PDG IA (information assurance)

Heads of activities that process or store classified information must establish a system of security checks a the close of each working day to ensure the area is secured--what two forms are used?

- SF 701, Activity Security Checkless - SF 702, Security Container Check Sheet

Who may only classify Original classification information?

- The secretary of defense - the secretaries of the military departments - other officials who are specifically delegated this authroity in writing, have received training in the exercise of this authority, and have program responsibilities or cognizance over the information

The Air Force must protect information systems (server to workstation) from malicious logic (for example virus, worm, Trojan horse, and botnets) attacks-- what mix of preventitive measures are applied to achieve this protection?

- User awareness training - local policies - configuration management - antivirus software

How is information system and data protection provided from insider and outsider threats?

- by using installed security mechanism - by estabilishing controls for removal and secure storate of information from unattended information systems

Where must a "classified by" line be placed on every originally classified document?

- first page - title page - front cover

Where on every classified document will the overall classification be marked, stamped, or affixed (with a sticker or tape)?

- front cover, if there is one - title page, if there is one - first page - outside of the back cover, if there is one

What does the Integrated Defense Risk Management Process (IDRMP) do?

- identifies at risk assets - aids the integrated defense working groups (IDWG) in generating the criticality assessment and the risk assessment products

How must classified material that is removed from storage be handles?

- kept under constant surveillance of authorized persons - cover sheets are placed on classified documents when not in secure storage

Through integrated defense (ID), what must commanders do?

- minimize mission degradation from threat activity within the BB and coordinate necessary security operations spport within the base security zone (BSZ) when the BSZ is not congruent with the BB - minimize loss of life and injury from threat activity - protect government property and personnel from hostile and criminal acts

Air Force forces can be under observation at their peacetime bases and locations, in training or exercises, while moving, or when deplyed to the field conducting actual operations-- therefore, what types of planing must OPSEC principles be integrated into?

- operational - support - exercise - acquisition

Integrated defense (ID) does not stand alone to protect personnel and resources-- who else is involved?

- planner create an effective security program by coordinating with other DoD and Air Force programs - a coordinated effort of Emergency Management (EM), Antiterrorism (AT), and other mission support function forces under the Force Protection (FP) umbrella

Air Force members and civilian employees must notify their commanders, supervisors, or the AFOSI of information concerning the safety of anyone under the protection of the United States Secret Service--Who does this include?

- president and vice president - president and vice president elect - all former presidents and their wives or widows - any foreign head of state visiting the United States

What must every classified document show on th efirst page, title page, or front cover in addition to its classification?

- the agency - office of origin - date of origin

Intelligence preparation of the operational environment (IPOE) is a continuous process-- what does it enable the commander to visualize?

- the spectrum of friendly and adversarial capabilities and weakness - how they are affected by a variety of environmental factors - the logical predictions of the most likely and most dangerous enemy course of action

Through what elicitation of sources (3 types) may designated and fully trained military HUMINT collection personnel develop information?

1. "walk-in" source, who without solicitation make the first contact with HUMINT personnel 2. developed sources that are met over a period of time and provide information, based on operational requirements 3. unwitting persons, with access to sensitive information

WHat measures help protect Portable Electronic Devices (PEDs) and the information that they store?

1. Wireless- enabled PEDs must comply with requirements outlined in current Air Force wireles and wireless security policies before use. 2. do not use wireless-enabled PEDs for storing, processing, or transmitting classified information without proper approval, security mechanisms (encryption, etc), and additional security measures 3. do not use wireless-enabled PEDs in areas where classified information is discussed or processed without coordination from the local security manager 4. when using wireless-enabled PEDs operations security (OPSEC) and force protection should be considered before the adoption or implementation of any policy or procedure 5. the Air Force prohibits connection of personally owned PEDs to the Air Force network

What are markings and designations used for?

1. alert holders to the presence of classified information 2. identify the exact information needing protection 3. indicate the level of classification assigned to the information 4. provide guidance on downgrading and declassification 5. give information on the sources of and reasons for classification 6. warn holders of special access, control, or safeguarding requirements

Commanders execute Integrated Defense (ID) with the objective of achieving nine desired effects based on the risk management process-- what are those effects?

1. anticipate 2. deter 3. detect 4. assess 5. warn 6. defeat 7. delay 8. defend 9. recover

Information assurance refers to the measures that protect and defend information and information systems-- What are these five measures?

1. availability 2. integrity 3. confidentiality 4. authentication 5. nonrepudiation

What are the three core information assurance disciplines of the information assurance program?

1. communcation security (COMSEC) 2. computer security (COMPUSEC) 3. Emissions security (EMSEC)

The air force implements and maintains the information assurance program to secure is information and information technology (IT) assest-- the Air Force acheives these objectives through the effective employment of its core information assurance disciplines-- what are the three disciplines?

1. communications security (COMSEC) 2. computer security (COMPUSEC) 3. Emissions security (EMSEC)

At a minimum, what seven preventive measures must personnel follow to protect information systems?

1. use antivirus software on all information systems 2. scan all incoming or downloaded electronic traffic and files for viruses 3. scan removable and fixed media prior to use 4. report all virus attacks 5. preserve any evidence in malicious logic incidents for ongoing investigations.

Do not store large amounts of personally identifiable information (PII) on removable media devices without proper approval as stated in current Air Force policy-- what is considered large amounts of PII?

500 or more records-- the loss or theft of this much information may lead to identity theft and adversely impact our personnel.

What is a Portable Electronic Device (PED)?

A generic term used to describe small electronic items with the capability of recording, storing, transmitting or processing information

What is used for access into systems and non-secure internet protocol router networks by desktop or workstation users?

A strong, two-factor authentication by combining the common access card (CAC) (possession-based) with a personal identification number (PIN) (knowledge - based)

Through whom must all transactions for top secret material be conducted through?

A top secret control officer (TSCO)

What two measures precent denial of service, corruption, compromise, fraud, waste, and abuse of all information systems and resources?

A. Appropriate levels of protection against threats B. Vulderabilities for information systems

How is information system and data protection provided from outsider threats?

By controlling physical access to the facilities, information sstems , and data itself

What is CI?

Counterintelligence

Classified information myst be protected at all times--how is it protected?

Either by storing it in an approved device or facility or having it under the personal observation and control of an authorized individual

What is HUMINT?

Human resources intelligence

Where ar epersonnel secrutiy clearances recorded?

In the joint personnel adjudication system (JPAS0

What refers to the measures that protect and defend information and information systems by ensuring their availability, integrity, confidentiality, authentication, and nonrepudiation?

Information assurance

What provides flexible planning and execution opportunities that allow owners/users of protection level 1 (PL1) non-nuclear, protection level 2 (PL2), protection level 3 (PL3), and protection level 4(PL4) assets to become actively involved in the defense of their areas?

Integrated defense (ID)

What is an analytical methodology that provides predictive intelligence to warfighters for use planning and executing operations?

Intelligence preparation of the operational environment (IPOE)

What is the purpose of the Random Antiterrorism Measures (RAM) program?

Introduce uncertainty to an installation's overall force protection program to defeat surveillance attempts and make it difficult for a terrorist to accurately predict our actions

If an individual has a requirement to use a Portable Electronic Device (PED) on the Air Force network, what must they request?

Issuance of a government- owned PED

What is a process of identifying, analyzing, and controlling critical information indicating friendly actions associated with military operations and other activities?

OPSEC

Intelligence preparation of the operational environment (IPOE) is a continuous, four part process-- what actions take place in these processes?

Part 1. a. comprehensive lists, dispositions, and capabilities. b. terrain and weather. c. background data ont he operating environment Part 2. analyze data collected in part 1 and describe how the factors affect operations, equipment, nad personnel Part 3. Collect historical data and existing intelligence analyses Part 4. consider all the data collected and make logical predictions of ECOAs

Which protection level is assigned to resources for which the loss, theft, destruction, misuse, or compromise wouls cause "significant" harm to the war fighting capability of the united states?

Protection Level 2 (PL2)

Which protection level is assigned tot hose resources for which the loss, theft, destruction, misuse, or the compromise wouls result in "great" harm to the strategic capability of the united states?

Protection level 1 (PL1)

Which protection level security must result a "reasonable" degree of deterrence against hostile acts?

Protection level 3 (PL3)

What identifies the specific items of information to be protected, th eapplicable classification levels (such as Top Secret, Secret, or Confidential), the reason for classifying, any special-handling caveats, the downgrading and declassification instructions, declassification exemptions, the original authority,and a point of contact?

Security Classification Guide (SCG)

Which step of hte seven steps of the integrated defense risk management process (IDRMP) is the most important step?

Step 7: decision and implementation

If substantial reason exists to indicate the document has been classified improperly or unnecessarily, what should personnel do?

Submit challenges of classification to the security manager or the classifier of the information.

What AF agency will act as the Air Force single point of contact with federal, state, local and foreign nation law enforcement, counterintelligence, and security agencies?

The Air Force Office of Special Investigations

Who is the command and control center for Air Force Integrated Defense (ID) operations during routine and emergency operations?

The Base Defense Operations Center (BDOC)

Who will perform all functions performed by Central Security Control, Law Enforcement Desk, or other SF Control Center at all locations, home station and deployed?

The Base Defense Operations Center (BDOC)

Who should the Joint and coalition forces inform before entering the base boundary (BB)?

The Base Defense Operations Center (BDOC) before they enter, and monitor the BDOC's communication net while operating in the area

Outside the United States, who does the AFOSI coordinate with, when appropriate, on counterintelligence investigations, operations, collections, and other related activities?

The Central Intelligence Agency and the FBI

What is espionage?

The act of obtaining, delivering, transmitting, communicating, or receiving information abot the national defense with intent or reason to believe the information may be used to the injury of the United States or to the advantage of any foreign nation

What program employs active and passive, as well as offensive and defensive, multidisciplinary capabilities to mitigate potential risks and defeat adversary threats to Air Force operations?

The air force integrated defense (ID) program

Which office initiates and conducts all Counterintelligence investigations, operations, collections, and other related activities for the Air Force?

The air force office of special investigations

Which office is the installation-level training agency for counterintelligence awareness briefings and is th sole Air Force repository for the collection and retention of reportable information?

The air force office of special investigations

Who is the lead air force agency for collection, investigation, analysis, and response for threats arising from terrorists, criminal activity and foreign intelligence and security services?

The air force office of special investigations

Who grants, denies, and revokes security clearance eligibility?

The central adjudication facility

In the United States, who does the AFOSI coordinate with, when appropriate, on Counterintelligence investigations, operations, collections, and other related activities?

The federal bureau of investigation

With what does the final responsibility rest of determining if a person's official duties require access to any element or item of classified information and if the person is granted the appropriate security clearance?

The individual authorized possession, knowledge, or control of th einformation, not the prospective recipient

What provides installation commanders, integrated defense working groups (IDWG), DFCs and defense planners the ability to produce effects-based, integrated defense plans (IDP) by using a standardized model to identify risks and develop risk management strategies?

The integrated defense risk management process (IDRMP)

What are the primary information sources that directly support the defense force commander (DFC) in making immediate, proactive decisions for Integrated Defense (ID) planning?

The intelligence fusion (IFC) and its products

Any information of interest to to the United States Secret Service that comes to the attention of Air Force commanders and supervisors must be reported to whom?

The nearest AFOSI unit as soon as possible

Who has the specific responsibility for marking and designting classified information?

The original and derivative classifiers

What does Threat multiplied by vulnerability determine?

The probability of loss (or damage) of the asset

Operationalize force protection intelligence (FPI) in order to maintain optimal situational awareness throughout the base boundary (BB) and base security zone (BSZ)-- how can this be accomplished for the defense force commander (DFC)?

Through the development of a robust intelligence/ information collaboration, analysis, and fusion capability

What is the goal of integrated defense (ID)?

To neutralize security threats throughout the base boundary (BB) in order to ensure unhindered Air Force operations

What is the intent of the Random Antiterrorism Measures (RAM) program?

To provide random, multiple security measures that consistently change the look of an installation's AT program

What is the purpose of OPSEC?

To reduce the vulnerability of Air Force missions by eliminating or reducing successful adversary collection and exploitation of critical information

What special obligation, specified in AFI 71-101, Volume 2, Protective Service Matters, does the Armed Services have as a resultof a formal agreement between the DoD and United States Secret Service?

To report information to the Secret Service pertaining to the protection of the President of the United States

Who has access to JPAS to determine is an individual in the organization has been granted a security clearance according to AFI 31-501, Personnel Security Program Management?

Unit Security Forces

When is information derivatively classified?

When it is extracted, paraphrased, restated, or generated i a new form

How do the Joint Publications define base boundary?

a line that delineates the surface area of a base for the purpose of facilitating coordination and de-confliction of operations between adjacent units, formations, or areas.

What is necessary when transmitting Secret material through a mail distribution system, Secret material off an installation or to a Non-Air Force activity, or hand-carrying Secret material to a recipient not shown on the material's ditribution list and who is with another DoD agency or service or another Air Force activity residing on the same installation?

a receipt

What is used for any computer workstation left unattended?

a secure screen saver and screen-lock

Unit commanders and staff agency chiefs who routinly originate, store, receive, or dispatch top secret material establish top secret control accounts-- who do they designate to maintain them?

a top secret control officer (TSCO)

The air force antiterrorism program seeks to deter or limit the effects of terrorist acts against the air force--how is this accomplished?

a. giving guidance on collecting and disseminating timely threat information b. providing training to all air force members c. developing comprehensive plans to deter and counter terrorist incidents d. allocating funds and personnel e. implementing antiterrorism (AT) measures

Ideally, defense forces receive such good intelligence they are able to anticipate any and all threats; however, this is unlikely, attaining subsewuent Integrated Defense (ID) desired effects is necessary-- what may be some desired effects?

a. it would be preferred to deter a threat; but if that does not succeed, the next ideal effect would be to detect the threat b. once the threat is detected, assessment by forces occurs-- friendly forces are then warned of the threat and attempts are made to defeat, or eliminate, the threat c. if the threat cannot be defeated, it must be delayed-- if not possible, defensive measures must be taken to mitigate the effects of the threat d. recovery actions are then implemented to consolidate and reorganize friendly forces and restore operations

Wthin the DoD, who should be responsible for ensuring the derivative classification is accomplished according to DoD 5200. 1-R?

all cleared personnel who generate or create it

What does the category of "captured documents and media" include?

all media capable of storing fixed information to include computer storage material

Intelligence preparation of the operational environment (IPOE) is the promary mechanism used to achieve which desired effect (out of the nine desired effects) of Integrated Defense (ID)?

anticipate

When must information be declassified?

as soon as it no longer meets the standards for classification

When do commanders conduct comprehensive field and staff training to exercise antiterrorism (AT) plans, to include AT physical security measures and emergency anagement plans?

at least annyally

What Air Force planning term is used to describe the area of concern around an air base and to support the establishment and adjustment of the base boundary (BB)?

base security zone (BSZ)

Vulnerabilities are weaknesses that can be exploited by an adversary-- why can this happen?

because of inadequate security, laz or complacent personnel trends, vulnerable software or hardware, and insufficient security policies or procedures

How are protection level 4 (PL4) resources secured?

by containing them in controlled areas

What security refers to measures and controls taken to deny unauthorized persons access to information derived from information systems of the US government related to national security, and to ensure the authenticity of such information systems?

communications security (COMSEC)

A common access card (CAC) is removed from the reader when workstations are unattended-- what, however, should be done if a secure screen saver or screen-lock is nt available on the workstation?

completely log off before leaving the workstation unattended

Information operations(IO) and information warfare (IW) attacks, including introduction of malicious codes, trapdoors, or viruses, could result in the loss of what to the information and information systems?

confidentiality, integrity, and availability (CIA)

Commanders shall task the appropriate organizations under their command to gather, analyze, and disseminate terrorism threat information, as appropriate-- how then, do the Services support the commander?

continuously ensure forces are trained to mazimize the use of information derived from law enforcement liaison, intelligence, and counterintelligence processes and procedures.

What does the AFOSI primarily focused on in the antiterrorism program?

countering adversary intelligence collection activities and against US forces

What security is a component of COMSEC resulting from the provision and proper use of technically sound cryptosystems?

cryptosecurity

What is the process of questioning cooperating human sources to satisfy intelligence requirements, consistent with applicable law?

debriefing

While risks can be alleviated by reducing the asset's criticality or mitigating the threat, what i the area that can have the most impact onthe installation commander's risk tolerance decision?

eliminating vulnerabilities

While risks can be alleviated by reducing the asset's criticality or mitigating the threat, what is the area that can have the most impact on the installation commander's risk tolerance decision?

eliminating vulnerabilities

What security is protection resulting from all measures taken to deny unauthroized persons information of value that may be derived from the interception and analysis of compromising emanations from crypto-equipment, information systems, and telecommunications systems?

emmissions security (EMSEC)

What is information assurance policy based on?

fact-based operational risk assessments

Descrive the sources of OPSEC indicators

friendly, detectable actions, and open-source information that can be interpreted or pieced together by an afversary to derive critical information

In today's resource-constrained environment, some risks must be accepted; however, some risks cannot be tolerated due to their frequency or severity of consequence--what will define the level of tolerance?

he installation commander's intent for integrated defense (ID)

What is the first step in developing an effective antiterrorism program?

identifying the potential terrorism threat to DoD personnel assets

How is secret information controlled?

internally as determined by unit commanders or staff agency chiefs.

What is the systematic effort to procure information to answer specific collection requirements by direct and indirect questioning techniques of a person who is in the custody of the forces conducting the questioning?

interrogation

What happens in step 5: risk tolerance decision of the seven steps of the integrated defense risk management process (IDRMP)?

it is at the point where the commander may have enough data to enable an informed risk tolerance decisions-- if information required to assess risks is deficient, a command critical intelligence requirement should be developed or modified to guide the intelligence community's collection efforts

What method is the principle means of informing holders of classified information about specific protection requirements for the information?

marking

The base boundary (BB) is not necessarily the base perimeter-- it should be established bsed upon what factors?

mission, enemy, terrain and weather, troops and support available, civil considerations (METT-TC), specifically balancing the need of the base defense forces to control key terrain with their ability to accomplish the mission

When a member hears of a civil disturbance which may require the use of federalized National Guard or US military personnel to maintain or restore public order-- what must he/she do?

notify their commanders, supervisors, or the AFOSI of information

The Integrated Defense Risk Management Process (IDRMP) analyzes an installation's defense capabilities-- what does this provide?

options to mitigate security risks, such as additional TTPs, , facility hadening, technology insertion, etc

What classification is the initial decision an item of information could cause damage to the national security if subject to unauthorized disclosure?

original classification

What is a form of social engineering that our adversaries use to solicit information from Air Force members that can compromise the mission effectiveness of your organization?

phishing

What security is the part of COMSEC resulting from the use of all physical measures necessary to safeguard COMSEC material from access by unauthroized persons?

physical security

Which protection level security must result in the greatest possble deterrence against hostile acts, providing maximum means to achieve detection, interception, and defeat of a hostile force before it is able to seize, damage, or destroy resources?

protection level 1 (PL1)

Which protection level security must result in significant deterrence against hostile acts?

protection level 2 (PL2)

Which protection level is assigned to resources for which the loss, theft, destruction, misuse, or compromise would "damage" war fighting capability of the united states?

protection level 3 (PL3)

Which protection level is assigned to resources for which the loss, theft, destruction, misuse, or compromise wouls adversely affect the "operational capability" of the air force?

protection level 4 (PL4)

What use is prohibited to process government-owned unclassified, sensitive or classified information?

public computing facilities or services

What must a person who becomes aware of the possible compromiseof classified information do immediately?

report it to the head of his or her local activity or to th eactivity security manager

A quantitative measurement of risk can be determined using an equation-- what is this equation?

risk= asset critcality multiplied by (threat multiplied by vulnerability)

What are DoD military and civilian personnel subject to if they knowingly, willfully, or negligently disclose classified information to unauthorized persons?

sanctions

What is identified in classified contracts according to Air Force policy?

specific government information ans sensitive resources that must be protected against compromise or loss while entrusted to industry.

Which step of the seven steps of the Integrated Defense Risk Management Process (IDRMP) identifies assets worthy of protection whose loss or damage would have a negative impact on the mission?

step 1. develop the criticality assessment (CA)

Which step of the seven steps of the Integrated Defense Risk Management Process (IDRMP) is performed once all previous assessments (criticality, threat, and vulnerability) are completed and studies together to provide a complete picture of the risk to an asset?

step 4: develop the risk assessment (RA)

Which step of the seven steps of the Integrated Defense Risk Management Process (IDRMP) presents and evaluates options for reducing risks?

step 6: present countermeasure COAs

Which step of the seven steps of the Integrated Defense Risk Management Process (IDRMP) does the installation commander selects the COAs that will bring the risks within his/her tolerance evel, and directs resources to implement the decision?

step 7. decision and implementation

Which step of the seven steps of the Integrated Defense Risk Management Process (IDRMP) is the most important step?

step 7: decision and implementation

What must anyone finding classified material out of proper control do?

take custody of and safeguard the material, if possible, and immediately notify the appropriate security authorities

Which office is the point of contact between the Air Force and the United States Secret Service?

the AFOSI

Optimaly, the base security zone (BSZ) and the base boundary (BB) are the same but that is not always the case-- when may they differ?

the BSZ may, for palnning purposes, incorporate more geographical area than the BB, that is, there may be key terrain outside the BB from which adversaries can impact air operations.

When defense forces operate outside the base boundary (BB), which commander should exercise tactical control (TACON) over those forces for base defense purposes only?

the appropriate area of operations (AO) commander

What is the base security zone (BSZ)?

the area outside the base perimeter from which the base may be vulnerable from standoff threats

What is terrorism?

the calculated use of unlawful violence of threat of unlawful violence to inculcate fear

At a strategic level, who is responsible for ensuring the timely collection processing, analysis, production, and dissemination of foreign intelligence, curent intelligence, and national-level intelligence information concerning terrorist activities, terrorist organizations, and force protection issues?

the deputy chief of staff for intelligence, surveillance na dreconnaissance

Operational effectiveness is enjanced when commanders and other decision-makers apply OPSEC-- from what stage of planning is OPSEC applied?

the earliest stages of planning

Every classified document must be marked to show what?

the highest classification of information it contains

What does a terrorism threat assessment require?

the identification of a full range of known or estimated terrorist threat capabilities

What process is critical in order for the installation commander to make the best use of limited resources and personnel available to execute the Integrated Defense (ID) mission?

the integrated defense risk management process (IDRMP)

What provides a more precise understanding of how the three risk factors of threat, vulnerability and asset criticality relate to each other at each installation?

the integrated defense risk management process (IDRMP)

Whose goal is to leverage information and intelligence to support the timely identification of indicators and warnings of emerging localized threats?

the intelligence fusion cell (IFC)

What phases of mission planning is OPSEC involved in by providing a series of analyses to examine any operation or activity across the entire spectrum of military action and in any operational environment?

the planning, preparation, execution, and post execution phases

What character trait of an individual is determined by the Personnel Security Program before they have access to classified information or are assigned to sensitive duties and maintained through their careers?

the trustworthiness

How is confidential information controlled?

through routine administrative procedures

How is top secret information controlled and accounted for?

through top secret control account systems

What is the objective of Emmissions Security?

to deny access to classified and unclassified information that contain compromising emanations within an inspectable space.

What is the intent of antiterrorism training exercises?

to identify shortfalls affecting the protection of personnel, assets and information against terrorist attack and subsequent AT consequence management efforts

What is the Air force policy on Information Security (INFOSEC)?

to identify, classify, downgrade, declassify, mark, protect, and destroy its classified information and material consistent with national policy.

Intelligence preparation of the operational environment (IPOE) is a systematic, four step process- what is its bottom line intent?

to support operational decisions by providing analyzed information regarding the threat and environment in a given set of circumstances

What security is a component of comsec resulting from the application of measures designed to protect transmissions from interception and exploitation by means other than crypto-analysis?

transmission security

Why is Identifying the potential terrorism threat to DoD personnel and assets (threat assessment) an important final step in developing an effective antiterrorism program?

understanding the threat-- commanders at all levels who understand the threat can assess their ability to prevent, survive, and prepare to respond to an attack

AFI 71-101, Volume 4, counterintelligence, requires individuals who have reportable contacts or acquire reportable information to immediately report the contact or information, either verbally or in writing, to AFOSI-- within how many days of contact?

within 30 days of the contact

What are some common physical security measures?

- Application of control procedures and physical barriers - verifying the need to know and clearance of personnel granted access - following proper storage and handling procedures - accurately accounting for all materials - transporting materials using authroized means - immediately reporting the loss or possible compromise of materials

What two resources provide the guidance for classifying information?

- DoD 5200. 1-R, Information Security Program - AFI 31-401, information secuity program management

"Contact" means any exchange of information directed to an individual, including solicited or unsolicited telophone calls, email, radio contact, and face-to-face meetings-- what are four examples?

1. contact for any reason other than for official duries with a foreign diplomatic establishment, whether in the United States or abroad 2. a request by anyone for illegal or unauthorized access to classified or unclassified controlled information 3. personal contact with an individual who suggest that a foreign intelligence or any terrorist organization may have targed him or her or others for possible intelligence exploitation 4. information indicating military members, civilian employees, or DoD contractors have contemplated, attempted, or effected the deliberate compromise or unauthorized release of classified or unclassified controlled information

Intelligence preparation of the operational environment (IPOE) is a continuous, four part process-- what does it do?

1. defines the operating environment 2. describes the operating environment's effects 3. evaluates the enemy 4. determines enemy course of action (ECOA)

Installation commanders determine the effects required of Integrated Defense (ID) operations at air force installations based on a four-step process-- what are the four steps involved?

1. determining and prioritizing the criticality of installation assets 2. analyzing the threats and operating environment 3. assessing the installation's vulnerabilities to the threats 4. making prudent ID decisions based on the risk estimate

New information, assessments, or decisions can be assimilated into the Integrated Defense Risk Management Process (IDRMO) at any point, which may alter the execution of Integrated Defense (ID)-- its four main components are performed in seven steps- what are they?

1. develop the criticality assessment (CA) 2. and 3. develop the threat assessment (TA) and vulnerability assssment (VA) 4. develop the risk assessment (RA) 5. risk tolerance decision 6. present countermeasures COAs 7. decision and implementation

Personally owned hardware and software present risks which may degrade the required security posture-- what four preventive measures must personnel practive regarding personally owned IT?

1. do not use personally owned IT to process classified information-- 2. using peronally owned IT for government work is strongly discouraged-- it may be used for processing unclassified and sensitive information with justification and approval 3. government-owned sensitive information must remain on government removable media or devices and be marked and protected according to the sensitive category as outlined in information security guidance 4. do not use peronally owned IT to store or process controlled unclassified information (CUI) and PII

What three methods are used to clearly identify all classified information?

1. electronic labeling 2. designating 3. marking

At a minimum, what three security requirements must a personnel comply with to maintain desktop or workstation security?

1. ensure user access to information sstem resources and information in based upon their security clearance and need oknow 2. protect against casual viewing of informations 3. protect the information system and data against tampering, theft, and loss

The OPSEC process consists of five distinct steps to provide a systematic and comprehensive analysis designed to identify observable friendly actions that could betray intentions or capabilities-- what are they?

1. identify critical information 2. analyze threats 3. analyze vulnerabilities 4. assess risk 5. apply appropirate OPSEC measures

What two activities pose the greatest threats to communications and information systems?

1. information operations (IO) 2. information warfare

Emails that come from financial institutions asking for personal information shoul dbe deleted and reported to the appropriate financial institution's spam or phishing points of contact-- at a minimum, what should users remember?

1. never click on a hyperlink inside an email from unknown source 2. never download files attached to an email from an unknown source 3. contact the sender of the email to verify if it is authentic

A person may not have access to classified information--what are the two determinants?

1. proper security clearance 2. need to know

Four separate and parallel systems can bring about the declassification of information--what do these systems do?

1. require the original classifier to decide at the time information is classified when it can be declassified 2. cause information of permanene historical value to be automatically declassified on the 25th anniversary of its classification unless specific action is taken to keep it classified 3. cause information to be reviewed for possible declassifiaction upon request 4. involve a process for systematic review of information for possible declassification

Because of the capacity of their memory storage and their portable nature, removable media devices pose an increased risk of data tampering, theft, or loss-- at a minimum what six preventive measures must personnel practice regarding removable media?

1. safeguard, mark, and label removable media accoriding to the requirements for the highest level of information ever contained on the media using applicable information security guidance 2. restrict use of removable media containing sensitive information (to include personally identifiable information (PII) to locations that meet information protection and security policies 3. report loss or suspectes loss of removable media containing sensitive information according to applicable information security guidance from your local security manager or information assurance officer (IAO) 4. clear, sanitize, or destroy removable media used to store sensitive information before releasing to unauthroized personnelor outside DoD of Air Force control 5. use your local security guidance before attaching any removable media or storage devide to an information system 6. do not use disguised removable media or storage devices-- Air Force policy defines disguides as a device designed to look like anything other than removable media or a storage device (i.e. watch, pen, flashlight)

What are the five basic characteristics of OPSEC indicators that make them potentially valuable to an adversary?

1. signatures 2. associations 3. profiles 4. contrasts 5. exposure

The Integrated Defense Risk Management Process (IDRMP) has four main components-- what are they?

1. the risk assessment 2. the risk tolerance decision 3. COA determination 4. Decision and implementation

The integrated defense risk management process (IDRMP) provides a more precise understanding of the three risk factors-- what are they?

1. threat 2. vulnerability 3. asset criticality

What AFI assigns functional responsibilities and establishes a system of review that identifies outdates, inapproporiate, and unnecessary contractual security requirements?

AFI 31-601, Industrial Security Program Management

Threats are genrally considered in terms of what?

Adversaries and their tactics

Integrated defense (ID) is an "all-airmen" program-- who, however, has enterprise lead in ID operations?

Air Force Security Forces

What is sabotage?

An act with intent to injure, interfere with , or obstruct the national defense of a country by willfully injuring or destroying or attempting to injure or destroy, any national defense or war material, premises, or utilities to include human and natural resources

What is an intelligence fusion cel (IFC)?

An action group whereby the security forces staff S-2 (intelligence) function coordinates with subject matter experts (SME) from the Intelligence and AFOSI communities to collaborate and conduct intelligence preparation of the operational environment (IPOE)

Every Air Force information system has vulnerabilities (system security weaknesses) and is susceptible to eploitation (to gain access to information or disrupt critical processing)-- What is a countermeasure?

An action, device, procedure, technique, or other measure that reduces the vulnerability to an acceptable and manageable level (mitigating the overall threat)

What is subversion?

Any ation designed to undermine the military, economic, psychological, or political strength or morale of a regime

If classified information appears in the public media, how must DoD personnel react?

Be careful not to make any statement or comment that would confirm the accuracy or verify the classified status of the information

What is the Department of Defense (DoD) identification card which contains an integrated circuit chip upon which public key infrastructure (PKI) certificates and keys reside?

CAC

Which core information assurance discipline consists of measures and controls that ensure confidentiality, integrity, and availability of information systems assets including hardware, software, firmware, and information being processed, stored, and communicated?

COMPUSEC

What ensures measures are taken to protect all Air Force information system resources and information effectively and efficiently?

Compliance

For terrain outside the base boundary (BB), but within the base security zone (BSZ), what should the defense force commander (DFC) do?

Coordinate with local, state, federal agencies (CONUS) or host nation or area commander (OCONUS) to conduct base defense tasks within the area

Which classification is the process of determining whether information needs to be included in a document or material has been classified and, if it has, ensuring it is identified as classified information by marking or similar means?

Derivative classificaton