General Security. Question Answer Policy Resource

Similar documents
Security Asset Protection Professional Certification (SAPPC) Competency Preparatory Tools (CPT)

Department of Defense DIRECTIVE

FSO Role in the NISP. Student Guide. Lesson 1: Course Introduction. Course Information. Course Overview

Introduction to Industrial Security, v3

Department of Defense INSTRUCTION

August Initial Security Briefing Job Aid

Department of Defense INSTRUCTION

Department of Defense DIRECTIVE

Department of Defense INSTRUCTION. SUBJECT: DoD Information Security Program and Protection of Sensitive Compartmented Information

Department of Defense INSTRUCTION

Protection of Classified National Intelligence, Including Sensitive Compartmented Information

Acquisitions and Contracting Basics in the National Industrial Security Program (NISP)

Personnel Clearances in the NISP

February 11, 2015 Incorporating Change 4, August 23, 2018

Department of Defense DIRECTIVE

Encl: (1) References (2) Department of the Navy Security Enterprise Governance (3) Senior Director for Security (4) Definitions (5) Responsibilities

Department of Defense MANUAL

Department of Defense MANUAL

Department of Defense MANUAL

Industrial Security Program

Question Distractors References Linked Competency

The DD254 & You (SBIR)

Department of Defense DIRECTIVE

GAO INDUSTRIAL SECURITY. DOD Cannot Provide Adequate Assurances That Its Oversight Ensures the Protection of Classified Information

Department of Defense

COMPLIANCE WITH THIS PUBLICATION IS MANDATORY

Department of Defense INSTRUCTION

DEPARTMENT OF THE NAVY INSIDER THREAT PROGRAM. (1) References (2) DON Insider Threat Program Senior Executive Board (DON ITP SEB) (3) Responsibilities

Question Distractors References Linked Competency

8/15/2013. Security Incidents Involving Special Circumstances. Information Security Webinar. Danny Jennings. DCO Meeting Room Navigation

Department of Defense DIRECTIVE. DoD Executive Agent (EA) for the DoD Cyber Crime Center (DC3)

DoD Update Insider Threat and the NISP

DEPARTMENT OF THE NAVY COUNTERINTELLIGENCE

Subj: DEPARTMENT OF THE NAVY (DON) INFORMATION SECURITY PROGRAM (ISP) INSTRUCTION

Department of Defense INSTRUCTION

DEPARTMENT OF DEFENSE (DoD) INITIAL TRAINING GUIDE

Department of Defense INSTRUCTION

Security Classification Guidance v3

Department of Defense INSTRUCTION

Department of Defense MANUAL

Department of Defense INSTRUCTION

Department of Defense INSTRUCTION. SUBJECT: Security of Unclassified DoD Information on Non-DoD Information Systems

Department of Defense INSTRUCTION. DoD Unclassified Controlled Nuclear Information (UCNI)

Department of Defense DIRECTIVE

Department of Defense INSTRUCTION

Student Guide: Controlled Unclassified Information

Defense Security Service Academy OCA Desk Reference Guide

B. ACCESS, STORAGE, CUSTODY, CONTROL AND TRANSMISSION OF CLASSIFIED INFORMATION

Department of Defense INSTRUCTION. International Transfers of Technology, Articles, and Services

January 3, 2011 MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES

Department of Defense DIRECTIVE

NATO SECURITY INDOCTRINATION

Department of Defense MANUAL

DODEA ADMINISTRATIVE INSTRUCTION , VOLUME 1 DODEA PERSONNEL SECURITY AND SUITABILITY PROGRAM

REPORT ON COST ESTIMATES FOR SECURITY CLASSIFICATION ACTIVITIES FOR 2005

September 02, 2009 Incorporating Change 3, December 1, 2011

2011 Annual Refresher Briefing

Department of Defense INSTRUCTION

Supply Chain Risk Management

INSIDER THREATS. DOD Should Strengthen Management and Guidance to Protect Classified Information and Systems

Department of Defense DIRECTIVE

Department of Health and Human Services (HHS) National Security Information Manual, February 1, 2005

PREPARATION OF A DD FORM 254 FOR SUBCONTRACTING. Cal Stewart ISP

Department of Defense DIRECTIVE

Department of Defense DIRECTIVE

Agency Mission Assurance

Department of Defense DIRECTIVE

DoD M, March 1994

Question Distractors References Linked Competency

Greg Pannoni April 2016

DoD M OPERATING MANUAL. February

Declassification Options and Requirements

Title:F/A-18 - EA-18 Aircraft / System Program Protection Implementation Plan

Department of Defense INSTRUCTION

Department of Defense DIRECTIVE

Department of Defense DIRECTIVE. SUBJECT: Information Assurance Training, Certification, and Workforce Management

Question Distractors References Linked Competency

Department of Defense INSTRUCTION

Department of Defense INSTRUCTION

DEPARTMENT OF THE NAVY OFFICE OF THE CHIEF OF NAVAL OPERATIONS 2000 NAVY PENTAGON WASHINGTON DC

COMPLIANCE WITH THIS PUBLICATION IS MANDATORY (AFMC)

Introduction to Personnel Security

This publication is available digitally on the AFDPO WWW site at:

Department of Defense MANUAL

Department of Defense INSTRUCTION

Student Guide Course: Original Classification

Department of Defense INSTRUCTION. Access to and Dissemination of Restricted Data and Formerly Restricted Data

Army Regulation Security. Department of the Army. Information Security Program. Headquarters. Washington, DC 29 September 2000 UNCLASSIFIED

Department of Defense DIRECTIVE. SUBJECT: Unauthorized Disclosure of Classified Information to the Public

Department of Defense DIRECTIVE. SUBJECT: Security Requirements for Automated Information Systems (AISs)

A Guide. Preparation. DD Form 254. for the. of a. National Classification Management Society. Defense Security Service

DATA ITEM DESCRIPTION

Department of Defense INSTRUCTION

Department of the Navy. Information Security Program

CHAIRMAN OF THE JOINT CHIEFS OF STAFF INSTRUCTION

Department of Defense DIRECTIVE

EXECUTIVE ORDER 12333: UNITED STATES INTELLIGENCE ACTIVITIES

Special Access Programs (SAPs) and Sensitive Activities

Suggested Contractor File Folder Headings

Preserving Investigative and Operational Viability in Insider Threat

Transcription:

General Security Briefly define a Special Access Program. A program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally required for information at the same classification level. SAP Overview SA001.16 List three enhanced security requirements for protecting Special Access Program (SAP) Information. Within Personnel Security: Access Rosters; Billet Structures (if required); Indoctrination Agreement; Clearance based on an appropriate investigation completed within the last 5 years; Individual must materially contribute to the program in addition to having the need to know; All individuals with access to SAP are subject to a random counterintelligencescope polygraph examination; Polygraph examination, if approved by the DepSecDef, may be used as a mandatory access determination; Tier review process; Personnel must have a Secret or Top Secret clearance; SF-86 must be current within one year; Limited Access; Waivers required for foreign cohabitants, spouses, and immediate family members. Within Industrial Security: The SecDef or DepSecDef can approve a carve-out provision to relieve Defense Security Service of industrial security oversight responsibilities. Within Physical Security: Access Control; Maintain a SAP Facility; Access Roster; All SAPs must have an unclassified nickname/ Codeword (optional). Within Information Security: The use of HVSACO; Transmission requirements (order of precedence). DoDI 5205.11, Management, Administration, and Oversight of DoD Special Access Programs Department of Defense Overprint to the National Industrial Security Program Operating Manual Supplement - 1 April 2004 DoDD 5205.07, SAP Policy SAP Overview SA001.16 Security Shorts, SAP Types and Categories Introduction to Special Access Programs SA101.01 Page 1

General Security What are three principal incident/ events required to be reported to DoD counterintelligence (CI) organizations? Espionage Sabotage Terrorism Cyber DoD 5220.22-M, National Industrial Security Program Operating Manual (NISPOM) E.O. 12333 DoDI 5200.01, DoD Information Security Program and Protection of Sensitive Compartmented Information NISPOM 1-302b or 1-301 DoDI 5200.01, DoD Information Security Program and Protection of Sensitive Compartmented Information DoDD 5240.06, CI Awareness and Reporting Counterintelligence Awareness and Reporting Course for DoD Employees CI116.06 Integrating CI and Threat Awareness into Your Security Program CI010.06 NISP Reporting Requirements IS150.16 List three indicators of insider threats. Failure to report overseas travel or contact with foreign nationals Seeking to gain higher clearance or expand access outside the job scope Engaging in classified conversations without a need to know Working hours inconsistent with job assignment or insistence on working in private Exploitable behavior traits Repeated security violations Attempting to enter areas not granted access to Unexplainable affluence/living above one s means Anomalies (adversary taking actions which indicate they are knowledgeable to information) Illegal downloads of information/files E.O. 13587 DoDI 5240.26, Countering Espionage, International Terrorism and the Counterintelligence (CI) Insider Threat DoDI 5240.24, Counterintelligence (CI) Activities Supporting Research, Development, and Acquisition (RDA) DoDI 5240.04, Counterintelligence (CI) Investigations DoDD 5240.06 Counterintelligence Awareness and Reporting Course for DoD Employees CI116.06 Thwarting the Enemy: Providing Counterintelligence & Threat Awareness to the Defense Industrial Base CI111.16 Integrating CI and Threat Awareness into Your Security Program CI010.16 List three elements that should be considered in identifying Critical Program Information. - Elements which if compromised could: (1) cause significant degradation in mission effectiveness, (2) shorten the expected combat-effective life of the system; (3) reduce technological advantage; (4) significantly alter program direction; or (5) enable an adversary to defeat, counter, copy, or reverseengineer the technology or capability. DoDI 5200.39, Critical Program Information (CPI) Protection Within the Department of Defense Defense Acquisition University (DAU) Page 2

General Security List three elements that a security professional should consider when assessing and managing risks to DoD assets. Asset Threat Vulnerability Risk Countermeasures Enclosure 3 of DoDM 5200.01-V3, Risk Assessment DoDM 5205.02 Risk Management for DoD Security Programs GS102.16 List three categories of Special Access Programs. Acquisition Intelligence Operations and Support DoDD 5205.07, SAP Policy DoDI 5205.11, Management, Administration, and Oversight of DoD Special Access Programs SAP Overview SA001.16 Security Short, SAP Types and Categories Page 3

General Security List five responsibilities of the Government SAP Security Officer/ Contractor Program Security Officer (GSSO/ CPSO). From Revision 1 Department of Defense Overprint to the National Industrial Security Program Operating Manual Supplement - 1 April 2004: Possess a personnel clearance and Program access at least equal to the highest level of Program classified information involved. Provide security administration and management for his/her organization. Ensure personnel processed for access to a SAP meet the prerequisite personnel clearance and/or investigative requirements specified. Ensure adequate secure storage and work spaces. Ensure strict adherence to the provisions of the NISPOM, its supplement, and the Overprint. When required, establish and oversee a classified material control program for each SAP. When required, conduct an annual inventory of accountable classified material. When required, establish a SAPF. Establish and oversee a visitor control program. Monitor reproduction and/or duplication and destruction capability of SAP information Ensure adherence to special communications capabilities within the SAPF. Provide for initial Program indoctrination of employees after their access is approved; rebrief and debrief personnel as required. Establish and oversee specialized procedures for the transmission of SAP material to and from Program elements. When required, ensure contractual specific security requirements such as TEMPEST Automated Information System (AIS), and Operations Security (OPSEC) are accomplished. Establish security training and briefings specifically tailored to the unique requirements of the SAP. Revision 1 Department of Defense Overprint to the National Industrial Security Program Operating Manual Supplement - 1 April 2004 SAP Overview SA001.16 Page 4

General Security What is the definition of Critical Program Information in DoD? U.S. capability elements that contribute to the warfighter s advantage throughout the life cycle, which if compromised or subject to unauthorized disclosure, decrease the advantage. Elements or components of a Research, Development, and Acquisition (RDA) program that, if compromised, could cause significant degradation in mission effectiveness; shorten the expected combat-effective life of the system; reduce technological advantage; significantly alter program direction; or enable an adversary to defeat, counter, copy, or reverse engineer the technology or capability. Includes information about applications, capabilities, processes and end-items. Includes elements or components critical to a military system or network mission effectiveness. Includes technology that would reduce the U.S. technological advantage if it came under foreign control. DoDI 5200.39, Critical Program Information (CPI) Protection Within the Department of Defense DoD 5200.39 List three primary authorities governing foreign disclosure of classified military information. Arms Export Control Act National Security Decision Memorandum 119 National Disclosure Policy-1 International Traffic in Arms Regulation (ITAR) E.O.s 12829, 13526 Bilateral Security Agreements DoD 5220.22-M, NISPOM Arms Export Control Act National Security Decision Memorandum 119 National Disclosure Policy-1 International Traffic in Arms Regulation (ITAR) E.O.s 12829, 13526 Bilateral Security Agreements DoD 5220.22-M, NISPOM DISAM International Programs Security Requirements IPSR- OLL IN112.06 Briefly describe the purpose of the DD Form 254. Convey security requirements, classification guidance and provide handling procedures for classified material received and/or generated on a classified contract. Federal Acquisition Regulation (FAR) Subpart 4.4 DoD 5220.22-M, NISPOM, DoD 5220.22-R, Industrial Security Regulation C7 (entire) CDSE Job Aid, How to Complete DD 254 Performance Support Guide Page 5

General Security List three different types of threats to classified information. Insider Threat Foreign Intelligence Entities (FIE) Cybersecurity Threat DoDD 5240.06, CI Awareness and Reporting DoDM 5200.01, Vol 3 Introduction to Information Security IF011.16 Cybersecurity Awareness CI130.16 CDSE-hosted Course JC-CI101.06 Insider Threat Briefly describe the concept of insider threat. An employee who may represent a threat to national security. These threats encompass potential espionage, violent acts against the Government or the nation, and unauthorized disclosure of classified information, including the vast amounts of classified data available on interconnected United States Government computer networks and systems. E.O. 13587, National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs DoDI 5240.26, Counterintelligence Espionage, International Terrorism, and the Counterintelligence (CI) Insider Threat JCITA Insider Threat Course Integrating CI and Threat Awareness Into Your Security Program C1010.16 Cybersecurity Awareness CI1630.16 CDSE-hosted e-learning Course Cyber Awareness Challenge Counterintelligence Awareness and Reporting Course for DoD Employees CI116.06 Describe the purpose of the Foreign Visitor Program. To track and approve access by a foreign entity to information that is classified; and to approve access by a foreign entity to information that is unclassified, related to a U.S. Government contract, or plant visits covered by ITAR. NISPOM 10-507 DoDI 5200.01, DoD Information Security Program and Protection of Sensitive Compartmented Information DoDD 5230.02 IS105.16, Visits and Meeting in the NISP Page 6

Industrial Security List three factors for determining whether U.S. companies are under Foreign Ownership, Control or Influence (FOCI). Record of economic and government espionage against the U.S. targets Record of enforcement/engagement in unauthorized technology transfer Type and sensitivity of the information that shall be accessed The source, nature and extent of FOCI Record of compliance with pertinent U.S. laws, regulations and contracts Nature of bilateral & multilateral security & information exchange agreements Ownership or control, in whole or part, by a foreign government DoD 5220.22-M, NISPOM, 2-301 DoD 5220.22-R, Industrial Security Regulation C2.2.3 Understanding Foreign Ownership, Control, or Influence (FOCI) IS065.16 Define the purpose and the function of the Militarily Critical Technologies List (MCTL). Serves as a technical reference for the development and implementation of DoD technology, security policies on international transfers of defense-related goods, services, and technologies as administered by the Director, Defense Technology Security Administration (DTSA). DoDI 3020.46, The Militarily Critical Technologies List (MCTL) Export Administration Act of 1979 (extended by Executive Order) Militarily Critical Technologies List www.acq.osd.mil/rd/ tech_security/mctp/ mctl.html Formulation of export control proposals and export license review Identify the four Cognizant Security Agencies (CSAs) and describe their role in the National Industrial Security Program (NISP). The four CSAs are the Department of Defense (DoD), the Director of National Intelligence (DNI), the Department of Energy (DoE), and the Nuclear Regulatory Commission (NRC). Establish an industrial security program to safeguard classified information under its jurisdiction. DoD 5220.22-M, National Industrial Security Program Operating Manual (NISPOM) 1-101, 1-104 EO 12829, National Industrial Security Program Introduction to Industrial Security IS011.16 Page 7

Information Security How does lack of attention to the concept of compilation introduce risks to DoD assets? Can cause: Unauthorized disclosure Misclassification Security violation Improper safeguarding Improper dissemination Improper handling Improper destruction DoD Manual 5200.01, DoD Information Security Program, Volumes 1 & 3 Information Security Oversight Office (ISOO) 32 CFR Parts 2001 & 2003, Classified National Security DoD Manual 5200.01, Volumes 1, 2 & 3 ISOO 32 CFR Parts 2001 & 2003, Classified National Security Security Classification Guidance, IF101.16 Derivative Classification IF103.16 Marking Classified Information IF105.16 Introduction to Information Security IF011.16 DoD Security Specialist GS101.001 Information Security Management IF020.CU List three transmission and transportation requirements that help manage risks to DoD assets. Safeguarding Briefings Documentation Personal control Utilizing proper methods of transmission/transportation based on classification level Intended recipient(s) have proper clearance/eligibility and need to know (or access) Capability to properly store classified information DoD Manual 5200.01, Volume 3, Encl. 4 ISOO 32 CFR Parts 2001 & 2003, Classified National Security DoD Manual 5200.01, Volumes 1, 2 & 3 ISOO 32 CFR Parts 2001 & 2003, Classified National Security Transmission and Transportation for DoD IF107.16 DoD Security Specialist GS101.01 Information Security Management IF020.CU Page 8

Information Security List three types of security briefings that help manage risks to DoD assets. Initial Orientation Annual Refresher Threat Awareness Foreign Travel Special Training Requirements Derivative Classification Original Classification Authority (OCA) Declassification Authority Debriefings Termination briefing DoD Manual 5200.01, Volume 3, Encl. 5 ISOO 32 CFR Parts 2001 & 2003, Classified National Security DoD 5200.02-R, Personnel Security Program DoD Manual 5200.01, Volumes 1 & 3 SOO 32 CFR Parts 2001 & 2003, Classified National Security Developing a Security Education and Training Program GS104.16 Introduction to Personnel Security PS113.16 Security Awareness for Educators GS103.01 DoD Security Specialist GS101.01 Information Security Management IF020.CU DoD 5200.2-R List three disposal and destruction methods used to effectively manage risks to DoD classified information. Cross-cut shredding Burning/ Incinerating Pulverizing Disintegrating Mutilating Degaussing Chemical decomposition Special burn Wet pulping Overwriting Sanding Physical destruction DoD Manual 5200.01, Volumes 1 & 3 (Enclosures 3 & 7) ISOO 32 CFR Parts 2001 & 2003, Classified National Security NSA/CSS Storage Device Declassification Manual (www.nsa.gov/ia/_files/ government/mdg/nsa_css_storage_ Device_Declassification_Manual.pdf) DoD Manual 5200.01, Volumes 1 & 3 (Enclosures 3 & 7) ISOO 32 CFR Parts 2001 & 2003, Classified National Security Information Security Emergency Planning IF108.06 CDSE Security Shorts, Disposal and Destruction NSA/CSS (www.nsa.gov/ia/guidance/media_ destruction_guidance/index.shtml) Page 9

Information Security List three types of safeguarding procedures for classified information. Proper storage Proper handling Approved disposition Proper transmission/transportation methods Receipt use, when required Forced entry protection Dissemination Physical security measures Technical, administrative, and personnel control measures (deleted access control as these measures constitute access control) Develop emergency plan DoD Manual 5200.01, Volumes 1, 2, & 3 ISOO 32 CFR Parts 2001 & 2003, Classified National Security DoD 5200.2-R DoD 5200.8-R, Physical Security Program DoD Manual 5200.01, Volumes 1, 2, & 3 ISOO 32 CFR Parts 2001 & 2003, Classified National Security CDSE Webinars CDSE Jobaids CDSE e-learning Courses CDSE Security Short Classified Storage Requirements Introduction to Physical Security Course, PY011.06 DoD Security Specialist GS101.01 Information Security Management IF020.CU - Information Security Emergency Planning IS108.06 Describe the security professional s role in handling a security incident. Secure Safeguard Report Inquire (under unusual circumstances) Investigate (under unusual circumstances) Recommend DoD Manual 5200.01, Volumes 3, Encl. 6 ISOO 32 CFR Parts 2001 & 2003, Classified National Security DoD Manual 5200.01, Volumes 1, 2 & 3 ISOO 32 CFR Parts 2001 & 2003, Classified National Security NCIX Unauthorized Disclosures DoD Security Specialist GS101.01 Information Security Management IF020.CU CDSE Webinar CDSE Job aids www.ncix.gov/training/ wbt.php (Web-based training for unauthorized disclosures) Page 10

Information Security Describe how the roles of the security professional and the information assurance (IA) professional differ in regard to protecting DoD classified information on information technology (IT) systems. The IA professional must ensure that all DoD information systems maintain appropriate levels of availability, integrity, authentication, confidentiality, and non-repudiation in order to protect and defend DoD information and networks. They must also ensure the systems are certified and accredited. The security professional coordinates with the IA professional during the C&A process. The security professional must be aware of the nature, scope, and schedule of ongoing C&A activities within a given organization, in order to provide timely and relevant classification management direction and to ensure the physical environment is properly secured and accredited for the operations planned and that users are properly cleared and have all requisite access in time to support the mission. DoD Manual 5200.01, Volume 3, Encl.7 ISOO 32 CFR Parts 2001 & 2003, Classified National Security DoDI 8510.01, DoD Information Assurance Certification and Accreditation Process (DIACAP) DoDD 8500.01E, Information Assurance (IA) DoD Manual 5200.01, Volumes 1, 2, & 3 ISOO 32 CFR Parts 2001 & 2003, Classified National Security Information Security Management IF020.CU Cybersecurity Awareness CI130.16 Information Assurance Awareness for the Intelligence Community DS-IC101.06 Page 11

Personnel Security Explain how the adjudication process contributes to effective risk management of DoD assets. Ensures that, based upon all available information, an individual s loyalty, reliability, and trustworthiness are such that entrusting assigned persons with eligibility to classified information or sensitive duties is in the best interest of national security. DoD 5200.2-R, Personnel Security Program White House Memorandum, Revised Adjudicative Guidelines EO 12968 EO 13467, Amendment to EO 12968 Introduction to DoD Personnel Security Adjudications PS001.18 DoD Personnel Security Adjudication PS101.01 Personnel Security Management for Security Professionals PS212.01 PERSEREC Adjudicative Desk Reference Introduction to National Security Adjudications PS170.16 Explain how effective implementation of the continuous evaluation process contributes to management of risks to DoD assets. Ensures that individuals with national security eligibility and access are continuously assessed through utilization of accessible databases and other lawfully available information; continue to meet adjudicative standards; and that any issues that may arise are promptly reported. DoD 5200.2-R E.O. 12968 EO 13467, Amendment to EO 12968 E.O. 10450 Introduction to Personnel Security PS113.16 DoD Personnel Security Management for Security Professionals PS212.01 CDSE Job Aids, How to Receive and Maintain Your Security Clearance Describe how authorization of Limited Access Authority impacts risk to DoD assets. Increases risk by allowing a foreign national access to classified information. Reduces risk by ensuring Foreign Nationals with a unique or unusual skill set have been properly investigated and adjudicated before being granted access to classified information. DoD 5200.2-R E.O. 12968 Personnel Security Management for Security Professionals PS212.01 Page 12

Personnel Security List three factors that should be considered when determining position sensitivity. Level of Access to Classified Information IT level needed Duties associated with position DoD 5200.2-R EO 12968 5 CFR 731.106 Designation of public trust positions and investigative requirements 5 CFR 732.201 Sensitivity level designation and investigative requirements Introduction to Personnel Security PS113.16 Personnel Security Management for Security Professionals PS212.01 List three individuals in the personnel security investigation (PSI) process and describe their roles. FSO/Security Manager/Human Resource Officer: Initiates, Reviews, Forwards investigation to investigation service provider (ISP) Subject: Completes forms and provides additional information if required Investigator: Conducts PSI Adjudicator: Determines eligibility for National Security access DoD 5200.2-R E.O. 12968 Introduction to DoD Personnel Security Adjudications PS001.18 Personnel Security Management for Security Professionals PS212.01 Introduction to Personnel Security PS113.16 Introduction to National Security Adjudications PS170.16 Describe the function of e-qip in the personnel security program (PSP). Initiate investigations Complete forms Forward forms to ISP USD CNI Implementation Memo 6 July 2006 Personnel Security Management for Security Professionals PS212.01 OPM-e-QIP Web-based Training (suite of courses) List three factors that a security professional should consider before requesting a Limited Access Authority (LAA). Can a U.S. citizen perform the duties Is classified access limited to Secret or Confidential Does the person possess a rare or unusual skill or expertise DoD 5200.2-R E.O. 12968 Personnel Security Management for Security Professionals PS212.01 Introduction to Personnel Security PS113.1 Page 13

Physical Security List the five steps in the DoD risk management model. Assess Assets Assess Threats Assess Vulnerabilities Assess Risks Determine Countermeasures DoDI 2000.12, DoD Antiterrorism (AT) Program DoDD 3020.40, DoD Policy and Responsibilities for Critical Infrastructure DoDI 3020.45, Defense Critical Infrastructure Program (DCIP) Management Introduction to Risk Management GS150.06 Risk Management for DoD Programs GS102.16 Identify the three core components of the risk assessment process. Asset Criticality Threat Assessment Vulnerability Assessment DoDI 2000.12 DoDD 3020.40 DoDI 3020.45 Introduction to Risk Management GS150.06 Risk Management for DoD Programs GS102.16 What is the difference between physical security surveys and physical security inspections? A physical security survey is a formal, recorded assessment of an Installation s overall security program; whereas a physical security inspection is a formal, recorded compliance of physical procedures and measures implemented by a unit or activity to protect its assets. DoDI 5100.76, Safeguarding Conventional Arms, Ammunition, and Explosives Introduction to Physical Security PY011.06 Physical Security Planning and Implementation PY106.16 Who makes the determination of when physical security surveys and inspections are required? DoD Component Commanders. DoD 5200.08-R, Physical Security Program Introduction to Physical Security PY011.06 Physical Security Planning and Implementation PY106.16 Explain why access control measures are contingent on threat levels. Based on threat levels, commanders or directors are responsible for enhancing access control measures to their installations and facilities. DoDI 2000.12 DoDI 2000.16, DoD Antiterrorism (AT) Standards Antiterrorism Officer (ATO) Level 2 Curriculum Physical Security Planning and Implementation CDSE Security Short, AT Force Protection Page 14

Physical Security Explain how visitor identification control methods are used to effectively control access to facilities. Ensure only authorized personnel and materials enter and exit from an installation or facility by identifying, verifying, and authenticating. DoD 5200.08-R, Physical Security Program Introduction to DoD HSPD-12 CAC Credentialing PS112.16 Challenges in Analyzing and Managing Risk ED602.01 *All courses are CDSE unless otherwise indicated. Page 15

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback