What are the rules for using portable non-secure devices near SCI?

Brush up on your Sensitive Compartmented Information (SCI) Security knowledge. Engage with flashcards and multiple-choice questions, accompanied by hints and detailed explanations. Prepare yourself thoroughly for your security exam today!

Multiple Choice

What are the rules for using portable non-secure devices near SCI?

Explanation:
The main idea is that SCI must be kept off portable non-secure devices and networks. Do not bring SCI onto personal devices or use them in non-secure networks; only approved devices in secure locations should handle SCI. This is because non-secure devices and networks lack the layered protections required for SCI. They can be lost or stolen, infected with malware, or breached, leading to potential disclosure. Relying on a password on a personal device does not provide the necessary safeguards, and there’s no guarantee the device remains in a controlled, monitored environment. Accessing SCI offline on a non-secure device still carries the risk that data could be exposed or recovered later, and ownership of the device isn’t under your program’s security controls. Storing SCI on personal devices with encryption similarly bypasses the program’s approved storage and handling channels, introducing unmanaged risk. Using approved devices in secure locations ensures proper authorization, encryption to government standards, and the ability to enforce need-to-know, compartmented access, and necessary monitoring and controls.

The main idea is that SCI must be kept off portable non-secure devices and networks. Do not bring SCI onto personal devices or use them in non-secure networks; only approved devices in secure locations should handle SCI.

This is because non-secure devices and networks lack the layered protections required for SCI. They can be lost or stolen, infected with malware, or breached, leading to potential disclosure. Relying on a password on a personal device does not provide the necessary safeguards, and there’s no guarantee the device remains in a controlled, monitored environment. Accessing SCI offline on a non-secure device still carries the risk that data could be exposed or recovered later, and ownership of the device isn’t under your program’s security controls. Storing SCI on personal devices with encryption similarly bypasses the program’s approved storage and handling channels, introducing unmanaged risk.

Using approved devices in secure locations ensures proper authorization, encryption to government standards, and the ability to enforce need-to-know, compartmented access, and necessary monitoring and controls.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy