Topic 6 Security Enabling Objectives 6.1 DISCUSS the origin of Communication Security and Operational Security. 6.2 DEFINE COMSEC, DoD COMSEC Policy, and.

Slides:



Advertisements
Similar presentations
FOIA Exemption 1 & E.O Classified National Security Information
Advertisements

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.
Security Solutions Group
Department of the Navy Information Security Program
Section One: Classification System Overview Note: All classified markings contained within this presentation are for training purposes only.
UNCLASSIFIED1 COMSEC BRIEFING Having been selected to perform duties which will require access to classified COMSEC information, it is essential you be.
The Department of Defense Intelligence Oversight Program
Conversation on the Chemical Facility Anti-Terrorism Standards (CFATS) and Critical Infrastructure Protection Chemical-Terrorism Vulnerability Information.
10/27/20111 Initial Security Indoctrination DoD. 10/27/20112 The protection of Government assets, people and property, both classified and controlled.
Section Four: Employee and Visitor Access Controls Note: All classified markings contained within this presentation are for training purposes only.
Joint Personnel Adjudication System (JPAS) Overview
Summer IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.
DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.
Coping with Electronic Records Setting Standards for Private Sector E-records Retention.
Information Systems Security Officer
Session 3 – Information Security Policies
1 Creating a Joint Personnel Adjudication System (JPAS) Analysis Report Michael S. Campbell Industrial Security Specialist Defense Security Service San.
4. Quality Management System (QMS)
Unclassified Controlled Cryptographic Item Access Briefing
Section Eight: Communication Security (COMSEC) Note: All classified markings contained within this presentation are for.
Unit Introduction and Overview
Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.
Section Ten: Security Violations and Deviations Note: All classified markings contained within this presentation are for training purposes only.
Security Policies University of Sunderland CSEM02 Harry R. Erwin, PhD.
1 Preparing a System Security Plan. 2 Overview Define a Security Plan Pitfalls to avoid Required Documents Contents of the SSP The profile Certification.
Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.
OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil March 20, 2015 UNCLASSIFIED Industrial Security.
Module 3 Develop the Plan Planning for Emergencies – For Small Business –
Following the terrorist attack on September 11, 2001 the President declared a national emergency … Secretary of Defense Donald Rumsfeld cautioned on the.
Operations Security (OPSEC) Introduction  Standard  Application  Objectives  Regulations and Guidance  OPSEC Definition  Indicators.
Using NIMA Limited Distribution Data & Products Many of NIMA’s data and products are Unclassified Limited Distribution (LIMDIS). These materials are used.
OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil August 12, 2014 UNCLASSIFIED NISPOM Update.
Section Five: Security Inspections and Reviews Note: All classified markings contained within this presentation are for training purposes only.
Theme: classification & distribution of government control of FEA.
MARKING CLASSIFIED MATERIAL
1 Personnel Security 2007 Data Protection Seminar TMA Privacy Office HEALTH AFFAIRS TRICARE Management Activity.
PERSONNEL SECURITY PROGRAM CHANGES PLANNED
Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.
Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Overview of Key Security Concepts and Vocabulary This Document was Funded by the National Science Foundation Federal Cyber Service Scholarship For Service.
APAN Group Owner Training. APAN Groups Overview FOUO PII Other types Information Categories Aggregate data impacts OPSEC Group Owner Responsibilities.
Department of the Navy Information Security Program
Developing Plans and Procedures
Government classification
Indoctrination Briefing 1SG Patrick Cullen KANSAS ARMY NATIONAL GUARD.
SECURITY BRIEFING A threat awareness briefing A defensive security briefing An overview of the security classification system Employee reporting obligations.
ISO/IEC 27001:2013 Annex A.8 Asset management
Communications security
The Department of Defense Intelligence Oversight Program
Privacy Act United States Army (Managerial Training)
Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.
Information Protection The Personnel Security Program (PSP) & Supervisors’ Responsibilities Mr. Connolly.
Information Security Office: Function, Alignment in the Organization, Goals, and Objectives Presentation to Sacramento PMO March 2011 Kevin Dickey.
For Official Use Only (FOUO) and Similar Designations NPS Security Office
Department of the Navy Security Enterprise Leadership Course Curriculum for Security Program Oversight 1.
INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.
DoD Cyberspace Workforce Definitions
Domain 2 – Asset Security
Introduction to the Federal Defense Acquisition Regulation
Office of the President of the Philippines Memorandum Circular No. 78
Derivative Classification Overview
Initial Security Indoctrination
DoD Cyberspace Workforce Definitions
Federal Protective Service
Annual Security Briefing
Operations Security (OPSEC)
DOE Office of Security Policy, AU-51 July 2018
Presentation transcript:

Topic 6 Security Enabling Objectives 6.1 DISCUSS the origin of Communication Security and Operational Security. 6.2 DEFINE COMSEC, DoD COMSEC Policy, and OPSEC. 6.3 DESCRIBE COMSEC equipment, material and administrative procedures. 6.4 DEFINE Physical, Transmission and Emission security. 6.5 DESCRIBE the OPSEC process. 6.6 DISCUSS Classification Guidance. 6.7 DEFINE Original Classification Authority. 6.8 DESCRIBE the limitations on classification and classification markings. 6.9 DESCRIBE the duties and responsibilities of SSO Navy 6.10 IDENTIFY terminology associated with the Special Security Officer duties and responsibilities 6.11 DESCRIBE the purpose of Joint Personnel Accountability System (JPAS)

What is COMSEC?

Communications Security (COMSEC) The protection resulting from all measures designed to deny unauthorized persons information of value that might be derived from the possession and study of telecommunications, or to mislead unauthorized persons in their interpretation of the result of such possession and study. COMSEC includes: -Crypto security - technically sound cryptosystems and their proper use -Emission security (EMSEC) - intercept and analysis of compromising emanations -Physical security - all physical measures necessary to safeguard classified equipment, material, and documents -Traffic-flow security - conceal the presence and properties of valid messages on a network -Transmission security (TRANSEC) - protect transmissions from interception and exploitation by means other than cryptoanalysis (e.g. frequency hopping and spread spectrum).

COMSEC Equipment KIV-7 KG-84A KG-194KG-175 KG-40

Vintage COMSEC Equipment German Lorenz cipher machine used during WWII for the encryption of high-level general staff messages. The Enigma machine implemented a complex electro-mechanical polyalphabetic cipher to protect sensitive communications.

Parts of COMSEC Material Classifications –Top Secret (TS) –Secret (S) –Confidential (C) –Unclassified (U) Short Title –Ex. USKAC D 166 MOD 1 BC 18

Administrative Procedures Custody Page Check Requirements Watch-to-Watch inventory

Physical Security Need to Know CO promulgated access list Visitor’s Register (aka Visitor’s Log)

COMSEC Insecurities Practices Dangerous to Security (PDS) –Reportable –Non-Reportable

Imitative Communications Deception –ACP 122 EEFI GINGERBREAD BEADWINDOW Transmission Security

Emission Security Emission Control –EMCON Bill

DoD COMSEC Policy Xmission of DoD information shall be protected through COMSEC measures COMSEC materials developed, acquired, operated, maintained and disposed of through approved methods Ensure operational availability of commonly used COMSEC equipment during crisis or contingencies COMSEC equipment shall be compatible with DoD approved key management systems Account for controlled and classified cryptographic items COMSEC users and technicians properly trained Note: Policy documents can be found on NIPRNET at SIPRNET at

"Even minutiae should have a place in our collection, for things of a seemingly trifling nature, when enjoined with others of a more serious cast, may lead to valuable conclusion." -George Washington, known OPSEC practitioner Origin of OPSEC

A key action during the OPSEC process is to analyze potential vulnerabilities to forces. It requires identifying any OPSEC indicators that could reveal critical information about the operation, such as, increased troop movement.

“Little minds try to defend everything at once, but sensible people look at the main point only; they parry the worst blows and stand a little hurt if thereby they avoid a greater one. If you try to hold everything, you hold nothing” Frederick the Great Instructions to his generals, 1747

Original Classification Authority Designated by SECNAV or delegated authority SECNAV personally designates TOP SECRET OCAs SECNAV authorizes the CNO to designate SECRET OCAs OCA is not transferable OCA designated by virtue of their position Properly trained Duration of classification limited to 25 years

Limitations on Classification Classifiers shall not use classification to: Conceal violations of law, inefficiency or administrative error Prevent embarrassment to a person, organization or agency Restrain competition Prevent or delay the release of information that does not require protection Classify, or use as a basis for classification, references to classified documents, when the reference citation does not disclose classified information

This page is UNCLASSIFIED but marked SECRET for training purposes only

Electronic Media Markings

Duties and Responsibilities Secretary of the Navy Director of Naval Intelligence (CNO(N2)) The Director, Security and Corporate Services (ONI-05 ) SSO NAVY

Duties and Responsibilities Command Special Security Officer (SSO) –SSO will be afforded direct access to the commanding officer –Appointed in writing –U.S. citizen and either a commissioned officer or a civilian employee GS-9 or above

Terminology Personnel Security Investigation National Agency Check National Agency Check with Local Agency and Credit Checks Single Scope Background Investigation Reinvestigation SSBI-PR Entrance National Agency Check

Terminology (cont) Electronic Questionnaires for Investigations Processing Electronic Personnel Security Questionnaire Standard Form (SF) 86, Questionnaire for National Security Positions Department of the Navy Central Adjudication Facility Defense Security Service Original Classification Authority

Joint Personnel Accountability System The Joint Personnel Adjudication System (JPAS) is a DoD system that uses NIPRNET to connect all DoD security personnel around the world with their Central Adjudication Facility (CAF). The JPAS web site runs on a secured port with secured socket layer (SSL) 128- bit encryption.

Joint Personnel Accountability System (cont) JAMS & JCAVS = JPAS –The Joint Adjudication Management System (JAMS) provides the CAFs a single, integrated information system to assist the adjudication process through "virtual consolidation" and vastly improve dissemination of timely and accurate personnel security information to the warfighters and planners. It is a system designed for the adjudicative community by adjudicators.

Joint Personnel Accountability System (cont) The Joint Clearance and Access Verification System (JCAVS) provides DoD security personnel the ability to instantaneously update other JCAVS users with pertinent personnel security clearance and access information in order to ensure the reciprocal acceptance of clearances throughout DoD. It is a system designed for security managers and security officers as representatives of that community.

Joint Personnel Accountability System (cont) User can view anyone’s summary with SSN, including one’s own

Joint Personnel Accountability System (cont)

(AF only) Joint Personnel Accountability System (cont)

References a)SECNAV M , Department of the Navy (DON) Personal Security Program (PSP) Manual (June 2006) b)SECNAV M Department of the Navy Information Security Program (June 2006 )

Foreign Security Markings Information Sheet Pages 6-35 thru 6-37

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.