Download Classified Information Security Protocols and more Exams Advanced Education in PDF only on Docsity!
SPĒD SFPC: ALL AREAS STUDY GUIDE
EXAM
Principle incident/ events required to be reported to DoD counterintelligence (CI) organizations - espionage, sabotage, terrorism, cyber Indicators of insider threats - 1. Failure to report overseas travel or contact with foreign nationals
- Seeking to gain higher clearance or expand access outside the job scope
- Engaging in classified conversations without a need to know
- Working hours inconsistent with job assignment or insistence on working in private
- Exploitable behavior traits
- Repeated security violations
- Attempting to enter areas not granted access to
- Unexplainable affluence/living above one's means
- Anomalies (adversary taking actions which indicate they are knowledgeable to information)
- Illegal downloads of information/files Elements that should be considered in identifying Critical Program Information - Elements which if compromised could:
- cause significant degradation in mission effectiveness,
- shorten the expected combat-effective life of the system
- reduce technological advantage
- significantly alter program direction; or
- enable an adversary to defeat, counter, copy, or reverseengineer the technology or capability. asset, threat, vulnerability, risk, countermeasures - Elements that a security professional should consider when assessing and managing risks to DoD assets
The three categories of Special Access Programs - acquisition, intelligence, and operations and support Three different types of threats to classified information - Insider Threat, Foreign Intelligence Entities (FIE) and Cybersecurity Threat The concept of an insider threat - An employee who may represent a threat to national security. These threats encompass potential espionage, violent acts against the Government or the nation, and unauthorized disclosure of classified information, including the vast amounts of classified data available on interconnected United States Government computer networks and systems. The purpose of the Foreign Visitor Program - To track and approve access by a foreign entity to information that is classified; and to approve access by a foreign entity to information that is unclassified, related to a U.S. Government contract, or plant visits covered by ITAR. Special Access Program - A program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally required for information at the same classification level. Enhanced security requirements for protecting Special Access Program (SAP) information - Within Personnel Security:
- Access Rosters;
- Billet Structures (if required);
- Indoctrination Agreement;
- Clearance based on an appropriate investigation completed within the last 5 years;
- Individual must materially contribute to the program in addition to having the need to know;
- All individuals with access to SAP are subject to a random counterintelligence scope polygraph examination;
- Polygraph examination, if approved by the DepSecDef, may be used as a mandatory access determination;
- Tier review process;
- Personnel must have a Secret or Top Secret clearance;
- SF-86 must be current within one year;
- Limited Access;
- Waivers required for foreign cohabitants, spouses, and immediate family members. Within Industrial Security: The SecDef or DepSecDef can approve a carve-out provision to relieve Defense Security Service of industrial security oversight responsibilities.
(DoD), Director of National Intelligence (DNI), Department of Energy (DoE), and the Nuclear Regulatory Commission (NRC). Cognizant Security Agencies (CSA)s' role in the National Industrial Security Program (NISP). - Establish an industrial security program to safeguard classified information under its jurisdiction. Critical Program Information in DoD - 1. U.S. capability elements that contribute to the warfighter's advantage throughout the life cycle, which if compromised or subject to unauthorized disclosure, decrease the advantage.
- Elements or components of a Research, Development, and Acquisition (RDA) program that, if compromised, could cause significant degradation in mission effectiveness; shorten the expected combat-effective life of the system; reduce technological advantage; significantly alter program direction; or enable an adversary to defeat, counter, copy, or reverse engineer the technology or capability. Includes information about applications, capabilities, processes and end-items. Includes elements or components critical to a military system or network mission effectiveness. Includes technology that would reduce the U.S. technological advantage if it came under foreign control. Primary authorities governing foreign disclosure of classified military information - 1. Arms Export Control Act
- National Security Decision Memorandum 119
- National Disclosure Policy- 1
- International Traffic in Arms Regulation (ITAR)
- E.O.s 12829, 13526
- Bilateral Security Agreements
- DoD 5220.22-M, "NISPOM," The purpose of the DD Form 254 - Convey security requirements, classification guidance and provide handling procedures for classified material received and/or generated on a classified contract. Factors for determining whether U.S. companies are under Foreign Ownership, Control or Influence (FOCI) - 1. Record of economic and government espionage against the U.S. targets
- Record of enforcement/engagement in unauthorized technology transfer
- Type and sensitivity of the information that shall be accessed
- The source, nature and extent of FOCI
- Record of compliance with pertinent U.S. laws, regulations and contracts
- Nature of bilateral & multilateral security & information exchange agreements
- Ownership or control, in whole or part, by a foreign government The purpose and the function of the Militarily Critical Technologies List (MCTL). - 1. Serves as a technical reference for the development and implementation of DoD technology, security policies on international transfers of defense-related goods, services, and technologies as administered by the Director, Defense Technology Security Administration (DTSA).
- Formulation of export control proposals and export license review Security Infraction - This event cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information DoD Manual 5200.01, Volumes 1- 4 - The manual that governs the DoD Information Security Program E.O. 13526 - The executive order that governs the DoD Information Security Program 32 CFR Parts 2001 & 2003, "Classified National Security Information; Final Rule" - The Information Security Oversight Office (ISOO) document that governs the DoD Information Security Program Security Violation - An event that results in or could be expected to result in the loss or compromise of classified information Unauthorized Disclosure - Communication or physical transfer of classified or controlled unclassified information to an unauthorized recipient SSBI - Initial investigation for military, contractors, and civilians: · Special-Sensitive positions · Critical-Sensitive positions · LAA · Top Secret clearance eligibility · IT-I duties ANACI - Initial investigation for civilians: · Noncritical-Sensitive positions · Confidential and Secret clearance eligibility · IT-II duties NACLC - Initial National Agency Check with Law and Credit for military and contractors: · Secret or Confidential clearance eligibility
The 13 Adjudicative Guidelines - 1. Allegiance to the United States
- Foreign Influence
- Foreign Preference
- Sexual Behavior
- Personal Conduct
- Financial Considerations
- Alcohol Consumption
- Drug Involvement
- Psychological Conditions
- Criminal Conduct
- Handling Protected Information
- Outside Activities
- Use of Information Technology Systems Three different types of approved classified material storage areas. - 1. GSA-approved storage containers
- Vaults (including modular vaults)
- Open storage area (secure rooms, to include SCIFs and bulk storage areas) Construction requirements for vault doors - 1. Constructed of metal
- Hung on non-removable hinge pins or with interlocking leaves.
- Equipped with a GSA-approved combination lock.
- Emergency egress hardware (deadbolt or metal bar extending across width of door). The purpose of intrusion detection systems - To detect unauthorized penetration into a secured area The purpose of perimeter barriers - To define the physical limits of an installation, activity, or area, restrict, channel, impede access, or shield activities within the installation from immediate and direct observation The purpose of an Antiterrorism Program - Protect DoD personnel, their families, installations, facilities, information, and other material resources from terrorist acts Force Protection Condition levels - Normal, Alpha, Bravo, Charlie, Delta The concept of security-in-depth - Layered and complementary security controls sufficient to deter, detect, and document unauthorized entry and movement within an installation or facility. e-QIP - The system Mr. Smith needs to access when he needs to update his personal information on his Personnel Security Questionnaire for his re-investigation Personnel Security Investigation - The first phase of the security clearance process
JCAVS - A security manager uses this system to communicate with the DoD CAF JAMS - This sub-system (used by adjudicators) and JCAVS make up the JPAS system JPAS - A DoD system of record for personnel security clearance information Scattered Castles - Intelligence Community (IC) Personnel Security Database that verifies personnel security access and visit certifications. Personnel Security Investigation (PSI) - The DoD uses this as the standard for the uniform collection of relevant and important background information about an individual. Access - PSIs are used to determine the eligibility of an individual for ___________ to classified information. Acceptance - PSIs are used to determine the eligibility of an individual for ___________ or retention to the armed forces. Assignment - PSIs are used to determine the eligibility of an individual for ___________ or retention to sensitive duties. False - True or False: The DoD CAF is the only authority who can grant an interim clearance. DoD CAF responsibilities - 1. Making adjudicative decisions
- The DoD CAF is a repository for investigative records
- Initiating special investigations
- The DoD CAF adjudicate by applying the whole person concept Designation of Sensitive Duties - Duties that have a great impact on National Security Continuous Evaluation - This is used to monitor employees for new information or changes that could affect their status. Reinvestigation - This is part of the Continuous Evaluation Program (CEP). It is done at certain intervals based on duties or access. True - True or False: Special access requirements are designed to provide an additional layer of security to some of our nation's most valuable assets. False. Threats and vulnerabilities are related but distinct. Threats to national security exploit vulnerabilities. - True or False: There is no difference between a threat and a vulnerability.
Unacknowledged - This protection level describes a SAP whose existence and purpose are protected. The details, technologies, materials, and techniques are classified as dictated by their vulnerability to exploitation and the risk of compromise. The program funding is often classified, unacknowledged, or not directly linked to the program. SAP Lifecycle - 1. Establishment (is extra protection warranted?)
- Management and Administration (continued need? processed followed?)
- Apportionment (proper measures in place? approval received)
- Disestablishment (program no longer needed?) Component-level SAP Central Offices - Exist for each military component, the Joint Chiefs of Staff, Defense Advanced Research Projects Agency (DARPA), and Missile Defense Agency (MDA) Special Access Program Oversight Committee (SAPOC) - The final SAP approving body chaired by the Deputy Secretary of Defense Senior Review Group (SRG) - This group ensures there are no duplicative efforts across SAPs DoD Special Access Central Office (SAPCO) - DoD SAP legislative liaison that notifies Congress of SAP approval Authorization, Appropriations, and Intelligence Congressional - Congressional committees granted SAP access OSD-level SAP Central Offices - Exercise oversight authority for the specific SAP category under their purview. PIE-FAO - People, information, equipment, facilities, activities, and operations Antiterrorism Officer - This person is responsible for the installation's antiterrorism program CI Support - Responsible for providing valuable information on the capabilities, intentions, and threats of adversaries OPSEC Officer - This person analyzes threats to assets and their vulnerabilities Security Officer - This person is charged with management, implementation, and direction of all physical security programs Law Enforcement - Must be integrated into our intelligence gathering process so that they can be part of coordinating emergency responses and criminal incidents on a Federal installation
Criticality - Determination based on an asset's importance to national security and effect of loss Area Security - Security is geared towards protecting an entire area of the installation or facility Threat - The intention and the capability of an adversary to undertake detrimental actions Point Security - Security focused on the resource itself Effective Protective Barriers - 1. Steel barriers
- Chain link fence
- Barbed wire Purpose of protective barriers - 1. Establishing boundaries
- Protecting the facility
- Stopping observation Controlling access - The establishment of a restricted area improves security by ______________ and providing additional layers of security. True - True or False: Site lighting is used to enable guard force personnel to observe activities inside or outside the installation False - True or False: Standby lighting is used when regular lighting is not available Two-way radio - Using these assists in security; however, there must always be back-up communication systems in addition to these Intrusion Detection Systems - This device sends a signal through wires when it has been triggered Closed Circuit Televisions (CCTV) - This system has a camera that captures a visual image, converts the image to a video signal, and transmits the image to a remote location Automated access control systems - This system allows one to be identified by their eye, handprint, or fingerprint Common Access Card (CAC) - This enables individuals to be able to authenticate themselves on security websites and securely log into computer systems Mechanical combination lock - Older style of lock; may be used for classified storage in certain cases
Installation - A contractor must adhere to the security rules of the __________ commander when working at a government installation NISP - The program that covers protection of classified information by government contractors FSO responsibilities - 1. Ensure compliance with the NISP
- Follow NISPOM guidelines
- Provide training for cleared individuals Chapter 8 of the NISPOM - If you are a government contractor working on a contractor- owned system at a contractor facility, you must follow the security provisions of this reference True - True or False: A SAP can retain security cognizance if necessary. Contracting Officer - A government employee with the authority to enter into, administer, and/or terminate contracts and make related determinations and findings COTR - This government employee is a subject matter expert who has regular contact with the contractor Statement of Work (SOW) - The document that outlines in detail what will be required to complete a contract DD Form 441 - The document that establishes the government's authority to review the contractor's security program to ensure compliance DD Form 254 - The form a contractor could use to determine if classified storage is required, and at what level Same - A cleared individual can only have access at the _______ level as the facility clearance JPAS - For the purpose of a visit to another cleared facility, a clearance can be verified by looking in ________ Eligibility - The issuance of ________ is the responsibility of the DoD CAF Secret - Unauthorized disclosure of this information could reasonably be expected to cause serious damage to our national security. Top Secret - Unauthorized disclosure of this information could reasonably be expected to cause exceptionally grave damage to our national security.
Confidential - Unauthorized disclosure of this information could reasonably be expected to cause damage to our national security. Derivative Classification - This is defined as the incorporating, paraphrasing, restating, or generating in new form any information that is already classified. Original Classification - This is defined as an initial determination that information requires, in the interest of national security, protection against unauthorized disclosure. Compilation - This is defined as unclassified information or classified information (at a lower level) that when the information is combined or associated reveals additional factors that qualifies for classification. Original Classification Authority - The term used to identify individuals specifically authorized in writing to make initial classification decisions. Security Classification Guides (SCG) - This contains classification levels, special requirements and duration instructions for programs, projects, plans, etc. Original Classification Process - The six step process an OCA applies in making classification determinations Declassification - The authorized change in the status of information goes from classified information to unclassified information Automatic declassification - The declassification system where Permanently Valuable Historical records are declassified when they are 25 years old Systematic declassification review - The declassification system where information exempted from automatic declassification is reviewed for possible declassification Mandatory Declassification Review (MDR) - The declassification system where the public can ask for classified information be review for declassification and public release Scheduled Declassification - The declassification system where an OCA, at the time the information is originally classified, sets a date or event for declassification Custodians - People who are in possession of, or who are otherwise charged with safeguarding classified information Options an OCA has when determining declassification - Specific Date, Specific Event, or by the 50X1-HUM Exemption The 25-year rule - The process where records automatically become declassified after 25 years
True - True or False: Hand carrying classified information should only be done as a last resort False - True or False: Anyone can determine the need for hand carrying classified information True - True or False: When someone is carrying classified information, written authorization is always required DD Form 2501 - Courier Authorization Card Microfiche destruction - Burned or shredded to be destroyed. It can also be destroyed with chemicals that destroy the imprints. Typewriter ribbon destruction - Ribbons must be burned or shredded Floppy disk destruction - Must be burned, overwritten, or demagnetized Document destruction - Must be burned, shredded, or chemically decomposed of Videotape destruction - Must be burned, shredded, or demagnetized Initial Orientation Briefing - The initial briefing given to all personnel on the DoD Information Security Program Homeland Security Presidential Directive 12 (HSPD-12) - On August 27, 2004, President Bush signed this directive; Policy for a Common Identification Standard for Federal Employees and contractors. This requires government-wide development and implementation of a standard for secure and reliable forms of identification for Federal employees and contractors. DoD 5200.08-R - Physical Security Program regulation DoD Instruction 5200.08, Security of DoD Installations and Resources and the DoD Physical Security Review Board (PSRB) - This document authorizes commanders to issue regulations for the protection or security of property and places under their command. This document also establishes guidelines to build consistent minimum standards for protecting DoD installations and resources.