1. Topic 6 Security Enabling Objectives 6.1 DISCUSS the origin of Communication Security and Operational Security. 6.2 DEFINE COMSEC, DoD COMSEC Policy, and OPSEC. 6.3 DESCRIBE COMSEC equipment, material and administrative procedures. 6.4 DEFINE Physical, Transmission and Emission security. 6.5 DESCRIBE the OPSEC process. 6.6 DISCUSS Classification Guidance. 6.7 DEFINE Original Classification Authority. 6.8 DESCRIBE the limitations on classification and classification markings. 6.9 DESCRIBE the duties and responsibilities of SSO Navy 6.10 IDENTIFY terminology associated with the Special Security Officer duties and responsibilities 6.11 DESCRIBE the purpose of Joint Personnel Accountability System (JPAS)

2. What is COMSEC?

3. Communications Security (COMSEC) The protection resulting from all measures designed to deny unauthorized persons information of value that might be derived from the possession and study of telecommunications, or to mislead unauthorized persons in their interpretation of the result of such possession and study. COMSEC includes: -Crypto security - technically sound cryptosystems and their proper use -Emission security (EMSEC) - intercept and analysis of compromising emanations -Physical security - all physical measures necessary to safeguard classified equipment, material, and documents -Traffic-flow security - conceal the presence and properties of valid messages on a network -Transmission security (TRANSEC) - protect transmissions from interception and exploitation by means other than cryptoanalysis (e.g. frequency hopping and spread spectrum).

4. COMSEC Equipment KIV-7 KG-84A KG-194KG-175 KG-40

5. Vintage COMSEC Equipment German Lorenz cipher machine used during WWII for the encryption of high-level general staff messages. The Enigma machine implemented a complex electro-mechanical polyalphabetic cipher to protect sensitive communications.

6. Parts of COMSEC Material Classifications –Top Secret (TS) –Secret (S) –Confidential (C) –Unclassified (U) Short Title –Ex. USKAC D 166 MOD 1 BC 18

7. Administrative Procedures Custody Page Check Requirements Watch-to-Watch inventory

9. Physical Security Need to Know CO promulgated access list Visitor’s Register (aka Visitor’s Log)

10. COMSEC Insecurities Practices Dangerous to Security (PDS) –Reportable –Non-Reportable

12. Imitative Communications Deception –ACP 122 EEFI GINGERBREAD BEADWINDOW Transmission Security

13. Emission Security Emission Control –EMCON Bill

14. DoD COMSEC Policy Xmission of DoD information shall be protected through COMSEC measures COMSEC materials developed, acquired, operated, maintained and disposed of through approved methods Ensure operational availability of commonly used COMSEC equipment during crisis or contingencies COMSEC equipment shall be compatible with DoD approved key management systems Account for controlled and classified cryptographic items COMSEC users and technicians properly trained Note: Policy documents can be found on NIPRNET at http://www.cnss.gov; SIPRNET at http://www.iad.nsa.smil.mil/resources/library/cnss_section/index.cfm

15. "Even minutiae should have a place in our collection, for things of a seemingly trifling nature, when enjoined with others of a more serious cast, may lead to valuable conclusion." -George Washington, known OPSEC practitioner Origin of OPSEC

16. A key action during the OPSEC process is to analyze potential vulnerabilities to forces. It requires identifying any OPSEC indicators that could reveal critical information about the operation, such as, increased troop movement.

18. “Little minds try to defend everything at once, but sensible people look at the main point only; they parry the worst blows and stand a little hurt if thereby they avoid a greater one. If you try to hold everything, you hold nothing” Frederick the Great Instructions to his generals, 1747

20. Original Classification Authority Designated by SECNAV or delegated authority SECNAV personally designates TOP SECRET OCAs SECNAV authorizes the CNO to designate SECRET OCAs OCA is not transferable OCA designated by virtue of their position Properly trained Duration of classification limited to 25 years

21. Limitations on Classification Classifiers shall not use classification to: Conceal violations of law, inefficiency or administrative error Prevent embarrassment to a person, organization or agency Restrain competition Prevent or delay the release of information that does not require protection Classify, or use as a basis for classification, references to classified documents, when the reference citation does not disclose classified information

22. This page is UNCLASSIFIED but marked SECRET for training purposes only

23. Electronic Media Markings

24. Duties and Responsibilities Secretary of the Navy Director of Naval Intelligence (CNO(N2)) The Director, Security and Corporate Services (ONI-05 ) SSO NAVY

25. Duties and Responsibilities Command Special Security Officer (SSO) –SSO will be afforded direct access to the commanding officer –Appointed in writing –U.S. citizen and either a commissioned officer or a civilian employee GS-9 or above

26. Terminology Personnel Security Investigation National Agency Check National Agency Check with Local Agency and Credit Checks Single Scope Background Investigation Reinvestigation SSBI-PR Entrance National Agency Check

27. Terminology (cont) Electronic Questionnaires for Investigations Processing Electronic Personnel Security Questionnaire Standard Form (SF) 86, Questionnaire for National Security Positions Department of the Navy Central Adjudication Facility Defense Security Service Original Classification Authority

28. Joint Personnel Accountability System The Joint Personnel Adjudication System (JPAS) is a DoD system that uses NIPRNET to connect all DoD security personnel around the world with their Central Adjudication Facility (CAF). The JPAS web site runs on a secured port with secured socket layer (SSL) 128- bit encryption.

29. Joint Personnel Accountability System (cont) JAMS & JCAVS = JPAS –The Joint Adjudication Management System (JAMS) provides the CAFs a single, integrated information system to assist the adjudication process through "virtual consolidation" and vastly improve dissemination of timely and accurate personnel security information to the warfighters and planners. It is a system designed for the adjudicative community by adjudicators.

30. Joint Personnel Accountability System (cont) The Joint Clearance and Access Verification System (JCAVS) provides DoD security personnel the ability to instantaneously update other JCAVS users with pertinent personnel security clearance and access information in order to ensure the reciprocal acceptance of clearances throughout DoD. It is a system designed for security managers and security officers as representatives of that community.

31. Joint Personnel Accountability System (cont) User can view anyone’s summary with SSN, including one’s own

32. Joint Personnel Accountability System (cont)

33. (AF only) Joint Personnel Accountability System (cont)

34. References a)SECNAV M-5510.30, Department of the Navy (DON) Personal Security Program (PSP) Manual (June 2006) b)SECNAV M-5510.36 Department of the Navy Information Security Program (June 2006 )

35. Foreign Security Markings Information Sheet Pages 6-35 thru 6-37