Unit 7 – Security Programs (COMPUSEC, TEMPEST, INFOSEC, OPSEC, COMSEC)

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/33

flashcard set

Earn XP

Description and Tags

34 vocabulary flashcards covering the essential terms and definitions from Unit 7 Security Programs: COMPUSEC, TEMPEST, INFOSEC, OPSEC, and COMSEC.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

34 Terms

1
New cards

COMPUSEC

Security discipline focused on protecting the CONFIDENTIALITY, INTEGRITY, and AVAILABILITY (CIA triad) of computer systems and data.

2
New cards

CIA Triad

The three core goals of information security: Confidentiality, Integrity, and Availability.

3
New cards

Hashing

Integrity-checking technique that produces a fixed-length value to verify a file was not altered during transfer or storage.

4
New cards

Availability (in COMPUSEC)

Ensuring data and services are accessible when needed; supported through permissions, backups, fault tolerance, and clustering.

5
New cards

Clustering

Using multiple servers as one logical unit so another node can take over if one fails, thus preserving availability.

6
New cards

Fraud, Waste, and Abuse

Intentional deception that unlawfully deprives the Air Force (or any organization) of something of value.

7
New cards

TEMPEST

Program that identifies and mitigates vulnerabilities caused by compromising electromagnetic emanations from information systems.

8
New cards

Compromising Emanations

Unintentional electrical or electromagnetic signals that may disclose classified or sensitive information.

9
New cards

Electromagnetic Interference (EMI)

Energy radiated by electronic devices; present in ALL electronics and a concern for TEMPEST.

10
New cards

Red/Black Separation

TEMPEST rule requiring physical and electrical isolation between classified (red) and unclassified (black) circuits/cabling.

11
New cards

Fiber-Optic Cabling

Transmission medium not subject to TEMPEST separation requirements because it does not radiate compromising emanations.

12
New cards

INFOSEC

Discipline aimed at identifying and protecting classified information and Controlled Unclassified Information (CUI).

13
New cards

Information Protection (3 Disciplines)

Personnel Security, Industrial Security, and Information Security.

14
New cards

Controlled Unclassified Information (CUI)

Unclassified information that requires safeguarding or dissemination controls pursuant to law or policy.

15
New cards

FOIA (Freedom of Information Act)

U.S. law granting the public the right to request access to federal agency records.

16
New cards

FOUO (For Official Use Only)

Unclassified designation exempt from public release because disclosure could cause foreseeable harm.

17
New cards

Privacy Act of 1974

Federal statute governing collection, maintenance, use, and dissemination of personal information by federal agencies.

18
New cards

Personally Identifiable Information (PII)

Data that can identify an individual, e.g., Social Security Number; protected under the Privacy Act.

19
New cards

Top Secret (Classification)

Information whose unauthorized disclosure could cause EXCEPTIONALLY GRAVE damage to national security.

20
New cards

Secret (Classification)

Information whose unauthorized disclosure could cause SERIOUS damage to national security.

21
New cards

Confidential (Classification)

Information whose unauthorized disclosure could cause DAMAGE to national security; may be transmitted by any means approved for Secret or by USPS.

22
New cards

Transmission of Top Secret Information

Must use encrypted communication systems or cleared courier service specifically authorized for Top Secret material.

23
New cards

OPSEC (Operations Security)

Process for identifying, analyzing, and controlling critical information to reduce adversary exploitation across ALL phases of operations.

24
New cards

Critical Information

Specific facts about friendly intentions, capabilities, or activities that, if revealed, could harm mission success.

25
New cards

Indicator (in OPSEC)

Open-source piece of information that, when combined with other data, can reveal critical information to an adversary.

26
New cards

Social Media (OPSEC Risk)

One of the easiest avenues for adversaries to collect information about military operations through user posts and interactions.

27
New cards

COMSEC

Protective measures applied to communications and information systems that handle classified or sensitive data.

28
New cards

Encryption

Conversion of data into ciphertext so it cannot be easily understood without the proper key.

29
New cards

Decryption

Process of restoring encrypted data back to its original plaintext form.

30
New cards

Cryptography

Study and application of codes and ciphers used to encrypt and decrypt information.

31
New cards

Cryptanalysis

Science of breaking or decoding encrypted information without the key.

32
New cards

Cryptosecurity

Protection achieved through the proper, authorized use of cryptographic systems.

33
New cards

TRANSEC (Transmission Security)

Measures that protect transmissions from interception and exploitation by means other than cryptanalysis, e.g., frequency hopping.

34
New cards

GSA-Approved Safe

General Services Administration security container that provides physical protection for classified COMSEC material.