security awareness training
DESCRIPTION
Security Awareness Training. A threat awareness briefing. A defensive security briefing. An overview of the security classification system. Employee reporting obligations and requirements. Security procedures and duties applicable to the employee's job. Report to DISCO. - PowerPoint PPT PresentationTRANSCRIPT
Security Awareness Training• A threat awareness briefing.• A defensive security briefing.• An overview of the security
classification system.• Employee reporting obligations and
requirements.• Security procedures and duties
applicable to the employee's job.
Report to DISCO• Employees who do not want to perform on
classified work
• Refusal to sign SF 312
General Requirements• Standard practice procedures
– How FSO will direct and implement security procedures
• Upon FSO or CSA determination
1-207 Hotlines• Hotlines are available. However,
recommend that company officers have chance to handle situation
• Not to take place of investigations
• May be used to tip off
Defense HotlineThe PentagonWashington, DC 20301-1900(800) 424-9098
1-3 Reporting• Events that impact:
– FCL– PCL– Protection of classified information– Loss or compromise
• Contractors cleared employees on reporting channels with:– Federal agencies– FBI– CSA
1-3 Reporting (To FBI)• Reports to FBI
– Espionage– Sabotage– Terrorism– Subversive activities– Submit copy of written report to CSA
How to Report• Report to the FBI
• Follow up with written report
• Send copy to IS Rep with FBI approval
1-3 Reporting (To CSA)• Reports to CSA
– Adverse information– Suspicious contacts– Change in cleared employee status– Naturalization– Not desiring to work on classified contract
Be careful! Don’t spread rumors
Reports to CSA• Personnel Clearance Issues
• Facility Clearance Issues
• How do you report?– IS Rep – DISCO
DISCO
• Adverse Information• Changes in Cleared Employee Status• Citizenship by Naturalization• Employees Desiring Not to Perform on
Classified Work• Standard Form (SF) 312
Adverse Information Foreign influence Foreign preference Sexual behavior Personal conduct Financial considerations Alcohol consumption Drug involvement Emotional, mental, and personality disorders Criminal conduct Security violations Outside activities Misuse of information technology systems
1-3 Reporting (To CSA)• Reports to CSA
– Adverse information– Suspicious contacts– Change in cleared employee status– Naturalization– Not desiring to work on classified contract
1-3 Reporting (To CSA)• Reports to CSA
– Adverse information– Suspicious contacts– Change in cleared employee status– Naturalization– Not desiring to work on classified contract
1-3 Reporting (to CSA)• Reports to CSA
– Refusal to sign SF 312– Changes affecting FCL– Changes in storage capability– Inability to protect classified– Security equipment vulnerabilities– Unauthorized receipt of classified– Compromise information– Disposition of classified information– Foreign classified contracts
1-3 Reporting (to CSA)• Reports to CSA
– SF 312– Changes affecting FCL– Changes in storage capability– Inability to protect classified– Security equipment vulnerabilities– Unauthorized receipt of classified– Compromise information– Disposition of classified information– Foreign classified contracts
1-3 Reporting (to CSA)• Reports to CSA
– Refusal to sign SF 312– Changes affecting FCL– Changes in storage capability– Inability to protect classified– Security equipment vulnerabilities– Unauthorized receipt of classified– Compromise information– Disposition of classified information– Foreign classified contracts
1-303 Loss, Compromise or Suspected Compromise
• Report to CSA
• Considered lost if cannot be found– Conduct investigation– Report to CSA or command channels
1-303 Loss, Compromise or Suspected Compromise
1-303 Loss, Compromise or Suspected Compromise
Discover circumstances surrounding the reported loss, compromise or suspected compromise.
1-303 Loss, Compromise or Suspected Compromise
Loss, compromise or suspected compromise?Submit initial report
1-303 Loss, Compromise or Suspected Compromise
Investigation Done?Submit final•New information•Name and SSN of person responsible•Record of prior incidents•Corrective action•Reasons for conclusions
www.ispcert.com
Threat Awareness Briefing
www.ispcert.com
Why Our Information
Employee Responsibilities
Threat Awareness and Defensive Information
Methods of Contact
Countermeasures
Test
CONTENTS
www.ispcert.com
Why go through process of Research and Development
Let someone else pay for R&D
Possible military application
WHY OUR TECHNOLOGY?
www.ispcert.com
Research and development is an expensive endeavor. It is much cheaper to acquire technology through reverse engineering, requests for information or theft
It is illegal to provide any export to some countries. It is easier for them to think of creative methods of obtaining what they need.
Some products seem to have commercial application, but they may appeal to a dual use possibilities
WHY OUR TECHNOLOGY?
www.ispcert.com
Protect Proprietary, For Official Use Only and Sensitive Information
This information includes:Vendor pricespersonnel ratings medical recordscorporate financial investments and resourcestrade secret informationcorporate/government relationscorporate security vulnerabilitiesfinancial forecasts and budget information
EMPLOYEE RESPONSIBILITY
www.ispcert.com
Lock up in a drawer or cabinetRestrict emailing or faxingDevelop a destruction policyEveryone has a right to privacy, respect that rightProtect your business to the fullest
PROTECT PROPRIETARY, FOR OFFICIAL USE ONLY AND SENSITIVE INFORMATION
www.ispcert.com
Company Computer Security Safeguards Use computers for authorized business Establish and protect passwords Visit only authorized websites Use caution when downloading attachments Save all work Use classified systems for classified processing
EMPLOYEE RESPONSIBILITY
www.ispcert.com
Password should be at least six characters long. More stringent measures apply to classified processing systems Don’t share passwords or write them down
Use the internet for official company use
Download attachments if email comes from a reliable source
Save work regularly in case of loss
Follow procedures as established by the Information System Security Manager
COMPUTER SECURITY SAFEGUARDS
www.ispcert.com
The following may indicate that you could be targeted: Your access to active intelligence interest Overseas locations where foreign intelligence operates Located in the U.S. where foreign nationals can gain access to you Ethnic, racial, or religious background that may attract the attention
of a foreign intelligence operative
EMPLOYEE RESPONSIBILITY
www.ispcert.com
You have no control over whether or not you are targeted Your present situation may make you appear vulnerable, but it
doesn’t mean you will be targeted Also, you may be targeted even if your circumstances aren’t as
above-It’s out of your control You can control your actions and how you react to assessment and
recruiting efforts.
Most foreign contacts are perfectly legitimate and well meaning Be aware of situations out of the norm of regular business Notify your FSO of suspicious contacts
EMPLOYEE RESPONSIBILITY
www.ispcert.com
Foreign Threat Economic – theft of technology and commerce Classified information-solicitation for unauthorized
disclosure Intelligence-collection efforts
Conduct Risk Analysis Who is targeting What do they want How do they get it
THREAT AWARENESS AND DEFENSE
www.ispcert.com
Collection effortsElicitationEavesdroppingSurveillanceTheft Interception
THREAT AWARENESS AND DEFENSE
www.ispcert.com
Elicitation-Subtle form of questioning where conversation is directed to collect information. Differs from interrogation and may be hard to recognize
Example of Elicitation: in a recent case, Ben-Ami Kadish, a government employee, turned over secrets to Israel. His handler, who also handled a spy name Pollard, smoothly convinced him to turn over documents to while appealing to Kadish’s sensibilities toward Israel’s security. Kadish only received small gifts and private dinners
Eavesdropping-Listening in to get information
Surveillance-Watching target while remaining discreet
COLLECTION EFFORTS DEFINED
www.ispcert.com
Suspicious Activities
Requests for information outside of need to know
Unauthorized reproduction of materials
Unauthorized removal/destruction of materials
Unexplained affluence
Regular, unexplained foreign travel
Maintains long hours in spite of job dissatisfaction
Employees are required to report efforts by any individual to obtain illegal or unauthorized access to classified or sensitive information— This include proprietary information
INSIDER THREAT
Robert Philip Hanssen
www.ispcert.com
Very few news reports made of anyone breaking into a DoD contractor facility to crack or blow safes. Our threat stems from employee actions and how they respond to suspicious contacts.
Espionage of any type is a very draining process to the perpetrator. They are conflicted between loyalty, incentive and consequences.
Suspicious employee activities can take any form. It’s important to realize that these are just indicators and not confirmation. Your reporting is necessary to conduct an investigation or execute caution.
THE REAL THREAT-INSIDERS
www.ispcert.com
Fax Snail Mail E-mail Telephone Personal Contact
May seem innocent enough, but…. Legitimate business requests will come through appropriate channels
Personal Contact: Asks about project specifics, whether or not classified or proprietary details
Email address originated in a foreign country
METHODS OF CONTACT
www.ispcert.com
Remain non-committal if approached Report all suspicious activities to FSO Practice smart information systems security Escort visitors Pay attention to surroundings Secure building at the end of the day
COUNTERMEASURES
www.ispcert.com
Don’t agree or disagree to a suspicious request. If you agree, you may find yourself under investigation. If you say “no”, the suspicious person may go to another target. Remain non-committal and report as many details as possible.
Have a strong visit control policy. Know where visitors are and how to identify them. Practice access control.
Secure work areas at the end of the day: Lock safes close and lock doors clear desk and lock proprietary information in a file or desk
drawer.
COUNTERING COLLECTION EFFORTS
www.ispcert.com
DEFENSIVE SECURITY BRIEFING
www.ispcert.com
Employee Responsibilities While Traveling
Threat Awareness and Defensive Information
Methods of Contact
Countermeasures
Test
CONTENTS
This briefing is designed to prepare you the “cleared employee” for overseas travel. You have responsibilities to protect our employees, product, customers and those we do business with while you are traveling
www.ispcert.com
Notify FSO of travel plans
Ensure proper travel documentation
Protect export controlled technology and classified information
Visit the State Department website for up to datetravel information www.state.gov
EMPLOYEE RESPONSIBILITIES
www.ispcert.com
Notification to FSO includes travel plans for Canada, Mexico and Caribbean Countries
The state department website informs you of necessary travel documentation. Familiarize yourself with the site and use it to become an informed international traveler www.state.gov
Exports Compliance: Technical data can be transferred by reading a note, viewing a computer screen, conducting seminars and etc. Make sure you are authorized with a license and or TAA before discussing technical data that falls under exports compliance.
EMPLOYEE RESPONSIBILITIES
www.ispcert.com
Maintain professional bearing
Remain in contact with host
Travel with others when possible
Display wealth as little as possible
Learn customs and courtesies of host country
EMPLOYEE RESPONSIBILITIES
www.ispcert.com
EMPLOYEE RESPONSIBILITIES
Conduct yourselves as professionals at all times. Pretend you are travelling with the CEO (or title of highest ranking officer) as you represent the company
Stick with your host-They will ensure your safety and refer you to reputable establishments
Travel in a group to make yourself as unattractive target of opportunity
www.ispcert.com
Protect Privileged Information (Classified, Proprietary, For Official Use Only and Sensitive Information) While Traveling
This information includes:Carryon baggageLaptop computersConversations
EMPLOYEE RESPONSIBILITY
www.ispcert.com
Company employees should bring a sanitized computer while on travel. You can almost guarantee that you will be separated from your laptop at some point during customs checks. A sanitized computer provides no threat of exports violations or theft of economic or corporate data.
Keep all information that could lead to export violations or the release of proprietary data close at hand.
Company employees cannot transport classified material across international borders.
EMPLOYEE RESPONSIBILITY
www.ispcert.com
Foreign ThreatEconomic Classified informationIntelligence
Conduct Risk AnalysisWho is targetingWhat do they wantHow do they get it
THREAT AWARENESS AND DEFENSE
www.ispcert.com
Economic Threat– theft of technology and commerce. Foreign entities may target classified or company sensitive information to gain a competitive edge. This costs millions of dollars in damage to U.S. business
Intelligence Threat-Collection efforts against the U.S. to increase for government power and competitive edge.
THREAT AWARENESS AND DEFENSE
www.ispcert.com
When conducting analysis of threat ask the following questions: What do we have?
What is our technology, defense or economic product
What do they want? The product the foreign entity or government have the most to gain
How can they get it? Where are we vulnerable
What efforts can we take to prevent unauthorized disclosure? Training
Recognizing the threat How to react to the threat
Reporting How and what to report
THREAT AWARENESS AND DEFENSE
www.ispcert.com
Could you be a target overseas? Who are you and what will you do?
Science conventionAir showsBusiness meetings
Conduct Risk Analysis
www.ispcert.com
Will you be speaking? Are you approved for a certain subject? Watch for the cancellation and topic change
For example, suppose you are approved to speak on the topic of a radar’s effects on bird migration. The foreign host may inform you that the conference has changed and they need you to present the subject of the weather’s effects on a specific radar.
What business will you be conducting? Is it approved? Make sure to stay on target
For example, suppose you have approval to present a business opportunity for a teaming effort on your company’s refractor lenses for a foreign government’s telescope. The foreign entity brings the discussion to focus light beam intensity. Same product, different capabilities.
Conduct Risk Analysis
www.ispcert.com
Some factors that could increase the possibility Your access Overseas locations Ethnic, racial, or religious background
COULD YOU BE A TARGET
www.ispcert.com
Just as in real estate, location is important. Your position, responsibilities and geographic location are circumstantial and may increase your chances of being targeted for recruitment.
Also, your background may cause you to be vulnerable. Foreign operatives may play on your sympathy if you have ties to foreign countries. It is important to always report foreign relations to the FSO
It is important to note that all the above factors that increase the chances of a person selected or initial targeting and assessment are circumstances you have little or no control over.
Most foreign contacts are perfectly legitimate and well meaning. Your ability to recognize the few who are not will help you avoid problems. It will also help your security officer help others avoid problems.
COULD YOU BE A TARGET
www.ispcert.com
You have no control over whether or not you are targeted
Most foreign contacts are perfectly legitimate and well meaning
COULD YOU BE A TARGET
www.ispcert.com
Your present situation may cause you to look vulnerable, but it doesn’t mean you will be targeted. Also, you may be targeted even if your circumstances aren’t as above. It’s all out of your control. However, you can control your actions and how you react to assessment and recruiting efforts.
Your ability to recognize the few who are not will help you avoid problems. It will also help your security officer help others avoid problems.
COULD YOU BE A TARGET
www.ispcert.com
Who Could Target You?Third party spiesStudentsConvention AttendeesThe next table overAnyone
Conduct Risk Analysis
www.ispcert.com
When traveling overseas, things may not be the way they seem. Friendly encounters, business meetings, symposiums and etc could provide a fertile market for collection efforts.
Remain vigilant, but remember to obey laws and practice local customs and courtesies if they don’t violate ethics.
Report all suspicious contacts to security
Conduct Risk Analysis
www.ispcert.com
Collection effortsElicitation EavesdroppingSurveillanceTheft Interception
THREAT AWARENESS AND DEFENSE
www.ispcert.com
Elicitation-Subtle form of questioning where conversation is directed to collect information- It is a different method than direct questioning and is hard to recognize
Example of Elicitation can be found in the recent case of Ben-Ami Kadish, who gave secrets to Israel. His handler, who also handled a spy name Pollard, smoothly convinced him to turn over documents to help maintain the security of Israel. Kadish received small gifts and private dinners. http://www.washingtonpost.com/wp-dyn/content/article/2008/04/22/AR2008042202590.html?wpisrc=newsletter
Eavesdropping-Listening in to get information
Surveillance-Watching target unobserved
THREAT AWARENESS AND DEFENSE
www.ispcert.com
Today’s business puts many employees in contact with foreign entities. Some of these contacts can lead to elicitation Elicitation is different than direct recruitment
Subtle, but enough to obtain privileged information Listen to your gut; if the conversation feels wrong…
Change the topic and move onA reluctant prospect may not be pressed into service
A WORD ABOUT ELICITATION
www.ispcert.com
Economical need for information is strong Spies look and act like normal people Any traveler can be assessed Privileged information is damaging Report suspicious situations
KEEP YOUR EYES OPEN
www.ispcert.com
Organized Government Services Could:Follow you Sneak into your quartersTap your communications Arrange audio and video coverage Use guides and interpreters
WHAT’S THE WORSE THAT COULD HAPPEN?
www.ispcert.com
Security or foreign intelligence services are activeThey can and do review Visa requestsYou may be assessed
At the very least, these services may “debriefed” some of your foreign contacts
If you are of interest, the next step is Recruitment
WHAT’S THE WORSE THAT COULD HAPPEN?
www.ispcert.com
Remain non-committal if approached Report all suspicious activities to FSO Practice smart information systems security Escort visitors
COUNTERMEASURES
More than 140 countries actively target US information-Largest collection effort since the cold war
www.ispcert.com
Report to Security for a debriefing Bring any notes Be open and honest
WELCOME HOME
www.ispcert.com
THE SECURITY CLASSIFICATION SYSTEM
www.ispcert.com
CONTENTS
• Why the Security Classification System• How is information classified• How is classified information marked• Government and contractor responsibilities• Test
www.ispcert.com
How do classified items receive their designations? Who is responsible for assigning classification levels? What recourse do security managers have after discovering a
classification error? Can anything be assigned a classification level by anyone?
These are questions that come to the minds of many who safeguard or work with classified material. Although there is guidance to demonstrate proper control, accountability, documentation, storage, dissemination and destruction of classified material, many practitioners do not understand the fundamentals. Executive Order 13526 provides the history, disposition and future status of classified information.
CONTENTS
WHY ASSIGN CLASSIFICATION SYSTMS
“It has been estimated by some intelligence experts that Mr. Walker provided enough code-data information to alter significantly the balance of power between Russia and the United States” John Oconner, New York Times
For over 18 years John A. Walker, Jr. had sold secrets during and after his career in the Navy. Though entrusted with a security clearance and a “need-to know”, he did not demonstrate the trustworthiness of which his thorough background investigation deemed him worthy. When the opportunity revealed itself, he took advantage of his position and responsibilities to smuggle classified information to his Russian connections. During the investigation into his arrest, authorities discovered a complex spy ring consisting of family members and other recruited operatives. Walker had earned the trust and cooperation of his family to commit one of the most notorious of all cases of espionage. As a result of his crimes, he received a two life terms plus 10 year, his son received 25 years and the damage to the U.S. national security was tremendous.
www.ispcert.com
NISP is designed Safeguard classified information that has been or may be released to… “current, prospective, or former contractors, licensees, or grantees of United States agencies”. It is also designed to provide for the protection of classified material as outlined in EO 12356 and the Atomic Energy Act of 1954, as amended.
NATIONAL INDUSTRIAL SECURITY PROGRAM
www.ispcert.com
The NISPOM is the primary regulatory reference for performing industrial security
The Department of Defense consults with Secretary of Energy, the Nuclear Regulatory Commission and the Director of Central Intelligence to issue and maintain the NISPOM
It is up to the contractor and each agency work together to meet the NISPOM’s intent
NISPOM
The NISPOM provides restrictions, rules, guidelines and procedures for preventing unauthorized disclosure of classified material; it is the primary regulatory reference for performing industrial security.
www.ispcert.com
The Secretary of Energy and the Nuclear Regulatory Commission have the lead in detailing requirements for protecting classified information identified in the Atomic Energy Act of 1954
The Director of Central Intelligence will provide a section for intelligence sources and methods, to include Sensitive Compartmented Information (SCI) However, in this coordination each agency maintains its authority
The NISPOM applies to authorized users of classified information and equips those working on classified contracts with critical instruction on how to implement the NISP in their organizations It is up to the contractor and the oversight agency to work together to
provide accurate interpretation of the guidelines to the specific classified contract requirements.
NISPOM
www.ispcert.com
All agencies apply three factors to the concept of Risk Management
1. Damage to national security
2. Existing or anticipated threat to disclosure of information.
3. Short and long term costs of the requirements, restrictions, and other safeguards
NATIONAL INDUSTRIAL SECURITY PROGRAM
(NISPOM)
The second and third factors aren’t spelled out in the NISPOM, but are recognized as legitimate concerns to prevent the NISP from becoming a burden to industry
www.ispcert.com
The Secretary of Defense and the other identified agencies apply the concept of Risk Management while implementing the NISPOM
Astute Industrial Security managers develop risk management analysis to better interpret the risk and discover the potential impact. They will also develop solutions to reduce the risk and the predicted damage. The bottom line is to reduce the probability of unauthorized disclosure of classified information
NATIONAL INDUSTRIAL SECURITY PROGRAM
(NISPOM)
www.ispcert.com
Provides Classified National Security Information and delivers a cohesive method for designation classification
The Government has designed stringent policy to ensure thatclassified material is protected at the level necessary to prevent unauthorized disclosure.
EXECUTIVE ORDER 13526
www.ispcert.com
CONFIDENTIAL information could reasonably be expected cause damage
SECRET could reasonably be expected to cause serious damage
TOP SECRET could reasonably be expected to cause exceptionally grave damage to national security
THREE DESINGNATIONS FOR CLASSIFIED
Caution: Classified information should not be confused with the proprietary information sometimes referred to as company confidential or secret.
www.ispcert.com
Classifications are not assigned unless: An original classification authority (OCR) is
applying the classification level
The U.S. Government owns, is producing, or is controlling the information
Information meets one of eight categories
The OCR determines unauthorized disclosure could cause damage to national security to include transnational terrorism and they can identify or describe the damage.
CONDITIONS FOR CLASSIFICATION
www.ispcert.com
According to a report from the Chairman of the House National Security Subcommittee, 10% of secrets should have never been classified and that nearly 90% of classified information has been over-classified
A Defense Security Services report stated in 2003 nearly $6.5 billion was spent to classify information
To prevent such abuse, the Executive Order provides guidance to train and prevent classification authorities from arbitrarily assigned a classification level
CONDITIONS FOR CLASSIFICATION
www.ispcert.com
1. Military plans, weapons systems or operations The U.S. armed forces not only safeguards, but provides instructions for
protecting the specifics of their weapons and plans. If these strategies and operations were released to the wrong hands, the information would damage national security and adversely affect our ability to defend ourselves.
2. Foreign government information This knowledge includes what the U.S. Government may already know about
other governments. This gives the U.S. the advantage of knowing information that another country thinks is protected.
WHAT ARE THE EIGHT CATEGORIES
www.ispcert.com
3. Intelligence activities, sources, or methods or cryptology One can imagine what damage could take place if any intelligence gathering
sources, methods or activities were compromised. The suspecting adversary could become aware of the threat and cease their activity or design countermeasures designed to thwart future efforts.
WHAT ARE THE EIGHT CATEGORIES
www.ispcert.com
4. Foreign relations or activities of the United States including confidential sources
This information is specified U.S. foreign policy activities and sources friendly to U.S. efforts and U.S. organizations. Such is protected to ensure the safety of the relations and success of the activities. Compromise of any of the sources could cause damage to National Security as they are denied further access.
5. Scientific, technological, or economic matters relating to national security, including defense against transnational terrorism
Unauthorized access to national security-related U.S. scientific, technological, and economic data could compromise plans, production, and strategies and leave certain vulnerabilities.
WHAT ARE THE EIGHT CATEGORIES
www.ispcert.com
6. U.S. programs for safeguarding nuclear materials or facilities For nuclear activities, the Department of Energy and the Nuclear Regulation
Commission provide specific guidance to ensure the best protection. Vulnerabilities and strengths are assessed to ensure the best possible measures are in place to protect these items. Plans, strategies and programs are only effective if enforced AND access is limited.
WHAT ARE THE EIGHT CATEGORIES
www.ispcert.com
7. Vulnerabilities of systems, installations, infrastructures, projects, plans or protection services related to national security including terrorism
Security managers assess strengths and to ensure the best possible measures are in place to protect these items. Plans, strategies and programs are only effective if enforced AND access is limited. An adversary could use the programs to gain advantages, steal, damage or destroy systems, installations, infrastructures, projects, plans or protection services.
8. Weapons of Mass Destruction Information fitting this category is classified to prevent
unauthorized disclosure. Such unauthorized disclosure could make the U.S. vulnerable to adversaries to include transnational terrorists.
WHAT ARE THE EIGHT CATEGORIES
www.ispcert.com
Classified material should always display proper markings at all times
The classified information will have markings displayed in a specific manner based on the type of media (compact disk, cassette, book, map and etc.)
Furthermore, the classification should identify which pages, paragraphs and portions are classified and unclassified.
CLASSIFICATION MARKINGS
www.ispcert.com
EXAMPLES OF DOCUMENT MARKINGS
Overall Page Markings
Portion Marking
Classification Information
Notice that the document has a top and bottom marking at the highest level of classification on the page and appropriate levels of classification for the information in the paragraph.
www.ispcert.com
Limits to classificationA classification cannot be assigned to hide legal
violations, inefficiencies or mistakes
Nor can the classification authorities assigned to prevent embarrassment, prevent or restrict competition or delay the release of information that hasn’t previously required such a level of protection
LET’S CLASSIFY IT ALL JUST TO BE SURE
Users of Classified material have an obligation to challenge classification that violate any of the above
www.ispcert.com
Holders of classified information may discover that the classification level may be inappropriate or unnecessary. These holders have a duty to report their beliefs.
Such reports are to be handled with the agency authorities and reviewed for a decision.
The agency heads or senior officials also need to ensure there is no retribution for the report as well as notifying the individuals that they have a right to appeal the agency decisions to the Interagency Security Classification Appeals Panel.
CAN’T WE JUST CLASSIFY IT ALL JUST TO BE SURE
Users of Classified material have an obligation to challenge classification that violate any of the above
www.ispcert.com
Anyone desiring access to classified information must possess a security clearance and have “need to know”
Security clearances are issued after a favorable investigation and a determination is made.
CLEARANCE AND “NEED TO KNOW”
www.ispcert.com
Classified users are trained in proper safeguarding and sanctions imposed on those who fail to protect it from unauthorized disclosure
Each originating agency must provide instructions on the proper protection, use, storage, transmission and destruction of the information
WE ARE PROVIDED INSTRUCIONS OF USE
www.ispcert.com
DON’T BEGIN CLASSIFIED WORK WITHOUT DDFORM254-Provides instructions on
how, when and where to perform on a classified contract
SECURITY CLASSIFICATION GUIDE-Designed to notify what is classified and to what level. A security classification guide is assigned to each classified project.
WE ARE PROVIDED INSTRUCIONS OF USE
The NISP is created to protect classified information
Three factors are considered before implementing the NISPOM:
level of damage to national security existing or anticipate threat to disclosure long and short term costs
Presidential Executive Order 13526 delivers a cohesive method for designation classification, protecting and declassifying national security information
Classified material should always be marked with the correct level
SUMMARY
www.ispcert.com
• O’Connor, John, “TV View; American Spies In Pursuit Of The American Dream”, New York Times, NY, 1990 http://query.nytimes.com/gst/fullpage.html?res=9C0CE6DA133BF937A35751C0A966958260, Feb 4, 2008
• The President, Executive Order 12829—National Industrial Security Program (Federal Register, Jan 1993) pg. 3-2.
• The President, Executive Order 13292, Further Amendment to Executive Order 13526, As Amended, Classified National Security Information—National Industrial Security Program (Federal Register, Mar 2003) Sec. 1-2
• “Too Many Secrets: Overclassification As A Barrier To Critical Information Sharing”, (Hearing Before The Subcommittee On National Security, Emerging Threats And International Relations Of The Committee On Government Reform House Of Representatives One Hundred Eighth Congress Second Session August 24, 2004) Serial No. 108-263, Available Via The World Wide Web: Http://www.Gpo.Gov/Congress/House and Http://www.House.Gov/Reform.“Secrecy Report Card, Quantitative Indicators in Secrecy of the Federal Government”, (http://www.openthegovernment.org/otg/SRC2006.pdf, August 2004) .
REFERENCES
www.ispcert.com
MARKING CLASSIFIED MATERIAL
www.ispcert.com
Marking requirements
Test
CONTENTS
www.ispcert.com
A classification marking is a physical designation designed to notify and warn the holder that the information they are in possession of is classified and to what level of classification
WHAT IS A CLASSIFICATION MARKING
www.ispcert.com
Classification markings are require to be annotated on all forms and media of classified material:
Computers Disks Papers Magnetic tape Books
WHERE DO MARKINGS APPEAR?
www.ispcert.com
CONFIDENTIAL information could reasonably be expected cause damage
SECRET could reasonably be expected to cause serious damage
TOP SECRET could reasonably be expected to cause exceptionally grave damage to national security.
THREE DESINGNATIONS FOR CLASSIFIED
Caution: Classified information designated CONFIDENTIONAL should not be confused with the proprietary information sometimes referred to as company confidential.
www.ispcert.com
Must put reason for classification
Who classified the material (office or person)
Annotate date or event marking the duration of classification
Classified material should always display proper markings at all times
IDENTIFICATION MARKINGS
www.ispcert.com
Overall Marking-This is the highest level of classified information found in the classified document. This is place prominently on the top and bottom of the outside, front cover, the title page, first page and the back of the document. If it is not possible to stamp, write, type or mark otherwise, then a label can be attached.
Page marking-Mark the highest level of classified information contained on each internal page. If the page is UNCLASSIFIED, it can be marked as such. For efficiency or if contract specifies, each internal page can be marked with the overall document classification.
Component Marking-Attachments to letters, annexes or appendixes to documents could be used as a separate document. In that case, the component is marked as a separate document.
TYPES OF MARKINGS
www.ispcert.com
Portion Markings-Each part, section paragraph or other portion of a document has to be marked to appropriately identify the classification level. These markings are put at the end of the portion, or if there are no numbers or letters separating the portion they should be put at the beginning. (U, C, S, TS)
Subject and title markings-If at all practical assign unclassified titles or subjects to a document. If titles or subjects are classified, use the appropriate classification symbol after it.(U, C, S, TS)
TYPES OF MARKINGS
www.ispcert.com
Derivative classification means extracting, summarizing, or deriving classification from another source
FSO ensures contractor is training and has resources
Contractor ensures: Use of Security Classification Guide Mark derived copy with the same classification as original Challenge classification when necessary Carry over longest period of classification to the new document Maintain list of sources used to compile the derivative document
DERIVATIVE CLASSIFICATION RESPONSIBILITIES
www.ispcert.com
In many cases those performing on classified contracts may assemble, modify, or construct classified information, reports, hardware and etc. into a new product. In that case the new product is an item derived from different sources.
Both the contractor and the government have responsibilities. The Cognizant Security Agency provides the instruction and resources and the contractor complies.
DERIVATIVE CLASSIFICATION RESPONSIBILITIES
www.ispcert.com
The “Derived From” line connects the classified material incorporated in a new document with the source document or the security classification guide
The contractor annotates the reasoning or source of
the classification This authorization includes the security classification guide
listed on the DDForm254
“DERIVED FROM” LINE
www.ispcert.com
The “derived from” line continues the record of accountability for classified material
Those who create derivative documents are not acting as Original Classification Authorities and don’t need such appointment or authority
They only transfer original document information into a new document while keeping accountability
“DERIVED FROM” LINE
www.ispcert.com
Use the term “multiple sources” on the derivative document where more than one source document is used maintain records of the multiple sources
If the Contract Security Classification Specification (DD Form 254) is the sole source, put the date of the specification and the contract number in the “Derived From” line
“DERIVED FROM” LINE
www.ispcert.com
EXAMPLES OF DOCUMENT MARKINGS
Overall classification from source document
Paragraph from source to derived document
“Derived From” line based on information from source documents
www.ispcert.com
The “Declassify On” line provides declassification instructions and is referenced with:Contract Security Classification
Specification Security classification guideOr, carry forward the duration
instruction from the source document or classification guide (e.g., date or event).
“DECLASSIFY ON” LINE
“Declassify On” line notifies the contractor of declassification instructions
www.ispcert.com
These markings are no longer authorized“Declassify on:” could display one of the following:
X1-X8 Decl: OADR
Never mark RD or FRD with a “declassify on” line
“DECLASSIFY ON” LINE
Typically, classified information will maintain its status for 10 years. In the event national security sensitivity requires, this date can be set for 25 years in the future.
www.ispcert.com
“DECLASSIFY ON” LINE
• A “Declassify on” should be in accordance with Sec. 2001.12 of ISOO Directive No. 1:– A date or event less than 10 years from the date of the document;
or– A date 10 years from the date of the document; or – A date greater than 10 and less than 25 years from the date of the
document; or – A date 25 years from the date of the document.
www.ispcert.com
Use “Downgrade To” line when downgrading instructions are included in the Contract Security Classification Specification, classification guide or source document
“DOWNGRADE TO” LINE
For example:CLASSIFIED BY: Multiple SourcesDOWNGRADE TO (SECRET or CONFIDENTIAL) ON: XXXXXDECLASSIFY ON: XXXXX
www.ispcert.com
"DOWNGRADE TO" Line. Be sure to coordinate with the Government contracting agency BEFORE downgrading classified material.
Information that loses sensitivity based on time or event is downgraded or declassified. The action is taken based on formal notification or from the Contract Security Classification Guidance.
Contractors should consult with the GCA prior to taking downgrade or declassification action. Once approved, documentation and remarking should take place concurrently.
“DOWNGRADE TO” LINE
SECRET CONFIDENTIAL
www.ispcert.com
"CLASSIFIED BY" Line and "REASON CLASSIFIED" Line are used primarily on originally classified material
Some agencies may require that derivative classifiers put identify their office and reason for classification
“CLASSIFIED BY” LINE
For example:CLASSIFIED BY: Department 5
Office of Good WorksREASON CLASSIFIED: Section 2.1 Security Classification GuideDECLASSIFY ON: X-1
www.ispcert.com
Classified generated under previous executive orders need not be re-marked
Most contain proper portion markings, if not, carry over highest classification of source document
The originator, not contractor, is responsible for classification markings
PREVIOUS EXECUTIVE ORDERS
www.ispcert.com
Classification markings must be clear, no matter the mediaFiles, folders or groups of documents must be marked at highest
level withinEmail and other electronic messages have to be marked the
same as any documentMicroform is tiny, but the media has to be marked to be seen by
the unaided eye and within the microform documentTranslations of U.S. classified information is marked with U.S. as
country of origin and the classification in English and foreign language
SPECIAL TYPES OF MATERIAL
All media, regardless of form must be marked to the proper level to ensure that the classification of the item is clear to the holder.
www.ispcert.com
Transmittal documents are marked with the highest classification of the entire document packet and with notation of classification level once removed from document packet Must carry all classification markings of any classified document
TRANSMITTAL DOCUMENTS
If unclassified when removed put: Unclassified with separated from classified enclosures.
If classified with higher classification documents included put: CONFIDENTIAL or SECRET when separated from enclosures
www.ispcert.com
Information that is unclassified when alone and classified when compiled Mark with the highest level of classification Portion markings are not necessary
Unclassified material developed while working with classified information should be handled in a way to protect the classified material
Training material is marked to indicate that it is UNCLASSIFIED but is assigned a classification for training purposes only UNCLASSIFIED SAMPLE SECRET FOR TRAINING, OTHERWISE UNCLASSIFIED
OTHER CLASSIFICATION EVENTS
www.ispcert.com
Other material should be protected as classified even if it is not classified. The protection is to ensure that the classified portion is not disclosed without authorization, clearance and need to know. The above are few examples.
OTHER CLASSIFICATION EVENTS
Upgrade when there is message notifying to upgrade a classification. For example: SECRET to TOP SECRET Re-mark with new classifications Obliterate former classification markings Enter authority and reason for upgrade Notify other users
UPGRADING
Upgrading of classified information indicates added sensitivity and should be performed immediately and all users notified. New markings should be annotated and old markings obliterated
www.ispcert.com
If unmarked classified information is removed from facility: Determine clearance and authorized access of holders Assess whether or not control of item has been lost If recipients have clearance and need to know; notify of
classification If control has been lost, notify Cognizant Security Agency
INADVERTANT RELEASE
www.ispcert.com
Anytime classified material is inadvertently released, the FSO should conduct and assessment to determine the damage. If release of classified information happened where there were no classification markings provided assess whether or not authorized users had access.
If users were cleared with need to know, provide notification and re-mark. If there was unauthorized access or control was otherwise lost, notify the CSA.
INADVERTANT RELEASE
www.ispcert.com
Mark classified material to the highest level possible Indicate classification authority and reason for classification
Provide proper markings for compiled or derived classification
Determine marking requirements for special types of material
Perform downgrade and upgrade requirements
Provide instructions for inadvertent release
SUMMARY
www.ispcert.com
PERFORMING ON CLASSIFIED CONTRACTS
www.ispcert.com
The Facility Security Clearance
The FSO
The Personnel Security Clearance
Test
CONTENTS
What are an FSO’s Responsibilities? Who is responsible for requesting facility clearances? How are investigations conducted?
These are questions that come to the minds of many who practice management of classified material. It is important for all who work on a classified contract understand the requirements and qualifications for doing so.
www.ispcert.com
FCL’S are related to a contract
The FCL is a result of the government’s determination that a company is eligible to have access to classified information or the award of a classified contract (NISPOM 2-100)
Sponsored by government or prime contract
Additionally, if the company is to possess or store classified material, the CSA will have to determine and approve the FCL and the storage level for that company.
FACILITY SECURITY CLEARANCE
www.ispcert.com
This need for a clearance must be supported by a legitimate U.S. Government or foreign government requirement and the contact will be offered as having that need.
Basically, the Government will have classified work to assign to a competent defense contractor. As a result of the required work, the contractor will need to be eligible for a clearance. If the government requires a defense contractor to store and or work with classified material on site, then they will also be required to have a storage level assigned
FACILITY SECURITY CLEARANCE
www.ispcert.com
Qualifications for FCL
Structured as an entity as under the laws of the United States, the District of Columbia or Puerto Rico and have a physical location in the United States or her territories.
A reputation of good and ethical business practices
Neither the company nor key managers are barred from participating in U.S. Government contracts
Must not fall under Foreign Ownership Control Or Influence
FACILITY SECURITY CLEARANCE
www.ispcert.com
FCL Process
Government Contracting Authority approve, Cognitive Security Agency conducts evaluation
Company compiles list of Key Management Personnel
Assembles vital corporate documents
Prepares Department of Defense Security Agreement DD Form 441
Prepares FOCI Statement SF328
FACILITY SECURITY CLEARANCE
www.ispcert.com
A critical piece to the sponsorship program is for the CSA to have a good understanding of the company and their mission. Information needed includes: articles of incorporation, stock records, corporate by-laws, minutes, 10k and tax documentation.
The senior company officer, the FSO and other personnel as deemed necessary by the CSA will need a security clearance.
The other officers and board members may be excluded from the security clearance process if they will not have influence over cleared contractor decisions.
FACILITY SECURITY CLEARANCE
www.ispcert.com
The SF 328 is used by the contractor and the CSA to determine whether or not and to what limit the cleared contractor falls under Foreign Ownership Control and Influence. As with determining the amount of control a company officer or board member has over classified contracts, the same holds true of foreign entities a company may partner with.
FACILITY SECURITY CLEARANCE
www.ispcert.com
Contractor agrees to: Implement and enforce the security controls Verify that persons have need to know and clearance
The Government agrees to: Indicate the appropriate level of classification Agree not to over-classify Notify the cleared contractor of any changes in the classification Issue proper handling, storage and processing information
GOVERNMENT CONTRACTOR AGREEMENT
DD Form 441
www.ispcert.com
Appointed to direct and implement security procedures designed to protect classified information from unauthorized disclosure
Identified in DoD 5220.22-M (NISPOM)Security clearancesAccountability of classified information
Receipt of all transactionShipmentStorageAuthorized disclosureExports complianceVisit controlPhysical securityAudits and facility evaluations
THE FSO
www.ispcert.com
QualificationsCleared at the same level as the facility clearanceU.S. Citizen
THE FSO
This FSO has a tremendous scope of responsibility and takes on the role as the provider of security and the link between the government contractor, the cognizant security agency (CSA) and the federal government.
www.ispcert.com
A security clearance is the administrative determination that an employee is eligible from a national security basis for a security clearance
The final clearance is the result of a request by the contractor, investigation conducted by the CSA and determination made by a trained adjudicator
PERSONNEL SECURITY CLEARANCE
www.ispcert.com
The contractor and CSA have joint responsibilities
Contractor Submits request and supporting documents
CSA Determines the employee’s eligibility of access Notifies the cleared contractor whether or not the access has been
granted Designates a database for the administrative record and
accountability of the clearance status
PERSONNEL SECURITY CLEARANCE
www.ispcert.com
CSA will ensure the proper security clearance background investigation is conducted
Single Scope Background Investigation (SSBI) conducted for access to:
TOP SECRET Q Secret Compartmented Information
National Agency Check with Local Agency Check and Credit Check (NACLC) conducted for access to:
SECRET CONFIDENTIAL L
BACKGROUND INVESTIGATIONS
www.ispcert.com
Single Scope Background Investigation (SSBI) investigates information from Educational institutions during the past 3 years Residence during the past three years Law enforcement records during the past 10 years Financial records of the most recent seven years.
National Agency Check with Local Agency Check and Credit Check (NACLC) Search of the Federal Bureau of Investigation’s database Credit check – past seven years
Residence employment education law enforcement records of all locations listed on the SF 86
during the past five years.
BACKGROUND INVESTIGATIONS
www.ispcert.com
The results of the investigation demonstrate whether or not the subject is stable, trustworthy, reliable, of excellent character, judgment, and discretion; and of unquestioned loyalty to the United States.
The determination is based on 13 investigation criteria:
1. Allegiance to the United States
2. Foreign preference
3. Foreign influence
4. Sexual behavior
5. Personal conduct
ADJUDICATION
www.ispcert.com
6. Financial considerations
7. Alcohol consumption
8. Drug involvement
9. Psychological conditions
10. Criminal conduct
11. Handling protected information
12. Outside activities
13. Use of Information Technology Systems
ADJUDICATION
www.ispcert.com
Subjects who fall under any of the above criteria will not automatically be denied a security clearance. Adjudicators will consider:
The nature, extent, and seriousness of the conduct The circumstances surrounding the conduct, to include
knowledgeable participation The frequency and recency of the conduct The individual’s age and maturity at the time of the conduct The voluntariness of participation The presence or absence of rehabilitation and other
pertinent behavioral changes The motivation for the conduct The potential for pressure, coercion, exploitation, or duress The likelihood of continuation or recurrence.
CONSIDERATIONS OF CRITERIA
www.ispcert.com
Subjects who fall under any of the above criteria will not automatically be denied a security clearance. There are situations where people have committed crimes, used drugs, sought professional counseling or other types of treatment. In some cases people who had abused alcohol attended rehabilitation, they were suffering emotional problems for a death or divorce, or the indicated incidences had transpired way back in their personal histories.
When considering a person for a clearance, the adjudicator will assess each case. It is important for the applicant to fill out the security clearancerequest information accurately and not where provided the specific incident and all that had transpired as a result. The adjudicator will only be able to rely on the information provided in the investigation and the applicant’s notes.
CONSIDERATIONS OF CRITERIA
www.ispcert.com
It is also important to note that cleared personnel will need to continue their demonstration of suitability after the security clearance is determined. They will also have to notify their security offices anytime they or another cleared employee violate any of the criteria.
At some point cleared employees will be reinvestigated according to their need of a security clearance and level. The incidents may call into question the issue of suitability. These self referrals will demonstrate trustworthiness and will help mitigate the incidents. If an investigator discovers the incident had occurred during the periods between investigations, the subject’s suitability may be called into question.
CONSIDERATIONS OF CRITERIA
www.ispcert.com
SAFEGUARDING CLASSIFIED INFORMATION
www.ispcert.com
General Requirements
Control and Accountability
Storage
Transmission
Disclosure
Reproduction
CONTENTS
www.ispcert.com
Contractors protect classified material under their control
Individuals protect classified information entrusted to them
GENERAL REQUIREMENTS
The FSO leads and implements the security program designed to protect classified information and prevent unauthorized disclosure
www.ispcert.com
Protect oral discussion Use secure devices Speak in closed meetings Ensure area is cleared for classified presentation
Classified conversations should only be conducted in authorized areas. Classified meetings are sponsored by the government and all outside visitors will need to file a visit authorization ahead of time. Ensure classified phone conversations take place in a cleared area on a secure line.
GENERAL REQUIREMENTS
www.ispcert.com
Complete end of day security checks Ensure classified is stored properly Checks are for last shift where classified material was removed from
storage
Security checks are necessary to ensure classified material has been returned to the authorized storage area and the classified storage has been properly secured. Checks are not necessary during 24hour operations.
GENERAL REQUIREMENTS
www.ispcert.com
Establish perimeter controls Deter and detect unauthorized removal or entry of classified Persons entering or exiting facility is subject to search
Develop emergency procedures Protect classified information in any emergency situation
GENERAL REQUIREMENTS
www.ispcert.com
Perimeter controls help prevent unauthorized entry or exit of classified material. All classified material is to be introduced and removed only through the security office. This discourages losing control of classified material and the resulting security violation.
All personnel entering and exiting a cleared facility are subject to random search. Notices of such searches should be posted.
Regardless of motivation, employees provide the largest security risk. Unauthorized introduction or removal of classified material is far too common.
Procedures should be in place to arrange for the accountability of classified during any emergency. Define emergency procedures for: tornado, flood, fire, hurricane or tragedy at campus or during courier operations
GENERAL REQUIREMENTS
www.ispcert.com
Classified material is on site for legal, U.S. Government purposes only. When contract expires, classified material must be returned to customer within two years or if approved for retention validated with final DD Form 254.
The FSO develops documenting and accounting procedure to ensure items are cataloged and retrievable within a reasonable amount of time.
CONTROL AND ACCOUNTABILITY
www.ispcert.com
Contractors designate TOP SECRET control officials to:ReceiveTransmitMaintain access and accountabilityConduct annual inventory
TOP SECRET has continuous transmittal receipt process to maintain accountability and prevent
loss or compromise.
CONTROL AND ACCOUNTABILITY
www.ispcert.com
Each TOP SECRET item must be numbered in series
Received classifiedCheck for tamperCheck for accuracy against receiptIf all good, sign and return receipt to sender
CONTROL AND ACCOUNTABILITY
www.ispcert.com
Maintain a continuous record for all documents transmitted from your site. This includes mail, courier, email, and etc. Each item of TOP SECRET material has to be catalogued and numbered in a series.
Those who receive classified material are responsible that they are receiving items as indicated on the receipt. They should inspect the package for evidence of tampering and compare the classified items with the receipt. The
classified item should have an unclassified title.
CONTROL AND ACCOUNTABILITY
www.ispcert.com
Account for all produced TOP SECRET when:A finished productRetained for over 30 days (notes, files, workbook, final)Transmitted outside of facility
Classified information not a finished product-No problemMark date createdMark classification levelAnnotate “Working Papers”
Working papers are to be marked as finished document when:
Over 30 days old for TOP SECRETOver 180 days for SECRET and CONFIDENTIALSent outside of facility
CONTROL AND ACCOUNTABILITY
www.ispcert.com
Re-cap: TOP SECRET material must also be accounted for when in an unfinished
state for over 30 days or transmitted outside of the facility. This process further reduces employee error and security violations.
SECRET and CONFIDENTIAL material should be brought into accountability 180 days after creation if in an unfinished state.
Regardless of stated, classified information should be accounted for prior to release from a facility.
CONTROL AND ACCOUNTABILITY
www.ispcert.com
TOP SECRET and SECRET is stored in GSA approved container, approved vault or approved closed area with supplemental controls
SECRET can also be stored as followed until Oct 1, 2012 Safe, steel file cabinet or safe type container with automatic lock
Requires supplemental protection after hour
Any steel cabinet with four sides, top, bottom and a rigid bar with approved locks
CONFIDENTIAL material doesn’t need supplemental controls
CLASSIFIED STORAGE
www.ispcert.com
Restricted areas are used when controlling access to classified material in a large area. There does not need to be physical barriers, but access control is necessary. Restricted areas are for temporary use of classified material and all classified material needs to be returned to the repository. Only used during working areas Used for unique size, mission or other issues Classified must be returned to proper storage when
complete Employees challenge all who enter to ensure
clearance and NTK
CLASSIFIED STORAGE
www.ispcert.com
Closed areas are a more permanent solution for the classified items that are difficult to store. These difficulties arise from size, bulk or unique mission requirements. FSO’s limit access and provide supplemental controls for anything SECRET or above in closed areas.
CLASSIFIED STORAGE
www.ispcert.com
Closed areas are used to store classified material that won’t fit into a GSA approved container Access is controlled Supplemental protection for SECRET and TOP SECRET Qualify structural integrity at required intervals CSA approves open shelf/bin storage of SECRET and
CONFIDENTIAL No open shelf or bin storage of TOP SECRET
CLASSIFIED STORAGE
www.ispcert.com
As with security clearances, keep the amount of authorized employees having knowledge of combinations to the minimum amount necessary.
Keep records of those who have the combination. Remind employees that the combinations are to be protected at the highest level of classified stored inside the container.
CLASSIFIED STORAGE
www.ispcert.com
Lock combinations given as few employees as necessary Keep a record of those knowledgeable Protect combinations at the highest level stored Only assign to those with clearance and NTK (not the locksmith)
Lock all approved containers when not under direct viewing of authorized persons
CLASSIFIED STORAGE
www.ispcert.com
Security containers should not be altered, painted or labeled with the security classification level of the contents
Change combinations upon initial use, change in status of authorized users, compromise or suspected compromise of container or combination, when safe is left open or when required by FSO or CSA
CLASSIFIED STORAGE
SECRET
www.ispcert.com
Control access and accountability to keys and locks and: Appoint a custodian Maintain register of lock
and keys Audit keys and locks
monthly Inventory keys upon
change of custody Keep keys on premises Rotate or change locks
annually
CLASSIFIED STORAGE
www.ispcert.com
Repairs to GSA approved containers shall be made by cleared or escorted personnel trained in approved methods. Repairs should be made with approved parts or approved cannibalized parts. Ensure certificate of repair is on file.
Access control can be used to limit access to closed areas DURING WORK HOURS. Must be approved by FSO and meet criteria in 5-313 and 5-314 of NISPOM
CLASSIFIED STORAGE
www.ispcert.com
Click on the correct answers
TEST
1. Company financial forecasts and budget information should be:
A. Locked in an office or desk
B. Given no special protection
C. Put on the company website
2. What forms of espionage are current threats to U.S. Companies
A. Economic
B. Corporate
C. Intelligence gathering
D. All the above
3. There is no need to report foreign correspondence as long as its not classified
A. True
B. False
4. Email contacts could be considered suspicious when they are addressed to:
A. Company
B. Department
C. Individual
D. All of the above
TEST-SELECT THE CORRECT ANSWER
www.ispcert.com
6. Which of the following are factors that may make you a target of espionage:A. Ethnic background B. Annual incomeC. Rental car
7. While traveling, you have control over all situations
A. True
B. False
8. All are examples of collection methods EXCEPT:
A. Elicitation
B. Surveillance
C. Currency exchange
D. Eavesdropping
9. All must be considered before the OCA can assign a classification marking EXCEPT
A. May cause damage to national security
B. Is owned by the Government
C. Displays nuclear vulnerabilities
D. Hide an nationally embarrassing situation
TEST-SELECT THE CORRECT ANSWER
10. Which of the following is the most correct countermeasure of a solicitation effort
A. Agree to provide then contact the authorities
B. Say “no” and then contact the authorities
C. Continue the conversation so as not to offend the host
D. Make attempts to change the subject
11. Most foreign contacts are well meaning and legitimate
A. True
B. False
12. All of the following are classifications EXCEPT:
A. TOP SECRET
B. CONFIDENTIAL
C. SECRET
D. FOR OFFICIAL USE ONLY
13. All of the following are conditions to be met before classifying an item except
A. Original Classification Authority is involved
B. U.S. Government owns it
C. Information could cause damage to national security
D. Information could cause embarrassment to the President
TEST-SELECT THE CORRECT ANSWER
www.ispcert.com
24. Unauthorized disclosure of items classified at the SECRET level could:A. Cause extremely serious damageB. Cause damageC. Cause extremely grave damageD. Cause serious damage
24. All of the following are criteria for evaluating suitability EXCEPT:
A. Alcohol use
B. Personal Conduct
C. Misuse of Technology
D. Abstinence
16. Everyone who works in a cleared facility must have a clearance
A. True
B. False
17. Single Scope Background Investigations are conducted for:
A. CONFIDENTIAL
B. L
C. SECRET
D. SCI
TEST-SELECT THE CORRECT ANSWER
www.ispcert.com
18. All of the following are methods of protecting classified conversations EXCEPT:A. Use secure phone linesB. Speak in a closed areaC. Whisper when in public areas
19. When should combinations be changed on GSA approved containers (Select Best Answer)?
A. Upon change in status of knowledgeable person
B. When safe is left unattended
C. Upon compromise of combination
D. All the above
20. Lock combinations should be changed by a training lock smith
A. True
B. False
TEST-SELECT THE CORRECT ANSWER
www.ispcert.com
CERTIFICATE