4300B.200 Communications Security (COMSEC) Version 3 February 4, 2016 DEPARTMENT OF HOMELAND SECURITY DHS 4300B.200 Communication Security (COMSEC) This page left intentionally blank. v3, February 4, 2016 ii DHS 4300B.200 Communication Security (COMSEC) Document Change History Version Date Description 1 July 23, 2013 Initial release 2 May 5, 2014 Version 2.0 changes 3 February 4, Updated all references to CNSSI 4003 throughout directive and all Annexes. 2016 Updated Section 1.0 to add national level policy relationship to DHS COMSEC policy, and to remove supersession statement of the old Q-Series. Updated Section 1.2 terminology. Updated Section 2.0 first paragraph: added “of 2012” to DHS COR Consolidation Implementation Plan; moved second paragraph to new Section 2.2 to better address U.S. Coast Guard, and added Section 2.3 to address U.S. Secret Service. Corrected Section 2.1, 13th bullet statement to update terminology. In Section 3.0, fifth bullet statement, deleted “(STE)” following “Secure Terminal Equipment” to eliminate confusion with STE telephone, and defined acronym HAIPE. Updated Section 4.2: changed heading to read “Cryptographic Access Briefing and Debriefing”; third paragraph to add reference to COMSEC Account Manager’s absence; and deleted Section 4.3 heading, consolidating text of both Sections into Section 4.2. Deleted original Section 5.1 heading, leaving associated text under Section 5.0 heading (with subsequent sub-Sections renumbered accordingly). Corrected Section 5.2 (original Section 5.3) to delete reference to CNSSI 4001, and delete second paragraph, both of which were inappropriate to the Section context. Clarified Section 5.5 (original Section 5.6), third paragraph, to specify requirements regarding use of disposition record forms with canister keying material. Updated Section 5.6 (original Section 5.7), first paragraph, first bullet statement to clarify wording. Added bullet to Section 5.7.3 (original Section 5.8.3) addressing repair work on a combination lock. Moved Section 5.7.2 (original Section 5.8.6.2) to follow Section 5.7.6 (original Section 5.8.6), hence Section 5.7.6 is Protective Packaging of Lock Combinations, Section 5.7.6.1 is now Protective Packaging Techniques, and Section 5.7.6.2 is now Periodic Inspection of Combinations. Updated Section 5.7.6.1, second bullet statement to update Protective Technologies Branch staff code and phone number information. Updated Section 5.8 (original Section 5.9), fifth paragraph (not including Notes), deleted phrase “under TPI” as redundant. Replaced entire text of Section 5.8.2 (original Section 5.9.2) with a statement of general non-applicability of tactical situations in DHS in the context of TPI, subject to case-by-case exceptions per COR guidance. Revised Section 6.3.1 to clarify addressing of formal account establishment requests, v3, February 4, 2016 iii DHS 4300B.200 Communication Security (COMSEC) and to remove COMSEC Account Manager and Alternate appointment criteria. Revised Section 6.3.2; removed military-rank verbiage from third main bullet statement, and removed collateral duty statement from the same; updated seventh main bullet, first two sub-bullets to change “60 days” to read “two class convening dates”; deleted final sub-bullet and its two sub-sub-bullets from seventh main bullet statement; and replaced original final paragraph (following all bullet statements) with two new paragraphs addressing collateral duty assignment and clarifying COMSEC Account personnel nomination paperwork submission requirements. Deleted original Section 6.4.1 heading, leaving the associated text under Section 6.4 heading (with subsequent sub-Sections renumbered accordingly). Modified Section 6.5 heading to add “Responsibilities of” and deleted original Section 6.5.1 heading, leaving the associated text under Section 6.5 heading (with subsequent sub-Sections renumbered accordingly). Changed Section 6.5 (original Section 6.5.1), 19th bullet, NOTE to indicate COMSEC Account Managers are responsible for training users in operation of end- equipment. Updated Section 6.5.1 (original Section 6.5.2), first paragraph, first bullet statement to change “…or equivalent civilian position of responsibility” to read “…or government contractor of equivalent position of responsibility.” Modified Section 6.5.2 (original Section 6.5.3) heading to add “Cleared”, and revised text modifying policy regarding cleared Witnesses. Revised Section 7.0 to remove reference to generated key and NAG 16 (first paragraph and three bullet statements). Revised Section 7.3 to correct the verbiage of the first paragraph, and to direct attention to CNSSI 4005, paragraph 81 for detailed information in lieu of repeating same information and to remove Sub-sections. Revised Section 7.4.2 to update terminology and to correct content. Replaced entire text of Section 7.4.2.1 with new text clarifying procedures and report submission requirements in Possession scenarios. Updated Section 7.4.3: clarified first paragraph wording; updated terminology of first bullet statement; deleted second paragraph, first bullet statement listing Key Conversion Notices (KCN); updated second paragraph, fourth main bullet statement, first sub-bullet to remove “Manager” as redundant; added new fifth and sixth bullet statements listing Account Establishment Letter and COMSEC Vault Accreditation Letter, respectfully. Updated Section 7.4.3.2 with current “Derived From:”, and appropriate “Declassify On:” prompt. Corrected Section 7.4.3.3: second main bullet to reflect two year retention requirement for Visitor Registers; fourth main bullet, first sub bullet statement to remove “COR” as unnecessary. Deleted original Section 7.5.1 heading, leaving associated text under Section 7.5 heading (with subsequent sub-Sections renumbered accordingly). Updated Section 7.5.2 (originally 7.5.3), first paragraph to update Protective Technologies Branch staff code and to cite Tamper Solutions and Inspections; and fourth paragraph, second bullet statement to update terminology. Updated Section 7.6.2 NOTE: to correct Protective Technologies Branch reference and update phone contact information. v3, February 4, 2016 iv DHS 4300B.200 Communication Security (COMSEC) Corrected Section 7.6.5 to update terminology and procedures. Updated Section 7.7 to add new Section 7.7.1 (Hand Receipt Holder Qualifications) and Section 7.7.2 (Hand Receipt Holder Responsibilities) headings (original Section 7.7.1 renumbered to 7.7.3) Updated Section 7.8 NOTE: to update Protective Technologies Branch phone contact information. Updated Section 7.8.2 to address situations preventing timely destruction of COMSEC material through no fault of COMSEC Account personnel. Updated Section 7.8.3 to add CARDS upload. Updated Section 7.8.3.2 to remove statement regarding Key Conversion Notice (KCN). Updated Section 7.8.3.2 to remove reference to Key Conversion Notices. Updated Section 7.8.4 to replace verbiage regarding step-by-step procedures for burning COMSEC material in COMSEC Account’s SOP in first paragraph with second paragraph requiring a contingency plan for routing destruction of COMSEC material in the event of equipment failure as part of the SOP Updated 7.8.4.2, fourth bullet statement to remove reference to KSD-64s and EKMS Central Facility Finksburg. Updated Section 7.9 to add CARDS upload. Updated Section 7.9.1: third main bullet, first sub bullet to add SDNS accountability by KMID; added sixth main bullet to list requirement for semi-annual physical inventory of STEs by quantity. Corrected Section 7.9.2: first paragraph, to update terminology; first bullet statement to update Protective Technologies Branch name and phone contact information, and to clarify and update policy regarding resealing equipment container(s) with respect to inventories, including changing validation requirement from “sign” to “initial” Moved Section 7.9.3 to be a new Section 7.9.5, and updated terminology and removed obsolete information. Updated new Section 7.9.3 (original Section 7.9.4) to remove irrelevant verbiage regarding manual and automated inventories. Updated new Section 7.9.4 (original Section 7.9.5) to remove reference to depot and logistics facilities, and reconciliation. Updated new Sections 7.9.4.1 and 7.9.4.2 (old Sections 7.9.5.1 and 7.9.5.2) terminology. Updated Section 8.0 to add STE inventory documentation and clearance certification requirements, and to remove reference to LMD/KP, and to update terminology in NOTE. Changed Section 8.4 heading from “Audit Grading” to “Audit Evaluation”, and updated text accordingly. Changed Section 9.0 heading from “COMSEC EMERGENCY ACTION PROCEDURES” to “COMSEC EMERGENCY PLANNING,” added appropriate text, and updated Section 9.1 text accordingly. Updated Section 9.1, first and second paragraphs, and fifth paragraphs, first bullet statement to clarify wording. Updated Section 9.4 heading to include “and Reporting”, and deleted Section 9.4.1 v3, February 4, 2016 v DHS 4300B.200 Communication Security (COMSEC) heading, leaving text under Section 9.4 as second paragraph. Deleted Section 9.5. Corrected Sections 10.1, 10.2, and 10.3, added DHS-specific Incident reporting requirements to Section 10.1, and deleted Section 10.1.1 and Sections 10.2.1-10.2.3 to eliminate duplication of information contained in CNSSI 4003. Deleted Section 10.4. Updated Annex A: reference k. to reflect new CNSSI 4003; reference r. to reflect new CNSSP 8; reference aa. to reflect new CNSSI 4000; reference ee. to add CNSSI 4032. Updated Annex C: to rename to Secure Telephone Devices, and to update all references to secure telephone equipment throughout the Annex to secure telephone devices; Section 3. to move appropriate text from Section 3.a. to Section 3. (previously containing no text between Section 3. heading and Section 3.a.); Section 4. to correct, update, and add references; Section 5. to add appropriate introductory text (previously contained no text); Section 5.a.
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages140 Page
-
File Size-