Which of the following best describes the sources that contribute to your online identity. Immediately notify your security point of contact. A coworker has asked if you want to download a programmers game to play at work. d. giving a spanking or a scolding. Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? Click the card to flip Flashcards Learn Test Match Created by Jamie_Lancaster Terms in this set (24) A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. Lock your device screen when not in use and require a password to reactivate. Please click here to see any active alerts. Position your monitor so that it is not facing others or easily observed by others when in use Correct. Unclassified information is a threat to national security. *Sensitive Compartmented Information What should the owner of this printed SCI do differently? (1) A strategic plan documenting the overall conduct of a war. Which of the following is true of telework? For programmatic questions regarding Controlled Unclassified Information (CUI), including any challenges to CUI marked by EPA, pleasecontact EPA's CUI Program Office. **Insider Threat Which of the following should be reported as a potential security incident (in accordance with you Agencys insider threat policy)? Physical security of mobile phones carried overseas is not a major issue. Sensitive information may be stored on any password-protected system. Question. It contains certificates for identification, encryption, and digital signature. What describes how Sensitive Compartmented Information is marked? Store it in a GSA approved vault or container. On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. A colleague enjoys playing video games online, regularly use social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited. A measure of how much useful work each unit of input energy provides. How should you respond? Cyber Challenge.txt - Cyber Awareness What should you do which of the following is true about unclassified Courses 442 View detail Preview site A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Which of the following is NOT a requirement for telework? Photos of your pet Correct. Correct. Approved Security Classification Guide (SCG). DOD Cyber Awareness 2021 (DOD-IAA-V18.0) Know, RT202: Ch. You receive an email from a company you have an account with. Ch 1 Flashcards by Josh Selkirk | Brainscape Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. internet-quiz. When teleworking, you should always use authorized and software. EPA anticipates beginning CUI practices (designating, marking, safeguarding, disseminating, destroying, and decontrolling) starting in FY2023. Here you can find answers to the DoD Cyber Awareness Challenge. We thoroughly check each answer to a question to provide you with the most correct answers. (Malicious Code) What are some examples of removable media? Which of the following is NOT Protected Health Information (PHI)? However, agency personnel and contractors should first consult their agency's CUI implementing policies and program management for guidance. How many potential insider threat indicators does this employee display? THIS IS THE BEST ANSWER . A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. Refer the reporter to your organizations public affairs office. Alexa May, director of accounts, received a bill for $648\$648$648, dated April 666, with sales terms 2/10,1/15,n/302/10, 1/15, n/302/10,1/15,n/30. Updated 8/5/2020 8:06:16 PM. *Controlled Unclassified Information Which of the following is NOT an example of CUI? correct. Only expressly authorized government-owned PEDs. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? DoD Cyber Awareness 2019 - Subjecto.com A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. PII includes, but is not limited to, social security numbers, date and places of birth, mothers maiden names, biometric records, and PHI. As long as the document is cleared for public release, you may share it outside of DoD. true-statement. You should only accept cookies from reputable, trusted websites. **Social Engineering How can you protect yourself from internet hoaxes? Which of the following is true of downloading apps? How can you avoid downloading malicious code? (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. As a security best practice, what should you do before exiting? When operationally necessary, owned by your organization, and approved by the appropriate authority. (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Based on the description that follows, how many potential insider threat indicator(s) are displayed? Note the websites URL and report the situation to your security point of contact. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. When using a fax machine to send sensitive information, the sender should do which of the following? Search for an answer or ask Weegy. Store classified data appropriately in a GSA-approved vault/container when not in use. Classified material must be appropriately marked. It should only be in a system while actively using it for a PKI-required task. A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. correct. **Identity management Which of the following is an example of a strong password? Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? Spillage can be either inadvertent or intentional. A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. What actions should you take prior to leaving the work environment and going to lunch? How can you guard yourself against Identity theft? Sensitive information may be stored on any password-protected system. The CUIProgramisan unprecedented initiative to standardize practices across more than 100 separate departments and agencies, as well asstate, local,tribal and, private sector entities; academia; and industry. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Attempting to access sensitive information without need-to-know, Avoid talking about work outside of the workplace or with people without a need-to-know, Report the suspicious behavior in accordance with their organizations insider threat policy. **Physical Security Within a secure area, you see an individual who you do not know and is not wearing a visible badge. Dofficult life circumstances, such as death of spouse. A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. not correct Write your password down on a device that only you access. Which of these is true of unclassified data?-It must be released to the public immediately.-Its classification level may rise when aggregated. You have reached the office door to exit your controlled area. **Insider Threat Which type of behavior should you report as a potential insider threat? (Malicious Code) Which of the following is NOT a way that malicious code spreads? -TRUE The use of webmail is -is only allowed if the organization permits it Using webmail may bypass built in security features. **Insider Threat Which of the following is NOT considered a potential insider threat indicator? Of the following, which is NOT a characteristic of a phishing attempt? How many potential insider threat indicators does this employee display? which of the following is true about unclassified data. (Correct) -It does not affect the safety of Government missions. A pop-up window that flashes and warns that your computer is infected with a virus. **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? Since the URL does not start with https, do not provide you credit card information. Quizzma is a free online database of educational quizzes and test answers. At all times while in the facility. Should you always label your removable media? Effects of different carbon substrates on PAHs fractions and microbial **Identity Management Which of the following is the nest description of two-factor authentication? Any time you participate in or condone misconduct, whether offline or online. (controlled unclassified information) Which of the following is NOT an example of CUI? In which situation below are you permitted to use your PKI token? (Sensitive Information) What type of unclassified material should always be marked with a special handling caveat? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Dont allow other access or to piggyback into secure areas. ALways mark classified information appropriately and retrieve classified documents promptly from the printer. Linda encrypts all of the sensitive data on her government-issued mobile devices. A coworker brings a personal electronic device into prohibited areas. Unclassified information cleared for public release. Which of the following is true of Sensitive Compartmented Information (SCI)? -It must be released to the public immediately. It does not require markings or distribution controls. *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. How many potential insiders threat indicators does this employee display. (Spillage) Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? Never allow sensitive data on non-Government-issued mobile devices. *Spillage What should you do when you are working on an unclassified system and receive an email with a classified attachment? An investment in knowledge pays the best interest.. (Sensitive Information) What should you do if a commercial entity, such as a hotel reception desk, asks to make a photocopy of your Common Access Card (CAC) for proof of Federal Government employment? **Website Use While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Note any identifying information, such as the websites URL, and report the situation to your security POC. Always check to make sure you are using the correct network for the level of data. **Removable Media in a SCIF What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? As part of the survey the caller asks for birth date and address. Secure .gov websites use HTTPS How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Changes to various data systems that store and sometimes share sensitive information outside EPA. Which Of The Following Statements About Adding Social Networks To Hootsuite Is False? Keep your operating system and software up to date: This will help patch any security vulnerabilities in your software. Which of the following actions can help to protect your identity? Log in for more information. Which of the following is NOT a typical means for spreading malicious code? You can email your employees information to yourself so you can work on it this weekend and go home now. a. putting a child in time-out The Chinese Spy Balloon Showdown The discovery of a Chinese surveillance balloon floating over the United States has added to the rising tensions between the two superpowers. Classified information that should be unclassified and is downgraded. What should you do? internet-quiz. Rating. When vacation is over, after you have returned home. Power off any mobile devices when entering a secure area. -It must be released to the public immediately. What should you do if a reporter asks you about potentially classified information on the web? A colleague saves money for an overseas vacation every year, is a . Insiders are given a level of trust and have authorized access to Government information systems. What should you do? In setting up your personal social networking service account, what email address should you use? Which of the following should be reported as a potential security incident? A 3%3\%3% penalty is charged for payment after 303030 days. Which may be a security issue with compressed Uniform Resource Locators (URLs)? You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? **Website Use Which of the following statements is true of cookies? What should the participants in this conversation involving SCI do differently? tell your colleague that it needs to be secured in a cabinet or container. 1.1 Standard Challenge Answers. For example, when you buy propane for your barbecue, your tank is placed on a scale while it is filled under high pressure (Figure 7). A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. What can you do to protect yourself against phishing? Which of the following is NOT a correct way to protect CUI? Your health insurance explanation of benefits (EOB). If you receive a phone call from a stranger asking for information about your invoice payment process, you should: Crucial information about a user or organization can be gained through. Phishing can be an email with a hyperlink as bait. Create separate user accounts with strong individual passwords. Which of the following is NOT Government computer misuse? How do you think antihistamines might work? What are some potential insider threat indicators? Memory sticks, flash drives, or external hard drives. This is information that, if released to the public, carries no injury to personal, industry, or government interests. Debra ensures not correct Which of the following is NOT a criterion used to grant an individual access to classified data? What function do Insider Threat Programs aim to fulfill? Contact the IRS using their publicly available, official contact information. This task is performed with the aim of finding similarities in data points and grouping similar data points together. What is a best practice to protect data on your mobile computing device? Correct. P2P (Peer-to-Peer) software can do the following except: Allow attackers physical access to network assets. *Spillage Which of the following is a good practice to aid in preventing spillage? *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? What is a proper response if spillage occurs? What should you do? Which of the following does not constitute spillage. The potential for unauthorized viewing of work-related information displayed on your screen. Its classification level may rise when aggregated. Validate all friend requests through another source before confirming them. Who can be permitted access to classified data? CUI may be stored only on authorized systems or approved devices. You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? correct. A coworker has asked if you want to download a programmer's game to play at work. A The CUI Registry is the Government-wide online repository for Federal-level guidance regarding CUI policy and practice. Ensure proper labeling by appropriately marking all classified material. Not correct Which of the following is NOT an example of Personally Identifiable Information (PII)? A .gov website belongs to an official government organization in the United States. What should you do if a reporter asks you about potentially classified information on the web? What is the basis for the handling and storage of classified data? Understanding and using the available privacy settings. cyber-awareness. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. What is required for an individual to access classified data? Assuming open storage is always authorized in a secure facility. The following table lists the number of drivers in the United States, the number of fatal accidents, and the number of total accidents in each age group in 2002. Lionel stops an individual in his secure area who is not wearing a badge. A medium secure password has at least 15 characters and one of the following. Protection may be required for privacy, law enforcement, contractual protections, or other reasons. In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? Cyber Awareness Challenge 2023 Answers Quizzma As long as the document is cleared for public release, you may release it outside of DoD. They can become an attack vector to other devices on your home network. You are working at your unclassified system and receive an email from a coworker containing a classified attachment. Controlled Unclassified Information (CUI): Controlled Unclassified information was defined in the Executive Order 13556 as information held by or generated for the Federal Government that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations and government-wide policies that isn't classified (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? If aggregated, the classification of the information may not be changed. 1 Cyber Awareness Challenge 2023 Answers. correct. A headset with a microphone through a Universal Serial Bus (USB) port. Within a secure area, you see an individual you do not know. Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? Use a common password for all your system and application logons. NARA has the authority and responsibility to manage the CUI Program across the Federal government. Cyber Awareness 2022 I Hate CBT's What would you do if you receive a game application request on your government computer that includes permission to access your friends, profile information, cookies, and sites visited? (Spillage) What should you do when you are working on an unclassified system and receive an email with a classified attachment? You believe that you are a victim of identity theft. What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? What should be done to protect against insider threats? See the discussed example before. What Are Some Examples Of Malicious Code Cyber Awareness? Classified material must be appropriately marked. Select the information on the data sheet that is personally identifiable information (PII). 10-3 X-ray Interaction with Matter, Fundamentals of Engineering Economic Analysis, David Besanko, Mark Shanley, Scott Schaefer. (2) War planning documents which contain worldwide -- (a) Planning data and assumptions, (b) Wartime planning factors for the use of nuclear weapons, (c) Intelligence estimates of enemy capabilities, (d) Force composition and development, and Which of the following definitions is true about disclosure of confidential information? Correct. Which of the following best describes wireless technology? Aggregating it does not affect its sensitivyty level. Classified material must be appropriately marked. Which of the following may help to prevent spillage? Correct After you have returned home following the vacation. Store it in a locked desk drawer after working hours. Monitor credit card statements for unauthorized purchases, Thumb drives, memory sticks, and flash drives are examples of. Discuss why gases, such as barbecue propane gas, are sold by mass and not by volume. 1).Compared with CK, straw addition treatments (S and SG) significantly (P < 0.01) increased the emission rate and cumulative emission of CO 2 and the cumulative CO 2 . Note any identifying information, such as the website's URL, and report the situation to your security POC. **Social Engineering Which of the following is a way to protect against social engineering? (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? PDF IFS0026 Student Guide - CDSE Which of the following is true about unclassified data? Accepting the default privacy settings. What is a best practice for protecting controlled unclassified information (CUI)? What action is recommended when somebody calls you to inquire about your work environment or specific account information? *Sensitive Information What is the best example of Personally Identifiable Information (PII)? New interest in learning another language? Which of the following is a security best practice for protecting Personally Identifiable Information (PII)? What is the best choice to describe what has occurred? What Is True About Unclassified Information Let us have a look at your work and suggest how to improve it! How do you respond? Were mitochondria as abundant in human epithelial cells as in onion epidermal cells (procedure 4.6)? Compute The Average Kids Per Family. Of the following, which is NOT a security awareness tip? What information most likely presents a security risk on your personal social networking profile? Which of the following is true of Controlled Unclassified information (CUI)? **Website Use How should you respond to the theft of your identity? When is it appropriate to have your security badge visible? **Insider Threat What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? Cyber Awareness Flashcards by Jedi Master | Brainscape ~A coworker brings a personal electronic device into a prohibited area. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. Social Security Number; date and place of birth; mothers maiden name. You can't have 1.9 children in a family (despite what the census might say ). What should you do? Types of Data in Statistics - Nominal, Ordinal, Interval, and Ratio Your password and the second commonly includes a text with a code sent to your phone. All https sites are legitimate and there is no risk to entering your personal info online. Which of the following is NOT a social engineering tip? You are reviewing your employees annual self evaluation. Unusual interest in classified information. **Mobile Devices What can help to protect the data on your personal mobile device? Q&A for work. **Classified Data Which of the following must you do before using and unclassified laptop and peripherals in a collateral environment? WEKA Datasets, Classifier And J48 Algorithm For Decision Tree CUI may be stored on any password-protected system. You know this project is classified. Correct, Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. It may expose the connected device to malware. Neither confirm or deny the information is classified. SSN, date and place of birth, mothers maiden name, biometric records, PHI, passport number, Subset of PII, health information that identifies the individual, relates to physical or mental health of an individual, provision of health care to an individual, or payment of healthcare for individual. CUI is not classified information. (controlled unclassified information) Which of the following is NOT correct way to protect CUI? You must have your organizations permission to telework. When expanded it provides a list of search options that will switch the search inputs to match the current selection. (Spillage) What is required for an individual to access classified data? Which of the following is a potential insider threat indicator? Which of the following demonstrates proper protection of mobile devices? Report the suspicious behavior in accordance with their organizations insider threat policy. Press release data. -Its classification level may rise when aggregated. Ask the individual to see an identification badge. The email provides a website and a toll-free number where you can make payment. What type of security is part of your responsibility and placed above all else?, If your wireless device is improperly configured someone could gain control of the device? *Spillage A user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. CUI includes, but is not limited to Controlled Technical Information (CTI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data and operational information.