unauthorized entry and movement within installation/facility.

Security Continuous Evaluation/Vetting - (answer)-Ongoing review of individual's background to determine whether they should continue to hold security clearance or not Reinvestigation - (answer)-Periodic investigation conducted at predetermined intervals; CE supplements reinvestigations of all cleared personnel True - (answer)-True or False: Special access requirements are designed to provide an additional layer of security to some of our nation's most valuable assets. True or False: There is no difference between a threat and a vulnerability.

  • (answer)- False. Threats and vulnerabilities are related but distinct. Threats to national security exploit vulnerabilities.

E.O. 12968 - (answer)-The Executive Order (E.O.) that establishes a uniform Personnel Security Program DoD 5200.2-R - (answer)-Implements and maintains the DoD personnel security policies and procedures USD(I) Memorandum, August 30, 2006 - (answer)-Defines the Adjudicative Guidelines Scope - (answer)-This refers to when adjudicators must ensure that an investigation meets the minimum timeframe and element requirements before reviewing the investigation. Administrative Judge - (answer)-During due process, military and civilian personnel may request an in-person appearance before this individual. Termination Briefing - (answer)-Given employment is terminated, clearance eligibility is withdrawn, or if individual will be absent from duty 60 days or more. Also given to those inadvertently exposed to classified information. Foreign Travel Briefing - (answer)-Given to cleared personnel who plan to travel in or through foreign countries, or attend meetings attended by representatives of other countries. Refresher Briefing - (answer)-Presented annually to personnel who have access to classified information or assignment to sensitive duties. Aims of Special Access Programs (SAPs) - (answer)-1. Protect technological breakthroughs

  1. Cover exploitation of adversary vulnerabilities 3. Protect sensitive operational plans
  2. Reduce intelligence on U.S. capabilities

Waived - (answer)-Unacknowledged SAPs with waived reporting requirements; reporting and access controls are more restrictive 4 Phases of SAP Lifecycle - (answer)-1. Establishment (is extra protection warranted?) 2. Management and Administration (continued need? processes followed?)

  1. Apportionment (proper measures in place? approval received) 4. Disestablishment (program no longer needed?) Component-level SAP Central Offices - (answer)-Manage and oversee list of SAP facilities Exist for each military component, the Joint Chiefs of Staff, Defense Advanced Research Projects Agency (DARPA), and Missile Defense Agency (MDA) Special Access Program Oversight Committee (SAPOC) - (answer)-The final SAP approving body chaired by the Deputy Secretary of Defense; make final approval decision Senior Review Group (SRG) - (answer)-Principal working-level body executing governance process. Make unanimous recommendation which is forwarded to DepSecDef for decision SAP Senior Working Group (SWG) - (answer)-Coordinate, deconflict, and integrate SAPs DoD Special Access Central Office (SAPCO) - (answer)-"One voice to Congress"/DoD SAP legislative liaison--> notifies Congress of SAP approval decision OSD-level SAP Central Offices - (answer)-Exercise oversight for specific SAP category under their purview: Acquisition-Office of USD for Acquisition, Technology, and

Logistics Intelligence-Office of USD for Intelligence Operations & Support-Office of USD for Policy Authorization, Appropriations, and Intelligence Congressional - (answer)- Congressional committees granted SAP access PIE-FAO - (answer)-Personnel, information, equipment, facilities, activities, and operations Antiterrorism Officer (individual involved in PHYSEC) - (answer)- Responsible for antiterrorism program CI Support (individual involved in PHYSEC) - (answer)-Responsible for providing valuable information on the capabilities, intentions, and threats of adversaries