They can be part of a distributed denial-of-service (DDoS) attack. Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. correct. You believe that you are a victim of identity theft. Which of the following is a reportable insider threat activity? On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. The National Archives and Records Administration (NARA) serves as the Controlled Unclassified Information (CUI) Executive Agent (EA). **Insider Threat Which scenario might indicate a reportable insider threat? Which is a risk associated with removable media? Within a secure area, you see an individual you do not know. Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. a. 1.1.5 Controlled Unclassified Information. Which of the following is true of the Common Access Card (CAC) or Personal Identity Verification (PIV) card? (Spillage) What type of activity or behavior should be reported as a potential insider threat? E-mailing your co-workers to let them know you are taking a sick day. Accepting the default privacy settings. Which of these are true of unclassified data? - Answers Who can be permitted access to classified data? (controlled unclassified information) Which of the following is NOT correct way to protect CUI? Contents hide. Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? Report the crime to local law enforcement. Ch 1 Flashcards by Josh Selkirk | Brainscape What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? Lionel stops an individual in his secure area who is not wearing a badge. (Spillage) What should you do when you are working on an unclassified system and receive an email with a classified attachment? Which of the following is NOT one? (Spillage) Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? You should only accept cookies from reputable, trusted websites. **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? What information most likely presents a security risk on your personal social networking profile? How many potential insider threat indicators does this employee display? Which of the following is NOT a best practice to protect data on your mobile computing device? However, agency personnel and contractors should first consult their agency's CUI implementing policies and program management for guidance. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. They can become an attack vector to other devices on your home network. Not correct -It never requires classification markings. Directives issued by the Director of National Intelligence. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. When can you check personal email on your government furnished equipment? You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? Your health insurance explanation of benefits (EOB). *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? #1) Open WEKA and select "Explorer" under 'Applications'. Controlled unclassified information. Original classification authority Correct. 1.1.4 Social Networking. You receive an email at your official Government email address from an individual at the Office of Personnel Management (OPM). (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? Connect to the Government Virtual Private Network (VPN).?? Which of the following makes Alexs personal information vulnerable to attacks by identity thieves? **Identity management Which of the following is an example of two-factor authentication? Which of the following is a clue to recognizing a phishing email? You are logged on to your unclassified computer and just received an encrypted email from a co-worker. Under What Circumstances Could Unclassified? What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? Cyber Awareness Challenge Complete Questions and Answers Some examplesyou may be familiar with: TheFederalCUI Registry,shows authorized categoriesandassociated markings, as well as applicable safeguarding, dissemination, and decontrol procedures. correct. What can be used to track Marias web browsing habits? NARA has the authority and responsibility to manage the CUI Program across the Federal government. All https sites are legitimate and there is no risk to entering your personal info online. Correct. How many insider threat indicators does Alex demonstrate? Hostility or anger toward the United States and its policies. Note the websites URL and report the situation to your security point of contact. Chinese Hackers Steal Unclassified Data From Navy Contractor **Social Networking Which of the following statements is true? *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? What Exactly is CUI? (and How to Manage It) - Security Boulevard Correct. Which of the following best describes wireless technology? You can't have 1.9 children in a family (despite what the census might say ). For Government-owned devices, use approved and authorized applications only. Which of the following is a good practice to protect classified information? How can you protect your information when using wireless technology? a. putting a child in time-out As long as the document is cleared for public release, you may share it outside of DoD. Cyber Awareness 2020 Knowledge Check Flashcards | Quizlet When unclassified data is aggregated, its classification level may rise. Unclassified is a security classification assigned to official information that does not warrant the assignment of Confidential, Secret, or Top Secret markings but which is not publicly-releasable without authorization. (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? PDF Unauthorized Disclosure of Classified Information and Controlled - CDSE **Social Engineering What is TRUE of a phishing attack? They can be part of a distributed denial-of-service (DDoS) attack. Which of the following is true about unclassified data? When your vacation is over, and you have returned home. Note any identifying information and the websites Uniform Resource Locator (URL). How many potential insider threat indicators does this employee display? Looking for https in the URL. CPCON 1 (Very High: Critical Functions) Which is a good practice to protect classified information? laptops, fitness bands, tablets, smartphones, electric readers, and Bluetooth devices. **Insider Threat Which of the following should be reported as a potential security incident (in accordance with you Agencys insider threat policy)? -It must be released to the public immediately. Which of the following is a good practice to avoid email viruses? Quizzma is a free online database of educational quizzes and test answers. What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. The questions are broken into the following sections: Controlled Unclassified Information (CUI) isinformation that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies,but is not classified underExecutive Order 13526 Classified National Security Informationorthe Atomic Energy Act, as amended. JavaScript appears to be disabled on this computer. Which of the following attacks target high ranking officials and executives? (2) War planning documents which contain worldwide -- (a) Planning data and assumptions, (b) Wartime planning factors for the use of nuclear weapons, (c) Intelligence estimates of enemy capabilities, (d) Force composition and development, and Which of the following is NOT a security best practice when saving cookies to a hard drive? Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical functions only? Which of the following is NOT a correct way to protect sensitive information? You know that this project is classified. internet-quiz. Validate all friend requests through another source before confirming them. *Spillage Which of the following actions is appropriate after finding classified information on the Internet? Its classification level may rise when aggregated. After clicking on a link on a website, a box pops up and asks if you want to run an application. Which of these is true of unclassified data?-It must be released to the public immediately.-Its classification level may rise when aggregated. It is releasable to the public without clearance. Effects of different carbon substrates on PAHs fractions and microbial Aggregating it does not affect its sensitivyty level. Confirm the individuals need-to-know and access. Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. A smartphone that transmits credit card payment information when held in proximity to a credit card reader. I may decide not to consent to these terms, but, if I do not consent to all of these terms, then I agree not to proceed with creating an account or moving forward with filling out the application, and I understand that I will not be . What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? Compute The Average Kids Per Family. The following practices help prevent viruses and the downloading of malicious code except. What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. You know this project is classified. -Classified information that should be unclassified and is downgraded. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? *Sensitive Compartmented Information Which must be approved and signed by a cognizant Original Classification Authority (OCA)? **Social Networking Which of the following best describes the sources that contribute to your online identity? Filter by: All $ Off % Off Free Online Offline. What is considered ethical use of the Government email system? What should be done to protect against insider threats? Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? There are many travel tips for mobile computing. Proactively identify potential threats and formulate holistic mitigation responses. A passenger in the Land Rover Freelander that T-boned the hatchback said the BMW had been driven out of the unclassified road towards Shipton-under-Wychwood 'like a bat out of hell' - giving . On a NIPRNET system while using it for a PKI-required task. correct. *Sensitive Compartmented Information When faxing Sensitive Compartmented Information (SCI), what actions should you take? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? ?Access requires Top Secret clearance and indoctrination into SCI program.??? Do not access website links, buttons, or graphics in e-mail. The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. Which of the following is true of downloading apps? Which of these is true of unclassified data? Mark SCI documents appropriately and use an approved SCI fax machine. *Sensitive Information Under what circumstances could classified information be considered a threat to national security? Which of the following is true of Internet of Things (IoT) devices? With WEKA users, you can access WEKA sample files. As long as the document is cleared for public release, you may release it outside of DoD. Dont allow other access or to piggyback into secure areas. Her badge is not visible to you. Refer the reporter to your organizations public affairs office. What action is recommended when somebody calls you to inquire about your work environment or specific account information? **Travel What security risk does a public Wi-Fi connection pose? What is an individual's Personally Identifiable Information (PII) or Protected Health Information (PHI) considered? This bag contains your government-issued laptop. **Website Use While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. When using a fax machine to send sensitive information, the sender should do which of the following? What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? Have your permissions from your organization, follow your organization guideline, use authorized equipment and software, employ cyber security best practice, perform telework in dedicated when home. Which of the following is a best practice for handling cookies? **Social Engineering Which of the following is a way to protect against social engineering? 1 Answer/Comment. Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. In addition to offering an overview of cybersecurity best practices, the challenge also provides awareness of potential and common cyber threats. Correct. (Spillage) What is required for an individual to access classified data? Spillage because classified data was moved to a lower classification level system without authorization. which of the following is true about unclassified Courses 442 View detail Preview site It may be compromised as soon as you exit the plane. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. Access requires a formal need-to-know determination issued by the Director of National Intelligence.? A type of phishing targeted at senior officials. It contains certificates for identification, encryption, and digital signature. Note any identifying information, such as the websites URL, and report the situation to your security POC. What should the participants in this conversation involving SCI do differently? You must have permission from your organization. data. Classified data: (Scene) Which of the following is true about telework? (Malicious Code) Which are examples of portable electronic devices (PEDs)? What should you do? Which of the following is NOT a typical result from running malicious code? It may expose the connected device to malware. How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. -Its classification level may rise when aggregated. Unauthorized Disclosure of Classified Information and Controlled Unclassified Information . Linda encrypts all of the sensitive data on her government-issued mobile devices. What should you do to protect classified data? Remove security badge as you enter a restaurant or retail establishment. What should be your response? DOD Cyber Awareness Challenge 2019 Flashcards | Quizlet **Insider Threat What function do Insider Threat Programs aim to fulfill? We thoroughly check each answer to a question to provide you with the most correct answers. *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. How many potential insiders threat indicators does this employee display? Managing government information when working remotely Executive Order 13556, Controlled Unclassified Information, requires the Executive Branch to establish an open and uniform program for managing [unclassified] information that requires safeguarding or dissemination controls pursuant to and consistent with laws, regulations, and Government-wide policies. The National Archives and Records Administration (NARA) was named the Executive Agent (EA) responsible for overseeing the CUI Program. Spillage can be either inadvertent or intentional. Remove and take it with you whenever you leave your workstation. Use the classified network for all work, including unclassified work. Using webmail may bypass built in security features. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. Which of the following is NOT an example of Personally Identifiable Information (PII)? CUI may be stored on any password-protected system. Cyber Awareness Flashcards by Jedi Master | Brainscape Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? BMW crash victim Alaa Al-Siddiq was on Cotswolds birthday weekend *Social Networking -It must be released to the public immediately. Which of the following is NOT considered a potential insider threat indicator? *Spillage What is a proper response if spillage occurs? Only expressly authorized government-owned PEDs. What information posted publicly on your personal social networking profile represents a security risk? All of these. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Approved Security Classification Guide (SCG). what should you do? How many potential insider threat indicators does this employee display? When is the best time to post details of your vacation activities on your social networking website? Three or more. How should you respond? Permitted Uses of Government-Furnished Equipment (GFE). Enable automatic screen locking after a period of inactivity. internet. Phishing can be an email with a hyperlink as bait. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. Which of the following should be reported as a potential security incident? By Quizzma Team / Technology. Which of the following is NOT Protected Health Information (PHI)? *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Create separate user accounts with strong individual passwords. Were mitochondria as abundant in human epithelial cells as in onion epidermal cells (procedure 4.6)? true-statement. Unclassified information can become a threat to national security. d. giving a spanking or a scolding. Which of the following is NOT an example of CUI? Identification, encryption, and digital signature. What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? It does not require markings or distribution controls. What type of social engineering targets particular individuals, groups of people, or organizations? Which of the following is a practice that helps to protect you from identity theft? *Controlled Unclassified Information Which of the following is NOT an example of CUI? An investment in knowledge pays the best interest.. What Should You Do When Working On An Unclassified System And Receive **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Refer the reporter to your organizations public affairs office. Be aware of classification markings and all handling caveats. What is a way to prevent the download of viruses and other malicious code when checking your e-mail? What should you do? As a security best practice, what should you do before exiting? (Spillage) Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? The potential for unauthorized viewing of work-related information displayed on your screen. Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. A headset with a microphone through a Universal Serial Bus (USB) port. b. taking away a toy or treat Note any identifying information, such as the website's URL, and report the situation to your security POC. Label all files, removable media, and subject headers with appropriate classification markings. A type of phishing targeted at high-level personnel such as senior officials. To transmit large payments through Fedwire __________, To regulate and supervise the stock market to provide stability and security to individual investors. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. What is best practice while traveling with mobile computing devices? Store it in a shielded sleeve to avoid chip cloning. WEKA Datasets, Classifier And J48 Algorithm For Decision Tree Correct. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. Never allow sensitive data on non-Government-issued mobile devices. cyber-awareness. Where. When would be a good time to post your vacation location and dates on your social networking website? **Mobile Devices Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? Only paper documents that are in open storage need to be marked. When traveling or working away from your main location, what steps should you take to protect your devices and data? Social Security Number, date and place of birth, mothers maiden name. **Classified Data What is required for an individual to access classified data? Public service, notably service in the United States Department of Defense or DoD, is a public trust. (Identity Management) Which of the following is an example of two-factor authentication? What type of data must be handled and stored properly based on classification markings and handling caveats? which of the following is true about unclassified data The website requires a credit card for registration. The website requires a credit card for registration. Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Select the information on the data sheet that is protected health information (PHI). Someone calls from an unknown number and says they are from IT and need some information about your computer. CUI may be stored on any password-protected system. What actions should you take prior to leaving the work environment and going to lunch? Which of the following is NOT a potential insider threat? You must have your organization's permission to telework c. You may use unauthorized software as long as your computer's antivirus software is up to date. Always check to make sure you are using the correct network for the level of data. There are no choices provides which make it hard to pick the untrue statement about unclassified data. Malicious code can do the following except? Download the information. Others may be able to view your screen. The answer has been confirmed to be correct. Unclassified documents do not need to be marked as a SCIF. What is required for an individual to access classified data? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. CUI is not classified information. What type of social engineering targets senior officials? Please click here to see any active alerts. **Social Networking Which piece if information is safest to include on your social media profile? How many potential insiders threat indicators does this employee display? Search by Subject Or Level. **Home Computer Security Which of the following is a best practice for securing your home computer? A Progressive Plane Detection Filtering Method for Airborne LiDAR Data Attempting to access sensitive information without need-to-know. (Malicious Code) What are some examples of removable media? (Travel) Which of the following is a concern when using your Government-issued laptop in public? (Sensitive Information) What type of unclassified material should always be marked with a special handling caveat? What should you do if a reporter asks you about potentially classified information on the web? Which of the following may be helpful to prevent inadvertent spillage? This button displays the currently selected search type. It is not corporate intellectual property unless created for or included in requirements related to a government contract. **Insider Threat How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? Ensure proper labeling by appropriately marking all classified material. Amendments to a variety of policy documents as well as others referencing Confidential Business Information (CBI) submissions or handling, Changes to paper and e-forms and instructions for their submission to EPA. He has the appropriate clearance and a signed, approved, non-disclosure agreement. What action should you take first? Only use Government-furnished or Government-approved equipment to process PII.
Pier 6 Bungalows,
What Happened To Jj On Days Of Our Lives,
Articles W