106 SECURITY

State the responsibilities of the DDA.

The Designated Disclosure Authority has the authority and responsibility to control disclosures of Classified Military Information and Controlled Unclassified Information to foreign governments and international organizations and their representatives or persons sponsored by them.

Identify SSO Navy.

The Director, Security and Corporate Services (ONI-05) as Special Security Officer for the DON (SSO Navy) has been designated as the Cognizant Security Authority (CSA). As CSA, SSO Navy is responsible for implementing SCI security policy and procedures and performs management and oversight of the Department's SCI security program.

Identify who can be a CSM.

The command security manager may be assigned full-time, part-time or as a collateral duty and must be an officer or a civilian employee, GS-11 or above, with sufficient authority and staff to manage the program for the command. The security manager must be a U.S. citizen and have been the subject of a favorably adjudicated Single Scope Background Investigation (SSBI) completed within five years prior to assignment.

FPCON NORMAL

describes a situation or no current terrorist activity. The only security forces needed are enough to stop the everyday criminal, most likely civilian police forces.

FPCON DELTA

describes a situation when a terrorist attack is taking place or has just occurred. FPCON DELTA usually occurs only in the areas that are most vulnerable to or have been attacked.

FPCON CHARLIE

describes a situation when an instance occurs or when intelligence reports that there is terrorist activity imminent.

FPCON ALPHA

describes a situation where there is a small and general terrorist activity that is not predictable. However, agencies will inform personnel that there is a possible threat and standard security procedure review is conducted.

FPCON BRAVO

describes a situation with somewhat predictable terrorist threat. Security measures taken by agency personnel may affect the activities of local law enforcement and the general public.

Define the difference between a security violation and a practice dangerous to security.

A security violation is when actual compromise or loss of material has occurred. Whereas a practice dangerous to security is someone who does not follow proper security procedures (i.e. bringing cell phone into a secure space or not properly labeling material)

Discuss the need for access lists, required documentation logs, and two-person integrity.

Access Lists are lists that specify who or what is allowed to access the object or place of interest. This applies to personnel who do not have to sign in when they enter a space. Access Lists must always be kept up to date and posted in the applicable space. Visitors who are not part of the command are required to sign the visitor's log in the specific space that they are visiting. When conducting an inventory two person integrity ensures that it is done correctly and that two sets of eyes have been place on the material being inventoried.

SF 701

Activity Security Checklist; this form is a checklist that is filled out at the end of each day to insure that classified materials are secured properly and allows for employee accountability in the event that irregularities are discovered.

ATFP

Anti-terrorism and force protection is a security program designed to protect military personnel, civilian employees, family members, facilities, and equipment in all locations and situations. Force protection is accomplished through a systematic approach which integrates the planning and application of combating terrorism, physical security, operations security (OPSEC), and personal protective measures, supported by intelligence, counterintelligence, and other security programs.

SF 153

COMSEC Material Report; according to GSA, it is no longer in available for order through their archives; last revision was Sept 1988

CONFIDENTIAL

Classification level applied to information whose unauthorized disclosure could reasonably be expected to cause damage to the national security. Color Code is Blue.

TOP SECRET

Classification level applied to information whose unauthorized disclosure could reasonably be expected to cause exceptionally grave damage to the national security. Color Code is Orange.

UNCLASSIFIED

Classification level applied to information whose unauthorized disclosure could reasonably be expected to cause little to no damage to the national security. Color Code is Green.

SECRET

Classification level applied to information whose unauthorized disclosure could reasonably be expected to cause serious damage to the national security. Color Code is Red.

SF 312

Classified Information Nondisclosure Agreement; this form provides is a contractual agreement between the U.S. Government and a cleared employee that must be executed as a condition of access to classified information. By signing the SF-312, the cleared employee agrees never to disclose classified information to an unauthorized person.

Explain and state the purpose of an EAP.

Emergency Action Plan (EAP) is utilized when anticipating natural disasters. All activities located within the U.S and its territories that hold classified COMSEC or CCI material will maintain an up-to-date, written Emergency Action Plan for the protection of COMSEC material appropriate for natural disasters likely to occur in their region of the country (e.g., hurricanes in the South, tornados and floods in the mid-West, wild fires in the West, etc.).

Explain and state the purpose of Emergency Destruction Procedures.

Emergency Destruction Procedures (EDP) are utilized when anticipating a hostile action. Planning for hostile actions must concentrate on procedures to safely evacuate or securely destroy the COMSEC material, to include providing for the proper type and a sufficient number of destruction devices to carry out emergency destruction.

T-SCIF

Ground-based T-SCIFs may be established in hardened structures (e.g., buildings, bunkers) or semi-permanent structures (e.g., truck-mounted or towed military shelters, prefabricated buildings, tents). Permanent-type hardened structures shall be used to the greatest extent possible When possible, T-SCIFs shall be established within the perimeters of U.S.-controlled areas or compounds. If a U.S.-controlled area or compound is not available, the T-SCIF shall be located within an area that affords the greatest degree of protection against surreptitious or forced entry. When a T-SCIF is in operation, the perimeter of its immediate area shall be observed and protected by U.S. guards with U.S. SECRET clearances. Guards shall be equipped with emergency communication devices and, if necessary, with weapons. During non-operational hours, the T-SCIF shall be provided security protection in accordance with AO guidelines. The T-SCIF shall have only one entrance which shall be controlled during hours of operation by an SCI-indoctrinated person using an access roster.

Explain the DoD escort policy.

If an escort is required for the visitor, a military, civilian or a cleared contractor assigned to the command being visited may be assigned escort duties. As a matter of convenience and courtesy, flag officers, general officers and their civilian equivalents are not required to sign visitor records or display identification badges when being escorted as visitors. Identification of these senior visitors by escorts will normally be sufficient. The escort should be present at all times to avoid challenge and embarrassment and to ensure that necessary security controls are met. If the visitor is not being escorted, all normal security procedures will apply.

INFOSEC

Information Security is the protection of information systems against (1) unauthorized access to or modification of information, (2) denial of service to authorized users and (3) provision of service to unauthorized users. INFOSEC also includes the measures necessary to detect, document, and counter those threats.

State the purpose of the ICD system.

Intelligence Community Directive. The Director of National Intelligence (DNI) established Intelligence Community Directives (ICDs) as the principal means by which the DNI provides guidance, policy, and direction to the Intelligence Community.

Explain and state the purpose of JPAS.

JPAS is the Department of Defense (DoD) personnel security clearance and access database. It facilitates personnel security program management for the Department of Defense Central Adjudication Facilities, for DoD security managers, and Sensitive Compartment Information (SCI) program managers.

SF 700

Security Container Information; this form contains vital information about the security container in which it is located. This information includes location, container number, lock serial number, and contact information if the container is found open and unattended.

Define SCI.

Sensitive Compartmented Information: Classified information concerning or derived from intelligence sources, methods, or analytical processes, which is required to be handled within formal access control systems established by the Director of Central Intelligence.

State who can give the order to initiate Emergency Destruction.

The Commanding Officer/OIC or official responsible for safeguarding COMSEC material

State the purpose of the DCS.

The DCS establishes, staffs, operates, and maintains an international network of couriers and courier stations for the expeditious, cost effective, and secure transmission of qualified classified documents and material.

Explain and state the responsibilities of DONCAF.

The Department of the Navy Central Adjudication Facility (DONCAF), is a Naval Criminal Investigative Service (NCIS) organization, and is responsible for determining who within the Department of the Navy is eligible to hold a security clearance, to have access to Sensitive Compartmented Information (SCI), or to be assigned to sensitive duties.

Explain why the U.S. Navy only uses ".mil" email addresses on government systems.

.MIL: The U.S. Department of Defense has exclusive use of this domain.

Identify the events that should be reported to the SSO.

1. Involvement in activities or sympathetic association with persons which/who unlawfully practice or advocate the overflow or alteration of the United States Government by unconstitutional means. 2. Foreign influence concerns/close personal association with foreign nationals, Foreign citizenships, or foreign monetary interests. 3. Sexual behavior that is criminal or reflects a lack of judgment or discretion. 4. Unwillingness to comply with rules and regulations or to cooperate with security processing. 5. Change of Marital Status or Marriage/Cohabitation with a foreign national.

Handcarry

Classified information shall be packaged so that classified text is not in direct contact with the inner envelope or container. Enclose classified information transported outside the command in two opaque, sealed covers (e.g., envelopes, wrappings, or containers) durable enough to conceal and protect it from inadvertent exposure or tampering. The following exceptions apply: If the classified information is an internal component of a package able item of equipment, the outside shell or body may be considered as the inner cover provided it does not reveal any classified information. If the classified information is an inaccessible internal component of a bulky item of equipment, outside or body of the item may be considered a sufficient cover provided observation does not reveal classified information. If the classified information is an item of equipment that is not reasonably package able and the shell or body is classified, it shall be concealed with an opaque covering that conceals all classified features. Specialized shipping containers, including closed cargo transporters, may be considered the outer wrapping or cover when used.

Discuss the security rules and procedures for magnetic and electronic media.

Clearing: Clearing is the process of removing information from a system or the media to facilitate continued use and to preclude the AIS system from recovering previously stored data. Clearing can be accomplished by overwriting or degaussing. Sanitizing (Also Purging): Sanitizing is the process of removing information from the media or equipment such that data recovery using any known technique or analysis is prevented. Sanitizing may be accomplished by degaussing. Destruction: Destruction is the process of physically damaging media so that it is not usable and there is no known method of retrieving the data. Declassification: Declassification is an administrative process used to determine whether media no longer requires protection as classified information. The procedures for declassifying media require Designated Approving Authority (DAA) Representative (Rep) or Service Certifying Organization (SCO) approval.

COMSEC

Communications Security material is that material used to protect U.S. Government transmissions, communications, and the processing of classified or sensitive unclassified information related to national security from unauthorized persons and that material used to ensure the authenticity of such communications.

COMPUSEC

Computer Security is the protection of computing systems against threats to confidentiality, integrity, availability, and accountability. It must address the threats to electronic transactions and files. The context of computer security is always changing, due to rapidly changing technology, decentralization, networking, privacy issues, and the potential for fraud and abuse.

SCIF Outside U.S.

Must meet the construction specifications for SCIFs The SCIF must be alarmed. All SCI controlled material will be stored in GSA-approved containers having a rating for both forced and surreptitious entry equal to or exceeding that afforded by Class 5 containers. There must be a response force capable of responding to an alarm within 10 minutes and a reserve response force available to assist the responding force.

SCIF Inside U.S

Must meet the specifications for Permanent Dry Wall Construction Must be alarmed SCI must be stored in GSA approved security containers. There must be a response force capable of responding to an alarm within 15 minutes after annunciation and a reserve response force available to assist the responding force. The CSA may require any SCIF perimeter walls accessible from exterior building ground level to meet the equivalent protection afforded by construction requirement.

List the items prohibited in a SCIF and the security risks associated with them.

No devices that transmits, receives, records or stores data is authorized into a SCIF without prior approval (i.e. CO or SSO or ISSM). Also, no photography in or around a SCIF is allowed without CO approval. The ISSM must approve ALL IT software prior to its use in a SCIF.

DCS

No item entering the DCS shall weigh over 300 pounds, or exceed dimensions 45 1/2" X 26" X 22", except those items for which the physical structure prohibits breakdown into smaller units. Items shall be addressed with the standardized DCS two-line address; the Army/Air Post Office, the Fleet Post Office, and the street addresses shall not be used.Envelopes, labels, or tags with visible "postage and fees paid" indicia shall not be used. Security classification markings, special security caveats, and other Extraneous markings must not appear on the outer wrapper. Nickname and/or special project markings previously approved by the DCS must be placed on the outer wrapper. Detailed information on wrappings, marking, and preparing material for movement is available from the servicing DCS station. Packaging Material: Generally, all packaging materials are permissible if they afford contents with concealment and protection, preclude physical and/or visual access, are sturdy, and pose no hazard to handlers. Use of metal strapping is specifically prohibited. For assistance and clarification, customers should contact their servicing DCS station.

Explain how, and in what order, material is destroyed during Emergency Destruction.

Priority One: All cryptographic equipment and documents. Priority Two: All operational SCI code word material which might divulge targets and successes, documents dealing with U.S. SCI activities and documents concerning compartmented projects and other sensitive intelligence materials and TOP SECRET collateral. Priority Three: Less sensitive administrative SCI material and collateral classified material not included above

RAM

Random Antiterrorism Measures. To maximize the effectiveness and deterrence value, RAM should be implemented without a set pattern, either in terms of the measure selected, time, place, or other variables. RAM, at a minimum, shall consist of the random implementation of higher FPCON measures in consideration of the local terrorist capabilities. Random use of other physical security measures should be used to supplement FPCON measures

Discuss how long a Commanding Officer can administratively suspend access before DONCAF revokes a clearance.

SCI access suspension is a temporary measure designed to safeguard sensitive classified information or facilities. Suspension of SCI access will not exceed 90 days without the express consent of the SOIC or designee.

Identify what a SAER is and its purpose.

Security Access Eligibility Report: Used to identify an incident or any change in eligibility if an employee is still eligible for the security clearance.

SF 702

Security Container Check Sheet; this form provides a record of the names and times that persons have opened, closed and checked a particular container that holds classified information.

State the duties and responsibilities of a CSM.

Serve as the principal advisor and representative to the commanding officer in matters pertaining to the classification, safeguarding, transmission, and destruction of classified information. - Develop a written command security instruction to include provisions for safeguarding classified information during military operations or emergency situations. - Ensure that personnel in the command who perform security duties are kept abreast of changes in policies and procedures, and provide assistance in problem solving. - Formulate, coordinate, and conduct the command security education program. - Ensure that threats to security and other security violations are reported, recorded, and when necessary investigated.

State the levels of INFOCON and what each signifies.

The Information Operations Condition (INFOCON) system provides a framework within which the Commander USSTRATCOM (CDRUSSTRATCOM), regional commanders, service chiefs, base/post/camp/station/vessel commanders, or agency directors can increase the measurable readiness of their networks to match operational priorities. INFOCON 5: Normal Readiness Procedures INFOCON 4: Increased Military Vigilance Procedures INFOCON 3: Enhanced Readiness Procedures INFOCON 2: Greater Readiness Procedures INFOCON 1: Maximum Readiness Procedures

List the duties and responsibilities of the SSO.

The SSO is the principal advisor on the SCI security program in the command and is responsible to the commanding officer for the management and administration of the program. The SSO will be afforded direct access to the commanding officer to ensure effective management of the command's SCI security program. The SSO will be responsible for the operation of the Sensitive Compartmented Information Facility (SCIF) and the security control and use of the SCIF. All SCI matters shall be referred to the SSO.

Identify who has overall authority of, and controls access to, a SCIF.

The Special Security Officer (SSO) will be responsible for the operation of the Sensitive Compartmented Information Facility (SCIF) and the security control and use of the SCIF. All SCI matters shall be referred to the SSO.

State the responsibilities of the TSCO.

The commanding officer shall designate, in writing, a command TOP SECRET CONTROL OFFICER (TSCO) for commands handling Top Secret information. The TSCO shall: Maintain a system of accountability (e.g., registry) to record the receipt, reproduction, transfer, transmission, downgrading, declassification and destruction of command Top Secret information, less SCI and other special types of classified information. Ensure that inventories of Top Secret information are conducted at least once annually, or more frequently when circumstances warrant (see chapter 7, paragraph 7-3 of SECNAV M-5510.36). As an exception, repositories, libraries, or activities that store large volumes of classified documents may limit their annual inventory to that which access has been given in the past 12 months, and 10 percent of the remaining inventory.

Explain vault recertification and recurring inspections.

The container or vault door must be inspected and recertified by a person specifically trained and authorized by the GSA before it can be used to protect classified material. Upon completion of the inspection, a "GSA Approved Recertified Security Container" label will be applied and the container/vault door is then considered authorized for storage/protection of classified material. If the container fails inspection, it must be repaired in accordance with Federal Standard 809, "Federal Standard Neutralization and Repair of GSA-Approved Security containers," before the recertification label can be applied.

Top Secret Security Clearance

The investigative basis for Top Secret clearance eligibility is a favorably completed SSBI, SSBI-PR or PPR. For those who have continuous assignment or access to Top Secret, critical sensitive positions, SCI, Presidential Support Activities, COSMIC Top Secret, LAA, PRP, IT-1 duties or SIOP-ESI, the SSBI must be updated every five years by a PR.

Confidential Security Clearance

The investigative basis for a Confidential clearance eligibility is a favorably completed NACLC or ANACI. Clearance eligibility established based on ENTNAC's, NAC's or NACI's prior to NACLC or ANACI implementation remain valid. For a Confidential clearance, the investigation is updated every 10 and 15-years, respectively.

Secret Security Clearance

The investigative basis for a Secret clearance eligibility is a favorably completed NACLC or ANACI. Clearance eligibility established based on ENTNAC's, NAC's or NACI's prior to NACLC or ANACI implementation remain valid. For a Secret Clearance, the investigation is updated every 10 and 15-years, respectively.

SCI

The investigative requirement for access to SCI is a favorably adjudicated SSBI. A SSBI-PR is required to be submitted every five years.

PSP

The objective of the Personnel Security Program (PSP) is to authorize initial and continued access to classified information and/or initial and continued assignment to sensitive duties to those persons whose loyalty, reliability and trustworthiness are such that entrusting them with classified information or assigning them to sensitive duties is clearly consistent with the interests of national security. Additionally, the PSP ensures that no final unfavorable personnel security determination will be made without compliance with all procedural requirements.

Discuss the purpose of personnel security.

To authorize initial and continued access to classified information and/or initial and continued assignment to sensitive duties to those persons whose loyalty, reliability and trustworthiness are such that entrusting them with classified information or assigning them to sensitive duties is clearly consistent with the interests of national security.

SF 703

Top Secret Cover Sheet (Orange); this form is used as a cover sheet for Top Secret documents.

State when safe combinations should be changed.

When first placed in use. When an individual knowing the combination no longer requires access unless other sufficient controls exist to prevent access to the lock. When subjected to compromise. When taken out of service. Built-in combination locks will then be reset to the standard combination 50-25-50; combination padlocks will be reset to the standard combination 10-20-30.

Discuss the procedures for sanitizing an area.

When visitors without a clearance will be working in secure spaces the following actions must be taken: - Secure all classified material in approved containers - Turn off all monitors that may be displaying classified material - Ensure that no one is discussing anything classified. - Ensure that the visitor has an escort.