User:Masako/naho

From FrathWiki
< User:Masako
Revision as of 16:22, 14 September 2022 by Masako (talk | contribs)
Jump to navigationJump to search

What is the definition of an FCL? A Administrative determination that a company is eligible for access to to classified information of a certain category and all lower categories. 2

Q

What is the definition of a PCL? A Administrative determination that a contractor employee is eligible for access to classified information of the same or lower category as the level of the personnel clearance being granted. 3

Q

What is the difference between an FCL and a PCL? A -FCLs are granted to companies, meaning that the people who own, run and manage the company have been cleared, in addition meeting other administrative requirements

-PCLs are granted to individuals, such as employees who have a need to access classified information or key management personnel in connection with the FCL 4

Q

What are the levels granted to FCLs and PCLs? A Confidential Secret Top Secret 5

Q

What level is the employee's PCL capped at? A An employee’s PCL is capped at the level of the FCL, if the individual was sponsored by the facility. 6

Q

Steps for Obtaining an FCL A 1. Sponsorship 2. FCL Orientation Handbook 3. CAGE Code 4. Information Gathering 5. PCLs for KMP 6. Eligibility Determination 7

Q

Name 3 documents that need to be uploaded to e-FCL A -The SF 328 - the Certificate Pertaining to Foreign Interest -A summary data sheet containing basic information about the company such as the company’s website, stock information, and previous names -Corporate governance documents -Organizational chart -A list of KMP -A tiered parent list, if applicable -The DD Form 441 - the Department of Defense Security Agreement -The DD Form 441-1 (if applicable) - the Appendage to the Department of Defense Security Agreement, which lists cleared divisions or branches included in and covered by the provisions of the organization’s Security Agreement and Certificate Pertaining to Foreign Interest 8

Q

What are the four main eligibility requirements for an FCL? A 1. Company must require access to the classified information in connection with a legitimate U.S. government or foreign government requirement.

2. Company must be located in the U.S. or its territories and be organized and existing under the laws of any of the 50 states, the District of Columbia, Puerto Rico or a formally acknowledged American Indian or Alaska Native tribe.

3. Company must have a reputation for integrity and lawful conduct in its business dealings. The company and its KMP must not be barred from participating in U.S. government contracts.

4. Company must not be under foreign ownership; control or influence (FOCI) to such a degree that the granting of the FCL would be inconsistent with national security interests. 9

Q

Steps to obtain a PCL A 1. Identification of Need-to-Know 2. Information Gathering 3. Package Reviews 4. Investigation 5. Adjudication 6. Eligibility Determination 10

Q

PCL Step: Identification of Need-To-Know A 1st Step of PCL - The process begins when a cleared company identifies an employee who will require access to classified information in performance of a classified contract.

- DCSA Facility Clearance branch initiates the PCL process for KMP. - Individuals cannot apply for PCLs without association with a cleared company and a need for access. - The company must make an effort to keep the number of PCLs to an absolute minimum . - Company’s FSO submits a clearance request using the Joint Personnel Adjudication System (JPAS). If the applicant already has an active JPAS record, an investigation may not be required. -Company assumes ownership of the applicant’s JPAS record before proceeding. 11

Q

PCL Step: Information Gathering A 2nd Step of PCL - The employee must provide information about him or herself via the security clearance package.

Security Clearance Package: -Electronic questionnaires for investigations processing (e-QIP) -Signature forms -Fingerprints via Secure Web Fingerprint Transmission (SWFT) -Collectively known as the security clearance package 12

Q

PCL Step: Package Review A 3rd Step of PCL - -FSO informs the applicant, either in writing or verbally, that the package will be reviewed for adequacy and completeness only and then reviews it. -FSO submits it to the Personnel Security Management Office for Industry (PSMO-I). -PSMO-I checks the package for completeness then forwards it to the Investigative Service Provider (ISP). For DoD, the ISP is the Office of Personnel Management (OPM). -PSMO-I will make an interim PCL determination. -If there is no evidence of adverse information, PSMO-I will grant an interim PCL and update JPAS accordingly. In some cases, applicants may be allowed to work with an interim clearance; provided the company has at least an interim FCL. 13

Q

PCL Step: Eligibility Determination A 6th Step of PCL - An eligibility determination is made. Each case is judged on its own merits. The DoD CAF makes an eligibility determination and access is granted by the contractor. 14

Q

If the applicant's request is not clearly consistent with national security interests, what does the DoD CAF do? A The DoD CAF forwards the case to the Defense Office of Hearings and Appeals (DOHA) to determine whether it is clearly consistent with the national interest to grant or continue security eligibility for the applicant. 15

Q

PCL Step: Investigation A 4th Step of PCL - A background investigation is conducted on the employee and 5th Step of PCL -FSO must determine if the employee is already cleared and, if not, submit a clearance request using JPAS. -If the employee has not held a clearance at the appropriate level in the past 24 months, the employee must complete the e-QIP and signature forms and submit fingerprints via SWFT. -Clearance package is routed from the FSO to the PSMO-I to the ISP, which is OPM for DoD. All three review the package for completeness. -PSMO-I also determines eligibility for an interim clearance. -OPM conducts the investigation and provides the results to the DoD CAF 16

Q

Dependecy of PCLs and FCLs A 1. Eligibility for an FCL is dependent on essential KMP successfully obtaining PCLs. -Example - A company’s eligibility for an FCL depends on whether the owner can obtain a PCL. If an interim PCL for an individual required to be cleared in connection with the FCL is withdrawn; the individual must be removed from access or the interim FCL will also be withdrawn.

2. Classification levels - Keep in mind that a facility can only access classified information at the highest level granted by its FCL and an individual can only access information at the highest level granted by his or her PCL. These can impact each other if the FCL and an employee’s PCL are at different levels. 17

Q

What is FOCI? A Foreign Ownership, Control or Influence (FOCI)

A U.S. company is considered to be operating under FOCI whenever a foreign interest has the power to direct or decide matters affecting the management or operations of that company in a manner that may result in unauthorized access to classified information or may adversely affect the performance of classified contracts. 18

Q

Which form is utilized to determine FOCI? A SF 328 - Certificate Pertaining to Foreign Interest 19

Q

Reviewing for FOCI A The DCSA makes FOCI determinations on a case-by-case basis via information provided on the SF 328 and any other relevant information to determine whether a company is under FOCI to such a degree that granting or allowing a company to continue to hold an FCL would be inconsistent with national security interests. 20

Q

Name 3 FOCI Determination Considerations A • Record of economic and government espionage • Record of engagement in unauthorized technology transfer • Record of compliance with U.S. laws, regulations and contracts • Type and sensitivity of the information that will be accessed • Source, nature and extent of FOCI -Majority or substantial minority position in the company -Immediate; intermediate; and ultimate parent companies -Prior relationships between the U.S. company and the foreign interest • Nature of any bilateral and multilateral security and information exchange agreements -Political and military relationship between the countries • Ownership and control by a foreign government • Any other factors that indicate or demonstrate foreign influence 21

Q

FOCI impact on FCL A A U.S. company determined to be under FOCI is ineligible for an FCL unless and until security measures have been put into place to mitigate FOCI. 22

Q

Can FOCI be mitigated? A Yes, contractors can mitigate FOCI and gain an FCL, if approved 23

Q

Cleared Company A A contractor that has been granted FCLs and all contractor facilities being processed for an FCL 24

Q

Cleared Employees A All contractor employees granted PCLs and all employees being processed for PCL. 25

Q

Cage Code Specifics A Commercial and Government Entity (CAGE) Code

-A five position code that identifies companies doing or wishing to do business with the federal government. -The first and fifth positions in the code must be numeric. -The third and fourth positions may be any mixture of alpha/numeric excluding I and O. -The code is used to support a variety of mechanized systems throughout the government. 26

Q

Purpose of the FOCI Office A Works with the local IS Rep to resolve issues that arise when a cleared facility or a facility being processed for a facility clearance is subject to foreign ownership, control or influence. 27

Q

Purpose of PSMO-I A Processes requests for and other actions related to personnel security clearances for personnel from facilities participating in the NISP 28

Q

Define Foreign Interest A -Any government, agency of a foreign government or representative of a foreign government

-Any form of business enterprise or legal entity organized, chartered or incorporated under the laws of any country other than the United States or its territories

-Any person who is not a citizen or national of the United States. 29

Q

Define ISP A Investigative Service Provider

An entity that performs background investigations. The ISP for DoD is the Office of Personnel Management (OPM) 30

Q

Define KMP A Key Management Personnel

Senior management identified in a facility that require an eligibility determination in order for a facility to be granted a facility clearance. 31

Q

SWFT Definition A Secure Web Fingerprint Transmission (SWFT)

Web-based system that allows users to submit e-fingerprints and demographic information for personnel security clearance (PCL) applicants. 32

Q

A Security Clearance Package consists of what 3 items? A -Electronic Questionnaires for Investigations Processing (e-QIP) -Signature Forms -Fingerprints via Secure Web Fingerprint Transmission (SWFT). 33

Q

FCL Step: Sponsorship A 1st Step in FCL - A company must be sponsored for an FCL based upon a need to access classified information

-A contractor must be sponsored by either a company cleared to participate in the National Industrial Security Program (NISP) or a Government Contracting Activity (GCA) when a definite classified procurement need has been established 34

Q

FCL Step: Orientation Handbook A 2nd step in FCL - Once the DCSA Facility Clearance Branch receives and accepts the FCL request, it will send the FCL Orientation Handbook to the company’s Facility Security Officer (FSO).

Provides guidance to the FSO on the FCL process -Business structure -Excluded tier entities -The e-FCL process -Accounts and systems -Preparing for the FCL Orientation meeting -Where to find FSO training 35

Q

FCL Step: Cage Code A 3rd step in FCL - If the company does not already have a Commercial and Government Entity (CAGE) Code, one must be obtained prior to FCL issuance.

-DCSA uses a CAGE Code to track basic facility information. -To obtain a CAGE Code, a company can register online with the System for Award Management (SAM) database. 36

Q

FCL Step: Information Gathering A 4th step in FCL - The company must provide certain information about itself in the Electronic Facility Clearance System (e-FCL)

-Company’s prospective FSO will use the FCL Orientation Handbook and work with the DCSA to determine which forms must be uploaded to e-FCL 37

Q

FCL Step: PCLs for KMP A 5th step in FCL - Specific Key Management Personnel (KMP) must obtain PCLs

-The DCSA Industrial Security Representative (IS Rep) can help identify those KMP who must be cleared. -The DCSA Facility Clearance Branch will initiate the PCL process for KMP who must be cleared. 38

Q

FCL Step: Eligibility Determination A 6th step in FCL - Finally, the Department of Defense Central Adjudication Facility (DoD CAF) makes an eligibility determination 39

Q

FCL Considerations A The DCSA Facility Clearance Branch may issue an interim FCL with IS Rep concurrence, if the requirements have been met and KMP have been issued interim PCLs.

-After an FCL is granted, the company must continue to meet these eligibility requirements and report any change in conditions that may impact it. 40

Q

PCL Step: Adjudication A 5th Step of PCL - The results of the investigation are reviewed and compared with qualifying criteria

-DoD CAF reviews the results of the investigation and compares them with the 13 adjudicative guidelines to determine eligibility for access to classified information.

1

Q

Five Elements of the Personnel Security Program (PSP) A Designation Investigation Adjudication Reinvestigation Continuous Evaluation 2

Q

Designation A An assessment of a position's potential impact on the national security 3

Q

Investigation A An inquiry made by an authorized investigative agency into an individual’s activities for the purpose of making a personnel security determination 4

Q

Adjudication A Judgment concerning security clearance eligibility made by evaluating the information in the Personnel Security Investigation (PSI) with DoD standards 5

Q

Reinvestigation A Done at certain intervals based on duties or access and as part of the Continuous Evaluation Process 6

Q

Continuous Evaluation A Used to monitor employees for new information or changes that could affect status 7

Q

Privacy Act of 1974 A Regulates the federal government’s authority to collect personal information on an individual and limits the use of information collected for specific purposes 8

Q

Purpose of the Personnel Security Program A To make a reasonable determination that individuals grated access to classified information or assigned to sensitive positions are and will remain loyal, trustworthy and reliable 9

Q

Two elements of National Security A National Defense Foreign Relations 10

Q

Hatch Act A Requires federal employees to be loyal to the United States 11

Q

Executive Order 12968 A Standardizes procedures for DoD personnel security policy 12

Q

Security Clearance Eligibility A A favorable determination that an individual is eligible for access to classified information or assignment to sensitive duties at specific levels prior to access being granted 13

Q

Who controls Access? A Always controlled by the holder of the information. Ensures the person seeking access has the proper security clearance eligibility and a valid need to know in order to carry out official duties 14

Q

Designation/Position - Special Sensitive A - Civilian national security position - Potential for inestimable damage to national security - Includes eligibility/access to SCI and SAP

  • Can be any civilian position the DoD Component head determines to be at higher level than critical-sensitive due to special requirements

15

Q

Designation/Position - Critical Sensitive A - Civilian national security position - Potential to cause exceptionally grave damage to national security - Includes Top Secret access, Fiduciary duties (obligation, expenditure, collection or control of revenue, funds, or items with value over $50 million) 16

Q

Designation/Position - Noncritical Sensitive A - Civilian national security position - Potential to cause significant or serious damage to national security - Includes access to Confidential, Secret, or DOE “L” 17

Q

Designation/Position - Nonsensitive A - No sensitive job duties and/or need for access to classified information - Position does not have the potential to adversely impact national security 18

Q

Restrictions of Limited Access Authorization (LAA) A - Investigative requirement is a Tier 5 - Access is limited to the approved program or project - Access outside of the approved program or project is a compromise and must be handled as such - Info must be releasable to the applicant’s home country - Access is limited to Secret information or lower

  • Can be civilian, military, or contractor personnel

19

Q

Limited Access Authorization (LAA) A Authorization for non-U.S. citizen to be granted access to classified information. Non-US citizens are not granted security clearance eligibility. 20

Q

Examples of Positions Not Requiring Access to Classified Information that may require a security investigation A Red Cross and/or United Service Organizations personnel

Non-U.S. citizens employed by DoD components overseas

Personnel occupying some IT or related positions 21

Q

Nuclear Personnel Reliability Program (PRP) A Ensures each person performing duties associated with nuclear weapons or nuclear command and control systems and equipment is emotionally stable, physically capable and has demonstrated reliability and professional competence 22

Q

Restricted Data A - All information concerning the design, manufacture, or use of atomic weapons, the production of special nuclear material, or the use of special nuclear material in the production of energy - An additional warning notice of special handling requirements - Not a Special Access Program or a classification category 23

Q

Requirements of Critical Nuclear Weapon Design Information (CNWDI) A - Access limited to the absolute minimum of people who need it to accomplish their job duties - Minimum required security clearance is Top Secret or Secret - Except in rare instances, U.S. citizenship is required for access

  • Exceptions granted by the Secretary of Defense or designee

24

Q

Name 5 of the 9 areas SAP programs cover A Special Access Programs Presidential Support Activities Nuclear Personnel Reliability Program (Nuclear PRP) Sensitive Compartmented Information (SCI) Nuclear Command and Control – Extremely Sensitive Information (NC2-ESI) Chemical PRP NATO 25

Q

Name 3 of the 6 main duties of a Security Officer A - Prepare and request personnel security investigations - Evaluate information for interim security clearances - Administer the continuous evaluation program - Train personnel on the requirements for the personnel security program - Conduct briefings for personnel on the necessity of protecting classified information - Assist in determining sensitivity for both access and assignment to sensitive duties 26

Q

What is included in an Initial briefing? A - Importance of classified information - Proper ways to protect classified information - How to perform duties that require access - Potential security concerns with foreign intelligence services - Procedures to report any issue associated with the protection of classified information 27

Q

What is the purpose of the Annual/Refresher briefing? A - Remind people of responsibilities under the personnel security program - Inform of any changes in the personnel security program since last briefing - Reinforce good security practices - Remind people of the continuing need to follow the rules 28

Q

What are the goals of the Insider Threat briefing? A - Stress importance of detecting potential insider threat - Make individuals aware of insider threat indicators and reporting requirements - Provide information on methods used by adversaries to recruit trusted insiders 29

Q

What is included in the Termination briefing? A - How to protect classified information - How intelligence services may target personnel after they have left federal service - Legal obligation/requirements to protect classified information - Criminal penalties for unauthorized disclosure of information - How to report problems - The need for written approval from the agency before any disclosure 30

Q

e-Qip Process A The security office initiates a personnel security questionnaire using e-QIP.

The individual being investigated must complete the e-QIP.

The security office reviews and approves the questionnaire.

The security office forwards it to the NBIB or PSMO-I. 31

Q

Clearance Process Steps/Phases A 1. Personnel security investigation (PSI) is initiated and completed on an individual 2. PSI is forwarded to the Department of Defense Consolidated Adjudications Facility (DoD CAF) 3. The DoD CAF reviews the information in the PSI and compares it to national adjudication standards 4. The DoD CAF makes a determination and either grants a security clearance eligibility or not 32

Q

Personnel Security Investigation (PSI) A -An inquiry into an individual’s background, activities, and personal behavior -Allows adjudicators to look closely at important information about an individual’s honesty, reliability, character, loyalty, and trustworthiness. -Used to determine the eligibility of an individual for access to classified information, acceptance or retention into the armed forces, assignment or retention in sensitive duties, or other designated duties requiring investigation. 33

Q

When the federal government collects personal information from an individual, it is required that the individual be informed of what four things? A 1. Authority - Under what authority is the government agent or representative collecting the information? 2. Principle Purposes - The purpose for collecting the information. 3. Routine Uses - The routine uses of the information. 4. Voluntary or Mandatory Nature of Disclosure - Whether providing this information is voluntary or mandatory, and what would be the impact of choosing not to provide the information? 34

Q

Reciprocity A Refers to the mutual acceptance of a personnel security clearance eligibility by all government agencies, regardless of which agency issued the clearance 35

Q

When is a previously cleared individual subject to a new investigation or adjudication? A 1. The previous clearance eligibility was based on an outdated investigation 2. New derogatory information has become available since the previous investigation 3. There was a break of more than 24 months in the individual's relationship with the DoD 4. The previous investigation does not meet the scope required 36

Q

2 main components of DISS A DISS Portal Case Adjudication Tracking System (CATS) 37

Q

Case Adjudication Tracking System (CATS) A Designated as the DoD Case Adjudication Tracking System for all non-intelligence activities. Used by DoD CAF adjudicators to review electronic PSIs completed by the National Background Investigations Bureau (NBIB). With CATS the adjudicator can record eligibility and can recommend access determinations. 38

Q

Requesting PSI Guidelines A 1. Limit PSI requests to personnel who are essential to current operations. 2. Limit PSI requests on military personnel to those individuals with sufficient time left in the service to warrant conducting the investigation. 3. Complete all request forms and required documentation properly and IAW instructions. 4. Government personnel submit their e-QIP to the National Background Investigations Bureau (NBIB) 5. Industry submits their request through Personnel Security Management Office for Industry (PSMO-I) 6. Limit access through strict need-to-know. 7. Keep priority case requests to a minimum – only authorized individuals may request a PSI. 39

Q

Who can request PSI? A Authorized individuals include: 1. Military Departments 2. Defense Agencies 3. Organization of the Joint Chiefs of Staff 4. Office of the Secretary of Defense 5. Commanders of Unified and Specific Commands 6. Requesters approved by the Deputy Under Secretary of Defense for Policy 40

Q

Who can waive investigative requirements for sensitive positions or access to classified information? A Military/Civilian Personnel - Commander, agency head, head of the component or the adjudicative authority

Contractor Personnel - Director, CI and Security Programs, Office of the Deputy Asst Sec of Defense (I&S), Office of General Counsel, Office of the Secretary of Defense 41

Q

PSI Type/Investigation Tier: Tier 5 A Background Investigation and Reinvestigation -Military, Contractors, and Civilians: Special-Sensitive positions Critical-Sensitive positions Top Secret clearance eligibility SCI clearance eligibility 42

Q

Single Scope Background Investigation (SSBI) applies to whom? A Military, Contractors, and Civilians • Special-sensitive positions • Critical-sensitive positions • Top Secret and SCI clearance eligibility • IT-I duties • LAA 43

Q

Access National Agency Check and Inquiries (ANACI) applies to whom? A Civilians • Non Critical-Sensitive positions • Secret or Confidential clearance eligibility • IT-II duties 44

Q

National Agency Check with Law and Credit (NACLC) applies to whom? A Military and Contractors • Secret or Confidential clearance eligibility • All military accessions and appointments • IT II duties • IT III duties (military only) 45

Q

Phased Periodic Reinvestigation (PPR) A Military, Contractors, and Civilians

Phase 1: determines whether Phase 2 is necessary Phase 2: only performed if Phase 1 yields issue-relevant information

  • Same as SSBI-PR but more efficient

46

Q

What happens if the individual who is being investigated refuses to provide information or sign a release? A The processing may be halted. If the individual currently has a security clearance or is assigned to other sensitive duties, the CAF could start action to revoke the individual’s security eligibility. 47

Q

Purpose of an investigative report A Allows adjudicators to get a comprehensive view of the individual and to make a sound decision regarding the person’s suitability for a position of trust, eligibility for access to classified information, and entry or retention in the military or government service. 48

Q

Procedures to protect PSI and personnel security records A 1. An authorized requester is responsible for the control and accountability of any reports it receives. 2. Any information regarding an individual's personnel security clearance status must be protected. 3. The reproduction of PSI reports is restricted to the minimum number of copies required to perform official duties. 4. PSI reports must be stored in a secured container, such as a vault or safe. 5. PSI reports must be sealed in double envelopes when being transmitted by mail or courier. 49

Q

Who has access to PSI records? A Outside of the DoD - Released only with the specific approval of the investigative agency with authority over the reports.

Within the DoD - Limited to designated DoD officials who require access for official personnel security duties. Subjects of PSIs may have access to their own PSI information. 50

Q

PSI Report Retention A Stored in DoD records repositories that are authorized to store PSI reports.

Favorable reports are destroyed after 15 years.

Reports of a minor derogatory nature are destroyed after 15 years.

Reports resulting in unfavorable administrative action or court-martial are destroyed after 25 years 51

Q

Disposition of PSI Reports A These reports are the property of the investigating organization and are provided to the requesting organization as a loan.

DoD recipient organizations requesting PSI reports may retain them for only the time necessary to fulfill the originally requested official purpose.

Stored in DoD records repositories that are authorized to store PSI reports 52

Q

Destruction of PSI Records A PSI reports must be destroyed in the same manner that is used for the destruction of classified information. 53

Q

NBIB A NBIB is the investigative agency that conducts personnel security investigations for the Department of Defense 54

Q

Suitability Adjudication A Determines suitability for federal employment 55

Q

List 3 Types of Adjudication A National Security Adjudication Suitability Adjudication Homeland Security Presidential Directive (HSPD) 12 Adjudication 56

Q

What is a PSI used to determine? A Access to classified information Acceptance or retention to the armed forces Assignment or retention to sensitive duties 57

Q

What DoD system is utilized to connect security personnel around the world? A JPAS and/or DISS 58

Q

Requirements for Interim Clearance A No need for immediate access SF-86 submitted and investigation opened by ISP All minimum requirements for interim have been fulfilled 59

Q

DoD CAF Responsibilities A Makes adjudicative decisions Is a central repository for investigative records Requests additional info where there is evidence that someone may no longer be eligible for a clearance 60

Q

List 5 Elements of Suitability Determination A Position Designation Pre-Investigation Investigation Adjudication Reinvestigation 61

Q

Investigation Tiers for Suitability A No classified info

Tier 1- low risk, non-sensitive, physical and logical access (HSPD-12 credentialing). Use SF-85

Tier 2- nonsensitive, moderate risk public trust. Use SF-85P

Tier 4- nonsensitive high risk public trust. Use SF-85P 62

Q

Investigation Tiers for National Security A Classified info

Tier 5- critical-sensitive, special-sensitive and/or requiring "=Q= " access, Top Secret or SCI

Tier 3- non-critical sensitive and/or requiring Confidential, Secret or "L" access. Use SF-86 63

Q

Standards of evidence in a suitability case A 1. Evidence must establish conduct 2. The govt has burden of proof 3. All facts must be supported by a preponderance of evidence 64

Q

National Agency Check Inquires (NACI) applies to whom? A Civilians and Contractors • Non-sensitive positions • Low Risk • HSPD Credentialing 65

Q

NAC A Fingerprint portion of a PSI 66

Q

Investigative requirement for critical-sensitive A SSBI SSBI-PR PPR 67

Q

Investigative requirement for noncritical-sensitive A ANACI NACLC 68

Q

Investigative requirement for non-sensitive A NACI 69

Q

Purpose of the Statement of Reason (SOR)? A Provide a comprehensive and detailed written explanation of why a preliminary unfavorable adjudicative determination was made 70

Q

JCAVS A System used to communicate with the DoD CAF 71

Q

JAMS A Sub-system used by adjudicators 72

Q

JPAS A Consists of JCAVS and JAMS

DoD system of record for personnel security clearance information 73

Q

DISS A Will replace JPAS as DoD system of record for personnel security clearance information 74

Q

Scattered Castles A Intel Community Personnel Security Database that verifies personnel security access and visit certifications 75

Q

DCII A System of record for fraud investigations 76

Q

SII A System of records of PSIs conducted by OPM 77

Q

Administrative Judge A Ensures Military and Civilian personnel fairness by providing opportunity to appeal an unfavorable adjudicative determination 78

Q

DOHA A Ensures Contractor personnel fairness by providing opportunity to appeal an unfavorable adjudicative determination 79

Q

Events/incidents required to be reported to DoD CI organizations? A Espionage Sabotage Terrorism Cyber 80

Q

Types of threats to classified information A Insider Threat Foreign Intelligence entities (FIE) Cybersecurity Threat 81

Q

Purpose of foreign visitor program A Track and approve foreign entity access to classified Approve foreign entity access to unclassified info

1

Q

What is the key to providing protection to transferred material?

A Vigilance and strict adherence to transmission and transportation policy

2

Q

Classified Transporting/Transmitting Policies and Guidance

A 1. DoDM 5200.01 v3 2. NISPOM - DoD 5220.22-M 3. Standard practice procedures (SPP) may provide additional procedures for implementing the guidance in the NISPOM. 4. The contract may also include provisions with more specific guidance on how to transport and transmit classified material.

3

Q

When is transmission/transportation of classified appropriate?

A The sender has the authority, based on contract or government authorization, to share the material AND The receiver has a legitimate need to know, clearance, and appropriate secure storage for the material

4

Q

Receiver Responsibilities

A 1. Have procedures in place to ensure that only authorized personnel receive classified packages, regardless of how they arrive 2. Inspect immediately for any damage that may have occurred in transit and for signs of tampering 3. Ensure there is a receipt 4. Ensure the inventory matches the receipt

5

Q

How to ensure a receiver’s ability to protect classified?

A • Ascertain the facility clearance and storage capability of a contractor facility: -Contact the appropriate DCSA Field Office -Contact the FSO -Review contractor data in the Industrial Security Facilities Database (ISFD) • Determine the storage capability at a U.S. government facility: -Contact the facility

6

Q

What level of transfer requires a receipt?

A Secret and above

7

Q

What to do if a package is received without a receipt?

A -Contact the sender -Ensure all items are accounted for -Ensure the sender includes required receipts in any future shipments

8

Q

If the inventory matches the receipt, what do you do next?

A -Sign the receipt and mail it back to the sender -Enters the materials into your own classified information management system -Safeguard the materials

9

Q

If the inventory does not match the receipt what do you do?

A Contact the sender immediately and initiate a preliminary inquiry to ascertain whether any classified information has been lost or compromised

10

Q

What do you do if there are signs of tampering?

A The Facility Security Officer (FSO) at the receiving facility must send a report to the Cognizant Security Office (CSO) in accordance with the NISPOM.

11

Q

Top Secret Methods of Transport

A 1. Defense Courier Service 2. Designated Courier/ Escort/ Handcarrier 3. CSA Approved Secure Communications

12

Q

The Defense Courier Service will not transfer…

A • Contraband, (including controlled substances) • Explosives, ammunition, firearms, and components • Radioactive material, etiological, or other hazardous material • Flammables • Liquids • Batteries • Currency, military payment certificates, bonds, securities, precious metals, jewels • Postage stamps or other negotiable instruments

13

Q

Ensure what 4 things before using a secure telephone to transmit classified information?

A • Classification level of discussion matches device classification level • Sender and receiver both have appropriate clearance and need to know • Equipment is secure • Ability exists to control access to physical location

14

Q

Escort vs. Courier vs. Handcarrier

A Handcarrier - A cleared employee who may on occasion transport classified material Escort - A cleared employee who accompanies a shipment of classified material to its destination Courier - A cleared employee whose principal duty is to transmit classified material

15

Q

Methods of transfer for Secret information

A -All Top Secret methods -USPS Express and Registered Mail -Cleared Commercial Carrier -Cleared Commercial Messenger Service -CSA-Approved Commercial Delivery Company

16

Q

3 Requirements for USPS Express Mail

A • NEVER execute Block 11-B of label (Waiver of Signature and Indemnity) • A cleared employee must give the parcel directly to USPS personnel (use of street-side boxes is prohibited) • Be sure your parcel will be back under control in a timely manner -Recommend transmit of materials on a day that will ensure the recipient will be available to receive it on the following day

17

Q

NEVER use GSA Approved Commercial Delivery Service to transmit what type of information?

A COMSEC NATO FGI

18

Q

Confidential Methods of Transport

A All the methods of Top Secret and Secret Non-Cleared Commercial Carrier USPS Certified Mail

19

Q

What is Constant Surveillance Service (CSS)?

A A transportation protective service provided by a commercial carrier qualified to transport Confidential shipments

20

Q

What is the Protective Security Service?

A A transportation protective service provided by a cleared commercial carrier qualified by the Surface Deployment and Distribution Command (SDDC) to transport Secret shipments

21

Q

What roles require a courier briefing?

A Couriers Hand-carriers Escorts

22

Q

What are the requirements for Couriering, Handcarrying and Escorting?

A -Courier briefing -Carry ID card or badge that includes name and photo -Retain classified material in their personal possession at all times or under surveillance at all times (escort) -Ensure a system for keeping track of classified materials being transmitted or transported

23

Q

When do systems for tracking the classified materials start?

A Begins before the materials leave the facility.

24

Q

What 5 things must be included in escort instructions and operating procedures?

A • Name and address of persons to whom the classified material is to be delivered • Receipting procedures • Means of transportation and the route to be used • Duties of each escort during movement, during stops en route, and during loading and unloading operations • Emergency communication procedures

25

Q

Name 3 things that handcarriers and escorts should not do while transmitting classified materials.

A -Do not discuss classified material in public -Do not open the materials en route -Do not deviate from the authorized travel route or schedule. -Never, under any circumstances, leave classified materials unattended or unsecured -During overnight stops, they must not store classified materials in anything other than an authorized container (no hotel safes, etc.)

26

Q

How to handle overnight storage for handcarrying and escorts?

A Must store the classified materials at a prearranged U.S. military facility, U.S. government facility, U.S. embassy, or cleared U.S. contractor facility in a manner appropriate for the classification level of the materials.

27

Q

Who do you contact if there is suspicious activity or an incident while en route?

A Cognizant Security Officials. Local law enforcement, if safety is threatened.

28

Q

Post-trip Procedures

A Transfer is not not complete until the classified materials has been accounted for at the point of origin. -If returning materials to the original facility, then return them in a properly sealed package. Materials will be re-inventoried to make sure they are all there. -If materials are not being returned, produce a receipt signed by the security officer from the organization to which they were delivered, thereby releasing custody of the classified material. Receipt must be returned to the organization that originated the shipment.

29

Q

What is prohibited during airline travel with classified?

A Under no circumstances may the handcarrier or airport security personnel open the classified package! If officials are insisting: -Show them the authorization letter -Ask for special handling *If necessary, abort the trip rather than allow officials to open the package.

30

Q

What do you do if airport security asks you to open the classified package?

A Discreetly tell the screener that the package contains U.S. Government classified information and cannot be opened. The Courier Authorization Letter may be produced at this time.

31

Q

Escort Duties

A - Ensure personal travel documents are complete, valid, and current -Have advance arrangements for secure overnight storage, if an overnight stay is necessary -Have written instructions that include details about the trip and emergency procedures

32

Q

Inner Wrapping Consideration

A -If classified text comes in direct contact with the inner wrapper, there is a risk of exposure through image transfer or the surreptitious use of technology that can render the wrapper translucent -Prevent classified text from coming in contact with the inner wrapper by placing something between the document and the envelope or by folding the document in on itself

33

Q

Reciept for classified information should be where?

A Attached or enclosed in the inner wrapper

34

Q

Outer Wrapper Requirements

A -Marked with mailing address (receiving government activity or cleared contractor’s) -Marked with sender’s return address -Does NOT bear any classification markings or special handling instructions indicating that its contents are classified -Does NOT contain individual names, but may include office codes, numbers, or phrases in the Attention line

35

Q

Name 3 considerations for Briefcases and Pouches when handcarrying

A May be used as outer wrapper if... -Made of heavy-duty material with an integral key-operated lock -When locked, its key is kept in a separate, sealed envelope -An internal system is in place to account for and track the location of the pouch and its key. -Sender’s mailing address is on a luggage tag attached to the handle to facilitate its return if it is misplaced -Zippered pouches must have the name and address of the sending organization and the name and telephone number of a point of contact (POC) displayed prominently on the outside -Do NOT place markings, seals, or labels on the briefcase that identify its affiliation with the DoD

36

Q

Commercial Carrier Shipments - Secret

A -Shipped in hardened containers unless exempt -Sealed when there is a full carload or truckload, when the vehicle is used exclusively for classified material, or when a closed and locked compartment is used. Seals must be numbered. -The bill of lading includes seal numbers, instructions for maintaining seals, the notation Protective Security Service Required and emergency instructions

37

Q

What information should be included on a receipt?

A The name of the sender The name of the recipient Contents of the package

38

Q

COMSEC

A -Security program that denies unauthorized individuals information of value that they might derive from possessing or studying telecommunications -Ensures those communications are authentic

39

Q

What guidance is available for transmitting and transporting COMSEC materials?

A Follow guidance from the Central Office of Record (COR) on transmitting and transporting accountable COMSEC materials.

40

Q

Transporting/Transmitting Intelligence Information

A -Refer to documents cited in the contract for special handling procedures -Obtain written authorization of the releasing agency before disclosing or releasing classified intelligence information, even to a subcontractor

41

Q

Critical Nuclear Weapon Design Information (CNWDI)

A Level: Top Secret or Secret -Research and development that reveals the theory of operation or design of the components of a thermonuclear or fission bomb, warhead, demolition munitions, or test device.

42

Q

Transporting/Transmitting CNWDI

A -Requires approval from the Government Contracting Activity (GCA) before transmitting outside the facility -Verify with the Cognizant Security Agency (CSA) that the receiving facility has been authorized to access the CNWDI

43

Q

International Transfer

A -Involve the GCA as early as possible -Control classified material until it is officially transferred to the intended recipient government (the designated government representative (DGR) actually receives the material) -Only use government-approved channels -Prepare written transmission instructions and a transportation plan for all transfers

44

Q

Required Elements of a Transportation Plan

A Plan title Date of movement Authorization/Approval

45

Q

Name 5 Possible Transportation Plan Elements

A -Purpose -Description of consignment -Identification of responsible government or company representatives -Identification of commercial entities to be involved in each shipment -Packaging the consignment -Routing of the consignment -Requirement for an escort when applicable -Couriers/escorts -Recipient responsibilities -Return of material -Freight forwarders -U.S. Government Designated Government Representative (DGR) -Recipient Government DGR

46

Q

Prerequisite of a Transportation Plan

A Research and coordinate with various officials: • Local • State • Federal • Foreign government authorities who will receive the shipment.

47

Q

Foreign Government Information (FGI)

A Classified information that the U.S. receives from a foreign government or international organization or that the U.S. produces as a result of a joint arrangement with a foreign government or international organization

48

Q

FGI Transport/Transmission

A Use the same channels as for U.S. classified information of an equivalent classification. *Exception: Never use non-cleared express overnight carriers.

49

Q

NATO Transport/Transmission

A -Individuals requiring access to NATO classified information must receive a security briefing -Before sending out NATO classified information, contractors must ensure the recipients are authorized to receive it. -Classified NATO information can be transmitted only through government-to-government channels unless both the sending and receiving governments agree in writing to an alternative.

50

Q

Who to consult before shipping FGI?

A Consult the Cognizant Security Agency (CSA) and the NISPOM to make sure you follow appropriate transmission and transportation procedures.

51

Q

Who to consult before shipping COMSEC?

A Before shipping COMSEC materials you should consult the Central Office of Record (COR), the NISPOM, and your specific contract to make sure you follow appropriate transmission and transportation procedures.

52

Q

Who to consult before shipping CNWDI

A Before shipping CNWDI you should consult the Government Contracting Activity (GCA), the Cognizant Security Agency (CSA), and DoDD 5210.2 to make sure you follow appropriate transmission and transportation procedures.

1

Q

Purpose of Storage Containers and Facilities A Protect valuables, records, and sensitive and classified information and material, as well as conventional and nuclear weapons by delaying unauthorized entry. 2

Q

Storage Containers A Security containers include: Cabinets Field Safes Secure Rooms Vaults 3

Q

Define Storage Facility A Restricted areas are generally on military installations and are designed to protect certain types of classified material or items that require larger spaces such as nuclear weapons 4

Q

Examples of Storage Facilities A SCIFs AA&E Storage Facilities Nuclear Storage Facilities 5

Q

What are the 3 types of unauthorized entry? A Forced Entry Covert Entry Surreptitious Entry 6

Q

Forced Entry A Occurs when someone breaks into the container or facility by using a tool, torch, or explosives, for example.

Can cause obvious visible damage to the container.

Can cause less obvious damage, such as holes drilled behind cabinet labels. 7

Q

Covert Entry A Occurs when someone breaks into a container by manipulating a lock using an auto dialer machine to learn the combination of a combination lock or by picking a keyed lock, for example.

Entry is not easily detected, but trained persons can detect entry. 8

Q

Surreptitious Entry A Occurs when someone breaks into a container by using radiological means such as an x-ray machine to view the dial rings on the older mechanical locks.

Entry is not easily detected, even trained persons have a difficult time detecting entry. 9

Q

Examples of Supplemental Protection for storage containers A Intrusion Detection Systems (IDS) Alarms Guards 10

Q

Factors in Choosing a Container/Facility A 1. Level of Material - Confidential document would require stricter storage requirements than an unclassified document

2. Type of Material -Paper material would have different storage requirements than weapons

3. Geographic Location of Material -Different requirements for materials being stored overseas, in war zones, for example, than for materials being stored in the United States. 11

Q

What is GSA? A The General Services Administration (GSA) establishes and publishes minimum standards, specifications, and supply schedules for containers, vault doors, modular vaults, and other associated security devices suitable for the storage and protection of classified information against forced, covert, and surreptitious entry. 12

Q

What is required for COMSEC storage? A GSA-approved container

National Security Agency (NSA) requirements met

Stringent protection and strict accountability -Ex: two person concept where two people are required to inventory, package, and destroy the material 13

Q

Compare Class V and VI containers A Both protect against covert and surreptitious entry

Class V protects against forced entry

Neither protects against fire 14

Q

Which container class protects against fire? A Class I and Class II 15

Q

Types of GSA-Approved Locks A Built-in Combination Locks (most widely used) Combination Padlocks Key-Operated Padlocks 16

Q

Most Common Models of Combination Locks A Kaba Mas X07, X08, X09, and X-10

Sargent and Greenleaf (S&G) 2740 and S&G 2740B

  • Locks must meet Federal Specification FF-L-2740 series

17

Q

What type of label must be on a container storing classified information A GSA-approved security containers must clearly display the GSA-approved label on the face of the container in order to be used to store classified information. 18

Q

Types of GSA-Approved storage container labels A GSA-Approved Label Test Certification Label Cabinet Identification Label Number Label Warning Label 19

Q

What should you do if a GSA-approved label is missing or if the structural integrity of the container has been compromised? A

  • Repair and recertification of the container is required

The container may not be used until: -Repaired and restored to its original condition by a certified technician -Recertified by an authorized certifying official -A new GSA-approved label has been applied to the container by the certifying official 20

Q

Secure Room A -Areas designated and authorized for the open storage of classified information -Used when larger storage capability is needed than can be obtained from the use of GSA-approved security containers alone -Built to enhanced commercial construction standards, but do not afford the extra security inherent with vaults. -May have additional requirements prohibiting the open storage of classified information 21

Q

What is the policy is used for construction standards for secure rooms? A DoDM 5200.01, Information Security Program for DoD

NISPOM for cleared contractor facilities 22

Q

Secure Room vs Vault A Both are areas designated and authorized for the open storage of classified information

Vaults are constructed to meet strict forcible entry standards established by the GSA and outlined in DoDM 5200.01

Vaults are more secure than secure rooms 23

Q

Characteristics of Vaults A -Reinforced concrete on all walls, ceilings, and floors -Hardened steel door -Doors must meet GSA standards for surreptitious, covert, and forced entry 24

Q

Factors to Maintain Certification of Vault A -Doors and frames must remain in their original color, which is gray -Placement of GSA-approved labels on the outside face of vault doors -Locks installed on vault doors have the same requirements as locks installed on security containers. 25

Q

Top Secret Storage Requirements A Stored in a GSA-approved container and, at least one of the following supplemental protections is required: -Continuous protection by cleared guard or duty personnel, or cleared guard/duty personnel inspects container every 2 hours -An intrusion detection system (IDS) used with 15 minute response time with security-in-depth or within 5 minutes if not security-in-depth 26

Q

Secret Storage Requirements A Secret information must be stored in one of the areas approved for Top Secret information.

Supplemental protection is not required for Secret information stored in a GSA-approved security container or vault.

Supplemental protection is required for Secret information that is stored by defense contractors in a closed area. It must have at least one of the following supplemental protections -Continuous protection by cleared guard or duty personnel -Cleared guard or duty personnel inspects container every 4 hours -IDS used with a 30 minute response time 27

Q

Confidential Storage Requirements A Confidential information must be stored in one of the areas approved for Top Secret or Secret information.

Supplemental protection is not normally required for the storage of Confidential information. 28

Q

Container Access Control A -Granted only to those who are authorized to access the classified information stored inside or to those who are authorized to change combinations or make repairs on the security containers and locks

-Entrances to storage containers must be kept under visual observation or equipped with electric, mechanical, or electromechanical access control devices at all times during work hours

-Keep records of security containers, vaults, and secure rooms used for the storage of classified material 29

Q

What forms are utilized for access control? A SF-700 SF-701 SF-702 30

Q

SF-700 A Security Container Information -Tracks the location of the storage container as well as the contact information for each individual who knows the combination and should be contacted in the event the container is found open and unattended. -Must be stored in a sealed, opaque envelope inside the control drawer. 31

Q

SF-701 A Activity Security Checklist -Records end-of-day security checks which are conducted to ensure all vaults, secure rooms, and containers used for the storage of classified information are secured at the end of each working day 32

Q

SF-702 A Security Container Check Sheet -Tracks opening and closing of storage containers.

  • If there is an open container violation, this form helps to narrow the scope of inquiry.

33

Q

Storage Container Procedures A -Procure new security storage equipment from the GSA Federal Supply Schedule. -Do not mark the outside of a storage container in any way that could divulge the classification level of the material being stored. -It is recommended that you keep the sides and tops of containers clear. -When removing security containers, you must completely inspect the inside of the container, including complete drawer removal, to ensure there is no classified material left inside -Turn in the containers in accordance with local property control procedures. 34

Q

Container Content Requirements A Do not store classified information with sensitive items or weapons. Doing so could make the classified storage container more of a target for thieves looking for valuables.

Destroy classified information when no longer needed. This reduces the need for additional storage containers. 35

Q

Neutralization A The drilling or cutting open of a lock by properly trained and equipped personnel. Ex: lock freezes, forget combo or lose key

-Neutralization must be done by a GSA Authorized Safe & Vault Technician using methods outlined in Federal Standard 809B

-Neutralization may affect the container’s certification, so the container must be repaired to its original condition so it may be recertified 36

Q

Key-Operated Lock Requirements A Keys and locks must be protected at all times.

Protect keys and spare locks in a secure container at the same level of protection afforded the material or information being secured. 37

Q

Combination Lock Requirements A -Combinations must be protected at all times. -Treat combinations at the same level of classified material they protect. -It is recommended you always secure mechanical combination locks with four rotations of the dial. -Change combinations at specific times such as when they are first placed in use, when an individual who knows the combination no longer requires access, when the combination has been subject to possible compromise, and when the container is taken out of service. -When a container is taken out of service, the combination must be reset to the factory default setting. 38

Q

What is a restricted area? A Storage facilities in buildings or on military installations that require additional protection 39

Q

Common types of restricted areas A SCIFs AA&E storage facilities Nuclear storage facilities 40

Q

Demarcation A Warning signs displaying RESTRICTED AREA must be posted no more than 100 feet apart at each boundary of or logical approach to the restricted area

Must be easily read by anyone approaching on foot or in a vehicle

Signs must be posted on every gate and on both sides of every fence corner 41

Q

SCIF A Used by the intelligence community for the storage of their sensitive compartmented information (SCI)

Strict construction standards must be adhered to (ICD 705) 42

Q

Who has governance over SCIFs? A Security requirements for SCIFs are established by the Director of National Intelligence (DNI).

Accreditation is the responsibility of the Defense Intelligence Agency (DIA). 43

Q

What is the policy that governs Physical Security of AA&E? A DoDM 5100.76, Physical Security of Sensitive Conventional Arms, Ammunition, and Explosives 44

Q

What are the categories of AA&E? A SRC I - SRC IV 45

Q

Demilitarize/Dispose A AA&E must be demilitarized or disposed of once they have become obsolete or unserviceable. By doing this, costs for protecting, storing, and accounting for AA&E no longer needed will be reduced 46

Q

What is authorized to be stored in all four security risk categories of AA&E? A Fixed-location, free-standing magazines 47

Q

Nuclear Weapon Storage and Security Policy? A DoD S 5210.41-M 48

Q

Fence Requirements for Nuclear Weapons A -7 ft high, 9-guage, 2 inch diamond mesh, equipped with Y outrigger with 15 inch arms. -Anchored to the ground, two fences minimum, separation zone of 30 ft between the fences. -Nuclear storage facility fencing also requires a 30 foot clear zone on both the inside and outside of the fence. -Nothing can be in this clear zone, including trees and buildings. 49

Q

What is special about Nuclear Access? A Restricted Area procedures and... -Lettering on signs displayed in black or blue, except the words USE OF DEADLY FORCE AUTHORIZED which must be displayed in red -Continual barrier concept (similar to mantrap) -Privately owned vehicles (POVs) never permitted