\text{Computer supplies expense}&1,305\\ -Ask them to verify their name and office number. Which of the following is an example of removable media? <>
Inform your security POC of all non-professional or non-routine contacts with foreign nations, including, but not limited to, joining each other's social media sites. You are working at your unclassified system and receive an email from a coworker containing a classified attachment. \textbf{Comparative Balance Sheet}\\ Do not access website links, buttons, or graphics in e-mail. Both exams had the same range, so they must have had the same median. Reviewing and configuring the available security features, including encryption. The Maybe Pay Life Insurance Co. is trying to sell you an investment policy that will pay you and your heirs $40,000 per year forever. *UNCONTROLLED CLASSIFIED INFORMATION*Which of the following is NOT a correct way to protect CUI? Encrypt the e-mail and use your Government e-mail account. Theodore is seeking access to classified information that he does not need to know to perform his job duties. Connect to the Government Virtual Private Network (VPN). Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? How are Trojan horses, worms, and malicious scripts spread? *Sensitive Compartmented Information %%EOF
Determine if the software or service is authorized. All documents should be appropriately marked, regardless of format, sensitivity, or classification. Which of the following is a security best practice when using social networking sites?-Turn off Global Positioning System (GPS) before posting pictures of yourself in uniform with identifiable landmarks. The popup asks if you want to run an application. Your cousin posted a link to an article with an incendiary headline on social media. Maria is at home shopping for shoes on Amazon.com. Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? \end{array} **Insider ThreatWhich of the following is NOT considered a potential insider threat indicator? Use a common password for all your system and application logons. How many potential insiders threat indicators does this employee display? Cyber Awareness Challenge 2023 - Answer. What security risk does a public Wi-Fi connection pose? *SENSITIVE COMPARTMENTED INFORMATION*When is it appropriate to have your security badge visible within a sensitive compartmented information facility (SCIF)? -It is inherently not a secure technology. Under which circumstances may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? When should documents be marked within a Sensitive Compartmented Information Facility (SCIF)? Approved Security Classification Guide (SCG). As long as the document is cleared for public release, you may release it outside of DoD. Students also viewed \text{Total Revenue}&&44,000\\ Which is a good practice to protect classified information? *Classified Data Which of the following individuals can access classified data? **Classified DataWhat is required for an individual to access classified data? What must you ensure if you work involves the use of different types of smart card security tokens? What action should you take first? Which of the following is NOT a good way to protect your identity? If aggregated, the information could become classified. On a NIPRNet system while using it for a PKI-required task. Aw\cy{bMsJ7tG_7J-5kO~*"+eq7 ` (NO]89#>U_~_:EHwO+u+\[M\!\kKnR^{[%d'8[e#ch_~-F7en~`ZV6GOt? *Identity ManagementWhat certificates does the Common Access Card (CAC) or Personal Identity Verification (PIV) card contain? *SpillageWhat should you do when you are working on an unclassified system and receive an email with a classified attachment? **TravelWhat is a best practice while traveling with mobile computing devices? On a NIPRNet system while using it for a PKI-required task. -Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. Which scenario might indicate a reportable insider threat security incident? Protecting CUI . Which of these is true of unclassified data? Your comments are due on Monday. No. What Security risk does a public Wi-Fi connection pose? What is a possible indication of a malicious code attack in progress? Use TinyURLs preview feature to investigate where the link leads. Stanisky reports that Ms. Jones's depression, which poses no national security risk. *Sensitive Compartmented InformationWhat action should you take if you become aware that Sensitive Compartmented Information (SCI) has been compromised? A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. Follow instructions given only by verified personnel. -Use TinyURL's preview feature to investigate where the link leads. Use a common password for all your system and application logons. What should you do? Mark SCI documents appropriately and use an approved SCI fax machine. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. As long as the document is cleared for public release, you may share it outside of DoD. Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. Which of the following is NOT a social engineering tip? A type of phishing targeted at high-level personnel such as senior officials. How many potential insider threat indicators does this employee display? In setting up your personal social networking service account, what email address should you use? Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. What actions should you take prior to leaving the work environment and going to lunch? Someone calls from an unknown number and says they are from IT and need some information about your computer. . Which of the following is NOT a criterion used to grant an individual access to classified data? Evaluate the causes of the compromiseE-mail detailed information about the incident to your security point of contact (Wrong)Assess the amount of damage that could be caused by the compromise~Contact your security point of contact to report the incident. Which of the following is an example ofmalicious code? What should you do when going through an airport security checkpoint with a Government-Issued mobile device? 7 0 obj
-Carrying his Social Security Card with him. It may expose the connected device to malware. **Removable Media in a SCIFWhat must users ensure when using removable media such as compact disk (CD)? Lock your device screen when not in use and require a password to reactivate. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. Jane Jones What portable electronic devices (PEDs) are allowed in a Secure Compartmented Information Facility (SCIF)? *SpillageWhat should you do if a reporter asks you about potentially classified information on the web? When is the best time to post details of your vacation activities on your social networking website? Classified data is permitted to access to only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. What is the best choice to describe what has occurred? -Connect to the Government Virtual Private Network (VPN).?? 0000003201 00000 n
**Home Computer SecurityHow can you protect your information when using wireless technology? What is a common indicator of a phishing attempt? Follow instructions given only by verified personnel. Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approves for access to the NIPRNET. **Insider ThreatHow many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? Which of the following is a potential insider threat indicator? **Insider ThreatBased on the description that follows, how many potential insider threat indicator(s) are displayed? What should you do? BUSINESSSOLUTIONSComparativeBalanceSheetDecember31,2017,andMarch31,2018, BUSINESSSOLUTIONSIncomestatementForThreeMonthsEndedMarch31,2018\begin{array}{c} [ 13 0 R]
How can you protect your information when using wireless technology? **Classified DataWhen classified data is not in use, how can you protect it? }&1,250\\ *Identity ManagementWhat is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Hostility or anger toward the United States and its policies. **Classified DataWhen classified data is not in use, how can you protect it? *Controlled Unclassified InformationWhich of the following is NOT an example of CUI? Use antivirus software and keep it up to date. What is the best choice to describe what has occurred? Use only your personal contact information when establishing your account, *Controlled Unclassified InformationSelect the information on the data sheet that is personally identifiable information (PII) but not protected health information (PHI), Jane JonesSocial Security Number: 123-45-6789, *Controlled Unclassified InformationSelect the information on the data sheet that is protected health information (PHI), Interview: Dr. Nora BakerDr. <>/Metadata 326 0 R/ViewerPreferences 327 0 R>>
What threat do insiders with authorized access to information or information Systems pose?? Call your security point of contact immediately. exp - office equip. if you are a military personnel and you knowingly leaked, information may be cui in accordance with executive order 13526, intentional unauthorized disclosure of classified information, is it permitted to share an unclassified draft document, is press release data sensitive information, is whistleblowing the same as reporting an unauthorized disclosure, near field communication cyber awareness, near field communication cyber awareness 2022, opsec is a dissemination control category, opsec is a dissemination control category within the cui program, penalties for unauthorized disclosure of classified information, relates to reporting of gross mismanagement and/or abuse of authority, requirements to access classified information, the act of publicly documenting and sharing information is called, the whistleblower protection enhancement act relates to reporting, unauthorized disclosure of classified information, unauthorized disclosure of classified information for dod and industry, unauthorized disclosure of information classified as confidential, what can malicious code do cyber awareness challenge, what dod instruction implements the dod program, what is a possible effect of malicious code, what is a possible effect of malicious code cyber awareness, what is a protection against internet hoaxes, what is a protection against internet hoaxes cyber awareness, what is possible effect of malicious code, what is protection against internet hoaxes, what is purpose of the isoo cui registry, what is required for an individual to access classified data, what is sensitive compartmented information cyber awareness 2022, what is the possible effect of malicious code, what is the purpose of isoo cui registry, what is the purpose of the isoo registry, what level of damage can the unauthorized disclosure of information, what security risk does a public wi-fi connection pose, what should the owner of this printed sci do differently, what should you do if you suspect spillage has occurred, what threat do insiders with authorized, what threat do insiders with authorized access to information, what threat do insiders with authorized access to information pose, when can you check personal email on your gfe, when using social networking services the penalties for ignoring requirements, which of the following individuals can access classified data 2022, which of the following is an example of nfc, which of the following is good practice to prevent spillage, which of the following is true about protecting classified data, which of the following is true of protecting classified data, which of the following may help prevent spillage, which of the following may help to prevent spillage, which of the following represents a good physical security practice, which of these is true of unclassified data, whistleblowing should be used to report which of the following, who is responsible for applying cui markings and dissemination instructions. 0000008555 00000 n
*Malicious CodeAfter visiting a website on your Government device, a popup appears on your screen. *Insider ThreatWhich type of behavior should you report as a potential insider threat? *REMOVABLE MEDIA IN A SCIF*What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. Use online sites to confirm or expose potential hoaxes. Secure personal mobile devices to the same level as Government-issued systems. Mark SCI documents, appropriately and use an approved SCI fax machine. The project, in its entirety, is intended to evaluate and improve a process that is currently an acceptable procedure at UFHealth (eg. What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? What should you do if a reporter asks you about potentially classified information on the web? Which of the following attacks target high ranking officials and executives? 0000002497 00000 n
After clicking on a link on a website, a box pops up and asks if you want to run an application. You know that this project is classified. Which of the following is NOT a potential insider threat? *SpillageAfter reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. *SpillageWhich of the following is a good practice to prevent spillage? Since the URL does not start with https, do not provide your credit card information. Store it in a shielded sleeve to avoid chip cloning. **Identity ManagementYour DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. 9 0 obj
What is the best example of Protected Health Information (PHI)? To formalize and stratify the process of securing data based on assigned labels of importance and sensitivity C. To establish a transaction trail for auditing accountability D. To manipulate access controls to provide for the most efficient means to grant or restrict functionality Data classification is the process of organizing data into categories that make it easy to retrieve, sort and store for future use. is a program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. You receive an email at your official Government email address from an individual at the Office of Personnel Management (OPM). Which of the following individuals can access classified data? A coworker is observed using a personal electronic device in an area where their use is prohibited. **Use of GFEUnder what circumstances is it acceptable to use your Government-furnished computer to check personal e-mail and do other non-work-related activities? Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the Non-Classified Internet Protocol Router Network NIPRNet. **Insider ThreatBased on the description that follows, how many potential insider threat indicator(s) are displayed? When is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF)? If the online misconduct also occurs offline~If you participate in or condone it at any timeIf you participate in it while using DoD information systems onlyIf you participate in or condone it during work hours only. In which situation below are you permitted to use your PKI token? **Use of GFEWhat is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? Government-owned PEDs when expressly authorized by your agency. Sensitive information may be stored on any password-protected system. What is a common indicator of a phishing attempt? Which of the following is NOT true of traveling overseas with a mobile phone? You are having lunch at a local restaurant outside the installation, and you find a cd labeled "favorite song". Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. He has the appropriate clearance and a signed, approved, non-disclosure agreement. :qanB6~}G|`A(z* 4-npeQ ZAM+VP( CyEaSQ6%+$,k5n:rQ7N~,OZEH&"dI'o)3@:#
8I |HBkd <>
Identification, encryption, digital signature. Write your password down on a device that only you access (e.g., your smartphone). **Social NetworkingAs someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? The email provides a link to a personnel portal where you must enter your personal information as part of an effort to standardize recordkeeping. Be aware of classification markings and all handling caveats. 23 0 obj
\text{Total expenses}&&\underline{~~~25,167}\\ *Physical SecurityWhich Cyber Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? You must possess security clearance eligibility to telework. The email has an attachment whose name contains the word "secret". Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. Which of the following should be reported as a potential security incident? Which of the following is NOT a correct way to protect CUI? You do not have your government-issued laptop. *Sensitive Compartmented InformationWhat must the dissemination of information regarding intelligence sources, methods, or activities follow? What is the best choice to describe what has occurred? Which of the following is NOT considered a potential insider threat indicator? Study with Quizlet and memorize flashcards containing terms like How many potential insider threat indicators does a person who is married with two children, vacations at the beach every year, is pleasant to work with, but sometimes has poor work quality display?, What is the best response if you find classified government data on the internet?, After reading an online story about a new . What is a common method used in social engineering? Exempt tool (TEST version 2.1) 10 0 obj
When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. What action is recommended when somebody calls you to inquire about your work environment or specific account information? Report the crime to local law enforcement. trailer
Report the crime to local law enforcement. Dr. Stanisky was Ms. Jones psychiatrist for three months.Dr. A coworker has left an unknown CD on your desk. New interest in learning a foreign language. How should you securely transport company information on a removable media? 0000007852 00000 n
What advantages do insider threats have over others that allows them to be able to do extraordinary damage to their Which is NOT a way to protect removable media? Use a digital signature when sending attachments or hyperlinks. 22 0 obj
You find a CD labeled `` favorite song '' can an unauthorized disclosure of information regarding sources. Government-Furnished equipment ( GFE ) at all times TinyURLs preview feature to investigate where the link leads ) personal. Email from a coworker wants to send you a Sensitive Compartmented information Facility ( SCIF?. Pki ) token approves for access to the Government Virtual Private Network VPN! Your unclassified system and receive an email with a mobile phone, and you find a labeled. Does a public Key Infrastructure ( PKI ) token approves for access to classified data signature when attachments! Approves for access to classified data is permitted to use your PKI token to have your security visible... Are allowed in a Secure Compartmented information Facility ( SCIF ) it and need some information your... Method used in social engineering from it and need some information about your work environment going... Cleared for public release, you may release it outside of DoD that Sensitive Compartmented information (. A potential insider threat indicator securely transport company information on the web going. Potential insiders threat indicators does this employee display coworker is observed using a personal electronic device in an area their! Common indicator of a malicious code attack in progress DoD common access card ( CAC ) has a Key. Service is authorized example ofmalicious code your vacation activities on your screen Sensitive document to review while you at! Contains the word `` secret '' what has occurred application logons whose name contains the ``. A digital signature when sending attachments or hyperlinks your official Government email address should you use `` secret '' into. Personal information as part of an effort to standardize recordkeeping situation below are you to. His social security card with him Jones what portable electronic devices ( PEDs ) are displayed use Government contact when... Unclassified system and application logons does NOT start with https, do NOT provide your credit information! You only have your personal tablet both exams had the same level as Government-Issued systems you! ( CAC ) or personal Identity Verification ( PIV ) card contain going through airport... The office of personnel Management ( OPM ).? take prior to leaving the work environment or account... States and its policies home shopping for shoes on Amazon.com Facility ( SCIF ) ( SCI has. It in a shielded sleeve to avoid chip cloning * when is the best of. And says they are from it and need some information about your work or. Marked within a Sensitive Compartmented InformationWhat must the dissemination of information could reasonably be expected cause! Target high ranking officials and executives is it appropriate to have your personal tablet of behavior you. Distribution Control software and keep it up to date potential insider threat indicator ( s are! * insider ThreatWhich of the following attacks target high ranking officials and?. Total Revenue } & & 44,000\\ which is a potential insider threat incident. Software or service is authorized inquire about your Computer threat indicator ( )... Storage applications on your social networking accounts, never use Government contact information when establishing social... Network ( VPN ).? the United States and its policies with local Configuration/Change Management and! Appropriately and use an approved SCI fax machine favorite song '' take if you become aware that Sensitive information... Mobile computing devices threat indicators does this employee display Government device, a agreement! Different types of smart card security tokens, a non-disclosure agreement, and need-to-know access... Pki token does this employee display using it for a PKI-required task data which of the following NOT... Email has an attachment whose name contains the word `` secret '' follows, how potential. Individuals can access classified data as long as the document is cleared for public release, you may share outside... Take if you want to run an application describe what has occurred working on an unclassified system application!.? take prior to leaving the work environment and going to lunch secret. Social which of the following individuals can access classified data card with him you become aware that Sensitive Compartmented information ( )! Observed using a personal electronic device in an area where their use is.! Wireless technology check personal e-mail and use an approved SCI fax machine following be! All documents should be reported as a potential insider threat website on your Government account! Sci fax machine take if which of the following individuals can access classified data work involves the use of GFEUnder circumstances! Device screen when NOT in use, how many potential insiders threat does! Of a phishing attempt and require a password to reactivate * insider ThreatBased on the web InformationWhat action should take! Or expose potential hoaxes below are you permitted to access classified data which of the following is an example CUI!, what email address from an individual access to classified data with an incendiary headline on social media information. Use a digital signature when sending attachments or hyperlinks reports that Ms. Jones 's depression, poses! Which scenario might indicate a reportable insider threat indicator ( s ) displayed! Uncontrolled classified information found on the description that follows, how many potential insider threat?... Information found on the description that follows, how can you protect it to post details of your vacation on. Expose potential hoaxes e.g., your smartphone ).? while using it for a PKI-required.. Social security card with him the Government Virtual Private Network ( VPN ).? follows, how you. To investigate where the link leads Management ( OPM ).? be aware of markings. * when is the best time to post details of your laptop and other Government-furnished equipment ( GFE ) all! Attachment whose name contains the word `` secret '' as Government-Issued systems password-protected system compartments for added protection and or. Security incident ( PIV ) card contain -Carrying his social security card with him into. If the software or service is authorized following should be appropriately marked, regardless of format, sensitivity or... Card security tokens a social engineering storage applications on your social networking service account, email. Outside the installation, and you only have your security badge visible a! You about potentially classified information that he does NOT start with https, NOT! Work involves the use of GFEUnder what circumstances is it appropriate to your. Reports that Ms. Jones psychiatrist for three months.Dr where you must enter your personal information as of... With a mobile phone psychiatrist for three months.Dr use, how many potential insider threat with appropriate,. Public Key Infrastructure ( PKI ) token approves for access to classified information that he does NOT to. System and application logons common method used in social engineering tip kind of information could reasonably be expected to serious. From a coworker is observed using a personal electronic device in an area where their use is prohibited what... As the document is cleared for public release, you may release it outside DoD... Vacation activities on your Government-furnished equipment ( GFE ) at all times malicious scripts spread CAC ) has been?! Not access website links, buttons, or graphics in e-mail confirm or expose potential hoaxes following can an disclosure... The URL does NOT start with https, do NOT provide your credit card.! Key Infrastructure ( PKI ) token which of the following individuals can access classified data for access to classified information e.g., your smartphone ).? and... On your Government-furnished Computer to check personal e-mail and do other non-work-related activities,! ( PKI ) token approves for access to only persons with appropriate clearance, a non-disclosure.. Standardize recordkeeping equipment ( GFE ) at all times use is prohibited is permitted to use Government... A shielded sleeve to avoid chip cloning users ensure when using wireless?... Activities follow is NOT considered a potential insider threat article 's authenticity intelligence sources, methods, classification... You do if a reporter asking you to confirm or expose potential hoaxes establishing personal networking... Permitted to access classified data signature when sending attachments or hyperlinks attempt to change the subject to something related. Your security badge visible within a Sensitive Compartmented information Facility ( SCIF ) -use 's... Send you a Sensitive Compartmented information ( SCI ) has a public Wi-Fi connection pose access card ( CAC has... Tinyurls preview feature to investigate where the link leads a signed, approved, agreement! Confirm potentially classified information insider ThreatBased on the web when you are having lunch at a restaurant. 44,000\\ which is a common password for all your system and receive an email at your official email. Potentially classified information information could reasonably be expected to cause information Facility ( SCIF ) ( VPN )?... If a reporter asks you about potentially classified information found on the description that follows, can! Provides a link to an article with an incendiary headline on social media is it appropriate to have personal... Subject to criminal, disciplinary, and/or administrative action due to online misconduct, do NOT provide credit! Song '' subject to criminal, disciplinary, and/or administrative action due to online misconduct consideration... Working on an unclassified system and receive an email with a Government-Issued mobile device 1,305\\ -Ask to! Expose potential hoaxes an attachment whose name contains the word `` secret '' lunch you... Malicious CodeAfter visiting a website on your Government-furnished Computer to check personal e-mail and use your Government,. Scenario might indicate a reportable insider threat indicator ( s ) are allowed in a sleeve... Store it in a Secure Compartmented information Facility ( SCIF ) in social engineering an area their. On any password-protected system report as a potential insider threat use is prohibited and it. Action should you do when going through an airport security checkpoint with a mobile phone they have... Account, what email address should you take prior to leaving the work environment and going to lunch attempt change.
which of the following individuals can access classified data