Which of the following is true of Sensitive Compartmented Information (SCI)? Which of the following is NOT a best practice to protect data on your mobile computing device? (Malicious Code) What are some examples of removable media? what should you do? (Sensitive Information) What guidance is available from marking Sensitive Information information (SCI)? **Travel What is a best practice while traveling with mobile computing devices? **Insider Threat Which of the following is NOT considered a potential insider threat indicator? **Home Computer Security How can you protect your information when using wireless technology? As part of the survey the caller asks for birth date and address. The CAC/PIV is a controlled item and contains certificates for: An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? Software that installs itself without the users knowledge. Which of the following is true of Controlled Unclassified information (CUI)? Her badge is not visible to you. Information improperly moved from a higher protection level to a lower protection level. What would you do if you receive a game application request on your government computer that includes permission to access your friends, profile information, cookies, and sites visited? Third, the neighbor ground points of an unclassified point are searched from multiple subspaces. **Social Engineering Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? CUI is government created or owned information that requires safeguarding or dissemination controls consistent with applicable laws, regulations and government wide policies. Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Digitally signed e-mails are more secure. What should you do? *Spillage You find information that you know to be classified on the Internet. *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? What is a possible indication of a malicious code attack in progress? Use only your personal contact information when establishing your account. Which of the following is true about telework? Senior government personnel, military or civilian. If possible, set your browser preferences to prompt you each time a website wants to store a cookie. What should you do to protect yourself while on social networks? Monitor credit card statements for unauthorized purchases, Thumb drives, memory sticks, and flash drives are examples of. Classified material must be appropriately marked. Taking classified documents from your workspace. Which of the following represents an ethical use of your Government-furnished equipment (GFE)? What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? What should you do? **Mobile Devices What should you do when going through an airport security checkpoint with a Government-issued mobile device? Which of the following attacks target high ranking officials and executives? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. There are no choices provides which make it hard to pick the untrue statement about unclassified data. NARA has the authority and responsibility to manage the CUI Program across the Federal government. **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? They may be used to mask malicious intent. What action should you take? What should the participants in this conversation involving SCI do differently? Share sensitive information only on official, secure websites. When is the best time to post details of your vacation activities on your social networking website? *Malicious Code What are some examples of malicious code? *Insider Threat Which of the following is a reportable insider threat activity? Search by Location. Ensure proper labeling by appropriately marking all classified material. . What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? A colleague saves money for an overseas vacation every year, is a . Unclassified information can become a threat to national security. You can't have 1.9 children in a family (despite what the census might say ). **Insider Threat Which of the following should be reported as a potential security incident? The date of full implementation of the CUI Program will be announced by the EPAs CUI Senior Agency Official (CUI SAO) and updated here on EPAs public web page. *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. What should you do? You must have your organization's permission to telework. Always use DoD PKI tokens within their designated classification level. Try this test to determine if it's considered unclassified, classified or protected, and check out tips on what to do and what not to do when working with sensitive information. Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? (Spillage) When classified data is not in use, how can you protect it? Based on the description that follows, how many potential insider threat indicator(s) are displayed? Law Enforcement Sensitive (LES),and others. What should you do? Many apps and smart devices collect and share your personal information and contribute to your online identity. You find information that you know to be classified on the Internet. Which of the following is true of protecting classified data? What should you do? For programmatic questions regarding Controlled Unclassified Information (CUI), including any challenges to CUI marked by EPA, pleasecontact EPA's CUI Program Office. (Correct) -It does not affect the safety of Government missions. **Mobile Devices Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? Correct. Only expressly authorized government-owned PEDs. *Social Networking (1) A strategic plan documenting the overall conduct of a war. Note any identifying information, such as the websites URL, and report the situation to your security POC. (Sensitive Information) What type of unclassified material should always be marked with a special handling caveat? Controlled unclassified information. *Spillage A user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. If you participate in or condone it at any time. What should you do? How many potential insider threat indicators does this employee display? (Spillage) What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? Use only personal contact information when establishing personal social networking accounts, never use Government contact information. Directing you to a website that looks real. correct. Call your security point of contact immediately. Alexa May, director of accounts, received a bill for $648\$648$648, dated April 666, with sales terms 2/10,1/15,n/302/10, 1/15, n/302/10,1/15,n/30. Never allow sensitive data on non-Government-issued mobile devices. Your health insurance explanation of benefits (EOB). Tell us about it through the REPORT button at the bottom of the page. Store it in a GSA approved vault or container. (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? A colleague enjoys playing video games online, regularly use social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited. Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, CITI Ethics, Responsible Conduct, RCR, Law, HTH And IRB Answers, EVERFI Achieve Consumer Financial Education Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Google Analytics Individual Qualification Exam Answers, Everfi Module 4 Credit Scores Quiz Answers, Which Of The Following Is Not Considered A Potential Insider Threat Indicator. They provide guidance on reasons for and duration of classification of information. **Insider Threat Which type of behavior should you report as a potential insider threat? When would be a good time to post your vacation location and dates on your social networking website? How many potential insiders threat indicators does this employee display? What can you do to protect yourself against phishing? Validate all friend requests through another source before confirming them. What actions should you take with a compressed Uniform Resource Locator (URL) on a website known to you? Report the crime to local law enforcement. General Services Administration (GSA) approval. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. How many potential insiders threat indicators does this employee display? Do not download it. What should you do? What should you do? Correct. Connect to the Government Virtual Private Network (VPN). Correct To transmit large payments through Fedwire __________, To regulate and supervise the stock market to provide stability and security to individual investors. EPA anticipates beginning CUI practices (designating, marking, safeguarding, disseminating, destroying, and decontrolling) starting in FY2023. Media containing Privacy Act information, PII, and PHI is not required to be labeled. Transmit classified information via fax machine only Not correct (Spillage) What type of activity or behavior should be reported as a potential insider threat? Controlled Unclassified Information (CUI) Purpose of the CUI Program. (Spillage) Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. Not correct. The EPAs Controlled Unclassified Information (CUI) Program issued its Interim CUI Policy in December 2020. It may expose the connected device to malware. Which piece of information is safest to include on your social media profile? Avoid talking about work outside of the workplace or with people without a need-to-know. What is considered ethical use of the Government email system? Based on the description that follows how many potential insider threat indicators are displayed? When can you check personal email on your government furnished equipment? Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. (Mobile Devices) Which of the following statements is true? After you have returned home following the vacation. When unclassified data is aggregated, its classification level may rise. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. (Wrong). The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. Exceptionally grave damage to national security. *Spillage What should you do when you are working on an unclassified system and receive an email with a classified attachment? DOD Cyber Awareness 2021 (DOD-IAA-V18.0) Know, RT202: Ch. Back up your data: This will help you recover your data if it's lost or corrupted. The following table lists the number of drivers in the United States, the number of fatal accidents, and the number of total accidents in each age group in 2002. Correct Lock your device screen when not in use and require a password to reactivate. Based on the description that follows, how many potential insider threat indicator(s) are displayed? Correct. New interest in learning another language? Store classified data in a locked desk drawer when not in use Maybe What can be used to track Marias web browsing habits? (Identity Management) Which of the following is an example of two-factor authentication? Linda encrypts all of the sensitive data on her government-issued mobile devices. -It never requires classification markings. They can be part of a distributed denial-of-service (DDoS) attack. Which of the following is an example of malicious code? Security Classification Guides (SCGs).??? Which of the following is NOT a correct way to protect sensitive information? **Use of GFE When can you check personal e-mail on your Government-furnished equipment (GFE)? **Insider Threat What type of activity or behavior should be reported as a potential insider threat? When using a public device with a card reader, only use your DoD CAC to access unclassified information, is only allowed if the organization permits it. What should the owner of this printed SCI do differently? Which of the following individuals can access classified data? There are many travel tips for mobile computing. **Classified Data When classified data is not in use, how can you protect it? Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. **Social Engineering What is TRUE of a phishing attack? 1.To provide opportunities for individuals and businesses to open checking accounts __________, To write rules and guidelines for financial institutions under its supervision __________, To be the lender of last resort for financial institutions __________, To conduct the nations monetary policy with the goals of maintaining full employment and price stability __________, 5. When classified data is not in use, how can you protect it? While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. not correct **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? Which of the following is a clue to recognizing a phishing email? Darryl is managing a project that requires access to classified information. As a security best practice, what should you do before exiting? Note the websites URL and report the situation to your security point of contact. A smartphone that transmits credit card payment information when held in proximity to a credit card reader. Classified information is defined in PL 96-456, the Classified Information Procedures Act: In which situation below are you permitted to use your PKI token? internet-quiz. Memory sticks, flash drives, or external hard drives. Which of the following is true of telework? A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. (Home computer) Which of the following is best practice for securing your home computer? ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Which is NOT a method of protecting classified data? not correct. Prudence faxes CUI using an Unclassified cover sheet via a Secret fax machine. Attempting to access sensitive information without need-to-know. ?Access requires Top Secret clearance and indoctrination into SCI program.??? (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? Correct. Position your monitor so that it is not facing others or easily observed by others when in use Correct. **Identity management Which of the following is an example of two-factor authentication? Select the information on the data sheet that is personally identifiable information (PII). Controlled Unclassified Information (CUI) is information that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations, and government-wide policies but is not classified under Executive Order 13526 or the Atomic Energy Act, as amended. A coworker brings a personal electronic device into prohibited areas. What type of social engineering targets senior officials? A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. The CUI Registry is the Government-wide online repository for Federal-level guidance regarding CUI policy and practice. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. (Malicious Code) Which of the following is NOT a way that malicious code spreads? It does not require markings or distribution controls. Store classified data appropriately in a GSA-approved vault/container. Government-owned PEDs, if expressly authorized by your agency. Looking for https in the URL. Read the latest news from the Controlled Unclassified Information (CUI) program. Remove security badge as you enter a restaurant or retail establishment. Note any identifying information and the websites URL. *Spillage What should you do if a reporter asks you about potentially classified information on the web? Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approves for access to the NIPRNET. P2P (Peer-to-Peer) software can do the following except: Allow attackers physical access to network assets. You know that this project is classified.
Lima Airport Covid Test,
Is Rose Mary Walls Still Alive,
Paul Richard Polanski Photo,
Coki Point Beach Bar And Grill Menu,
Articles W
which of the following is true about unclassified data