In a tactical environment, Physical Security Plans should be based on METT-TC, which stands for mission, _______________, terrain and weather, troops, time available, and civilian considerations.
Exercises
Equipment
Enemy
Providing information on the capabilities and intentions of our adversaries is the responsibility of the ____________.
Physical Security Officer
Commander or Director
Antiterrorism Officer
Operational Security Officer
Counterintelligence Agent
Force Protection Conditions (FPCONs) are graduated categories of measures or actions commanders take to protect personnel and assets from attack.
________________ establish duties, roles and responsibilities at individual assignments, checkpoints, gates and guard posts.
Physical Security Plans (PSP)
Memorandums of Understanding (MOU)
Post Orders
_________________, the inspector should review any local security directives, the Physical Security Plan, its Standard Operating Procedures, and any previous inspection reports, exceptions, and waivers.
When preparing the inspection report
During the inspection
In preparation for an inspection
A ______________ defines emergency delegations of authority and orders of succession to ensure DoD Component Mission Essential Functions (MEFs) continue under all circumstances.
Physical Security Plan (PSP)
Continuity of Operations Plan (COOP)
Memorandum of Agreement (MOA)
Threat levels assist senior leaders to determine the appropriate ________ level.
Classification designation
FPCON
SOP
GSA security specification
Two antiterrorism tools the DoD uses to safeguard DoD assets are __________________ and _______________.
Force Protection Conditions (FPCONs) and Terrorist Threat Levels
Threat Working Group and Post Orders
Countermeasures and Standard Operating Procedures
__________________ issue Force Protection Conditions (FPCONs).
COCOMs and Installation Commanders/Facility Directors
The DHS and COCOMs
The DIA and COCOMs
It’s better for an inspector not to announce the inspection in order to create a surprise effect and see how everything really operates.
Which system detects a change in the environment and transmits an alarm?
CCTV
Access Controls Systems
IDS
___________________ are often overlooked in physical security planning and implementation.
Lights
Barriers
Man-passable openings
Lighting deters unauthorized entry by providing a psychological deterrence to intruders.
______________________ are formal agreements that provide security assistance between DoD activities and from local law enforcement agencies as well as mutual aid from local fire and medical services.
Standard Operating Procedures (SOP)
Memorandums of Understanding and Agreement (MOU/MOA)
When assessing an asset, you must determine the nature and the value of that asset and the degree of impact if the asset is damaged or lost.
FPCON _________ applies in the immediate area where a terrorist attack has occurred or when intelligence has been received that terrorist action against a specific target is imminent.
Normal
Alpha
Bravo
Charlie
Delta
There is a one for one correlation between Terrorist Threat Levels and force Protection Conditions.
The _____________________ develops and refines terrorism threat assessments and coordinates and disseminates threat warnings, reports, and summaries.
Defense Critical Infrastructure Protection (DCIP) Working Group
Antiterrorism Working Group (ATWG)
Threat Working Group (TWG)
Examples of oversight tools include day-to-day observations, surveys, staff assist visits, ______________, and the operational environment.
Policy manuals
Inspections
Executive Orders
_____________________ are based on information about terrorist groups such as their operational capability, intentions, activity, and the operational environment.
Continuity of Operations Plans (COOPs)
Counterterrorism measures
DoD Terrorist Threat Levels
Force Protection Conditions (FPCONs)
Although the DoD issues DoD-wide guidance for physical security planning and implementation, you should always consult ______________ for specific guidance.
Your component’s policies
Congressional legislation
As a physical security specialist, you may assume different physical security roles or serve on different working groups, such as the ATWG, TWG, and DCIP.
_______________ can result from day-to-day observations or more formal oversight.
Inspection reports
Incident reports
Surveys
Antiterrorism physical security measures incorporate detection, deterrence, denial and ____________.
Documentation
Evaluation
Determination
Notification
Which of the following statements are true of physical security planning and implementation? Select all that apply.
The risk management process must be used to plan which physical security measures should be utilized to protect DoD assets.
Protection of DoD assets must be performed at any cost; therefore, a cost vs. benefit analysis is not necessary.
Use of oversight tools is an important part of physical security implementation.
Facility design must be considered in physical security planning.
Which of the following would best be described as a DoD asset?
Terrorist
Fence
Open, unattended installation gate
Arms and ammunition
Loss of life
Which of the following would best be described as a threat?
Which of the following would best be described as a vulnerability?
Which of the following would best be described as a risk?
Which of the following would best be described as a countermeasure?
The ________ is responsible for the installation’s antiterrorism program.
Law Enforcement
OPSEC Officer
CI Support
DCIP Officer
Installation Commander/Facility Director
________ is responsible for providing valuable information on the capabilities, intentions, and threats of adversaries.
The ________ analyzes threats to assets and their vulnerabilities.
________ must be included in the intelligence gathering process so that they can be part of coordinating emergency responses and criminal incidents on a Federal installation.
The ________ is charged with the management, implementation, and direction of all physical security programs.
The ________ is responsible for mitigating risks against Defense Critical Infrastructure assets that support the mission of an installation or facility.
Flashlights are a reliable form of continuous lighting.
Emergency lighting depends upon the power supply of the utility company.
Standby lighting is the type of lighting used when the primary power source fails.
Certain types of lighting can incapacitate an intruder.
Controlled lighting is used to illuminate the perimeter of a facility.
_________ is often used as a temporary barrier when rolled out on the ground.
Barbed wire
Concertina wire
Chain-link fencing
Metal ornamental high-security fencing
_________ can be used as permanent standalone fencing but is more often used as an outrigger on the top of the chain link fencing.
_________ is more difficult for intruders to scale.
_________ is a common type of perimeter fencing for DoD facilities.
Securing man-passable openings is one of the most overlooked physical security protective measures.
Intrusion Detection Systems (IDS) prevent unauthorized entry.
Cost and risk must always be considered when planning which physical security measures to use in a facility or installation.
Access control systems help to prevent unauthorized entry.
CCTV can deter loss, theft, or misuse of government property and resources.
Operational/administrative procedures for normal and emergency situations
COOP
MOU/MOA
PSP
Comprehensive protective measures for an installation, facility, or activity
Roles and responsibilities for individual work areas such as checkpoints and guard gates
Provisions for back-up facilities, utilities, communication and computer systems, and transportation in the event of a major emergency
Provisions for one entity, such as a DoD activity or local law enforcement, fire, and medical services, to provide security assistance to another entity
Combatant Commanders issue both DoD Terrorist Threat Levels and FPCONs.
Both the DIA and COCOMs issue FPCONs.
Installation commanders and facility directors issue DoD Terrorist Threat Levels.
Terrorist Threat Levels are based on information about terrorist groups such as their operational capability and their intentions.
FPCONs are based on various factors, such as terrorist threat analyses and DoD Terrorist Threat Levels.
System that standardizes the identification and recommended preventive actions and responses to terrorist threats against U.S. assets
Terrorist Threat Levels
Force Protection
DoD AT Program
Force Protection Conditions
The prevention and detection of terrorist attacks against DoD assets as well as the preparation to defend against and planning for the response to the consequences of terrorist incidents
Intelligence threat assessments of the level of terrorist threat faced by U.S. personnel and interests
Actions taken to prevent or mitigate hostile actions against DoD assets such as DoD personnel, family members, resources, facilities, and critical information
Internal reviews conducted by members of the organization to aid internal control and ensure cost-effective security program
Staff assist visits
Compliance inspections
Day-to-day observations
Management/self-inspections
Formal reviews conducted by senior officials in the chain-of-command
Validate baseline security posture when personnel assume security responsibilities or as a prelude to a formal inspection
Can be self-initiated or directed by higher authorities to determine the physical security posture of an installation or facility
Most common and informal oversight tool; immediate action taken to correct deficiencies
You must use the ________________ process to acquire and analyze the information necessary for protecting assets and allocating security resources against the threats
physical security implementation
oversight and inspection
risk management
The first line of defense in any facility is usually some form of perimeter protection.
The purpose of oversight of physical security programs is to ensure the security program complies with DoD and other policies, is cost-effective, and protects DoD assets.
Authorized personnel may augment their FPCON by adding measures from higher FPCON standards as they deem necessary.
A __________ threat level signifies anti-U.S. terrorists are operationally active and the operating environment favors the terrorists.
High
Significant
Low
Moderate
During an inspection, the inspector should use a checklist, talk with people, examine and test products, advise personnel about policy and changes to policy, and __________________________________.
send violators to the senior manager’s office for reprimand
issue security violation citations on the spot
take good notes
The use of glare lighting can incapacitate intruders.
Physical security planning includes facility design, creation of written plans such as a Physical Security Plan (PSP), and antiterrorism planning.
Barriers are generally used to deter and delay unauthorized entry, define boundaries, and _______________.
Channel vehicular and pedestrian traffic
Detect intruders
Incapacitate intruders
____________________________________ develop and maintain physical security plans.
Physical Security Officers
Defense Critical Infrastructure Protection (DCIP) Program Officers
Operations Security (OPSEC) Officers
Low threat levels designate that a terrorist group is in the vicinity and is _________.
Threatening
Non-threatening
Active
Targeted
__________________________ are NORMAL, ALPHA, BRAVO, CHARLIE, and DELTA.
A Bomb Threat Plan, a Natural Disaster Plan, and a Communications Plan are all examples of ____________________ that must be included with a Physical Security Plan.
annexes
____________________________________ provide information on the capabilities, intentions, and threats of adversaries.
Counterintelligence (CI) support personnel
Antiterrorism Officers (ATO)
Which of the following physical security coordinating activities is made up of multiple individuals such as the Antiterrorism Officer, a Counterintelligence representative, Operations Security officer, and Law Enforcement representative?
Threat Working Group
Antiterrorism Executive Committee
Antiterrorism Working Group
FPCON ________ applies when an incident occurs or intelligence is received indicating some form of terrorist action or targeting against U.S. personnel of DoD assets is likely.
SCIFs, AA&E storage facilities, and nuclear storage facilities are examples of restricted areas.
While both Class V and Class VI GSA-approved containers offer protection against covert and surreptitious entry, only Class V containers offer protection against forced entry.
What is the purpose of the warning label on GSA-approved containers manufactured beginning April 2007?
Warns against storing classified information with sensitive materials such as money and weapons
Warns against storing unclassified information in the container
Warns against unapproved modification of the container
In AA&E storage facilities, why must drainage structures be secured if they cross the fence line and meet certain size requirements?
To prevent rats from infesting the facility
To prevent anyone from crawling into the area
To prevent water from backing up into the facility
Unauthorized entrance into restricted areas is subject to prosecution.
Which is NOT approved for the open storage of classified information?
Storage closet
Secure room
Vault
Which DoD-mandated practice reduces protection, storage, and inventory costs?
Consolidate AA&E storage facilities
Categorize and store AA&E by security risk categories
Demilitarize/dispose of obsolete and unserviceable AA&E
Which of the following statements is true about locks and keys for security containers?
Keys may be stored in your desk drawer as long as it locks.
Key-operated locks may not be used on storage containers securing classified material.
Locks and keys should be afforded the same level of protection as the material or information being secured.
Certain non-GSA-approved security containers are never approved for storage of classified information in the DoD.
The design goal for an AA&E storage facility is that is must meet or exceed 10 minutes of resistance to _________________ entry.
covert
surreptitious
forced
Why should you categorize, store, and protect AA&E by security risk categories?
To reduce overall protection costs
To save space
To identify obsolete AA&E
Storage containers and facilities protect valuable, sensitive, and classified information by ________________.
consolidating no longer needed classified information
delaying unauthorized entry
preventing all unauthorized entry
If you need to know the manufacture date of a GSA-approved container, on which label would you find that information?
Number label
GSA-approved label
Warning label
Test certification label
Container identification label
Which of these statements is true about storage of Confidential information?
Supplemental protection is not normally required when storing Confidential information in an approved storage container.
Supplemental protection is always required when storing Confidential information regardless of which storage container is used.
Supplemental protection is usually required when storing Confidential information in a secure room.
Storage containers and facilities are not only important to our national security, but also to the safety of the general public.
For AA&E SRC III & IV, if no IDS is present Security Force checks during non-duty hours is required.
Storage containers or facilities will always provide enough protection for certain types of information or material on their own.
To store classified information, you may only use Class V or Class VI GSA-approved containers as the other classes of containers may no longer be used.
What is considered an additional measure for AA&E storage?
Communications
Security Forces
There are certain times when you must change the combination on locks securing classified information. Which of the following is not a time when you must change the combination?
When the container is taken out of service
When the container or lock has been subject to possible compromise
When anyone with knowledge of the combination no longer requires access
Prior to going on extended leave
Which group uses the same set of storage requirements based on security risk categories?
Arms and explosives
Ammunition and explosives
What items can a Nuclear Storage Facility store?
Critical Nuclear Weapons
SAP documents
AA&E SRC I&II
SCIF information
Which of the following items may be stored with classified information?
Nothing
Weapons
Precious metals
Money
Perimeter lighting in AA&E storage facilities is _________________________.
Determined by DoD Components
A good best practice
Required
Which of these statements is true about storage of Secret information?
Supplemental protection is not required when storing Secret information in a vault.
Supplemental protection is always required when storing Secret information.
Supplemental protection is never required when storing Secret information in a secure room.
What do the classes of GSA-approved containers represent?
Which ones are approved for the storage of classified information
The types of sensitive material for which each container is approved
Varying degrees of protection against different types of unauthorized entry
Who uses SCIFs?
The intelligence community
Only those who have a Top Secret clearance
Anyone who stores classified information
If you needed to find information on physical security standards for SCIFs, which reference would you consult?
ICD 705
The NISPOM
DoDM 5200.01, Volumes 1-4
For storage of classified you may use which GSA-approved containers?
Only containers with black labels
Containers with any GSA-approved label
Only containers with red labels
Which of the following statements are true of storage containers and facilities? Select all that apply.
Storage containers and facilities protect valuable and/or sensitive assets by delaying unauthorized entry.
They are categorized by how well they delay different types of unauthorized entry.
They are important to our national security and to the safety of the general public.
They are required only for the storage of classified information.
Which of the following would be factors you would need to consider when selecting storage containers and facilities? Select all that apply.
Whether the TOP SECRET material being stored is a set of documents or a weapon system
If the material is being stored in a war zone or not
Whether a document is CONFIDENTIAL or TOP SECRET
Whether the items being stored are conventional AA&E or nuclear weapons
In the DoD, classified information may be stored in a non-GSA approved container.
COMSEC material is stored in GSA-approved containers.
Class V and Class VI are the only models of GSA-approved storage containers that are currently being manufactured for the storage of classified information.
Class V and Class VI models of GSA-approved storage containers both provide protection against surreptitious, covert, and forced entry.
Which of the following labels must be clearly displayed on the face of the container in order for it to be used to store classified information?
Cabinet identification label
Which of the following labels is displayed on the face of the container and contains the serial number of the container?
For containers manufactured beginning April 2007, which label is attached to the top inside of the control drawer and states that any modification of the container that is not in accordance with Federal Standard 809 will invalidate the GSA approval of the container?
Top Secret information can only be stored in a GSA-approved security container, secure room, or vault.
Vaults are more secure than secure rooms.
Vault doors are made of hardened steel and must retain their original gray color.
Vaults are more secure than modular vaults.
Secure rooms and vaults may both be authorized for the open storage of classified information.
Which of the following are required practices when using storage containers? Select all that apply.
Safeguard keys, locks, and combinations at the same level of the classified information being stored.
Change combinations when anyone with knowledge of the combination no longer requires access and when the container or lock has been subject to possible compromise.
Store classified information with sensitive items or weapons.
Keep records of security containers, vaults, and secure rooms used for the storage
Who provides construction and security requirements for SCIFs?
Director of National Intelligence (DNI)
Central Intelligence Agency (CIA)
Defense Intelligence Agency (DIA)
General Services Administration (GSA)
Department of Defense (DoD)
Who provides accreditation for SCIFs?
Which of the following statements are true of SCIFs? Select all that apply.
They are used by the intelligence community to store classified information.
They are used by the DoD to store AA&E.
They are used to store sensitive compartmented information.
They are used to store nuclear weapons.
Warning signs must be posted at each boundary of a restricted area and must be conspicuous to those approaching on foot or by vehicle.
The use of master key systems is acceptable in the storage of AA&E.
The use of deadly force is authorized against anyone who enters a nuclear storage facility without proper authorization.
Securing drainage structures must be considered if they cross the fence line of an AA&E storage area.
Emergency lighting and security lighting for the entire perimeter of nuclear weapon storage facilities are ____________________.
determined by DoD Components
required
utilized when necessary
Fences are always required for storage of _____________________ .
SRC I and II ammunition and explosives
Storage of arms, ammunition, and explosives
All SRC of ammunition and explosives
If you arrived at work one day and noticed that someone had pried open the drawer of the locked filing cabinet in your office, you would know that ___________ entry had occurred.
You don’t have to procure new security storage equipment from the GSA Federal Supply Schedule. You can get an exception from USD (P).
One general principle is the more sensitive the material to be stored, or the greater the threat to it, the stricter your storage and protection methods must be.
AA&E storage facilities must have a primary and back-up means of communications for emergency purposes.
You can find construction standards for secure rooms at cleared contractor facilities by reviewing ____________.
ICS 705
the NISPOM
DoDM 5200.01, Volumes 1-4, Information Security Program
Restricted area signs posted around the perimeter of nuclear weapon storage facilities states that if anyone attempts to enter the area without permission of the Installation Commander _____________________.
they can be subject to the Uniform Code of Military Justice
use of deadly force is authorized
they can be subject to radiation
GSA-approved containers require recertification if the GSA-approved label is missing.
For storage of SRC I and II AA&E, exterior building lighting is _________________________.
When two or more units store their AA&E in one facility, both units are responsible for the security of that facility.
When purchasing new security storage equipment, you must use the GSA Federal Supply Schedule, except when an exception is made by the DoD component head with notification to the USD(I).
If the GSA-approved label comes off the front of your filing cabinet, you can still use it to store classified information as long as you have the label reattached in a timely manner.
Vaults ____________________modular vaults.
are more secure than
provide the same level of security as
are less secure than
An ESS is a component of an overall physical protection system.
An ESS must be comprised of at least two or more subsystems. Therefore, a stand-alone automated access control system, for example, would not constitute an ESS.
An effective ESS must ensure that the time between detection of an intrusion and response by security forces is less than the time it takes for damage or compromise of assets to occur.
You are tasked with planning an ESS for a DoD facility. What regulatory guidance document(s) should be your primary reference?
DoDM 5100.76, Physical Security of Sensitive Conventional Arms, Ammunition, and Explosives
UFC, 4-021-02, Electronic Security Systems
ICS 705-1, Physical and Technical Security Standards for Sensitive Compartmented Information Facilities
DoD Manual on ESS Planning
Assets, threats, and vulnerabilities are all part of the risk calculation.
Threats against an asset are determined when you conduct a site survey.
You must consider operational and maintenance costs of an ESS when comparing the value of an asset to be protected versus the cost of the ESS to protect an asset.
What can an AACS do to protect assets in a facility? Select all that apply.
Allow authorized personnel to enter a controlled area after verifying credentials
Assist in preventing unauthorized personnel from entering a controlled area
Communicate with CCTV for assessment purposes
Communicate with an IDS to sound an alarm to alert security personnel of unauthorized entry attempts
A high-security facility requires an AACS that makes it extremely difficult to duplicate the user’s form of verification for access. Which type of AACS is most appropriate for that facility?
Coded
Credential
Biometric
You have been directed to purchase the least expensive type of AACS for a given facility. Which type of AACS should you choose?
Which type of AACS would allow you to use your CAC as the verification method for authorized entry into a controlled area?
Which AACS feature would you implement to mitigate the risk of someone giving his or her credentials to another person to access a controlled area?
Two person rule
Antipassback
REX device
Antitailgating
Which AACS feature would you implement to prevent individual cardholders from entering a selected empty controlled area unaccompanied?
Which AACS feature would you implement to prevent a person from following another person closely in order to gain ingress through the same portal when the authorized person’s credential grants access?
Which AACS feature would you implement to facilitate egress from a controlled area?
Which of the following should you conduct to test the placement of IDS sensors?
Acceptance test
Nuisance alarm
PCU test
Which of the following can be caused by an animal activating an IDS sensor?
Which of the following is part of an acceptance test?
Which type of exterior IDS sensor is good for detecting intrusion by digging and tunneling?
Open terrain sensor
Buried line sensor
Fence-associated sensor
Which exterior IDS sensor is NOT vulnerable to bridging?
Which exterior IDS sensor is usually the least expensive?
Which exterior IDS sensor is also known as a line-of-sight sensor?
Which type of sensor would be most effective in protecting a permanently secured window?
Balanced magnetic switch (BMS) / High security switch (HSS)
Glass break sensor
Passive infrared sensor
Dual-technology sensor
Which sensor detects heat signatures of intruders and is the most common interior volumetric sensor?
Which sensor is used on doors, roof hatches, and windows?
What capability does monitoring a military exchange demonstrate?
Access Control
Alarm Assessment
Surveillance
What capability does viewing a CCTV monitor to determine security force response to an alarm demonstrate?
What capability does viewing individuals on a CCTV camera to grant or deny access to a facility demonstrate?
You have received a request to add a CCTV system to a building on your installation. Which questions should you ask? Select all that apply.
Will the CCTV system be used inside or outside?
Will the CCTV system be used in a very well-lit area, in low lighting, or in the dark?
Are there any visual obstacles that might block the system from capturing clear images?
Will the system require a person to man the monitor at all times?
A wireless network is more secure than a hardwired network.
A DTM allows an automated access control system to communicate with a control center.
Wireline DTM, which is good for most ESS data transmission needs, has a high bandwidth.
Which of the following are considerations when planning for a DTM link? Select all that apply.
What is the bandwidth of each ESS subsystem being connected?
What level of security will be required?
Is there an uninterruptible power supply?
Can you use existing networks or will you need to create a new pathway?
Police connection and central station monitoring generally require an increase in staffing at the facility being monitored.
Proprietary station monitoring is the method used most by DoD installations.
Police connection and central station monitoring are generally connected to the facility being monitored through leased telephone lines.
Local alarm monitoring works best without another type of monitoring used in conjunction with it.
A facility owns and operates the dispatch center and security forces.
Proprietary Station
Local Alarm
Central Station
Police Connection
The local police agency monitors a facility’s alarms.
Owned by a commercial firm and not usually located on the facility being monitored.
Requires roving security forces.
Which of the following require(s) a mechanical/automated access control system or visual recognition as the access control method? Select all that apply.
SCIF
Top Secret/Secret collateral open storage area
Arms room
Magazine
Which of the following may contain a CCTV within the protected area? Select all that apply.
Which of the following must have vibration sensors on its walls to detect boundary penetration attempts? Select all that apply.
Which of the following require(s) any system-associated cabling that extends beyond protected area perimeter to be installed in rigid conduit? Select all that apply.
Which method of ESS monitoring is used for remote facilities and high-value assets not located on a DoD facility or installation?
Proprietary station
Central station
Police connection
If an individual must enter their fingerprint to gain access to a controlled area, what type of device are they using?
Coded device
Biometric device
Credential device
