Introduction to Information Security Flashcards
35 Questions
100 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the term for the unauthorized disclosure of information that could reasonably be expected to cause serious damage to our national security?

Secret

Derivative classifiers are the individuals who generate or create new material based on existing classification guidance.

True

When classified information is in an authorized individual's hands, why should the individual use a classified document cover sheet? (Select all that apply)

  • To prevent inadvertent viewing of classified information by unauthorized personnel (correct)
  • To alert holders to the presence of classified information (correct)
  • Cleared U.S. military, civilian employees, or contractors may hand carry which type of classified information?

    <p>All of the above</p> Signup and view all the answers

    When information, in the interest of national security, no longer requires protection at any level, it should be what?

    <p>Declassified</p> Signup and view all the answers

    When are 'Downgrade To' instructions listed in the classification authority block on documents containing classified information?

    <p>As applicable</p> Signup and view all the answers

    What information do security classification guides (SCG) provide about systems, plans, programs, projects, or missions?

    <p>All of the above</p> Signup and view all the answers

    What is required to access classified information? (Select all that apply)

    <p>Need-to-know</p> Signup and view all the answers

    The communication or physical transfer of classified information to an unauthorized recipient is __________?

    <p>Unauthorized Disclosure</p> Signup and view all the answers

    What are the steps of the information security program life cycle?

    <p>Classification, safeguarding, dissemination, declassification, and destruction</p> Signup and view all the answers

    The unauthorized disclosure of Confidential information could reasonably be expected to cause __________ to our national security.

    <p>Damage</p> Signup and view all the answers

    Classification levels may be abbreviated (i.e., TS, S, C) in the banner of classified documents.

    <p>False</p> Signup and view all the answers

    Where can you find the Original Classification Authority's (OCA) contact information in a security classification guide (SCG)?

    <p>On the cover of the SCG</p> Signup and view all the answers

    When not directly in an authorized individual's possession, classified documents must be stored in a GSA-approved security container.

    <p>True</p> Signup and view all the answers

    Access control measures detect and deter deliberate attempts to gain unauthorized access to classified information.

    <p>True</p> Signup and view all the answers

    Destruction refers to destroying classified information so that it can't be recognized or reconstructed.

    <p>True</p> Signup and view all the answers

    The purpose of the DoD information security program is to __________. (Select all that apply)

    <p>Demonstrate a commitment to transparency in Government</p> Signup and view all the answers

    Who provides implementation guidance for the Information Security Program within the DoD?

    <p>Heads of DoD Components</p> Signup and view all the answers

    The unauthorized disclosure of Top Secret information could reasonably be expected to cause __________ to our national security.

    <p>Exceptionally grave damage</p> Signup and view all the answers

    The unauthorized disclosure of this type of information could reasonably be expected to cause damage to our national security.

    <p>Confidential</p> Signup and view all the answers

    What is the first step an Original Classification Authority (OCA) must take when originally classifying information?

    <p>Determine if the information is official government information</p> Signup and view all the answers

    Who can be an Original Classification Authority (OCA)?

    <p>An individual authorized in writing, either by the President, the Vice President, or by agency heads or officials designated by the President</p> Signup and view all the answers

    Why must all documents containing classified information be marked using a sequential process? (Select all that apply)

    <p>All of the above</p> Signup and view all the answers

    What information is listed in the classification authority block on a document containing classified information? (Select all that apply)

    <p>Classification level to downgrade to at a certain point in time (as applicable)</p> Signup and view all the answers

    Who issues security classification guides (SCG) for systems, plans, programs, projects, or missions?

    <p>Original Classification Authorities</p> Signup and view all the answers

    Who references information from security classification guides (SCG) in order to classify information?

    <p>Derivative classifiers</p> Signup and view all the answers

    Which form is used to record the securing of vaults, rooms, and containers used for storing classified material?

    <p>SF-702 Security Container Check Sheet</p> Signup and view all the answers

    All _____________ GSA-approved security containers must conform to Federal Specification FF-L-2740.

    <p>Locks for</p> Signup and view all the answers

    A waiver is a permanent approved exclusion or deviation from information security standards.

    <p>False</p> Signup and view all the answers

    Which of the following are applicable when using a phone for classified conversations? (Select all that apply)

    <p>Be aware of your surroundings and who might be able to hear your end of the conversation</p> Signup and view all the answers

    What type of security incident has occurred if an individual neglects to complete the SF702 after securing the container?

    <p>Security Infraction</p> Signup and view all the answers

    What type of security incident has occurred when classified data is introduced on an information system not approved for that level of information?

    <p>Spillage</p> Signup and view all the answers

    What type of declassification process is the way for members of the public to request the review of specific classified information?

    <p>Mandatory Declassification Review</p> Signup and view all the answers

    Declassification is the authorized change in the status of information from classified to unclassified.

    <p>True</p> Signup and view all the answers

    Destruction refers to destroying classified information so that it can't be recognized or reconstructed.

    <p>True</p> Signup and view all the answers

    Study Notes

    Information Security Overview

    • Secret information, if disclosed, could cause serious damage to national security.
    • Confidential information, if disclosed, could cause damage to national security; Secret information could cause serious damage; Top Secret could lead to exceptionally grave damage.

    Classification Authority and Processes

    • Derivative classifiers create new material from existing classification guidance.
    • Original Classification Authority (OCA) determines if information is official and classified.
    • Classification levels are not abbreviated in document banners.
    • Classification authority block lists creator, downgrade instructions, sources, and declassification dates.

    Access and Handling of Classified Information

    • Access to classified information requires eligibility, a signed SF-312 Nondisclosure Agreement, and a need-to-know.
    • Classified documents must use cover sheets to alert holders and prevent unauthorized viewing.
    • Cleared personnel can transport classified information in authorized conditions.
    • Classified information should be stored in GSA-approved containers or authorized systems.

    Security Guidelines and Incidents

    • Security Classification Guides (SCG) provide essential information about classification.
    • Spillage incidents require investigation to ascertain the extent of compromise.
    • Failure to secure a Sensitive Compartmented Information Facility (SCIF) constitutes a security violation.
    • Negligence in completing security checks can result in security infractions.

    Declassification and Reviews

    • Declassification occurs when information no longer requires protection.
    • Mandatory Declassification Review allows public requests for specific classified information reviews.
    • Systematic declassification reviews information exempted from automatic declassification.

    Communication and Technology Management

    • When communicating classified information, users must be aware of their surroundings and use secure phones.
    • Authorized IT for classified information includes specific secure networks like SIPRNET.

    Responsibilities and Implementation

    • The Information Security Program is directed by the ISOO Director, with implementation guidance from heads of DoD components.
    • The DoD workforce plays a crucial role in the program's effectiveness.
    • All security containers must meet Federal Specification FF-L-2740 standards.

    Security Measures and Violations

    • Access control measures are essential for deterring unauthorized access.
    • Destruction of classified information must prevent recognition or reconstruction.
    • Waivers for security standards are not permanently approved deviations.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Test your knowledge on key concepts in information security with these flashcards. This quiz covers important terms and definitions essential for understanding security classification and the handling of sensitive information. Perfect for students and professionals looking to reinforce their security knowledge.

    More Like This

    Derivative Classification Flashcards
    19 questions
    Security Classification Guidance Quiz
    49 questions
    Use Quizgecko on...
    Browser
    Browser