



































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
Special Access Program (SAP) Correct Answer: A program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally required for information at the same classification level Enhanced security requirements for protecting Special Access Program (SAP) information Correct Answer: 1. Within Personnel Security: • Access Rosters; • Billet Structures (if required); • Indoctrination Agreement; • Clearance based on an appropriate investigation completed within the last 5 years; • Individual must materially contribute to the program in addition to having the need to know; • All individuals with access to SAP are subject to a random counterintelligence
Typology: Exams
1 / 75
This page cannot be seen from the preview
Don't miss anything!
Special Access Program (SAP) Correct Answer: A program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally required for information at the same classification level Enhanced security requirements for protecting Special Access Program (SAP) information Correct Answer: 1. Within Personnel Security:
Limited Access; • Waivers required for foreign cohabitants, spouses, and immediate family members.
Responsibilities of the Government SAP Security Officer/Contractor Program Security Officer (GSSO/CPSO): Correct Answer: From Revision 1 Department of Defense Overprint to the National Industrial Security Program Operating Manual Supplement - 1 April 2004:
Correct Answer: SCI Indoctrination Memo - Used to precisely identify individuals when it is necessary to certify their access to SCI DD 1847- 1 Correct Answer: SCI NDA - used to precisely identify individuals when it is necessary to certify their access to SCI, non-disclosure agreement DD 1848 Correct Answer: SCI Debrief memo - A memo that records the fact that and individual was debriefed on a SCI SAP DD 1870 Correct Answer: Request for personnel security investigation SSBI, PR, SII or ENAC DD 2024 Correct Answer: DoD SCG Data Elements - this form is executed by the originator of each SCG issued pursuant to the req of DoD 5200.1-R, info sec program regulation to report: - approval (promulgation) of a new SCG; - revision of a SCG; reissuance; accomplishment of the biennial review; - cancellation; - correction of data on previously submitted form
Correct Answer: Telephone monitoring notification decal. Used to notify a user that the telephone is subject to monitoring at all times, used of that telephone constitutes consent to monitoring DD 2501 Correct Answer: Courier Authorization - used to identify appropriately cleared personnel 1) recurrent need, 2) signed by appropriate security person, 3) Forms are controlled to preclude unauthorized use, 4) issued for no more than 1 year, 5) followed approved processes for SCI or SAP DIS FL 381-R Correct Answer: Letter of notification of facility security clearance. This document notifies a facility that they are cleared to handle classified material DISCO Form 2 Correct Answer: Request for Forms - additional PSQ and NAQ forms may be ordered from DISCO with this form DISCO Form 560 Correct Answer: Letter of Consent - Used by DISCO to notify a contractor that a PCL or limited access authorization has been granted to an employee
Correct Answer: COMSEC Material Report - Used to track the disposition of classified material, transfer, inventory, destruct, receipt or other SF 311 Correct Answer: Agency Information Security Program Data - data collection form that every executive branch agency submits on an annual basis to report the total # of OCA's, classification decisions, mandatory review request, and declass decision for that particular agency. The data collected is reported in the annual report to the president. SF 312 (SF 189 and 189A) Correct Answer: Classified information nondisclosure agreement - a contractual agreement between the U.S. government and a cleared employee in which the employee agrees never to disclose classified information to an unauthorized person SF 328 Correct Answer: Certificate Pertaining to Foreign Interest - The NISPON requr3is this form be submitted during the initial facility clearance process and when significant changes occur to information previously forwarded SF 700 Correct Answer: Security Container Information - 2 part form consisting of an envelope w/a tear off tab and cover sheet. The cover sheet and face of envelope
provide space for information about activity, container, type of lock and who to contact if container is left open SF 703, 704, 705 Correct Answer: Top Secret cover sheet SF 704 Correct Answer: Secret cover sheet SF 705 Correct Answer: Confidential cover sheet SF 706, 707, 708, 709, 710 Correct Answer: 706 - TS media label; 707 - S media label; 708 - Confidential media label; 709 - Classified media label; 710 Unclassified media label. If a media contains classified or unclassified data SF 711 Correct Answer: Data Description Label - used to identify additional safeguarding controls pertaining to classified information that is stored or contained on various forms of media DCS Form 1
adversaries. It is an analytical, risk-based process that incorporates five distinct elements: critical information identification, threat analysis, vulnerability analysis, risk assessment, and OPSEC countermeasures. OPSEC Countermeasures Correct Answer: Methods and means to gain and maintain essential secrecy about critical information Adversary Correct Answer: An individual, group, organization, or government that must be denied critical information Critical Information Correct Answer: Specific facts about friendly intentions, capabilities, and activities vitally needed by adversaries for them to plan and act effectively to guarantee failure or unacceptable consequences for friendly mission accomplishment The five-step OPSEC process Correct Answer: 1. Identify critical information 2. Analyze threats 3.Analyze vulnerabilities 4. Assess risks 5.Apply OPSEC countermeasures Ways to protect critical information
Correct Answer: Disclose information about your mission and organization judiciously and on a need-to-know basis. 1. Do not discuss your work in public places or where others can overhear your conversation 2. Do not discuss critical information on unencrypted telephones 3. Do not include critical information in unencrypted e-mail messages 4. Do not reveal critical information, indicators, or personal information on the Internet 5. Shred paper documents before placing them in the trash 6. Refer all inquiries from the press to your organization's public affairs office OPSEC countermeasures Correct Answer: 1. Minimize predictable patterns 2. Conceal indicators that may point to critical information 3. Make indicators seem unimportant 4. May be as simple as choosing not to talk about something 5. Protect critical information Five categories of risk process assets Correct Answer: 1. Assess assets (identify value of asset and degree of impact if asset is damaged or lost) 2. Assess threats (type and degree of threat) 3. Assess vulnerabilities (identification and extent of vulnerabilities) 4. Assess risks (calculation of risks) 5. Determine countermeasures (security countermeasure options that can reduce or mitigate risks cost effectively Five categories of assets Correct Answer: 1. People 2. Information 3. Equipment 4. Facilities 5. Activities & Operations
32 CFR Parts 2001 & 2003, "Classified National Security Information; Final Rule" Correct Answer: The Information Security Oversight Office (ISOO) document that governs the DoD Information Security Program Security Violation Correct Answer: An event that results in or could be expected to result in the loss or compromise of classified information Unauthorized Disclosure Correct Answer: Communication or physical transfer of classified or controlled unclassified information to an unauthorized recipient Termination Briefing Correct Answer: This briefing is given when an individual's employment is terminated, clearance eligibility is withdrawn, or if the individual will be absent from duty for 60 days or more. It is also given to those who have been inadvertently exposed to classified information. Foreign Travel Briefing Correct Answer: This briefing that applies to cleared personnel who plan to travel in or through foreign countries, or attend meetings attended by representatives of other countries.
Refresher Briefing Correct Answer: This briefing is presented annually to personnel who have access to classified information or assignment to sensitive duties. Secret Correct Answer: Unauthorized disclosure of this information could reasonably be expected to cause serious damage to our national security. Top Secret Correct Answer: Unauthorized disclosure of this information could reasonably be expected to cause exceptionally grave damage to our national security. Confidential Correct Answer: Unauthorized disclosure of this information could reasonably be expected to cause damage to our national security. Freedom of Information Act (FOIA) Correct Answer: The act regarding the withholding information from public release; framework and guidance for evaluation for public release for info to be exempt are from the 9 distro statements Derivative Classification