Block 2

Information that is owned by, produced for or by, or is subject to the control of the United States Government and supporting agencies.

Official information and materials are broken down into what two broad categories?

Information that must be safeguarded in the interest of National Defense and that of our allies.

What are three classification levels assigned by the NSA to classified information?

Information and material that is expected to cause exceptionally grave damage to the national security if it were to fall into the wrong hands.

Top Secret information requires what degree of protection?

Information and material that is expected to cause a serious level of damage to national security if revealed to our enemies.

Secret information requires what degree of protection?

Information and material that is expected to cause "damage" or identifiable damage to national security if revealed to our enemies.

Confidential information requires what degree of protection?

Information that can also be official information that requires a limited degree of control and protection.

Any information that requires minimum safeguards to prevent widespread distribution to the public.

What are two examples of unclassified FOUO information?

Information the Air Force collects and maintains that is required to accomplish a mission and requires protection from unwarranted invasion to protect your privacy. Cann include SSN, name, DOB, etc.

Any unclassified information providing clues in regards to US and friendly forces' activities, capabilities, intentions, or limitations that an adversary might need to gain a military, diplomatic, or technological advantage.

Measures and controls taken to deny unauthorized persons information derived from information systems of the United States Government related to national security and to ensure the authenticity of such information systems.

COMSEC has been subdivided into what four manageable security programs?

The component of COMSEC resulting from the application of measures designed to protect transmissions from interception and exploitation by means other than cryptanalysis, or complex code-breaking techniques used to reveal encrypted information.

True or False: TRANSEC techniques are used to protect or secure transmitted classified or sensitive information.

What are examples of authorized TRANSEC methods?

The component of COMSEC resulting from the provision and proper use of technically sound crypto systems.

Provides protective measures that will deny unauthorized personnel access to classified information and intelligence that might be derived from the interception and analysis of unintentionally emitted electrical signals from systems processing classified information.

The part of COMSEC that results from using all physical measures necessary to safeguard COMSEC material from access by unauthorized persons.

The transformation of ordinary text data (plaintext) into coded form (ciphertext) and then recovering the plaintext data from its ciphertext form.

Cryptography relies on what two basic components?

Turning ordinary data (plaintext) into a coded form (ciphertext).

The authorized use of cryptographic systems to return encrypted information to its original, readable form.

The mathematical function or formula used in encryption or decryption.

The parameter or numeric value used in encryption and decryption.

What is another name for the Crypto-Key?

The act or science of deciphering a code or coded message without prior knowledge of the key.

Points in the program where people break the security provided.

Actual or perceived actions that may cause harm to information or equipment.

The organization that approves all cryptographic systems and techniques used by or on behalf of DOD activities to encrypt classified and certain sensitive information.

The organization that approves all techniques and systems used to encrypt unclassified sensitive information.

What are the two basic types of approved cryptographic systems?

What is another name for Secret-Key system?

System of cryptography in which the key used by the receiver to decrypt the message must be a mirror image of the key that was used to encrypt the message by the transmitter.

What are the advantages of secret-key cryptography?

What are the two type categories of algorithms utilized by secret-key cryptography?

Symmetric algorithms that operate by encrypting/decrypting one chunk of data at a time. The most common type of symmetric algorithm.

Symmetric algorithms that encrypt/decrypt varying lengths of data in a continuous stream instead of a fixed chunk one at a time.

A stream of pseudo-random digits that are combined with plaintext to generate ciphertext in stream ciphers.

What is the key-stream determined by?

What is the problem with secret-key systems?

A publicly known block cipher cryptographic algorithm that converts plaintext into ciphertext using a key that consists of 64 binary digits.
It is considered unsecure and insufficient for classified use.

A block cipher secret-key algorithm that implements a three-fold compound operation for encryption/decryption.

A previously classified symmetric encryption/decryption block cipher algorithm developed by the U.S. Government that not only encrypts the message, but also the key to the encrypted message by means of a key combined from two escrowed key which is itself encrypted by a "family key."
-Widely used in Fortezza card technology for voice encryption systems.
-consists of a 64-bit codebook using a 80-bit crypto-variable session key.

The National Institute of Standards and Technology (NIST) chose the new symmetric Advanced Encryption Standard (AES) on what basis?

What algorithm was chosen by NIST as the new symmetric block cipher AES and is the most popular in both the commercial and government sectors?

What's another name for Public-Key Systems?

System of cryptography that uses two different keys (a public-key for encryption and the private-key for decryption.)

What is the advantage of asymmetric key cryptography?

What determines the strength of an encryption device?

Telecommunication encryption systems have been divided into what four general applications?

Encryption systems that secure data transmission to and from various types of terminal equipment, such as desktop computers, servers, teletypes, and etc.

What are some hardware devices approved by the NSA for data encryption?

KG-84 A and C can handle data at what levels of security?

The KIV-7HS can handle data at what levels of security?

What are some encryption systems commonly used to secure classified voice transmissions?

The KY-57 and KY-58 are approved by the NSA for voice encryption up to what security level?

The KY-68 is approved by the NSA for voice encryption up to what security level?

The U.S. Government's current, encrypted telephone communications system for wired or "landline" communications.

What are bulk encryption systems also known as?

A high-speed pipeline of aggregated frequencies created by using a device called a multiplexer to combine multiple signals from various data and/or voice sources into one T1, T3, or optical link.

What are some examples of TEDs (bulk encryption systems)?

KG-194 and KG-194A TEDS can secure bulk traffic up to what security level?

A miniaturized KG-194 that is functionally equivalent and interoperable with the KG-194 and KG-194A.

Products that protect classified data while in transit over Internet Protocol (IP) networks.

What is the most common network encryption system used in our field?

The material and information that deals with COMSEC is handled and controlled to a very high level because it involves what controlled cryptographic items (CCI)?

What are the three management roles that the COMSEC authority has been locally delegated to bear the responsibility of ensuring the integrity and proper application of the program?

Person who is usually the wing-level manager for the base COMSEC account and all COMSEC programs and materials on base as well as the local point of contact for all matters pertaining to COMSEC.

The squadron or flight liasons between the base COMSEC manager and authorized users.

What are some of the responsibilities of the CRO?

Individual designated by the CRO to use COMSEC materials and equipment to perform his/her mission and who must safeguard these assets at all times.

All questions the authorized user has regarding COMSEC policies and procedures, the safeguarding and handling of materials, and account discrepancies will be directed to who?

What are the three requirements must be verified and valid in order to be granted unrestricted (unescorted) access to areas containing COMSEC materials?

What are two areas protected by physical security?

Facilities containing military resources, which could be targets for theft, compromise, or destruction and to which entry must be limited in order to provide protection.

Any areas under military jurisdiction in which special security measures are employed to prevent unauthorized entry.

A restricted area, room, group of rooms, buildings, or installation where sensitive compartmented information (SCI) may be stored, used, discussed, and/or electronically processed.

Information that refers to protecting materials and information from unwanted access, sometimes known as a breach.

A government agency that has worked to establish standards for storage containers used to safeguard materials classified under each of the three classifications.

Top Secret information can be stored in what class of vault?

Classification of material that must be stored in an area that is alarmed and under continuous surveillance by armed guards.

GSA safes and vaults securing Top Secret material must be equipped with a lock with what capability?

Secret material must be stored in a GSA-approved safe or what class of vault?

What must any approved GSA container have attached to it?

What is the SF 702 (Standard Form 702, Security Container Check Sheet) used to record?

How often are combinations changed for combination locks and how often for cipher locks?

When must be combinations be changed immediately?

An access list should contain what information?

Who signs the authorized access list for an individual user's area?

The arrival and departure of all personnel not named on authorized access lists is recorded on what?

A system of storage and handling required when dealing with Top Secret information and material that is designed to prohibit individual access to certain COMSEC keying material.

What are the three goals of COMSEC inventory?

Form used to record daily, shift, or local inventories of accountable COMSEC material.

What are the four areas recorded on AFCOMSEC Form 16?

Used to identify the level of accountability of a particular COMSEC item.

ALC material that must be inventoried every day the storage container is opened.

ALC material that are inventoried by short title and quantity rather than accounting control number.

ALC material that does not require inventory unless the local COMSEC Manager directs it.

ALC material that is reserved for Electronic Keys

When must you perform page checks of classified COMSEC publications?

Who must ensure page checks of COMSEC publications are completed?

How must you complete page checks?

Where do you record a page check?

What are the guidelines for making amendments of COMSEC material?

What form is commonly used as a destruction certificate of COMSEC material?

How many people must be present before destroying COMSEC material?

The date at which COMSEC material becomes outdated (or superseded)

Destruction that occurs when material is destroyed without proper authority or is destroyed before the supersession date.

Destruction that occurs when material is destroyed completely by accident.

What are the three conditions of destruction that take place?

Destruction that occurs when classified material no longer serves a useful purpose.

What are approved methods for routine destruction for Paper COMSEC Aids?

What are approved methods for routine destruction for non-paper COMSEC Aids?

Destruction that is performed any time there is imminent danger of classified material being compromised when attack by an enemy force is probable.

Term referring to actions planned for use during various scenarios (for example, fire, evacuation, and destruction)

Classified COMSEC material to destroy in an emergency should be separated into what three categories?

What are the emergency destruction priorities for keying material?

What are the emergency destruction priorities for COMSEC documents?

What are the emergency destruction priorities for cryptographic equipment?

What are two methods of emergency destruction which are not suitable for routine destruction?

Determines protective measures that will deny unauthorized personnel access to classified information and intelligence that might be derived from the interception and analysis of unintentionally emitted electrical signals from systems processing classified information.

Unintentional intelligence-bearing signals which, if intercepted and analyzed, may disclose the information transmitted, received, handled, or otherwise processed by any information-processing equipment.

A codename referring to investigations and studies of compromising emission (CE)

What is the goal of TEMPEST?

What is the purpose of Red/Black separation?

How far should Red and Black equipment be separated?

How far should Black voice equipment be separated from Red equipment?

What is the goal of EMSEC and the RED/BLACK concept?

What agency must approve modifications to CCI?

What are unauthorized (non-approved) modifications to CCI considered?

What is done to prevent unauthorized modifications in the case of corporate or government ciphering devices?

What is done to prevent unauthorized modifications in the case of a military client?