Filter by: All $ Off % Off Free Online Offline. When using a public device with a card reader, only use your DoD CAC to access unclassified information, is only allowed if the organization permits it. Let us have a look at your work and suggest how to improve it! **Social Engineering Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? CPCON 1 (Very High: Critical Functions) Correct. Unusual interest in classified information. All https sites are legitimate and there is no risk to entering your personal info online. In the following situations, determine if the duty describes would be one of the Fed is responsible or is not responsible to enforce. CUI includes, but is not limited to Controlled Technical Information (CTI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data and operational information. Connect to the Government Virtual Private Network (VPN). be wary of suspicious e-mails that use your name and/or appear to come from inside your organization. Keep your operating system and software up to date: This will help patch any security vulnerabilities in your software. Which of the following is NOT a DoD special requirement for tokens? What should you do? When operationally necessary, owned by your organization, and approved by the appropriate authority. Please click here to see any active alerts. correct. Which of the following is true of protecting classified data Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. Telework is only authorized for unclassified and confidential information. What is the best example of Protected Health Information (PHI)? Note any identifying information, such as the website's URL, and report the situation to your security POC. After you have returned home following the vacation. Lock your device screen when not in use and require a password to reactivate. Protection may be required for privacy, law enforcement, contractual protections, or other reasons. Your password and a code you receive via text message. Store classified data appropriately in a GSA-approved vault/container. Validate friend requests through another source before confirming them. When your vacation is over, and you have returned home. What are some potential insider threat indicators? A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Malicious code can do the following except? Unclassified Information Student Guide . However, agency personnel and contractors should first consult their agency's CUI implementing policies and program management for guidance. Its classification level may rise when aggregated. Click the card to flip Flashcards Learn Test Match Created by Jamie_Lancaster Terms in this set (24) Which is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF). Which of the following is not a best practice to preserve the authenticity of your identity? When is the best time to post details of your vacation activities on your social networking website? What should be your response? Understanding and using the available privacy settings. How many potential insiders threat indicators does this employee display? (Mobile Devices) Which of the following statements is true? What should you do? Which of the following practices reduces the chance of becoming a target by adversaries seeking insider information? (Spillage) Which of the following is a good practice to aid in preventing spillage? The date of full implementation of the CUI Program will be announced by the EPAs CUI Senior Agency Official (CUI SAO) and updated here on EPAs public web page. Cyber Awareness 2022. Correct Everything you need to know aboutControlled UnclassifiedInformation(CUI). A smartphone that transmits credit card payment information when held in proximity to a credit card reader. They provide guidance on reasons for and duration of classification of information. Which piece of information is safest to include on your social media profile? Annual DoD Cyber Awareness Challenge Training, DOD Cyber Awareness Challenge 2019: Knowledge, DOD Cyber Awareness Challenge 2019 (DOD-IAA-V, Operations Management: Sustainability and Supply Chain Management, Elliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson, Anderson's Business Law and the Legal Environment, Comprehensive Volume, David Twomey, Marianne Jennings, Stephanie Greene. A Progressive Plane Detection Filtering Method for Airborne LiDAR Data What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? View email in plain text and dont view email in Preview Pane. If aggregated, the information could become classified. Correct. Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. What information relates to the physical or mental health of an individual? A colleague removes sensitive information without seeking authorization in order to perform authorized telework. Cyber Challenge.txt - Cyber Awareness What should you do Using NIPRNet tokens on systems of higher classification level. Mark SCI documents appropriately and use an approved SCI fax machine. Which is an untrue statement about unclassified data? - Getvoice.org After clicking on a link on a website, a box pops up and asks if you want to run an application. Exceptionally grave damage. That trust is bounded by the Oath of Office we took willingly. Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? Refer the reporter to your organizations public affairs office. What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? You are working at your unclassified system and receive an email from a coworker containing a classified attachment. Ask the individual to see an identification badge. Organizational Policy Not correct If classified information were released, which classification level would result in Exceptionally grave damage to national security? **Insider Threat What type of activity or behavior should be reported as a potential insider threat? Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, CITI Ethics, Responsible Conduct, RCR, Law, HTH And IRB Answers, EVERFI Achieve Consumer Financial Education Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Google Analytics Individual Qualification Exam Answers, Everfi Module 4 Credit Scores Quiz Answers, Which Of The Following Is Not Considered A Potential Insider Threat Indicator. Select the information on the data sheet that is personally identifiable information (PII). 10-3 X-ray Interaction with Matter, Fundamentals of Engineering Economic Analysis, David Besanko, Mark Shanley, Scott Schaefer. What action should you take? PDF Cyber Awareness Challenge 2022 Information Security you don't need to do anything special to protect this information CUI must be handled using safeguarding or dissemination controls. Back To Business I.T. on LinkedIn: #mfa #2fa #multifactorauthentication Which of the following is true of the Common Access Card (CAC)? Which of the following is true of Controlled Unclassified information (CUI)? You receive an inquiry from a reporter about potentially classified information on the internet. Do not access links or hyperlinked media such as buttons and graphics in email messages. A measure of how much useful work each unit of input energy provides. ALways mark classified information appropriately and retrieve classified documents promptly from the printer. Classification markings and handling caveats. Which of the following is an example of Protected Health Information (PHI)? (Malicious Code) Which of the following is NOT a way that malicious code spreads? Correct. A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. The CAC/PIV is a controlled item and contains certificates for: An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? **Removable Media in a SCIF What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. How many insider threat indicators does Alex demonstrate? Which of the following is true of using DoD Public key Infrastructure (PKI) token? (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Secure it to the same level as Government-issued systems. Managing government information when working remotely (Answer) CPCON 2 (High: Critical and Essential Functions) CPCON 1 (Very High: Critical Functions) CPCON 3 (Medium: Critical, Essential, and Support Functions) CPCON 4 (Low: All Functions) CPCON 5 (Very Low: All Functions). *Sensitive Compartmented Information What should the owner of this printed SCI do differently? What should you do? Which of the following statements is NOT true about protecting your virtual identity? How many potential insider threat indicators does this employee display? Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? Before long she has also purchased shoes from several other websites. correct. (Sensitive Information) Which of the following represents a good physical security practice? What is NOT Personally Identifiable Information (PII)? Refer the reporter to your organizations public affairs office. Call your security point of contact immediately. Back up your data: This will help you recover your data if it's lost or corrupted. 1.1 Standard Challenge Answers. (Malicious Code) Which email attachments are generally SAFE to open? Use TinyURLs preview feature to investigate where the link leads. What should you do? A coworker removes sensitive information without authorization. Try this test to determine if it's considered unclassified, classified or protected, and check out tips on what to do and what not to do when working with sensitive information. Directing you to a website that looks real. (controlled unclassified information) Which of the following is NOT correct way to protect CUI? Which of the following attacks target high ranking officials and executives? Follow instructions given only by verified personnel. Briefly describe what you have learned. CPCON 3 (Medium: Critical, Essential, and Support Functions) Changes to various data systems that store and sometimes share sensitive information outside EPA. You receive an email from a company you have an account with. Which of the following is true of Protected Health Information (PHI)? Top Secret information could be expected to cause exceptionally grave damage to national security of disclosed. Controlled Unclassified Information (CUI) - National Archives classified-document. *Insider Threat Which of the following is a potential insider threat indicator? Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. **Home Computer Security What should you consider when using a wireless keyboard with your home computer? Classified information that should be unclassified and is downgraded. Correct. A coworker brings a personal electronic device into prohibited areas. You have reached the office door to exit your controlled area. Controlled Unclassified Information (CUI) is informationthat requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies, but is not classified under Executive Order 13526 "Classified National Security Informat What are examples of CUI? c. What similarities and differences are there between plant and animal cells? Unsupervised machine learning: Dealing with unknown data Working With Sensitive Information - Canada.ca *Spillage Which of the following may help prevent inadvertent spillage? asked in Internet by voice (265k points) internet. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. What is a proper response if spillage occurs? Maybe. What is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? Which of the following is true of Sensitive Compartmented Information (SCI)? This bag contains your government-issued laptop. Malicious code can mask itself as a harmless e-mail attachment, downloadable file, or website. Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. What is required for an individual to access classified data? Unknown data is categorized by the system; an analyst then reviews the results Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. Leaked classified or controlled information is still classified/controlled even if it has already been compromised. which of the following is true about unclassified data Which of the following is NOT a type of malicious code? You know this project is classified. 8. **Insider Threat What do insiders with authorized access to information or information systems pose? A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. (Malicious Code) Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? Report the suspicious behavior in accordance with their organizations insider threat policy. Your password and the second commonly includes a text with a code sent to your phone. Store it in a shielded sleeve to avoid chip cloning. Which is a way to protect against phishing attacks? Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. Controlled Unclassified Information (CUI): Controlled Unclassified information was defined in the Executive Order 13556 as information held by or generated for the Federal Government that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations and government-wide policies that isn't classified Correct. Correct. **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? **Identity Management Which of the following is the nest description of two-factor authentication? After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. **Classified Data Which of the following is true of telework? (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? Which of the following should be reported as a potential security incident? Which of the following is true about telework? Ch 1 Flashcards by Josh Selkirk | Brainscape Looking for https in the URL. Hostility or anger toward the United States and its policies. When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? Only expressly authorized government-owned PEDs. You receive an unexpected email from a friend: "I think you'll like this: (URL)" What action should you take? They can be part of a distributed denial-of-service (DDoS) attack. Let us know if this was helpful. (Mobile Devices) When can you use removable media on a Government system?
Helping you find Love