Army Information Security Introduction Exam

Questions and Answers

What is the first step an OCA must take when originally classifying information?

Determine if the information is official government information

When information, in the interest of national security, no longer requires protection at any level, it should be:

Declassified

What information do SCG provide about systems, plans, programs, projects, or missions?

All of the above

The unauthorized disclosure of this type of information could reasonably be expected to cause serious damage to our national security.

Secret

If an individual inserts a thumb drive containing classified information on a computer in the office that is not part of the classified information system, what type of security incident is this?

Spillage

Where do the reasons for classifying certain items, elements or categories of information originally come from?

Executive Order 13526

What type of the classification process is a way for members of the public to request the review of specific classified information?

Mandatory Declassification Review

What is required to access classified information? (Select all that apply)

Eligibility (A), Nondisclosure Agreement (B), Need-to-Know (C), Signed SF-312 (D)

Which level of classified information may be transported via USPS mail? (Select all that apply)

Confidential (B), Secret (D)

What information is listed in the classification authority block on a document containing classified information? (Select all that apply)

Classified by (A), Date on which to declassify the doc (B), Classification level to downgrade to at a certain point in time (C), Derived from (D)

Who has responsibility for the overall policy direction of the information security program?

ISOO

If an individual fails to secure the SCIF at the end of the day and, subsequently, unescorted cleaning personnel access the SCIF and see classified information, what type of security incident is this?

Security violation

In which order must documents containing classified information be marked?

Banner markings

When classified information is in an authorized individual's hands, why should the individual use a classified document cover sheet? (Select all that apply)

To alert holders to the presence of classified information (A), To prevent inadvertent view of classified information by unauthorized personnel (B)

Request for waivers and exceptions must identify the specific provision or provisions of the _______ for which the waiver or exception is sought.

DoD Information Security Manual

The unauthorized disclosure of top-secret information could reasonably be expected to cause _________ to our national security.

Exceptionally grave damage

Whose guidelines should you follow for the destruction of storage media such as thumb drives, Zip drives, and computers?

What are the steps for the information security program lifecycle?

Classification, marking, dissemination, downgrading, and destruction

What are the authorized places for storing classified information? (Select all that apply)

In an authorized individual's head or hands (A), In a GSA-approved security container (B), In information technology systems authorized for classified information (C)

________ occurs in some circumstances when information that is individually unclassified, or classified at a lower level, may be classified at a higher level, only if the combined information reveals an additional association or relationship.

Compilation

Flashcards

OCA's First Step

The first step for an Original Classification Authority is to determine if the information is official government information.

Declassification

When national security information no longer requires protection, it must be declassified.

SCG

Security Classification Guides provide comprehensive details on systems, plans, programs, projects, or missions.

"Secret" Information

Information that, if disclosed unauthorized, could seriously damage national security.

"Top Secret" Information

Information that, if disclosed, could cause exceptionally grave damage to national security.

Spillage

Inserting a thumb drive containing classified information into an unclassified system.

Security Violation

Failing to secure a Sensitive Compartmented Information Facility (SCIF) leading to unauthorized access.

Classification Authority Blocks

Details such as who classified it, the derivation source, downgrade guidelines, and declassification dates.

Executive Order 13526

Outlines the origins of classification reasons.

Mandatory Declassification Review

Allows the public to request a review of specific classified items.

Access to Classified Information

Eligibility, a need-to-know basis, a signed SF-312 form, and a nondisclosure agreement.

Classified Document Cover Sheet

Alerts others to the presence of classified information and protects against unauthorized viewing.

Authorized Storage Locations

GSA-approved security containers and certain authorized individuals' custody.

Information Security Program Lifecycle

Classification, marking, dissemination, downgrading, and destruction.

Requests for Waiver and Exception

Should reference specific provisions from the DoD Information Security Manual.

Compilation

Unclassified information combined with lower-level classified information reveals additional sensitive relationships or associations.

Study Notes

Information Classification and Security Overview

• The first step for an Original Classification Authority (OCA) is to determine if the information is official government information.
• When national security information no longer requires protection, it must be declassified.
• Security Classification Guides (SCG) provide comprehensive details on systems, plans, programs, projects, or missions.

Levels of Classified Information

• "Secret" information, if disclosed unauthorized, could seriously damage national security.
• "Top Secret" information, if disclosed, could cause exceptionally grave damage to national security.
• Both Secret and Confidential information may be transported via USPS mail.

Security Incidents and Violations

• Inserting a thumb drive containing classified information into an unclassified system is categorized as spillage.
• Failing to secure a Sensitive Compartmented Information Facility (SCIF) leading to unauthorized access is classified as a security violation.

Classification Authority and Procedures

• Classification authority blocks include details such as who classified it, the derivation source, downgrade guidelines, and declassification dates.
• Executive Order 13526 outlines the origins of classification reasons.
• Mandatory Declassification Review allows the public to request a review of specific classified items.

Access and Handling of Classified Information

• Access to classified information requires eligibility, a need-to-know basis, a signed SF-312 form, and a nondisclosure agreement.
• Using a classified document cover sheet alerts others to the presence of classified information and protects against unauthorized viewing.

Storage and Destruction of Classified Information

• Authorized storage locations for classified information include GSA-approved security containers and certain authorized individuals' custody.
• The information security program lifecycle encompasses classification, marking, dissemination, downgrading, and destruction.

Legal and Regulatory Compliance

• Requests for waiver and exception should reference specific provisions from the DoD Information Security Manual.
• Guidelines for the destruction of storage media must be adhered to ensure compliance and security.

Compilation of Information

• Compilation occurs when unclassified information combined with lower-level classified information reveals additional sensitive relationships or associations.