Since the URL does not start with https, do not provide you credit card information. A colleague often makes others uneasy with her persistent efforts to obtain information about classified project where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. Malicious code can do the following except? Which of the following is NOT true concerning a computer labeled SECRET? Not correct. Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. Here you can find answers to the DoD Cyber Awareness Challenge. Exceptionally grave damage to national security. You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. "Unclassified" or a lack of security marking denotes non-sensitive information. 1.1.4 Social Networking. What should you do? You have reached the office door to exit your controlled area. You should only accept cookies from reputable, trusted websites. It should only be in a system while actively using it for a PKI-required task. Monitor credit card statements for unauthorized purchases, Thumb drives, memory sticks, and flash drives are examples of. Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. Connect to the Government Virtual Private Network (VPN). As part of the survey the caller asks for birth date and address. Ans: True Question 2: The Government Information Security Reform Act (Security Reform Act) of 2000 focuses on management View the full answer What can be used to track Marias web browsing habits? Is this safe? It is getting late on Friday. What should you do? Ive tried all the answers and it still tells me off, part 2. *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? A colleague enjoys playing video games online, regularly use social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. What would you do if you receive a game application request on your government computer that includes permission to access your friends, profile information, cookies, and sites visited? When unclassified data is aggregated, its classification level may rise. CPCON 1 (Very High: Critical Functions) A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? What function do Insider Threat Programs aim to fulfill? *Spillage What should you do if a reporter asks you about potentially classified information on the web? **Home Computer Security How can you protect your information when using wireless technology? **Classified Data Which classification level is given to information that could reasonably be expected to cause serious damage to national security? **Social Networking Your cousin posted a link to an article with an incendiary headline on social media. What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? Information improperly moved from a higher protection level to a lower protection level. You must have permission from your organization. You check your bank statement and see several debits you did not authorize. correct. A type of phishing targeted at high-level personnel such as senior officials. *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? **Physical Security What is a good practice for physical security? It includes a threat of dire circumstances. How can you protect yourself on social networking sites? Attempting to access sensitive information without need-to-know, Avoid talking about work outside of the workplace or with people without a need-to-know, Report the suspicious behavior in accordance with their organizations insider threat policy. (Identity Management) Which of the following is an example of two-factor authentication? You receive an email at your official Government email address from an individual at the Office of Personnel Management (OPM). What Are Some Examples Of Malicious Code Cyber Awareness? asked in Internet by voice (265k points) Question : Which of the following is true about unclassified data? **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? When traveling or working away from your main location, what steps should you take to protect your devices and data? Secure it to the same level as Government-issued systems. Store classified data in a locked desk drawer when not in use Maybe **Social Networking Which of the following best describes the sources that contribute to your online identity? Which of the following actions can help to protect your identity? *Spillage Which of the following may help prevent inadvertent spillage? A smartphone that transmits credit card payment information when held in proximity to a credit card reader. Proactively identify potential threats and formulate holistic mitigation responses. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. Carrying his Social Security Card with him, DoD employees are prohibited from using a DoD CAC in card-reader-enabled public device, Assigned a classification level by a supervisor. A colleague asks to leave a report containing protected health information (PHI) on his desk overnight so he can continue working on it the next day. What information posted publicly on your personal social networking profile represents a security risk? Which method would be the BEST way to send this information? How can you protect your organization on social networking sites? It is created or received by a healthcare provider, health plan, or employer. *Spillage .What should you do if a reporter asks you about potentially classified information on the web? What action should you take? What should you do? CUI is government created or owned information that requires safeguarding or dissemination controls consistent with applicable laws, regulations and government wide policies. How should you respond? Filter by: All $ Off % Off Free Online Offline. A man you do not know is trying to look at your Government-issued phone and has asked to use it. Transmit classified information via fax machine only Not correct A coworker uses a personal electronic device in a secure area where their use is prohibited. (Insider Threat) Based on the description that follows, how many potential insider threat indicator(s) are displayed? classified-document. You many only transmit SCI via certified mail. Federal agencies routinely generate, use, store, and share information that, while not meeting the threshold for classification as national security or atomic energy information, requires some level of protection from unauthorized access and release. Use only your personal contact information when establishing your account. Which of the following may help to prevent spillage? Thiswill enabletimely and consistent informationsharing andincreasetransparency throughout the Federal government and with non-Federal stakeholders. Don't talk about work outside your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners. When gases are sold they are usually compressed to high pressures. *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. Which of the following should you NOT do if you find classified information on the internet? (controlled unclassified information) Which of the following is NOT an example of CUI? Unclassified is a security classification assigned to official information that does not warrant the assignment of Confidential, Secret, or Top Secret markings but which is not publicly-releasable without authorization. 1.1.5 Controlled Unclassified Information. tell your colleague that it needs to be secured in a cabinet or container. Which of the following is true of the Common Access Card (CAC)? We recommend Norton Security or McAfee Total Protection. What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? How should you respond? What is the best choice to describe what has occurred? (Sensitive Information) What must the dissemination of information regarding intelligence sources, methods, or activities follow? internet. Search As long as the document is cleared for public release, you may share it outside of DoD. Mark SCI documents appropriately and use an approved SCI fax machine. *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? **Classified Data Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Malicious code can do damage by corrupting files, erasing your hard drive, and/or allowing hackers access. (Malicious Code) Which are examples of portable electronic devices (PEDs)? Photos of your pet Correct. -It must be released to the public immediately. Only use Government-furnished or Government-approved equipment to process PII. Which of the following does NOT constitute spillage? All to Friends Only. Correct To transmit large payments through Fedwire __________, To regulate and supervise the stock market to provide stability and security to individual investors. (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Which of the following is a security best practice when using social networking sites? Based on the description that follows, how many potential insider threat indicator(s) are displayed? Which of the following best describes good physical security? You should remove and take your CAC/PIV card whenever you leave your workstation. What should be your response? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. classified-document. 1.1.3 Insider Threat. You receive an email from a company you have an account with. Only allow mobile code to run from your organization or your organizations trusted sites. Which of the following statements is true? Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. Never allow sensitive data on non-Government-issued mobile devices. What is a security best practice to employ on your home computer? Classified information that should be unclassified and is downgraded. *Insider Threat Which of the following is a potential insider threat indicator? Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. Proactively identify potential threats and formulate holistic mitigation responses. (Spillage) What should you do if a reporter asks you about potentially classified information on the web? The questions are broken into the following sections: Controlled Unclassified Information (CUI) isinformation that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies,but is not classified underExecutive Order 13526 Classified National Security Informationorthe Atomic Energy Act, as amended. correct. JavaScript appears to be disabled on this computer. Who is responsible for information/data security? It contains certificates for identification, encryption, and digital signature. **Social Engineering Which may be a security issue with compressed Uniform Resource Locators (URLs)? What certificates are contained on the Common Access Card (CAC)? **Website Use Which of the following statements is true of cookies? A Coworker has asked if you want to download a programmers game to play at work. What should be done to sensitive data on laptops and other mobile computing devices? Which of the following represents a good physical security practice? The answer has been confirmed to be correct. What should be done to protect against insider threats? SSN, date and place of birth, mothers maiden name, biometric records, PHI, passport number, Subset of PII, health information that identifies the individual, relates to physical or mental health of an individual, provision of health care to an individual, or payment of healthcare for individual. Do not download it. *Insider Threat Which of the following is a reportable insider threat activity? not correct Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. Digitally signed e-mails are more secure. c. What similarities and differences are there between plant and animal cells? (social networking) Which of the following is a security best practice when using social networking sites? Correct. When can you check personal email on your government furnished equipment? **Social Networking Which of the following statements is true? They provide guidance on reasons for and duration of classification of information. Attempting to access sensitive information without need-to-know. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Which of the following is true of downloading apps? Which of the following demonstrates proper protection of mobile devices? How many potential insider threat indicators is Bob displaying? Ctrl+F (Cmd+F) will help you a lot when searching through such a large set of questions. Refer the vendor to the appropriate personnel. You must have your organization's permission to telework. Use personally-owned wired headsets and microphones only in designated areas, New interest in learning a foreign language. You are leaving the building where you work. Which type of information includes personal, payroll, medical, and operational information? What is the basis for the handling and storage of classified data? Spillage because classified data was moved to a lower classification level system without authorization. You know this project is classified. What should you do? Which of the following is NOT Government computer misuse? Ensure proper labeling by appropriately marking all classified material. TheNational Archives and Records Administration (NARA)servesas the Controlled Unclassified Information (CUI) Executive Agent (EA). **Identity management Which is NOT a sufficient way to protect your identity? which of the following is true about unclassified Courses 442 View detail Preview site Which is a risk associated with removable media? What should you do? Please click here to see any active alerts. After clicking on a link on a website, a box pops up and asks if you want to run an application. Controlled Unclassified Information (CUI) is informationthat requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies, but is not classified under Executive Order 13526 "Classified National Security Informat What are examples of CUI? What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? *Sensitive Compartmented Information What must the dissemination of information regarding intelligence sources, methods, or activities follow? Report the crime to local law enforcement. How can you protect your information when using wireless technology? NARA has the authority and responsibility to manage the CUI Program across the Federal government. How should you protect a printed classified document when it is not in use? There is no way to know where the link actually leads. How can you protect yourself from social engineering? Government-owned PEDs, if expressly authorized by your agency. you don't need to do anything special to protect this information (2) War planning documents which contain worldwide -- (a) Planning data and assumptions, (b) Wartime planning factors for the use of nuclear weapons, (c) Intelligence estimates of enemy capabilities, (d) Force composition and development, and **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? Refer the reporter to your organizations public affairs office. **Insider Threat Which of the following should be reported as a potential security incident (in accordance with you Agencys insider threat policy)? Read the latest news from the Controlled Unclassified Information (CUI) program. Identification, encryption, and digital signature. *Sensitive Compartmented Information What is a Sensitive Compartmented Information (SCI) program? (GFE) When can you check personal e-mail on your Government-furnished equipment (GFE)? Under which circumstances may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? -Its classification level may rise when aggregated. Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. Click on "Open File". Use the government email system so you can encrypt the information and open the email on your government issued laptop. Which of the following is NOT a type of malicious code? Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Select the information on the data sheet that is protected health information (PHI). Discrete data involves whole numbers (integers - like 1, 356, or 9) that can't be divided based on the nature of what they are. Which of the following is NOT a potential insider threat? Store it in a GSA approved vault or container. Which of the following may help to prevent inadvertent spillage? Which of the following is not a best practice to preserve the authenticity of your identity? Figure 1. This button displays the currently selected search type. Third, the neighbor ground points of an unclassified point are searched from multiple subspaces. The following table lists the number of drivers in the United States, the number of fatal accidents, and the number of total accidents in each age group in 2002. Which of the following makes Alexs personal information vulnerable to attacks by identity thieves? While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. Malicious code can include viruses, worms, and macros. What should you do? After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. What should you do to protect classified data? How many potential insiders threat indicators does this employee display? We thoroughly check each answer to a question to provide you with the most correct answers. Classified data: (Scene) Which of the following is true about telework? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. What action is recommended when somebody calls you to inquire about your work environment or specific account information? Which of the following is true of protecting classified data? When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? Since the URL does not start with https, do not provide your credit card information. **Insider Threat Which of the following should be reported as a potential security incident? Leaked classified or controlled information is still classified/controlled even if it has already been compromised. Which of the following demonstrates proper protection of mobile devices? Which of the following is true of internet hoaxes? (Spillage) Which of the following is a good practice to aid in preventing spillage? (Malicious Code) Which of the following is true of Internet hoaxes? **Classified Data Which of the following is true of telework? **Insider Threat What function do Insider Threat Programs aim to fulfill? What should the participants in this conversation involving SCI do differently? Which of the following information is a security risk when posted publicly on your social networking profile? A compromise of Sensitive Compartmented Information (SCI) occurs when a person who does not have the required clearance or access caveats comes into possession of SCI_________.??? What should you do if someone forgets their access badge (physical access)? Which of the following is not considered an example of data hiding? Which of the following practices reduces the chance of becoming a target by adversaries seeking insider information? What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? The website requires a credit card for registration. **Travel Which of the following is true of traveling overseas with a mobile phone? What is a valid response when identity theft occurs? Definition 1 / 24 -It must be released to the public immediately. Information should be secured in a cabinet or container while not in use. Some examplesyou may be familiar with: TheFederalCUI Registry,shows authorized categoriesandassociated markings, as well as applicable safeguarding, dissemination, and decontrol procedures. (Malicious Code) Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? If you participate in or condone it at any time. b. Changes to various data systems that store and sometimes share sensitive information outside EPA. What is considered a mobile computing device and therefore shouldnt be plugged in to your Government computer? Hostility or anger toward the United States and its policies. Correct. They can be part of a distributed denial-of-service (DDoS) attack. New interest in learning another language? What type of attack might this be? Government-owned PEDs when expressly authorized by your agency. In which situation below are you permitted to use your PKI token? Only documents that are classified Secret, Top Secret, or SCI require marking. Linda encrypts all of the sensitive data on her government-issued mobile devices. What are some potential insider threat indicators? Based on the description that follows, how many potential insider threat indicator(s) are displayed? Your health insurance explanation of benefits (EOB). Using NIPRNet tokens on systems of higher classification level. What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? Annual DoD Cyber Awareness Challenge Training, DOD Cyber Awareness Challenge 2019: Knowledge, DOD Cyber Awareness Challenge 2019 (DOD-IAA-V, Operations Management: Sustainability and Supply Chain Management, Elliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson, Anderson's Business Law and the Legal Environment, Comprehensive Volume, David Twomey, Marianne Jennings, Stephanie Greene. A user writes down details from a report stored on a classified system marked as Secret and uses those details to draft an unclassified briefing on an unclassified system without authorization. Which of the following is NOT a home security best practice?