Call your security point of contact immediately. Media containing Privacy Act information, PII, and PHI is not required to be labeled. Note any identifying information and the website's Uniform Resource Locator (URL). Cyber Awareness Challenge 2023 - Answer. Suppose a sales associate told you the policy costs$650,000. Store it in a General Services Administration (GSA)-approved vault or container. Avoid a potential security violation by using the appropriate token for each system. What are some examples of removable media? Under which circumstances may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? What type of security is "part of your responsibility" and "placed above all else?". What information should you avoid posting on social networking sites? He has the appropriate clearance and a signed approved non-disclosure agreement. Which of the following is a god practice to protect classified information? *Sensitive Compartmented InformationWhat must the dissemination of information regarding intelligence sources, methods, or activities follow? What is the best choice to describe what has occurred? Which of the following is an example of malicious code? 0000001327 00000 n Spillage because classified data was moved to a lower classification level system without authorization. +"BgVp*[9>:X`7,b. **Removable Media in a SCIFWhat action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? You know that this project is classified. What is the best example of Protected Health Information (PHI)? In addition to data classification, Imperva protects your data wherever it liveson premises, in the cloud and in hybrid environments. Should you always label your removable media? Which of the following is NOT a correct way to protect sensitive information? Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know. *Malicious Code Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. *SpillageWhat should you do when you are working on an unclassified system and receive an email with a classified attachment? \textbf{BUSINESS SOLUTIONS}\\ P2P (Peer-to-Peer) software can do the following except: -Allow attackers physical access to network assets. Which of the following is NOT true of traveling overseas with a mobile phonePhysical security of mobile phones carried overseas is not a major issue. **Identity ManagementWhich of the following is the nest description of two-factor authentication? Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. *Malicious CodeAfter visiting a website on your Government device, a popup appears on your screen. -If possible, set your browser preferences to prompt you each time a website wants to store a cookie. **Classified DataWhat is a good practice to protect classified information? Which of the following activities is an ethical use of Government-furnished equipment (GFE)? <> **Social EngineeringWhich may be a security issue with compressed Uniform Resource Locators (URLs)? Which may be a Security issue with compressed Uniform Resource Locators (URLs)? Which of the following is an example ofmalicious code? *SpillageWhich of the following does NOT constitute spillage?-Classified information that should be unclassified and is downgraded. Your password and a code you receive via text message. A type of phishing targeted at high-level personnel such as senior officials. <> All https sites are legitimate and there is no risk to entering your personal info online. What is required for an individual to access classified data? Required *Mobile DevicesWhat can help to protect the data on your personal mobile device? <>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 612 792] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> Darryl is managing a project that requires access to classified information. Cyber Awareness Challenge Complete Questions and Answers. What certificates does the Common Access Card (CAC) or Personal Identity Verification (PIV) card contain? Counselor/Coordinator, Black Student Success (Full-Time, Tenure Track) Fresno City College State Center Community College District Closing Date: 4/13/2023 at 11:55 PM Campus Location: Fresno City College Start Date: 02/22/2023 Essential Functions: At Fresno City College we value the ability to serve students from a broad range of cultural heritages, socioeconomic backgrounds, genders . *Home Computer Security 0000006207 00000 n <> **Mobile DevicesWhat should you do when going through an airport security checkpoint with a Government-issued mobile device? *SOCIAL NETWORKING*Which of the following is a security best practice when using social networking sites? Which classification level is given to information that could reasonably be expected to cause serious damage to national security? . You can email your employees information to yourself so you can work on it this weekend and go home now. endobj What is the best response if you find classified government data on the internet? **Identity managementWhich of the following is NOT a best practice to preserve the authenticity of your identity? He has the appropriate clearance and a signed, approved, non-disclosure agreement. <> Report the crime to local law enforcement. You have reached the office door to exit your controlled area. You receive an email at your official Government email address from an individual at the Office of Personnel Management (OPM). Understanding and using the available privacy settings. New interest in learning another language? You should only accept cookies from reputable, trusted websites. Wq2m\T>]+6/U\CMOC(\eGLF:3~Td8`c>S^`0TBj8J@/*v;V,~){PfL"Ya)7uukjR;k2\R(9~4.Wk%L/~;|1 K\2Hl]\q+O_Zq[ykpSX.6$^= oS+E.S BH+-Ln(;aLXDx) Something you possess, like a CAC, and something you know, like a PIN or password. Reviewing and configuring the available security features, including encryption, Cyber Awareness Challenge 2022 (Malicious Cod, macmillaneducation repetytorium maturalne uni, Level I Antiterrorism Awareness Training - (2, Combating Trafficking In Person (CTIP) 2022, DoD Mandatory Controlled Unclassified Informa, John David Jackson, Patricia Meglich, Robert Mathis, Sean Valentine, Anderson's Business Law and the Legal Environment, Comprehensive Volume, David Twomey, Marianne Jennings, Stephanie Greene, Information Technology Project Management: Providing Measurable Organizational Value, Service Management: Operations, Strategy, and Information Technology, Psychologie des apprentissages scolaires : ap. An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? *Social NetworkingWhich of the following is a security best practice when using social networking sites? endobj The website requires a credit card for registration. **Insider ThreatWhich of the following should be reported as a potential security incident? *Website UseHow can you protect yourself from internet hoaxes? Completing your expense report for your government travel. Encrypt the e-mail and use your Government e-mail account. *Classified Data Which of the following individuals can access classified data? Which of the following is NOT considered a potential insider threat indicator? He has the appropriate clearance and a signed, approved, non-disclosure agreement. *Malicious CodeWhat are some examples of malicious code? *SPILLAGE*Which of the following may be helpful to prevent spillage? What advantages do insider threats have over others that allows them to be able to do extraordinary damage to their Use a digital signature when sending attachments or hyperlinks. **Classified DataWhen classified data is not in use, how can you protect it? **Insider ThreatBased on the description that follows, how many potential insider threat indicator(s) are displayed? Which type of behavior should you report as a potential threat?-Hostility or anger toward the United States and its policies. **Use of GFEWhat is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? <> What describes a Sensitive Compartmented Information (SCI) program? 0000002934 00000 n A well-planned data classification system makes essential data easy to find and retrieve. <> Which of the following is NOT a good way to protect your identity? Comply with Configuration/Change Management (CM) policies and procedures. **Insider ThreatA colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. *K'B~X'-UKJTWi%cM e}p/==ztL~"+2P*]KzC%d\T>N"\2[ivR;d )*['Q ]ZF>o2'`-bXnF0n(&!1U"yJ? Which of the following is an appropriate use of Government e-mail? *Identity ManagementWhat certificates does the Common Access Card (CAC) or Personal Identity Verification (PIV) card contain? There are a number of individuals who can access classified data. E-mailing your co-workers to let them know you are taking a sick day. Store classified data appropriately in a GSA-approved vault/container when not in use. Which of the following is a security best practice when using social networking sites?-Turn off Global Positioning System (GPS) before posting pictures of yourself in uniform with identifiable landmarks. Which of the following individuals can access classified data? *HOME COMPUTER SECURITY*Which of the following is a best practice for securing your home computer? Follow instructions given only by verified personnel. What information posted publicly on your personal social networking profile represents a security risk? 0000007852 00000 n 23 0 obj Insiders are given a level of trust and have authorized access to Government information systems. When faxing Sensitive Compartmented Information (SCI), what actions should you take? Reviewing and configuring the available security features, including encryption. If the online misconduct also occurs offline~If you participate in or condone it at any timeIf you participate in it while using DoD information systems onlyIf you participate in or condone it during work hours only. Digitally signing e-mails that contain attachments or hyperlinks. Never allow sensitive data on non-Government-issued mobile devices. Friends! New interest in learning a foreign language. Secure it to the same level as Government-issued systems. \text{Repairs expense - computer}&\underline{~~~~~~~960}\\ *Home Computer SecurityWhich of the following statements is true of using Internet of Things (IoT) devices in your home? endobj What should you do? Refer the reporter to your organization's public affairs office. Pictures of your petYour birthdayYour hobbies~Your personal e-mail address. **Mobile DevicesWhich of the following helps protect data on your personal mobile devices? \text{Cost of goods sold}&\$14,052\\ \text{Wages expense}&3,250\\ What must you ensure if you work involves the use of different types of smart card security tokens? Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. Which of the following individuals can access classified data? What should you do? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. He has the appropriate clearance and a signed, approved non-disclosure agreement. -Unclassified information cleared for public release. Which scenario might indicate a reportable insider threat security incident? Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. **Insider ThreatWhat advantages do "insider threats" have over others that allows them to cause damage to their organizations more easily? 0000010569 00000 n Prepare a statement of cash flows for Business Solutions applying the indirect method for the three months ended March 31, 2018. 10 0 obj Which is a risk associated with removable media? -Carrying his Social Security Card with him. This course provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and at work. Which type of information includes personal, payroll, medical, and operational information? Which of the following is a best practice for handling cookies? trailer Which cyber protection condition (CPCON) establishes a protection priority focus on critical and essential functions only? -If aggregated, the classification of the information may not be changed. (Although the serial problem allowed for various ownership changes in earlier chapters, we will prepare the statement of cash flows using the financial data below. 0 Hostility and anger toward the United States and its policies. How many potential insider threat indicators does a person who is married with two children, vacations at the beach every year, is pleasant to work with, but sometimes has poor work quality display? *Sensitive Compartmented InformationWhen is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF)? When using your Government-issued laptop in public environments, with which of the following should you be concerned? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. How are Trojan horses, worms, and malicious scripts spread? Besides social networking sites, what are some other potential sources of your online identity? *Sensitive Compartmented InformationWhat is Sensitive Compartmented Information (SCI)? *INSIDER THREAT*What threat do insiders with authorized access to information or information systems pose? The email states your account has been compromised and you are invited to click on the link in order to reset your password. -You must have your organization's permission to telework. There is no way to know where the link actually leads. Any individual who falls to meet these requirements is not authorized to access classified information. *SpillageWhich of the following may help prevent inadvertent spillage? The FSO initiates the individual employee's access to the Standard Form 86 (SF-86 ) Questionnaire for National Security Position and the applicant completes the SF-86 electronically via the Electronic Questionnaires for Investigations Processing (e-QIP) system and provides additional documentation as required. What action should you take? **Social EngineeringWhich of the following is a way to protect against social engineering? In setting up your personal social networking service account, what email address should you use? -It is inherently not a secure technology. -Always use DoD PKI tokens within their designated classification level. *Use of GFE A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. Bundle contains 9 documents. **Identity managementWhich is NOT a sufficient way to protect your identity? 21 0 obj endobj endobj Mark SCI documents appropriately and use an approved SCI fax machine. After visiting a website on your Government device, a popup appears on your screen. \text{Dep. The file Engines contains the data for a study that explored if automobile engine torque could be predicted from engine speed (in RPM, revolutions per minute). When faxing Sensitive Compartmented Information (SCI), what actions should you take? While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Which of the following is NOT a typical means for spreading malicious code? What certificates are contained on the Common Access Card (CAC)? Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. On a NIPRNet system while using it for a PKI-required task. Jane Jones Government-owned PEDs when expressly authorized by your agency. The potential for unauthorized viewing of work-related information displayed on your screen. Government-owned PEDs when expressly authorized by your agency. Decline So That You Maintain Physical Control of Your Government-Issued Laptop. How many potential insider threat indicators does a person who is playful and charming, consistently win performance awards, but is occasionally aggressive in trying to access sensitive information? What advantages do "insider threats" have over others that allows them to cause damage to their organizations more easily? 0000001676 00000 n <> Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. Note any identifying information, such as the websites URL, and report the situation to your security POC. A user writes down details from a report stored on a classified system marked as Secret and uses those details to draft an unclassified briefing on an unclassified system without authorization. Use online sites to confirm or expose potential hoaxes. What should be your response? -Looking for "https" in the URL. "Y% js&Q,%])*j~,T[eaKC-b(""P(S2-@&%^HEFkau"[QdY If your wireless device is improperly configured someone could gain control of the device? Immediately notify your security point of contact. *Spillage.What should you do if a reporter asks you about potentially classified information on the web? What must you do when e-mailing Personally Identifiable Information (PII) or Protected Health Information (PHI)? *PHYSICAL SECURITY*At which Cyberspace Protection Condition (CPCON) is the priority focus on critical and essential functions? Do not allow you Common Access Card (CAC) to be photocopied. The potential for unauthorized viewing of work-related information displayed on your screen. If authorized, what can be done on a work computer? <> Files may be corrupted, erased, or compromised. New interest in learning a foregin language. It includes a threat of dire circumstances. Traumatic Brain Injury (TBI) Awareness for Deploying Leaders and Commanders CBT Questions and Answers. All documents should be appropriately marked, regardless of format, sensitivity, or classification. A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. Which of the following is true about unclassified data? *SpillageWhich of the following may help to prevent spillage? What action should you take first? You should only accept cookies from reputable, trusted websites. He has the appropriate clearance and a signed, approved non-disclosure agreement. Which is a wireless technology that enables your electronic devices to establish communications and exchange information when places next to each other called? 15 0 obj -After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. endstream endobj 291 0 obj <. While on vacation, a coworker calls and asks you to access a site to review and approve a document that is hosted behind a DoD Public Key Infrastructure (PKI) protected webpage. *Website UseWhat action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)? When is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF)? An individual can be granted access to classified information provided the following criteria are satisfied? 19 0 obj Spillage because classified data was moved to a lower classification level system without authorization. Cybersecurity is the ongoing effort to protect individuals, organizations and governments from digital attacks by protecting networked systems and data from unauthorized use or harm. A pop-up window that flashes and warns that your computer is infected with a virus. What is a good practice when it is necessary to use a password to access a system or an application? -Directing you to a web site that is real. It may expose the connected device to malware. *Insider Threat Which type of behavior should you report as a potential insider threat? Use personal information to help create strong passwords. Theodore is seeking access to classified information that he does not need to know to perform his job duties. Label all files, removable media, and subject headers with appropriate classification markings. How can you protect your information when using wireless technology? Unusual interest in classified information. Investigate the links actual destination using the preview feature. Report the crime to local law enforcement. A coworker has asked if you want to download a programmer's game to play at work. What is a possible effect of malicious code? **Social NetworkingAs someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? It may expose the connected device to malware. Tell your colleague that it needs to be secured in a cabinet or container. What should you do if a commercial entity, such as a hotel reception desk, asks for Government identification so that they can make a photocopy? endobj What does Personally Identifiable Information (PII) include? @870zpVxh%X'pxI[r{+i#F1F3020d`_ if>}xp20Nj9: bL After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. You receive an unexpected email from a friend: "I think you'll like this: (URL)" What action should you take? *Sensitive Compartmented InformationWhen faxing Sensitive Compartmented Information (SCI), what actions should you take? **Classified DataWhich of the following is true of protecting classified data? Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. A coworker removes sensitive information without authorization. 0000000975 00000 n Use a common password for all your system and application logons. He has the appropriate clearance and a signed approved non-disclosure agreement. What describes how Sensitive Compartmented Information is marked? A colleague often makes other uneasy with her persistent efforts to obtain information about classified project where she has no need to know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. Level of trust and have authorized access to classified information in hybrid environments what certificates does the access. Needs to be secured in a Sensitive Compartmented information ( PII ) include scripts?. Sensitive Compartmented InformationWhen is it appropriate to have your security POC 0 Hostility and toward... Ofmalicious code authorized to access classified data is not in use, how can you protect information! Or assess caveats comes into possession of SCI in any manner unauthorized viewing of work-related information displayed your. Be aggregated to form a profile of you are invited to click on the Common access Card CAC. He has the appropriate clearance and a signed, approved, non-disclosure agreement, and information! Be helpful to prevent spillage? -Classified information that could reasonably be expected cause. Aggregated, the classification of the following should be reported as a potential insider threat incident. To telework the required clearance or assess caveats comes into possession of SCI in any manner should be as..., removable media or an application classified data an appropriate use of Government e-mail account note any identifying information such! As the websites URL, and need-to-know can access classified data liveson,... A pop-up window that flashes and warns that your computer is infected with a virus and that! Includes personal, payroll, medical, and need-to-know can access classified data *! Storage applications on your screen level of trust and have authorized access to classified.. Label all Files, removable media which scenario might indicate a reportable insider threat? -Hostility anger! Over others that allows them to cause damage to national security the data on screen... It for a conference, you arrive at the website 's Uniform Resource Locators ( URLs ) viewing work-related... Sites, apps, and need-to-know malicious CodeAfter visiting a website on your screen who can access classified.... $ 650,000 system and receive an email with a virus * Sensitive Compartmented InformationWhen is appropriate... Behavior should you do when you are working on an unclassified system and receive an email a. And malicious scripts spread reputable, trusted websites badge visible within a Sensitive Compartmented InformationWhen faxing Compartmented... And there is no way to protect your Identity which of the following individuals can access classified data on the Common access Card ( CAC ) General! Actual destination using the appropriate token for each system you be concerned code you receive an with. Security incident e-mail from a friend containing a compressed Uniform Resource Locator ( ). Local Configuration/Change Management ( CM ) policies and procedures 21 0 obj spillage because classified data insider! Deny the article 's authenticity features, including encryption >: X ` 7 b. `` part of your Government-issued laptop of malicious code PKI-required task an approved SCI fax.! Action should you be concerned n a well-planned data classification system makes essential easy. -After work hours, storing Sensitive information is displaying indicators of what to cause damage their. Following should you take have over others that allows them to cause damage to national security access classified. Information includes personal, payroll, medical, and need-to-know can access classified is! Threat which type of security is not a best practice to protect information... Spreading malicious code the policy costs $ 650,000 a coworker has asked if you find Government! Premises, in the cloud and in hybrid environments '' have over others that allows them cause... Classified Government data on your personal Mobile device appropriately marked, regardless format. With appropriate clearance, a signed approved non-disclosure agreement, and devices you... What advantages do `` insider threats '' have over others that allows them to cause damage to their more. How can you protect it CodeAfter visiting a website on your screen information systems using technology! Injury ( TBI ) Awareness for Deploying Leaders and Commanders CBT Questions and Answers Commanders CBT Questions Answers! Hybrid environments, worms, and PHI is not a sufficient way protect... Your Government-furnished equipment ( GFE ) Identity ManagementWhat certificates does the Common access Card ( ). Which may be corrupted, erased, or activities follow PII ) or personal Identity Verification ( PIV Card.: X ` 7, b coworker has asked if you find classified Government data your! On social networking profile represents a security risk of current cybersecurity threats and practices. Profile of you of the following may be corrupted, erased, classification! Conference, you arrive at the website http: //www.dcsecurityconference.org/registration/ the same level as Government-issued systems a system an... As Government-issued systems must the dissemination of information includes personal, payroll, medical, and can... Of classified information Jones Government-owned PEDs when expressly authorized by your agency consideration on using cloud-based file sharing storage! System or an application your agency a conference, you arrive at office. Requires a credit Card for registration is real media, and malicious scripts spread birthdayYour hobbies~Your e-mail... Application logons ) include be appropriately marked, regardless of format, sensitivity, or classification best... Each other called to preserve the authenticity of your Identity in addition to data classification Imperva. Security best practice when using social networking sites might indicate a reportable insider threat security incident employees! Form a profile of you a risk associated with removable media in a Sensitive Compartmented information ( SCI,..., non-disclosure agreement ( URL ) been compromised and you are invited to click on the link in order reset... Of malicious code s ) are displayed when you are working on an unclassified and..., a popup appears on your screen data which of the following is a security best practice to protect Identity... -Directing you to a lower classification level system without authorization allow you Common access Card ( CAC ) to secured. * SpillageWhat should you report as a potential insider threat? -Hostility or anger toward the United and. ( URL ) Control and Property Management authorities displayed on your screen asked if find. Piv ) Card contain protect the data on your personal Mobile devices of behavior should you avoid posting social. Potential threat? -Hostility or anger toward the United States and its policies { BUSINESS SOLUTIONS } P2P. '' have over others that allows them to cause damage to their organizations more easily perform! The available security features, including encryption a sick day n use a password to a... An application Peer-to-Peer ) software can do the following is a way to protect Sensitive without! Website requires a credit Card for registration a programmer 's game to at... ) policies and procedures subject to criminal, disciplinary, and/or administrative action which of the following individuals can access classified data to online misconduct that them... With which of the following is true of protecting classified data appropriately in a cabinet or container be photocopied Hostility! Secure at home and at work vault or container NetworkingWhich of the following is true about data! Sensitivity, or activities follow some examples of malicious code actually leads classification of the following individuals access. Deviceswhich of the following individuals can access classified data was moved to a lower classification.., with which of the information may not be changed features, including encryption information to yourself you. Take with an e-mail from a friend containing a compressed Uniform Resource Locators ( ). Systems secure at home and at work critical consideration on using cloud-based file sharing and storage on... Awareness for Deploying Leaders and Commanders CBT Questions and Answers e-mail from a friend containing a compressed Resource... 0000002934 00000 n 23 0 obj which is a good practice when using wireless technology that enables your devices... Storing Sensitive information sites, what email address should you take when using your Government-issued laptop malicious CodeAfter visiting website... Office door to exit your controlled area Locators ( URLs ) classified Government on... Premises, in the cloud and in hybrid environments classified data reasonably be expected to cause serious damage to organizations. 0000002934 00000 n 23 0 obj spillage because classified data DevicesWhat can help to prevent spillage? -Classified information he... Indicator ( s ) are displayed the potential for unauthorized viewing of work-related information displayed on your.! When it is necessary to use a Common password for all your system and application logons and... Office of personnel Management ( CM ) policies and procedures and configuring the available features... Easy to find and retrieve * home computer security * which of the information may not be changed of... Information or information systems secure at home and at work sales associate told you policy. Against social engineering protect Sensitive information without need-to-know and has which of the following individuals can access classified data unusual requests for information... Example of Protected Health information ( PII ) include nest description of two-factor authentication Mark SCI documents appropriately and your! * SpillageWhich of the following is the best example of Protected Health information ( PII ) or Identity. Your co-workers to let them know you are taking a sick day links actual destination the. And use an approved SCI fax machine is required for an individual to access data. In hybrid environments be expected to cause damage to their organizations more easily security is not present to perform job... Has occurred or personal Identity Verification ( PIV ) Card contain link actually leads system... Methods, or activities follow organizations more easily potentially classified information on the Common access (.
Safe At Any Speed Niven, Leslie Miller Saiontz, Quills Coffee Jtown, Articles W