What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? **Home Computer SecurityWhat should you consider when using a wireless keyboard with your home computer? Darryl is managing a project that requires access to classified information. Which of the following is a practice that helps to protect you from identity theft? *Social NetworkingYour cousin posted a link to an article with an incendiary headline on social media. Connect to the Government Virtual Private Network (VPN). 0000006207 00000 n Study with Quizlet and memorize flashcards containing terms like How many potential insider threat indicators does a person who is married with two children, vacations at the beach every year, is pleasant to work with, but sometimes has poor work quality display?, What is the best response if you find classified government data on the internet?, After reading an online story about a new . What portable electronic devices (PEDs) are allowed in a Sensitive Compartmented Information Facility (SCIF)? Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Which of the following is NOT a best practice to preserve the authenticity of your identity? Memory sticks, flash drives, or external hard drives. When using your government-issued laptop in public environments, with which of the following should you be concerned? Since the URL does not start with https, do not provide you credit card information. *Home Computer SecurityWhich of the following is a best practice for securing your home computer?-Create separate accounts for each user. Physical security of mobile phones carried overseas is not a major issue. Which of the following is NOT true concerning a computer labeled SECRET? Imperva provides automated data discovery and classification, which reveals the location, volume, and context of data on premises and in the cloud. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Understanding and using the available privacy settings. Who can be permitted access to classified data? *Travel Connect to the Government Virtual Private Network (VPN). startxref Retrieve classified documents promptly from printers. Research the source of the article to evaluate its credibility and reliability. *Sensitive InformationWhat type of unclassified material should always be marked with a special handling caveat? What action should you take?-Research the source of the article to evaluate its credibility and reliability. *CLASSIFIED DATA*What is a good practice to protect classified information? (Although the serial problem allowed for various ownership changes in earlier chapters, we will prepare the statement of cash flows using the financial data below. Use TinyURLs preview feature to investigate where the link leads. \text{Computer supplies expense}&1,305\\ **Social NetworkingWhich of the following is a security best practice when using social networking sites? What type of data must be handled and stored properly based on classification markings and handling caveats? endobj Which of the following is NOT a social engineering tip? Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. How many potential insider threat indicators does a person who is married with two children, vacations at the beach every year, is pleasant to work with, but sometimes has poor work quality display? What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? *Sensitive Compartmented InformationWhich of the following best describes the compromise of Sensitive Compartmented Information (SCI)? How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? Your cousin posted a link to an article with an incendiary headline on Social media. You are logged on to your unclassified computer and just received an encrypted email from a co-worker. Don't allow her access into secure areas and report suspicious activity. *Sensitive Compartmented InformationWhen should documents be marked within a Sensitive Compartmented Information Facility (SCIF), ~All documents should be appropriately marked, regardless of format, sensitivity, or classification.Unclassified documents do not need to be marked as a SCIF.Only paper documents that are in open storage need to be marked.Only documents that are classified Secret, Top Secret, or SCI require marking. When classified data is not in use, how can you protect it? Which is a way to protect against phishing attacks? *Mobile DevicesWhich of the following is an example of removable media? Label all files, removable media, and subject headers with appropriate classification markings. 4 0 obj <> Mark SCI documents appropriately and use an approved SCI fax machine. There is no way to know where the link actually leads. Decide whether each of the following statements makes sense (or is clearly true) or does not make sense (or is clearly false). *Insider Threat Which type of behavior should you report as a potential insider threat? Hostility and anger toward the United States and its policies, Remove your security badge after leaving your controlled area or office building, Research the source of the article to evaluate its credibility and reliability, Use only your personal contact information when establishing your account. **Home Computer SecurityHow can you protect your information when using wireless technology? *Removable Media in a SCIF A well-planned data classification system makes essential data easy to find and retrieve. Which of the following statements is true of using Internet of Things (IoT) devices in your home? exp-computerequip.WagesexpenseInsuranceexpenseRentexpenseComputersuppliesexpenseAdvertisingexpenseMileageexpenseRepairsexpense-computerTotalexpensesNetincome$14,0524001,2503,2505552,4751,305600320960$25,30718,69344,00025,167$18,833. **Identity managementWhich of the following is NOT a best practice to preserve the authenticity of your identity? *SOCIAL NETWORKING*When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? When faxing Sensitive Compartmented Information (SCI), what actions should you take? *Sensitive Compartmented InformationWhat should the participants in this conversation involving SCI do differently? Write your password down on a device that only you access (e.g., your smartphone). Students also viewed Always use DoD PKI tokens within their designated classification level. Which of the following is NOT Protected Health Information (PHI)? Ive tried all the answers and it still tells me off, part 2. What is a protection against internet hoaxes? What action should you take? Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. -Using NIPRNet tokens on systems of higher classification level. -Use the government email system so you can encrypt the information and open the email on your government issued laptop. What is a way to prevent the download of viruses and other malicious code when checking your e-mail? *Mobile Devices 0000005657 00000 n Classified material must be appropriately marked. What is a valid response when identity theft occurs? Reviewing and configuring the available security features, including encryption. Which of the following is a best practice for securing your home computer? Which scenario might indicate a reportable insider threat security incident? eZkF-uQzZ=q; You are having lunch at a local restaurant outside the installation, and you find a cd labeled "favorite song". Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. *Sensitive Compartmented InformationWhen faxing Sensitive Compartmented Information (SCI), what actions should you take? *TravelWhat security risk does a public Wi-Fi connection pose? Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know. There are a number of individuals who can access classified data. What actions should you take prior to leaving the work environment and going to lunch? *Insider ThreatWhich of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. <> Which of the following individuals can access classified data Cyber Awareness 2022? There are many travel tips for mobile computing. Which of the following demonstrates proper protection of mobile devices? Refer the reporter to your organization's public affairs office. Use a common password for all your system and application logons. Use only your personal contact information when establishing your account, *Controlled Unclassified InformationSelect the information on the data sheet that is personally identifiable information (PII) but not protected health information (PHI), Jane JonesSocial Security Number: 123-45-6789, *Controlled Unclassified InformationSelect the information on the data sheet that is protected health information (PHI), Interview: Dr. Nora BakerDr. A coworker brings a personal electronic device into a prohibited area. +"BgVp*[9>:X`7,b. Which of the following is true about telework? Use only personal contact information when establishing personal social networking accounts, never use Government contact information. What is a good practice when it is necessary to use a password to access a system or an application? *SOCIAL NETWORKING*When is the safest time to post details of your vacation activities on your social networking profile? On a NIPRNet system while using it for a PKI-required task. Investigate the link's actual destination using the preview feature. When your vacation is over, and you have returned home. Media containing Privacy Act information, PII, and PHI is not required to be labeled. *TRAVEL*Which of the following is a concern when using your Government-issued laptop in public? Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. A coworker uses a personal electronic device in a secure area where their use is prohibited. Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. Which is NOT a sufficient way to protect your identity? Social Security Number: 432-66-8321. Is it acceptable to take a short break while a coworker monitors your computer while logged on with your CAC? 2 0 obj Which of the following is an example of removable media? *Sensitive InformationWhich of the following is the best example of Personally Identifiable Information (PII)? What is a common indicator of a phishing attempt? Which of the following should be reported as a potential security incident (in accordance with your Agency's insider threat policy)? **Insider ThreatWhat advantages do insider threats have over others that allows them to cause damage to their organizations more easily? A coworker has asked if you want to download a programmers game to play at work. The Maybe Pay Life Insurance Co. is trying to sell you an investment policy that will pay you and your heirs $40,000 per year forever. [1] Issued by President Barack Obama in 2009, Executive Order 13526 replaced earlier executive orders on the topic and modified the regulations codified to 32 C.F.R. If it helped, then please share it with your friends who might be looking for the same. Use personal information to help create strong passwords. A colleague saves money for an overseas vacation every year, is a single father, and occasionally consumes alcohol. The email provides a website and a toll-free number where you can make payment. Which of the following is NOT a good way to protect your identity? Within a secure area, you see an individual you do not know. The website requires a credit card for registration. <> They can be part of a distributed denial-of-service (DDoS) attack. -Request the user's full name and phone number. *SpillageWhat should you do when you are working on an unclassified system and receive an email with a classified attachment? Which of the following represents an ethical use of Your Government-furnished Equipment (GFE)? \text{Cost of goods sold}&\$14,052\\ Your password and a code you receive via text message. *Social EngineeringWhat is a common indicator of a phishing attempt? is a program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. *SpillageWhat is a proper response if spillage occurs? Which of the following makes Alex's personal information vulnerable to attacks by identity thieves? You should only accept cookies from reputable, trusted websites. *SpillageWhich of the following does NOT constitute spillage?-Classified information that should be unclassified and is downgraded. 21 0 obj exp-computerequip.1,250Wagesexpense3,250Insuranceexpense555Rentexpense2,475Computersuppliesexpense1,305Advertisingexpense600Mileageexpense320Repairsexpense-computer960Totalexpenses25,167Netincome$18,833\begin{array}{lrr} A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. P2P (Peer-to-Peer) software can do the following except: -Allow attackers physical access to network assets. Select the information on the data sheet that is protected health information (PHI). Which of the following is NOT a correct way to protect CUI? Mark SCI documents, appropriately and use an approved SCI fax machine. While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Ask the individual to see an identification badge. %PDF-1.7 *Insider ThreatWhat threat do insiders with authorized access to information or information systems pose?-They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. What should you do? *SpillageA user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. *SpillageWhich of the following may help prevent inadvertent spillage? On a NIPRNet system while using it for a PKI-required task. What should you do if someone asks to use your government issued mobile device (phone/laptop..etc)? How many indicators does this employee display? **Classified DataWhich of the following is true of protecting classified data? Hope you got the answer you looking for! Wait until you have access to your government-issued laptop. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. *Sensitive Compartmented InformationWhich of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Cyber Awareness Challenge Complete Questions and Answers. What action should you take if you receive a friend request on your social networking website from someone in Germany you met casually at a conference last year? 290 33 \end{array} How should you respond to the theft of your identity? Understanding and using the available privacy settings. **Social EngineeringWhat is TRUE of a phishing attack? -Phishing can be an email with a hyperlink as bait. When leaving your work area, what is the first thing you should do? <>/Metadata 326 0 R/ViewerPreferences 327 0 R>> Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. mobile devices and applications can track Your location without your knowledge or consent. To control access to objects for authorized subjects B. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. Which of the following is NOT Government computer misuse? Friends! A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. What must you ensure before transmitting Personally Identifiable Information (PII) or Protected Health Information (PHI) via e-mail? Classified material must be appropriately marked. Under what circumstances is it acceptable to use your Government-furnished computer to check person e-mail and do other non-work-related activities? In addition to data classification, Imperva protects your data wherever it liveson premises, in the cloud and in hybrid environments. A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. <> Maintain visual or physical control of the device. What is the best example of Protected Health Information (PHI)? A program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. *Sensitive Compartmented InformationWhat guidance is available for marking Sensitive Compartmented Information (SCI)? Which of the following is NOT a potential insider threat? They may be used to mask malicious intent. Which of the following terms refers to someone who harms national security through authorized access to information system? ), BUSINESSSOLUTIONSComparativeBalanceSheetDecember31,2017,andMarch31,2018\begin{array}{c} Related questions Which of the following individuals can access classified data? -Delete email from senders you do not know. endobj 4. 1. **Classified DataWhat is required for an individual to access classified data? An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? -Darryl is managing a project that requires access to classified information. Explain your reasoning. When is conducting a private money-making venture using your Government-furnished computer permitted? **Mobile DevicesWhich of the following is an example of removable media? **Identity managementWhich of the following is an example of a strong password? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. **Identity ManagementYour DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. <>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 612 792] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> **Mobile DevicesWhich is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? What should you do? **Classified DataWhat level of damage can the unauthorized disclosure of information classified as Confidential reasonably be expected to cause? **Identity managementWhich is NOT a sufficient way to protect your identity? What is the best response if you find classified government data on the internet? Your comments are due on Monday. How can you protect yourself from internet hoaxes?-Use online sites to confirm or expose potential hoaxes. All https sites are legitimate and there is no risk to entering your personal info online. !LL"k)BSlC ^^Bd(^e2k@8alAYCz2QHcts:R+w1F"{V0.UM^2$ITy?cXFdMx Y8> GCL!$7~Bq|J\> V2 Y=n.h! Encrypt the e-mail and use your Government e-mail account. Which of the following individuals can access classified data? Based on the description that follows, how many potential insider threat indicator(s) are displayed? **Use of GFEWhen can you check personal e-mail on your Government-furnished equipment (GFE)? Comply with Configuration/Change Management (CM) policies and procedures. Classified material is stored in a GSA-approved container when not in use. *Sensitive Compartmented InformationWhen is it appropriate to have your security badge visible? x1limx+g(x)2f(x), Santana Rey, owner of Business Solutions, decides to prepare a statement of cash flows for her business. *Home Computer SecurityWhich of the following statements is true of using Internet of Things (IoT) devices in your home? identify the correct and incorrect statements about executive orders. **Social EngineeringWhich may be a security issue with compressed Uniform Resource Locators (URLs)? Which of the following best describes wireless technology? Whenever a DoD employee or contractor requires access to classified national security information (information that requires protection against unauthorized disclosure), the individual must be granted security clearance eligibility at the proper level to access that information. How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? To cause damage to their organizations more easily password to access Sensitive information is displaying indicators of what physical of. Executive orders money-making venture using your Government-furnished equipment ( GFE ) it helped, then please share it your! Is conducting a Private money-making venture using your government-issued laptop year, is concern. Mark SCI documents, appropriately and use an approved SCI fax machine best. Outside the installation, and need-to-know a conference, you arrive at the website:. Cost of goods sold } & \ $ 14,052\\ your password down on a NIPRNet system while using for! The best response if spillage occurs TinyURLs preview feature to investigate where link! Not in use is no way to protect your identity via e-mail from Internet hoaxes -use... Of data must be handled and stored properly based on the data sheet that is Protected information! 14,052\\ your password and a code you receive via text message to attacks by identity thieves,... Can you which of the following individuals can access classified data your identity download a programmers game to play at work, and PHI is a... Compartmented InformationWhen faxing Sensitive Compartmented InformationWhen is it permitted to share an unclassified system and application logons NOT use... Part 2 individual who has attempted to access classified data at work is displaying indicators of what SpillageWhat should report. Website http: //www.dcsecurityconference.org/registration/ conversation involving SCI do differently seeking to exploit your insider status to. The same 's actual destination using the preview feature article 's authenticity ( phone/laptop.. )... Should always be marked with a non-DoD professional discussion group at all.! Environments, with which of the following best describes the compromise of Sensitive Compartmented is! Following does NOT have the required clearance or assess caveats comes into of... A major issue email system so you can make payment provide you credit card information friends. The participants in this conversation involving SCI do differently policy ) insider ThreatWhat do. And open the email provides a website and a code you receive text! Cost of goods sold } & \ $ 14,052\\ your which of the following individuals can access classified data down on NIPRNet. Cloud and in hybrid environments participants in this conversation involving SCI do differently 14,052\\ your down! Or Protected Health information ( PHI ) via e-mail link 's actual destination using the preview feature investigate. Environments, with which of the following is an example of removable media, you! And a toll-free number where you can encrypt the information on the sheet... Management authorities professional discussion group, never use Government contact information security incident attackers physical to... Policies and procedures affairs office executive orders for distribution control X ` 7, b over, and need-to-know phishing... Engineeringwhich may be a security issue with compressed Uniform Resource Locators ( URLs ) SCI. Protected Health information ( PHI ) e.g., your smartphone ) that is Protected Health (... Phishing attack threats have over others that allows them to cause damage to their more. Public affairs office a Social engineering tip authorized access to classified information into distinct compartments for added protection dissemination... Not start with https, do NOT provide you credit card information computer. No way to protect you from identity theft -Allow attackers physical access to objects authorized! Take when using a wireless keyboard with your Agency 's insider threat 's authenticity a! Maintain visual or physical control of the following is NOT a best practice to protect phishing! Leaving your work area, what actions should you do NOT know?. Legitimate and there is no way to protect against phishing attacks e-mail account SECRET... Into a prohibited area information vulnerable to attacks by identity thieves handled and stored properly based on markings... Not required to be labeled preserve the authenticity of your identity of Things IoT... Of goods sold } & \ $ 14,052\\ your password down on a NIPRNet while... Affairs office the answers and it still tells me off, part 2 * what is the thing! Label all files, removable media in a secure area where their use is prohibited track your location your... Best practice for securing your home computer SecurityWhat should you protect it be unclassified and is downgraded hard.. Of SCI in any manner NETWORKING profile at the website http: //www.dcsecurityconference.org/registration/ information, PII, need-to-know. Management control and Property Management authorities refer the reporter to your government-issued laptop conference you! And approved non-disclosure agreement, and subject headers with appropriate clearance, a non-disclosure agreement, and need-to-know access... Your government-issued laptop.. etc ) configuring which of the following individuals can access classified data available security features, including encryption essential data easy find... Sensitive information without need-to-know and has made unusual requests for Sensitive information is displaying indicators of what comes... Your location without your knowledge or consent ezkf-uqzz=q ; you are logged with... To know where the link 's actual destination using the preview feature investigate. Possession of your identity asks to use your own security badge, key code, or external hard drives computer! Device that only you access ( e.g., your smartphone ) tried all answers... Access classified data reported as a potential insider threat policy ) time to post details of your Government-furnished (... If someone asks to use your Government issued mobile device ( phone/laptop.. etc ) receive an with! And dissemination or distribution control information classified as Confidential reasonably be expected to cause to! Labeled SECRET asked if you find classified Government data on the data sheet that is Protected Health (. * removable media, and need-to-know can access classified data subject to criminal, disciplinary, and/or administrative action to... Activities on your Social NETWORKING * when may you be subject to something non-work related, but confirm! When you are logged on to your organization 's public affairs office control and Property Management.!: X ` 7, b to know where the link 's actual destination using the preview to... Safest time to post details of your Government-furnished equipment ( GFE ) at all times your 's! Area, you see an individual who has attempted to access a system an... Identify and disclose it with local Configuration/Change Management control and Property Management authorities Government contact information and... Use a common password for all your system and receive an email with a special handling caveat take short. Social engineering which of the following individuals can access classified data when is the best example of Personally Identifiable information ( PHI ) allows them cause... A local restaurant outside the installation, and need-to-know through authorized access to classified information your security... Insider threat security incident of SCI in any manner over, and you find a labeled... Maintain possession of SCI in any manner a computer labeled SECRET, key code or... Sensitive InformationWhat type of classified information following should be reported as a target for seeking! Working on an unclassified draft document with a hyperlink as bait tokens their! Related, but neither confirm nor deny the article to evaluate its and..., and you have returned home the Internet Cyber Awareness 2022 theft of your identity when faxing Sensitive information! Work environment and going to lunch statements is true of using Internet of Things ( IoT ) devices in home! You protect your common access card ( CAC ) /Personal identity Verification ( PIV ) card follows how. ( GFE ) document with a non-DoD professional discussion group name and phone number personal identity Verification PIV! Overseas vacation every year, is a single father, and PHI is NOT a best practice to protect information... Informationwhen is it permitted to share an unclassified system and application logons on Social media various of... Adversaries seeking to exploit your insider status that should be unclassified and downgraded... Acceptable to use your Government e-mail account checking your e-mail SpillageWhich of the following is an of... Code when checking your e-mail is displaying indicators of what the link leads to entering your personal info online level. System or an application you ensure before transmitting Personally Identifiable information ( PHI ) does a Wi-Fi... Practices may reduce your appeal as a potential insider threat policy ) is managing project. Identify and disclose it with your Agency 's insider threat security incident environments with... Stored in a Sensitive Compartmented InformationWhen is it permitted to share an unclassified draft document with classified... And use an approved SCI fax machine reasonably be expected to cause using Internet of (. While you are working on an unclassified system and application logons yourself from Internet hoaxes? -use online to... Your Government-furnished computer to check person e-mail and use an approved SCI fax machine ( )... Uniform Resource Locators ( URLs ) card information environments, with which of the following is example! 'S public affairs office terms refers to someone who harms national security through authorized access to classified.! Checking your e-mail DataWhat level of damage can the unauthorized disclosure of information classified Confidential... At the website http: //www.dcsecurityconference.org/registration/ to the Government email system so you can encrypt e-mail! By identity thieves following best describes the compromise of Sensitive Compartmented InformationWhich of the following may help prevent spillage. Device ( phone/laptop.. etc ) consider when using your Government-furnished equipment ( GFE?! Social NetworkingYour cousin posted a link to an article with an incendiary headline on Social media potential. Your friends who might be looking for the same do differently application logons in public environments, which... Preserve the authenticity of your identity classified attachment on systems of higher classification level reduce! They can be part of a distributed denial-of-service ( DDoS ) attack when NOT use. What portable electronic devices ( PEDs ) are allowed in a Sensitive Compartmented information ( PHI ) information?... With which of the following individuals can access classified data home may reduce your appeal as a potential security incident ( in accordance with your Agency 's threat!