Sharing and reporting information is essential to detecting potential insider threats. True or False? - ANSWER True
Two security professionals - Paul and Ashley - are discussing security program areas.
Paul says th
...
Sharing and reporting information is essential to detecting potential insider threats. True or False? - ANSWER True
Two security professionals - Paul and Ashley - are discussing security program areas.
Paul says that Information Security practitioners train and/or advise Original Classification Authorities in the application of the process for making classification determinations.
Ashley says that Physical Security practitioners work with a facility's Antiterrorism Officer to deploy defensive measures designed to reduce the facility's vulnerability from terrorist attacks. - ANSWER Paul and Ashley are both correct
Two security professionals - Paul and Ashley - are discussing security program areas.
Paul says that Information Security practitioners work with a facility's Antiterrorism Officer to deploy defensive measures designed to reduce the facility's vulnerability from terrorist attacks.
Ashley says that Personnel Security practitioners train and/or advise Original Classification Authorities in the application of the process for making classification determinations. - ANSWER Paul and Ashley are both incorrect
SPeD is an abbreviation for? - ANSWER Security Professional Education Development
SPed is a certification program of what agency? - ANSWER Department of Defense
Security Fundamentals Professional Certification (SFPC) definition? - ANSWER The individual understands foundational security concepts, principles, and practices. (Core
Certification for SPed).
Security Asset Protection Professional Certification (SAPPC) definition? - ANSWER The Individual applies foundational security concepts, principles, and practices. (Core Certification for SPed).
Security Program Integration Professional Certification (SPIPC) definition? - ANSWER The individual understands and applies risk assessment and security program management based on security concepts, principles, and practices. (Core Certification for SPed).
Security Enterprise Professional Certification (SEPC) definition? - ANSWER The individual understands and applies concepts, principles, and practices for managing enterprise-wide security.
What are the three principle incident/events required to be reported to DoD Counterintelligence (CI) organizations? - ANSWER Espionage, Sabotage, Terrorism & Cyber Policy
PMO is an abbreviation for? - ANSWER Program Management Office
Provides the legal requirements to use lawful means to ensure U. S. receives the best intelligence available? - ANSWER E.O. 12333
The manual that includes CI-related requirements for Industry? - ANSWER DoD 5220.22-M (NISPOM)
Regulation mandating CI-specific training, briefing, and reporting? - ANSWER DoDI5240.6: CI Awareness, Briefing, and Reporting Programs
Regulation providing procedures to follow when classified information is compromised? - ANSWER DoD 5200.1-R: information Security Program
What are three principle incidents/events required to report to DoD counterintelligence (CI) organizations? - ANSWER Espionage, Sabotage, Terrorism & Cyber Policy
List three different types of threats to classified information? - ANSWER Insider Threat, Foreign Intelligence Entities (FIE), Cybersecurity Threat
List three indicators of insider threats? - ANSWER Failure to report overseas travel or contact with foreign nationals.
Seeking to gain higher clearance or expand access outside the job scope.
Engaging in classified conversations without a need to know.
Working hours inconsistent with job assignment or insistence on working in private.
Exploitable behavior traits.
Repeated security violations.
Attempting to enter areas not granted access to.
List three elements that should be considered in identifying Critical Program Information? - ANSWER - Cause significant degradation in mission effectiveness
- Shorten the expected combat-effective life of the system
- Reduce technological advantage
- Significantly alter program direction
- Enable an adversary to defeat, counter, copy, or reverse-engineer the technology or capability.
Briefly describe the concept of insider threat? - ANSWER An employee who may represent a threat to national security. These threats encompass potential espionage, violent acts against the Government or the nation, and unauthorized disclosure of classified information, including the vast amounts of classified data available on interconnected United States Government computer networks and systems.
List three elements that a security professional should consider when assessing and managing risks to DoD assets? - ANSWER Asset
Threat
Vulnerability
Risk
Countermeasures
Describe the purpose of the Foreign Visitor Program? - ANSWER To track and approve access by a foreign entity to information that is classified; and to approve access by a foreign entity to information that is unclassified, related to a U.S. Government contract, or plant visits covered by ITAR.
Briefly define a Special Access Program (SAP)? - ANSWER A program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally required for information at the same classification level.
List three enhanced security requirements for protecting Special Access Program (SAP) Information within Personnel Security? - ANSWER Access Rosters
Billet Structures (if required)
Indoctrination Agreement
Clearance based on an appropriate investigation completed within the last 5 years
Individual must materially contribute to the program in addition to having the need to know
All individuals with access to SAP are subject to a random counterintelligence-scope polygraph
Identify the four Cognizant Security Agencies (CSA)? - ANSWER Department of Defense (DoD)
Director of National Intelligence (DNI)
Department of Energy (DoE)
Nuclear Regulatory Commission (NRC).
Describe the CSA's role in the National Industrial Security Program (NISP)? - ANSWER To establish an industrial security program to safeguard classified information under its jurisdiction.
List three factors for determining whether U.S. companies are under Foreign Ownership, Control, or Influence (FOCI)? - ANSWER Record of economic and government espionage against the U.S. targets
Record of enforcement/engagement in unauthorized technology transfer
Type and sensitivity of the information that shall be accessed
The source, nature and extent of FOCI
Record of compliance with pertinent U.S. laws, regulations and contracts
Define the purpose and function of the Militarily Critical Technologies List (MCTL)? - ANSWER Serves as a technical reference for the development and implementation of DoD technology, security policies on international transfers of defense-related goods, services, and technologies as administered by the Director, Defense Technology Security Administration (DTSA). Formulation of export control proposals and export license review.
List three primary authorities governing foreign disclosure of classified military information? - ANSWER Arms Export Control Act
National Security Decision Memorandum 119
National Disclosure Policy-1
International Traffic in Arms Regulation (ITAR)
E.O.s 12829, 13526
Bilateral Security Agreements
DoD 5220.22-M, "NISPOM,"
Briefly describe the purpose of the DD Form 254? - ANSWER Convey security requirements and classification guidance, and provide handling procedures for classified material received and/or generated on a classified contract.
List the three main policies that govern the DoD Information Security Program? - ANSWER E.O. 13526
Information Security Oversight Office (ISOO) 32 CFR Parts 2001 & 2003
Classified National Security Information; Final Rule"
DoD Manual 5200.01, Volumes 1-4
What must an "authorized person" have before being granted access to classified information? - ANSWER Favorable determination of eligibility for access
Need to know the information
Signed SF 312 Nondisclosure Agreement
List three classification duration options for originally classified information? - ANSWER less than 10 years
at 10 years
up to 25 years
50X1-HUM (with no date or event)
50X2-WMD (with no date or event
25X (with a date or event)
List three authorized sources of security classification guidance that could be used in the derivative classification process? - ANSWER Security Classification Guide
Properly Marked Source Document
Contract Security Classification Specification (DD Form 254)
Define derivative classification? - ANSWER Incorporating, paraphrasing, restating, or generating in new form information that is already classified and marking the newly developed material consistent with the markings that apply to the source information.
Define the difference between a security infraction and a security violation? - ANSWER An infraction cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information; whereas a violation does result in or could be expected to result in the loss or compromise of classified information.
Define unauthorized disclosure? - ANSWER Communication or physical transfer of classified or controlled unclassified information to an unauthorized recipient.
List three types of initial personnel security investigations and to whom they apply? - ANSWER ANACI: Civilian
NACI: Civilian and Contractor
NACLC: Military and Contractor
SSBI: Military, Civilian, Contractor
Describe the purpose of due process in Personnel Security Program (PSP)? - ANSWER Ensures fairness by providing the subject the opportunity to appeal an unfavorable adjudicative determination.
List the key procedures for initiating Personnel Security Investigations(PSIs)? - ANSWER Validate the need for an investigation
Initiate e-QIP
Review Personnel Security Questionnaire (PSQ) for completeness
Submit electronically to OPM
List three DoD position sensitivity types and their investigative requirements? - ANSWER Critical Sensitive: SSBI, SSBI-PR, PPR
Non-Critical Sensitive: ANACI, NACLC
Nonsensitive: NACI
Describe the difference between revocation and denial in Personnel Security Program? - ANSWER Revocation: A current security eligibility determination is rescinded.
Denial: An initial request for security eligibility is not granted.
Describe the purpose of a Statement of Reason (SOR)? - ANSWER The purpose of the SOR is to provide a comprehensive and detailed written explanation of why a preliminary unfavorable adjudicative determination was made.
List five adjudicative guidelines? - ANSWER 1. Allegiance to the United States
2. Foreign Influence
3. Foreign Preference
4. Sexual Behavior
5. Personal Conduct
6. Financial Considerations
7. Alcohol Consumption
8. Drug Involvement
9. Psychological Conditions
10. Criminal Conduct
11. Handling Protected Information
12. Outside Activities
13. Use of Information Technology
List three different types of approved classified material storage areas? - ANSWER GSA-approved storage containers
Vaults (including modular vaults)
Open storage area (secure rooms, to include SCIFs and bulk storage areas)
List three construction requirements for vault doors? - ANSWER Constructed of metal
Hung on non-removable hinge pins or with interlocking leaves.
Equipped with a GSA-approved combination lock.
Emergency egress hardware (deadbolt or metal bar extending across width of door).
What is the purpose of intrusion detection systems? - ANSWER Detect unauthorized penetration into a secured area.
What is the purpose of perimeter barriers? - ANSWER Defines the physical limits of an installation, activity, or area, restrict, channel, impede access, or shield activities within the installation from immediate and direct observation.
What is the purpose of an Antiterrorism Program? - ANSWER Protect DoD personnel, their families, installations, facilities, information, and other material resources from terrorist acts.
List three Force Protection Condition levels? - ANSWER Normal, Alpha, Bravo, Charlie, Delta
Describe the concept of security-in-depth? - ANSWER Layered and complementary security controls sufficient to deter, detect, and document unauthorized entry and movement within an installation or facility.
In which security program area would you find practitioners who train and/or advise Original Classification Authorities in the application of the process for making classification determinations? - ANSWER Information Security
In which security program area would you find practitioners working with a facility's Antiterrorism Officer to deploy defensive measures designed to reduce the facility's vulnerability from terrorist attacks? - ANSWER Physical Security
In which security program area would you find practitioners involved with processes that monitor employees for new information that could affect their security clearance eligibility status? - ANSWER Personnel Security
CI Foreign Travel Briefing? - ANSWER Purpose to increase awareness and personal safety, targeting by foreign intelligence, current travel warnings, & where to seek help if needed.
CI Elicitation is a form of social engineering? - ANSWER Collecting info from people though conversation.
Potential Espionage Indicator Categories? - ANSWER Foreign Contracts and Associations
Foreign Travel
Foreign Preference
Anti-American Statements, Activities, and Associations
Falsification/Failure to Report Substantive Information
Sexual Behavior That Increases Vulnerability to Exploitation
Suspicious Financial Transactions or Undue Affluence
Illicit Information Collection or Transmittal
Other Counterintelligence Issues
Who could become an insider threat? - ANSWER Any person with authorized access to any US government resources.
Executive Order 13587? - ANSWER Government agencies to establish their own insider threat programs.
Insider threat programs are intended to? - ANSWER Deter, Detect, and Mitigate the risk.
List an enhanced security requirement for protecting Special Access Program (SAP) Information within Industrial Security? - ANSWER The SecDef or DepSecDef can approve a carve-out provision to relieve Defense
Security Service of industrial security oversight responsibilities.
[Show More]