Have your permissions from your organization, follow your organization guideline, use authorized equipment and software, employ cyber security best practice, perform telework in dedicated when home. **Removable Media in a SCIF What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? The email provides a website and a toll-free number where you can make payment. Which of the following is an example of punishment by application? Your cousin posted a link to an article with an incendiary headline on social media. (Spillage) What type of activity or behavior should be reported as a potential insider threat? Which scenario might indicate a reportable insider threat? *Insider Threat Which of the following is a potential insider threat indicator? What should you do? Mobile devices and applications can track your location without your knowledge or consent. A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. Which of the following is an example of Protected Health Information (PHI)? Should you always label your removable media? Before long she has also purchased shoes from several other websites. *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? The physical security of the device. (Sensitive Information) What must the dissemination of information regarding intelligence sources, methods, or activities follow? Dont allow other access or to piggyback into secure areas. Bob, a coworker, has been going through a divorce, has financial difficulties and is displaying hostile behavior. The email states your account has been compromised and you are invited to click on the link in order to reset your password. correct. What should you do if someone forgets their access badge (physical access)? **Travel Which of the following is true of traveling overseas with a mobile phone? What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? **Social Networking Which of the following statements is true? Do not use any personally owned/non-organizational removable media on your organizations systems. Which of the following is true of Protected Health Information (PHI)? Store your Common Access Card (CAC) or Personal Identity Verification (PIV) card in a shielded sleeve ~Write your password down on a device that only you access (e.g., your smartphone) Change your password at least every 3 months Enable two-factor authentication whenever available, even for personal accounts. (Sensitive Information) Which of the following is NOT an example of sensitive information? A coworker has left an unknown CD on your desk. what should be your response be? (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? CUI may be stored on any password-protected system. Infographic - Text version Infographic [PDF - 594 KB] Report a problem or mistake on this page Date modified: 2020-12-14 How many potential insiders threat indicators does this employee display? Changes to various data systems that store and sometimes share sensitive information outside EPA. View email in plain text and dont view email in Preview Pane. Some examplesyou may be familiar with: TheFederalCUI Registry,shows authorized categoriesandassociated markings, as well as applicable safeguarding, dissemination, and decontrol procedures. Correct. Within a secure area, you see an individual you do not know. Back up your data: This will help you recover your data if it's lost or corrupted. Controlled Unclassified Information (CUI) is informationthat requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies, but is not classified under Executive Order 13526 "Classified National Security Informat What are examples of CUI? *Spillage Which of the following actions is appropriate after finding classified information on the Internet? Which of the following individuals can access classified data? Hostility or anger toward the United States and its policies. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. There are many travel tips for mobile computing. You know this project is classified. How are Trojan horses, worms, and malicious scripts spread? **Home Computer Security Which of the following is a best practice for securing your home computer? CUI is government created or owned information that requires safeguarding or dissemination controls consistent with applicable laws, regulations and government wide policies. not correct. (Sensitive Information) Which of the following represents a good physical security practice? *Controlled Unclassified Information Which of the following is NOT an example of CUI? Note any identifying information, such as the websites URL, and report the situation to your security POC. Ive tried all the answers and it still tells me off. Proactively identify potential threats and formulate holistic mitigation responses. How Do I Answer The CISSP Exam Questions? Tell us about it through the REPORT button at the bottom of the page. Assuming open storage is always authorized in a secure facility. What type of social engineering targets particular individuals, groups of people, or organizations? You must have your organizations permission to telework. Classification markings and handling caveats. What is the basis for the handling and storage of classified data? Which of the following statements is true? Refer the reporter to your organizations public affairs office. *Malicious Code After visiting a website on your Government device, a popup appears on your screen. Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Search for an answer or ask Weegy. **Social Networking When is the safest time to post details of your vacation activities on your social networking website? Use only your personal contact information when establishing your account. not correct A New interest in learning another language? Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. There is no way to know where the link actually leads. Which may be a security issue with compressed Uniform Resource Locators (URLs)? NARA has the authority and responsibility to manage the CUI Program across the Federal government. Unclassified is a security classification assigned to official information that does not warrant the assignment of Confidential, Secret, or Top Secret markings but which is not publicly-releasable without authorization. CPCON 4 (Low: All Functions) What should you do? Which of the following is NOT a requirement for telework? b. taking away a toy or treat Her badge is not visible to you. If authorized, what can be done on a work computer? What can help to protect the data on your personal mobile device. Learn more about Teams EPAs CUI Program is responsible for issuing CUI policy, procedures, training, and guidance to program offices and regions, along with providing oversight and reporting on the Agencys progress on meeting NARAs CUI deadlines. *Sensitive Compartmented Information What is a Sensitive Compartmented Information (SCI) program? What is considered a mobile computing device and therefore shouldnt be plugged in to your Government computer? E-mailing your co-workers to let them know you are taking a sick day. Which of the following is a proper way to secure your CAC/PIV? A Coworker has asked if you want to download a programmers game to play at work. Identification, encryption, and digital signature. Which of the following is a practice that helps to protect you from identity theft? Looking for https in the URL. The potential for unauthorized viewing of work-related information displayed on your screen. difficult life circumstances such as substance abuse, divided loyalty or allegiance to the U.S., and extreme, persistent interpersonal difficulties. Unclassified documents do not need to be marked as a SCIF. Which of the following is true of Security Classification Guides? Which of the following information is a security risk when posted publicly on your social networking profile? **Travel What is a best practice while traveling with mobile computing devices? Which is an untrue statement about unclassified data? Controlled unclassified information. **Mobile Devices Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? Which of the following is true of sharing information in a Sensitive Compartmented Information Facility (SCIF)? It is permissible to release unclassified information to the public prior to being cleared. What should you do? The email has an attachment whose name contains the word secret. Try this test to determine if it's considered unclassified, classified or protected, and check out tips on what to do and what not to do when working with sensitive information. Maintain visual or physical control of the device. What is a best practice to protect data on your mobile computing device? Do not access website links, buttons, or graphics in e-mail. Thiswill enabletimely and consistent informationsharing andincreasetransparency throughout the Federal government and with non-Federal stakeholders. Filter by: All $ Off % Off Free Online Offline. It is getting late on Friday. **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? Which of the following is true about telework? A passenger in the Land Rover Freelander that T-boned the hatchback said the BMW had been driven out of the unclassified road towards Shipton-under-Wychwood 'like a bat out of hell' - giving . A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. A compromise of Sensitive Compartmented Information (SCI) occurs when a person who does not have the required clearance or access caveats comes into possession of SCI_________.??? Which of the following is NOT considered sensitive information? Classified material must be appropriately marked. *Spillage Which of the following may help to prevent spillage? Of the following, which is NOT a security awareness tip? Which of the following best describes good physical security? Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. Enable automatic screen locking after a period of inactivity. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. *Spillage What should you do if a reporter asks you about potentially classified information on the web? What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? What type of attack might this be? Which of the following demonstrates proper protection of mobile devices? What is an indication that malicious code is running on your system? How should you protect a printed classified document when it is not in use? **Classified Data Which of the following is a good practice to protect classified information? All of these. What portable electronic devices (PEDs) are permitted in a SCIF? **Classified Data Which of the following is true of telework? Sensitive information may be stored on any password-protected system. The email provides a link to a personnel portal where you must enter your personal information as part of an effort to standardize recordkeeping. What should you do? true-statement. **Identity management Which of the following is an example of two-factor authentication? You have reached the office door to exit your controlled area. Which of the following is NOT an example of Personally Identifiable Information (PII)? Press release data. correct. You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? (Malicious Code) Which of the following is true of Internet hoaxes? Which of the following is true about telework? How many potential insiders threat indicators does this employee display? Which designation marks information that does not have potential to damage national security? Which of the following is a good practice for telework? What should you do after you have ended a call from a reporter asking you to confirm potentially classified info found on the web? Phishing can be an email with a hyperlink as bait. Refer the reporter to your organizations public affairs office. Search the Registry: Categories, Markings and Controls: Category list CUI markings Remove your security badge after leaving your controlled area or office building. *Sensitive Compartmented Information Which must be approved and signed by a cognizant Original Classification Authority (OCA)? Unusual interest in classified information. What information most likely presents a security risk on your personal social networking profile? Setting weekly time for virus scan when you are not on the computer and it is powered off. Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. Proactively identify potential threats and formulate holistic mitigation responses. The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. **Classified Data What level of damage can the unauthorized disclosure of information classified as Confidential reasonably be expected to cause? Which of the following is not considered an example of data hiding? The emission rate of CO 2 from the soils reached the maximum on the 1st day of incubation and the sequence of CO 2 emission rate and cumulative emission under different amendment treatments was as SG > S > G > CK > N (Fig. Others may be able to view your screen. Maria is at home shopping for shoes on Amazon.com. Looking at your MOTHER, and screaming THERE SHE BLOWS! Avoid talking about work outside of the workplace or with people without a need-to-know. A program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. Using NIPRNet tokens on systems of higher classification level. They can become an attack vector to other devices on your home network. This bag contains your government-issued laptop. correct. This is information that, if released to the public, carries no injury to personal, industry, or government interests. Only paper documents that are in open storage need to be marked. Which of the following is NOT a home security best practice? **Social Engineering Which may be a security issue with compressed Uniform Resource Locators (URLs)? Click the card to flip Flashcards Learn Test Match Created by Jamie_Lancaster Terms in this set (24) What is considered ethical use of the Government email system? It contains certificates for identification, encryption, and digital signature. How should you securely transport company information on a removable media? (Malicious Code) What are some examples of malicious code? What is required for an individual to access classified data? Correct. What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? Store classified data appropriately in a GSA-approved vault/container. After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. How can you avoid downloading malicious code? The challenges goal is simple: To change user behavior to reduce the risks and vulnerabilities DoD Information Systems face. What is an individual's Personally Identifiable Information (PII) or Protected Health Information (PHI) considered? **Classified Data Which of the following is true of protecting classified data? *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. **Social Engineering What is TRUE of a phishing attack? After you have returned home following the vacation. In which situation below are you permitted to use your PKI token? Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)? Someone calls from an unknown number and says they are from IT and need some information about your computer. (Malicious Code) What is a good practice to protect data on your home wireless systems? CPCON 1 (Very High: Critical Functions) you don't need to do anything special to protect this information Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. which of the following is true about unclassified data. Select the information on the data sheet that is personally identifiable information (PII). Attempting to access sensitive information without need-to-know. You are logged on to your unclassified computer and just received an encrypted email from a co-worker. You must have your organizations permission to telework. a. putting a child in time-out They provide guidance on reasons for and duration of classification of information. Correct. Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. New interest in learning another language, Which of the following is a good practice to protect classified information. Under which circumstances may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? **Social Networking When is the safest time to post details of your vacation activities on your social networking profile? UNCLASSIFIED - CLASSIFICATION MARKINGS FOR TRAINING PURPOSES ONLY Marking in the Electronic Environment Short Student Guide Center for Development of Security Excellence Page 4 UNCLASSIFIED - CLASSIFICATION MARKINGS FOR TRAINING PURPOSES ONLY IM and Chat Instant messages and chats are brief, text-based message exchanges and conversations. For example, when you buy propane for your barbecue, your tank is placed on a scale while it is filled under high pressure (Figure 7). data. be wary of suspicious e-mails that use your name and/or appear to come from inside your organization. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? Maybe. The website requires a credit card for registration. Which of the following is true of internet hoaxes? Which of the following is a good practice to prevent spillage. Mark SCI documents appropriately and use an approved SCI fax machine. Under what circumstances could unclassified information be considered a threat to national security? Ctrl+F (Cmd+F) will help you a lot when searching through such a large set of questions. You must have your organization's permission to telework. Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. Which of the following is an example of two-factor authentication? Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. 1 Answer/Comment. Which of the following is NOT a security best practice when saving cookies to a hard drive? Correct. After clicking on a link on a website, a box pops up and asks if you want to run an application. Keeping a database from being accessed by unauthorized visitors C. Restricting a subject at a lower classification level from accessing data at a higher classification level D. Preventing an . *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Executive Order 13556, Controlled Unclassified Information, requires the Executive Branch to establish an open and uniform program for managing [unclassified] information that requires safeguarding or dissemination controls pursuant to and consistent with laws, regulations, and Government-wide policies. The National Archives and Records Administration (NARA) was named the Executive Agent (EA) responsible for overseeing the CUI Program. Follow procedures for transferring data to and from outside agency and non-Government networks. What should be done to protect against insider threats? Senior government personnel, military or civilian. A trusted friend in your social network posts a link to vaccine information on a website unknown to you. How should you respond? **Classified Data What is a good practice to protect classified information? How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Which of the following is NOT Protected Health Information (PHI)? All https sites are legitimate and there is no risk to entering your personal info online. How many potential insider threat indicators does this employee display? On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. What should the owner of this printed SCI do differently? tell your colleague that it needs to be secured in a cabinet or container. It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number. Decline So That You Maintain Physical Control of Your Government-Issued Laptop. Unclassified Information Student Guide . -TRUE The use of webmail is -is only allowed if the organization permits it Using webmail may bypass built in security features. **Social Networking Which of the following is a security best practice when using social networking sites? Discuss why gases, such as barbecue propane gas, are sold by mass and not by volume. **Classified Data When classified data is not in use, how can you protect it? **Mobile Devices Which of the following helps protect data on your personal mobile devices? What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? Follow procedures for transferring data to and from outside agency and non-Government networks. Which of the following is an example of malicious code? Which of the following makes Alexs personal information vulnerable to attacks by identity thieves? *Spillage. Which of the following may be helpful to prevent inadvertent spillage? -It must be released to the public immediately. Mark SCI documents appropriately and use an approved SCI fax machine. Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, CITI Ethics, Responsible Conduct, RCR, Law, HTH And IRB Answers, EVERFI Achieve Consumer Financial Education Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Google Analytics Individual Qualification Exam Answers, Everfi Module 4 Credit Scores Quiz Answers, Which Of The Following Is Not Considered A Potential Insider Threat Indicator. (Mobile Devices) When can you use removable media on a Government system? How can you protect your information when using wireless technology? Correct 870 Summit Park Avenue Auburn Hills, MI 48057. Store classified data in a locked desk drawer when not in use Maybe 1 Cyber Awareness Challenge 2023 Answers. I may decide not to consent to these terms, but, if I do not consent to all of these terms, then I agree not to proceed with creating an account or moving forward with filling out the application, and I understand that I will not be . What is the best example of Protected Health Information (PHI)? Which may be a security issue with compressed urls? Neither confirm or deny the information is classified. 1.1.2 Classified Data. When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? What is a way to prevent the download of viruses and other malicious code when checking your e-mail? What should be your response? You know that this project is classified. No, you should only allow mobile code to run from your organization or your organizations trusted sites. Unclassified information cleared for public release. Alex demonstrates a lot of potential insider threat indicators. Explain. Spear Phishing attacks commonly attempt to impersonate email from trusted entities. classified-document. Which of the following is NOT true concerning a computer labeled SECRET? How many potential insiders threat indicators does this employee display? UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. Which of the following statements is NOT true about protecting your virtual identity? CUI must be handled using safeguarding or dissemination controls. The proper security clearance and indoctrination into the SCI program. When using a fax machine to send sensitive information, the sender should do which of the following? Classified DVD distribution should be controlled just like any other classified media. Phishing can be an email with a hyperlink as bait. A type of phishing targeted at senior officials. correct. Prudence faxes CUI using an Unclassified cover sheet via a Secret fax machine. -It never requires classification markings. You can't have 1.9 children in a family (despite what the census might say ). CPCON 2 (High: Critical and Essential Functions) It is not corporate intellectual property unless created for or included in requirements related to a government contract. How many potential insider threat indicators does this employee display? Based on the description that follows, how many potential insider threat indicator (s) are displayed? How can you protect data on your mobile computing and portable electronic devices (PEDs)? Which of the following should be done to keep your home computer secure? You are leaving the building where you work. What are the requirements to be granted access to sensitive compartmented information (SCI)? What should you do to protect yourself while on social networks? **Classified Data What is required for an individual to access classified data? Memory sticks, flash drives, or external hard drives. Store it in a General Services Administration (GSA)-approved vault or container. Which of the following is NOT an example of CUI? The following table lists the number of drivers in the United States, the number of fatal accidents, and the number of total accidents in each age group in 2002. **Insider Threat A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. . Which of these is true of unclassified data? Download the information. Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? (Identity Management) What certificates are contained on the Common Access Card (CAC)? -It never requires classification markings. Be aware of classification markings and all handling caveats. **Physical Security What is a good practice for physical security? Top Secret information could be expected to cause exceptionally grave damage to national security of disclosed. (Malicious Code) While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. You know this project is classified. Figure 1. Photos of your pet Correct. What type of activity or behavior should be reported as a potential insider threat? **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? See the discussed example before. Ensure that the wireless security features are properly configured. 1).Compared with CK, straw addition treatments (S and SG) significantly (P < 0.01) increased the emission rate and cumulative emission of CO 2 and the cumulative CO 2 . a. *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? What type of security is part of your responsibility and placed above all else?, If your wireless device is improperly configured someone could gain control of the device? Set hasDigit to true if the 3-character passCode contains a digit, Critical, Essential, and Support Functions. Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? The answer has been confirmed to be correct. Correct. How can you protect your organization on social networking sites? Which of the following does NOT constitute spillage? Which of the following is a clue to recognizing a phishing email? When gases are sold they are usually compressed to high pressures. Which of the following is an example of a strong password? not correct Research the source to evaluate its credibility and reliability.
Dixon Funeral Home Obituaries,
Jeff Taylor Sandnes Obituary Florida,
I Hate Living In Asheville,
Jenny Harries Husband,
How Far Is Normandy From Paris By Train,
Articles W