Introduction to Information Security
what info does a security classification guide provide a derivative classifier
-Classification level for each element of information to be protected -Reason for classification -Duration of calssification and any applicable downgrading instructions -Special control notices -OCA contact info
What are the authorized places for storing classified info
-IT systems -individuals head/hands -GSA approved security container
What is the basic formula for granting access to classified information for individuals
-Verify the individuals eligibility determination -Determine the individuals need to know -acknowledge that the SF-312 has been executed
When classified info is in an authorized individuals hands, why should the individual use a classified document cover sheet?
-alert holder of presence of classified info -prevent inadvertent viewing of classified info
What information will you find in the Classification Authority block on the front page of any classified document
-classified by -Derived from -Downgrade to (if applicable -Declassify on
Which level of classified info may be transported via USPS mail
-secret -confidential
the declassification system where info is declassified when it is 25 years old
Automatic Declassification
Security Program lifecycle
Classification, Safeguarding, Dissemination, Declassification, and Destruction
_______occurs in some circumstances when info that is individually unclassified, or classified at a lower level, may be classified, or classified at a higher level, only if the combined information reveals an additional association or relationship
Compilation
unauthorized disclosure of ______ information could reasonably be expected to cause damage to our national security
Confidential
when info, in the interest of national security, no longer requires protection at any level, it should be
Declassified
Incorporating, paraphrasing, restating, or generating in new form any information that is already classified and marking the newly developed material consistent with the classification markings that apply to the source information
Derivative Classification
What is the first step an Original Classification Authority must take when originally classifying information
Determine if the information is official government info
Who has responsibility for overall policy direction of information security program
Director of the information security oversight office
Requests for waivers and exceptions must identify the specific provision or provisions of the ____for which the waiver or exception is sought
DoD Information Security Manual
The unauthorized disclosure of top secret info could reasonably be expected to cause _____to our national security
Exceptionally grave Damage
A derivative classifier may overrule an original classification determination if it is in the interest of national security
False
While manuscripts, articles, theses, conference papers, briefings, brochures, and books must be sent to the Defense Office of Prepublication and Security Review (DOPSR) for review and approval before publishing, reports to Congress do not require prepublication
False
You may store classified into in your locked desk drawer while you go to lunch as long as you cover it with the appropriate classified cover sheet
False
what info is listed in the classification authority block on a document containing classified info?
INCORRECT -who created -Which source the info was derived some -Current classification level of the document -date on which to declassify the document -classification level to downgrade to a certain point in time (as applicable)
Where do the reasons for classifying certain items, elements or categories of information originally come from?
INCORRECT Original Classification Authorities INCORRECT Security Classification Guide
Your Coworker, bob, did not place an SF-704 SECRET classified document while it was out of the security container. However, bob did maintain positive control of the document until he returned to the security container. If you think this was a security incident, what type of security incident
Infraction
The declassification system where the public can ask for classified info to be reviewed for declassification and public release
Mandatory Declassification Review
what type of declassification process is a way for members of the public to request the review of specific classified info
Mandatory declassification review
whose guidelines should you follow for the destruction of storage media such as thumb drives, zip drives, and computers
NSA
Where would you find approved destruction equipment
NSA Evaluated Products Listing
Initial determination that information requires, in the interest of national security, protection against unauthorized disclosure
Original Classification
who issues security classification guides?
Original classification authorities
In which order must documents containing classified info be marked
Portion markings, banner markings, classification authority block
Security Container info (contents and combo)
SF-700
Activity Security Checklist
SF-701
Security Container Check sheet
SF-702
Cover sheet for TOP SECRET information
SF-703
Cover sheet for SECRET information
SF-704
Cover sheet for CONFIDENTIAL information
SF-705
the declassification system where an OCA sets a date or event for declassification
Scheduled Declassification
The unauthorized disclosure of this type of info could reasonable be expected to cause serious damage to our national security
Secret
When marking a classified document, the classifier must always start with which section?
The portions/paragraphs within the document
unauthorized disclosure of ______ information could reasonably be expected to cause exceptionally grave damage to our national security
Top Secret
If the banner marking is TOP SECRET, it is possible that some portion markings in that document can be U for Unclassified
True
Your manager hands you a TOP SECRET document but you are only eligible for SECRET access. If you think this is a security incident, what type of security incident do you think it is?
Violation
Which volumes of DoDM 5200.01 provide guidance and direction on classification management, marking, protection and handling requirements for classified info
Volume 1 Volume 2 Volume 3
If your office is preparing to undergo renovations for the next few months and you will not be able to store classified info according to the requirements as specified in DoDM 5200.01, Vol 3, which of the following should you request
Waiver (temporary)
what info do security classification guides profice about systems, plans, programs, progects, or missions?
all of the above
what is required to access classified info
all the above
What are the steps of the information security program lifecycle
classification, marking, dissemination, downgrading, destruction
When can TOP SECRET info be sent via the United States Postal Service?
never
unauthorized disclosure of ______ information could reasonably be expected to cause serious damage to our national security
secret
If an individual fails to secure the sensitive compartmented information facility at the end of the day and , subsequently, unescorted cleaning personnel access the scif and see classified info, what type of security incident is this
security violation
If an individual inserts a thumb drive containing classified info on a computer in the office that is not part off classified info system, what type of security incident is this?
spillage
The declassification system where info exempted from automatic declassification is reviewd
systematic declassification
the only type of acceptable document shredding is with a crosscut shredder
true
