What is the NISP and its purpose? Show The National Industrial Security Program is a program to safeguard classified information entrusted to industry. The purpose of the NISP is to define the requirements, restrictions, and other safeguards in order to prevent unauthorized disclosure of classified information. What are three principle incident/ events required to be reported to DoD counterintelligence (CI) organizations? • Espionage List three indicators of insider threats. • Failure to report overseas travel or contact with foreign nationals List three elements that should be considered in identifying Critical Program Information. Elements which if compromised could: (1) cause significant degradation in mission effectiveness, (2) shorten the expected combat-effective life of the system; (3) reduce technological advantage; (4) significantly alter program direction; or (5) enable an adversary to defeat, counter, copy, or reverse-engineer the technology or capability. List three elements that a security professional should consider when assessing and managing risks to DoD assets. • Asset List three categories of Special Access Programs. • Acquisition List three different types of threats to classified information. • Insider Threat Briefly describe the concept of insider threat. An employee who may represent a threat to national security. These threats encompass potential espionage, violent acts against the Government or the nation, and unauthorized disclosure of classified information. Describe the purpose of the Foreign Visitor Program. To track and approve access by a foreign entity Briefly define a Special Access Program. A program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally required for information at the same classification level. List three enhanced PERSONNEL security requirements for protecting Special Access Program (SAP) Information. • Access Rosters List three enhanced PHYSICAL security requirements for protecting Special Access Program (SAP) Information. • Access Control List five responsibilities of the Government SAP Security Officer/ Contractor Program Security Officer (GSSO/ CPSO) • Possess a personnel clearance and Program access at least equal to the highest level of Program classified information involved. Identify the four Cognizant Security Agencies (CSAs) and describe their role in the National Industrial Security Program (NISP). The four CSAs are: What is the definition of Critical Program Information in DoD? • U.S. capability elements that
contribute to the warfighter's advantage throughout the life cycle, which if compromised or subject to unauthorized disclosure, decrease the advantage. List three primary authorities governing foreign disclosure of classified military information. • Arms Export Control Act Briefly describe the purpose of the DD Form 254. Convey security requirements, classification guidance and provide handling procedures for classified material received and/or generated on a classified contract. List three factors for determining whether U.S. companies are under Foreign Ownership, Control or Influence (FOCI). • Record of economic and government espionage against the U.S. targets Define the purpose and the function of the Militarily Critical Technologies List (MCTL). • Serves as a technical reference for the development and
implementation of DoD technology, security policies on international transfers of defense-related goods, services, and technologies as administered by the Director, Defense Technology Security Administration (DTSA). List the three main policies that govern the DoD Information Security Program. • E.O. 13526 What must an "authorized person" have before being granted access to classified information? Have: List three classification duration options for originally classified information. • Date or event that is: • Less than 10 years List three authorized sources of security classification guidance that could be used in the derivative classification process. • Security Classi cation Guide Define derivative classification. Incorporating, paraphrasing, restating, or generating in new form information that is already classified and marking the newly developed material consistent with the markings that apply to the source information. Define the difference between a security infraction and a security violation. An infraction cannot reasonably be expected to and does not result in the loss, compromise, or suspected compromise of classified information; Define unauthorized disclosure. Communication or physical transfer of classified or controlled unclassified information to an unauthorized recipient. List three types of initial personnel security investigations and to whom they apply. • SSBI: Military, Civilian, Contractor Describe the purpose of due process in Personnel Security Program (PSP). Ensures fairness by providing the subject the opportunity to appeal an unfavorable adjudicative determination. List the key procedures for initiating Personnel Security Investigations (PSIs). • Validate the need for an investigation List three DoD position sensitivity types and their investigative requirements. •
Critical Sensitive: SSBI, SSBI-PR, PPR Describe the difference between revocation and denial in Personnel Security Program (PSP). • Revocation: A current security eligibility determination is rescinded. Describe the purpose of a Statement of Reason (SOR). The purpose of the SOR is to provide a comprehensive and detailed written explanation of why a preliminary unfavorable adjudicative determination was made. List five adjudicative guidelines. • Allegiance to the United States List three different types of approved classified material storage areas. • GSA-approved storage containers List three construction requirements for vault doors. • Constructed of metal What is the purpose of intrusion detection systems? Detect unauthorized penetration into a secured area. What is the purpose of perimeter barriers? Defines the physical limits of an installation, activity, or area, restrict, channel, impede access, or shield activities within the installation from immediate and direct observation. What is the purpose of an Antiterrorism Program? Protect DoD personnel, their families, installations, facilities, information, and other material resources from terrorist acts. List three Force Protection Condition levels. Normal, Alpha, Bravo, Charlie, Delta Describe the concept of security-in-depth. Layered and complementary security controls suficient to deter, detect, and document unauthorized entry and movement within an installation or facility. What is the Cognizant Security Office (CSO) for the DoD? Defense Security Service (DSS) Why does DSS conduct periodic security vulnerability assessments? To evaluate the effectiveness of the facility's security program, and ensure that the NISPOM and contract guidelines are being followed. What are the roles of the Facility Security Officer (FSO)? • Ensuring Compliance with the NISP What is the purpose of the Personnel security Program PSP?The Personnel Security Program (PSP) objective is to authorize, initial and continued access to classified information and/or initial and continued assignment to sensitive duties to those persons whose loyalty, reliability and trustworthiness are such that entrusting them with classified information or assigning them ...
What are the elements of the Personnel security Program PSP )?The course provides an overview of the elements of the PSP to include: designation of sensitive duties, investigative and adjudicative practices, security officer responsibilities under the PSP one-time access requirements, special security program requirements, and due process procedures.
What is the personnel security program?The purpose of the Personnel Security (PERSEC) Program is to ensure that granting an individual access to classified matter or special nuclear material (SNM) will not endanger the common defense and security and would be consistent with national security interests.
What is the purpose of personnel security?Personnel security is a system of policies and procedures which aim to manage and minimise the risk of people exploiting legitimate access to an organisation's assets or premises for unauthorised purposes. These purposes can encompass many forms of criminal activity, from minor theft through to terrorism.
|