All Areas I Flashcards by Deleted Deleted

Indicators of insider threats

Failure to report overseas travel or contact with foreign nationals
Seeking to gain higher clearance or expand access outside the job scope
Engaging in classified conversations without a need to know
Working hours inconsistent with job assignm

How well did you know this?

Not at all

Perfectly

Elements that
should be considered in
identifying Critical Program
Information

Elements which if compromised could:

cause significant degradation in mission effectiveness,
shorten the expected combat-effective life of the system
reduce technological advantage
significantly alter program direction; or
enable an adversa

How well did you know this?

Not at all

Perfectly

asset, threat, vulnerability, risk, countermeasures

Elements that a
security professional should
consider when assessing and
managing risks to DoD assets

How well did you know this?

Not at all

Perfectly

The three categories of

Special Access Programs

acquisition, intelligence, and operations and support

How well did you know this?

Not at all

Perfectly

Three different types
of threats to classified
information

Insider Threat, Foreign Intelligence Entities (FIE) and Cybersecurity Threat

How well did you know this?

Not at all

Perfectly

The concept of an insider threat

An employee who may represent a threat to
national security. These threats encompass potential espionage, violent acts against the Government or the nation, and unauthorized disclosure of classified information, including the vast amounts of classified da

How well did you know this?

Not at all

Perfectly

The purpose of the

Foreign Visitor Program

To track and approve access by a foreign entity to information that is classified; and to approve access by a foreign entity to information that is unclassified, related to a U.S. Government contract, or plant visits covered by ITAR.

How well did you know this?

Not at all

Perfectly

Special Access

Program

A program established for a specific class of
classified information that imposes safeguarding and access requirements that exceed those normally required for information at the same classification level.

How well did you know this?

Not at all

Perfectly

Enhanced security requirements for protecting Special Access Program (SAP) information

Within Personnel Security:
� Access Rosters;
� Billet Structures (if required);
� Indoctrination Agreement;
� Clearance based on an appropriate investigation completed within the last 5
years;
� Individual must materially contribute to the program in addi

How well did you know this?

Not at all

Perfectly

Responsibilities of the Government SAP Security Officer/Contractor Program
Security Officer (GSSO/
CPSO)

From Revision 1 Department of Defense Overprint to the National
Industrial Security Program Operating Manual Supplement - 1 April
2004:
� Possess a personnel clearance and Program access at least equal to
the highest level of Program classified information

How well did you know this?

Not at all

Perfectly

The four Cognizant
Security Agencies (CSAs)

Department of Defense

DoD), Director of National Intelligence (DNI), Department of Energy (DoE), and the Nuclear Regulatory Commission (NRC

How well did you know this?

Not at all

Perfectly

Cognizant Security Agencies (CSA)s’ role in the National Industrial Security Program (NISP).

Establish an industrial security program to safeguard classified information under its
jurisdiction.

How well did you know this?

Not at all

Perfectly

Critical Program Information

in DoD

U.S. capability elements that contribute to the warfighter’s advantage throughout the
life cycle, which if compromised or subject
to unauthorized disclosure, decrease the advantage.
Elements or components of a Research, Development, and Acquisition

How well did you know this?

Not at all

Perfectly

Primary authorities governing foreign disclosure of classified military information

Arms Export Control Act
National Security Decision Memorandum 119
National Disclosure Policy-1
International Traffic in Arms Regulation (ITAR)
E.O.s 12829, 13526
Bilateral Security Agreements
DoD 5220.22-M, “NISPOM,

How well did you know this?

Not at all

Perfectly

The purpose of the DD Form 254

Convey security requirements, classification guidance and provide handling procedures for classified material received and/or generated on a classified contract.

How well did you know this?

Not at all

Perfectly

Factors for determining
whether U.S. companies are under Foreign Ownership, Control or Influence
(FOCI)

1. Record of economic and government
espionage against the U.S. targets
2. Record of enforcement/engagement
in unauthorized technology transfer
3. Type and sensitivity of the information that shall be accessed
4. The source, nature and extent of FOCI
5. R

How well did you know this?

Not at all

Perfectly

The purpose and the function of the Militarily Critical Technologies List (MCTL).

Serves as a technical reference for the development and implementation of DoD technology, security policies on international transfers of
defense-related goods, services, and technologies as administered by the Director, Defense Technology Security
Adm

How well did you know this?

Not at all

Perfectly

Security Infraction

This event cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information

How well did you know this?

Not at all

Perfectly

DoD Manual 5200.01, Volumes 1-4

The manual that governs the DoD Information Security Program

How well did you know this?

Not at all

Perfectly

E.O. 13526

The executive order that governs the DoD Information Security Program

How well did you know this?

Not at all

Perfectly

32 CFR Parts 2001 & 2003,
“Classified National Security
Information; Final Rule

The Information Security Oversight Office (ISOO) document that governs the DoD Information Security Program

How well did you know this?

Not at all

Perfectly

Security Violation

An event that results in or could be expected to result in the loss or compromise of
classified information

How well did you know this?

Not at all

Perfectly

Unauthorized Disclosure

Communication or physical

transfer of classified or controlled unclassified information to an unauthorized recipien

How well did you know this?

Not at all

Perfectly

SSBI

Initial investigation for military, contractors, and civilians:
� Special-Sensitive positions
� Critical-Sensitive positions1
� LAA
� Top Secret clearance eligibility
� IT-I duties

How well did you know this?

Not at all

Perfectly

ANACI

Initial investigation for civilians: � Noncritical-Sensitive positions2 � Confidential and Secret clearance eligibility � IT-II duties

NACLC

Initial National Agency Check with Law and Credit for military and contractors: � Secret or Confidential clearance eligibility � All military accessions and appointments � IT-II duties � IT-III duties (military only)

NACI

National Agency Check with Inquiries for civilians and contractors: � Non-Sensitive positions � Low Risk � HSPD-12 Credentialing

NAC

The fingerprint check portion of a PSI

The purpose of due process in | Personnel Security Program (PSP)

Ensures fairness by providing the subject the opportunity to appeal an unfavorable adjudicative determination

The key procedures for initiating | Personnel Security Investigations (PSIs)

1. Validate the need for an investigation 2. Initiate e-QIP 3. Review Personnel Security Questionnaire (PSQ) for completeness 4. Submit electronically to OPM

DoD position sensitivity types | and their investigative requirements.

1. Critical Sensitive 2. Non-Critical Sensitive 3. Non-Sensitive

Investigative requirement for a Critical- Sensitive position

SSBI, SSBI-PR, or PPR

Investigative requirement for a Non-Critical Sensitive position

ANACI or NACLC

Investigative requirement for a Non-Sensitive position

NACI

The term when current security clearance eligibility determination is rescinded

Revocation

The term when an initial request for security clearance eligibility is not granted

Denial

SOR

Statement of Reasons

What is the purpose of the Statement of Reasons (SOR)?

``` The purpose of the SOR is to provide a comprehensive and detailed written explanation of why a preliminary unfavorable adjudicative determination was made. ```

The 13 Adjudicative Guidelines

1. Allegiance to the United States 2. Foreign Influence 3. Foreign Preference 4. Sexual Behavior 5. Personal Conduct 6. Financial Considerations 7. Alcohol Consumption 8. Drug Involvement 9. Psychological Conditions 10. Criminal Conduct 11. Handling Prote

Three different types of approved classified | material storage areas.

1. GSA-approved storage containers 2. Vaults (including modular vaults) 3. Open storage area (secure rooms, to include SCIFs and bulk storage areas)

Construction requirements for vault doors

1. Constructed of metal 2. Hung on non-removable hinge pins or with interlocking leaves. 3. Equipped with a GSA-approved combination lock. 4. Emergency egress hardware (deadbolt or metal bar extending across width of door).

The purpose of intrusion detection systems

To detect unauthorized penetration into a secured area

The purpose of perimeter barriers

To define the physical limits of an installation, activity, or area, restrict, channel, impede access, or shield activities within the installation from immediate and direct observation

The purpose of an Antiterrorism Program

Protect DoD personnel, their families, installations, facilities, information, and other material resources from terrorist acts

Force Protection Condition levels

Normal, Alpha, Bravo, Charlie, Delta

The concept of security-in-depth

Layered and complementary security controls sufficient to deter, detect, and document unauthorized entry and movement within an installation or facility.

e-QIP

The system Mr. Smith needs to access when he needs to update his personal information on his Personnel Security Questionnaire for his re-investigation

Personnel Security Investigation

The first phase of the security clearance process

JCAVS

A security manager uses this system to communicate with the DoD CAF

JAMS

This sub-system (used by adjudicators) and JCAVS make up the JPAS system

JPAS

A DoD system of record for personnel security clearance information

Scattered Castles

Intelligence Community (IC) Personnel Security Database that verifies personnel security access and visit certifications.

Personnel Security Investigation (PSI)

The DoD uses this as the standard for the uniform collection of relevant and important background information about an individual.

PSIs are used to determine the eligibility of an individual for ___________ to classified information.

Access

PSIs are used to determine the eligibility of an individual for ___________ or retention to the armed forces.

Acceptance

PSIs are used to determine the eligibility of an individual for ___________ or retention to sensitive duties.

Assignment

True or False: The DoD CAF is the only authority who can grant an interim clearance.

False

DoD CAF responsibilities

1. Making adjudicative decisions 2. The DoD CAF is a repository for investigative records 3. Initiating special investigations 4. The DoD CAF adjudicate by applying the whole person concept

Duties that have a great impact on National Security

Designation of Sensitive Duties

This is used to monitor employees for new information or changes that could affect their status.

Continuous Evaluation

This is part of the Continuous Evaluation Program (CEP). It is done at certain intervals based on duties or access.

Reinvestigation

True or False: Special access requirements are designed to provide an additional layer of security to some of our nation's most valuable assets.

True

True or False: There is no difference between a threat and a vulnerability.

False. Threats and vulnerabilities are related but distinct. Threats to national security exploit vulnerabilities.

The Executive Order (E.O.) that establishes a uniform Personnel Security Program

E.O. 12968

Implements and maintains the DoD personnel security policies and procedures

DoD 5200.2-R

Defines the Adjudicative Guidelines

USD(I) Memorandum, August 30, 2006

This is a system of records of fraud investigations

DCII

This is a system of records of PSIs conducted by OPM

SII

This refers to when adjudicators must ensure that an investigation meets the minimum timeframe and element requirements before reviewing the investigation.

Scope

During due process, military and civilian personnel may request an in-person appearance before this individual.

Administrative Judge

Administers due process for contractor personnel.

DOHA

This board makes the final appeal determination for all personnel

PSAB/Appeal Board

This briefing is given when an individual's employment is terminated, clearance eligibility is withdrawn, or if the individual will be absent from duty for 60 days or more. It is also given to those who have been inadvertently exposed to classified inform

Termination Briefing

This briefing that applies to cleared personnel who plan to travel in or through foreign countries, or attend meetings attended by representatives of other countries.

Foreign Travel Briefing

This briefing is presented annually to personnel who have access to classified information or assignment to sensitive duties.

Refresher Briefing

What SAPs aim to achieve

1. Protect technological breakthroughs 2. Cover exploitation of adversary vulnerabilities 3. Protect sensitive operational plans 4. Reduce intelligence on U.S. capabilities

This communicates how the SAP is acknowledged and protected.

Protection Level

This protection level describes a SAP whose existence may be openly recognized. Its purpose may be identified. However, the details of the program (including its technologies, materials, and techniques) are classified as dictated by their vulnerability to

Acknowledged

This protection level describes a SAP whose existence and purpose are protected. The details, technologies, materials, and techniques are classified as dictated by their vulnerability to exploitation and the risk of compromise. The program funding is ofte

Unacknowledged

SAP Lifecycle

1. Establishment (is extra protection warranted?) 2. Management and Administration (continued need? processed followed?) 3. Apportionment (proper measures in place? approval received) 4. Disestablishment (program no longer needed?)

Component-level SAP Central Offices

Exist for each military component, the Joint Chiefs of Staff, Defense Advanced Research Projects Agency (DARPA), and Missile Defense Agency (MDA)

Special Access Program Oversight Committee (SAPOC)

The final SAP approving body chaired by the Deputy Secretary of Defense

Senior Review Group (SRG)

This group ensures there are no duplicative efforts across SAPs

DoD SAP legislative liaison that notifies Congress of SAP approval

DoD Special Access Central Office (SAPCO)

Congressional committees granted SAP access

Authorization, Appropriations, and Intelligence Congressional

Exercise oversight authority for the specific SAP category under their purview.

OSD-level SAP Central Offices

PIE-FAO

People, information, equipment, facilities, activities, and operations

This person is responsible for the installation's antiterrorism program

Antiterrorism Officer

Responsible for providing valuable information on the capabilities, intentions, and threats of adversaries

CI Support

This person analyzes threats to assets and their vulnerabilities

OPSEC Officer

This person is charged with management, implementation, and direction of all physical security programs

Security Officer

Must be integrated into our intelligence gathering process so that they can be part of coordinating emergency responses and criminal incidents on a Federal installation

Law Enforcement

Security is geared towards protecting an entire area of the installation or facility

Area Security

Determination based on an asset's importance to national security and effect of loss

Criticality

The intention and the capability of an adversary to undertake detrimental actions

Threat

Security focused on the resource itself

Point Security

Effective Protective Barriers

1. Steel barriers 2. Chain link fence 3. Barbed wire

Purpose of protective barriers

1. Establishing boundaries 2. Protecting the facility 3. Stopping observation

The establishment of a restricted area improves security by ______________ and providing additional layers of security.

Controlling access

True or False: Site lighting is used to enable guard force personnel to observe activities inside or outside the installation

True

True or False: Standby lighting is used when regular lighting is not available

False

Using these assists in security; however, there must always be back-up communication systems in addition to these

Two-way radio

This device sends a signal through wires when it has been triggered

Intrusion Detection Systems

This system has a camera that captures a visual image, converts the image to a video signal, and transmits the image to a remote location

Closed Circuit Televisions (CCTV)

This system allows one to be identified by their eye, handprint, or fingerprint

Automated access control systems

All Areas I Flashcards

(105 cards)