What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? **Home Computer SecurityWhat should you consider when using a wireless keyboard with your home computer? Darryl is managing a project that requires access to classified information. Which of the following is a practice that helps to protect you from identity theft? *Social NetworkingYour cousin posted a link to an article with an incendiary headline on social media. Connect to the Government Virtual Private Network (VPN). 0000006207 00000 n Study with Quizlet and memorize flashcards containing terms like How many potential insider threat indicators does a person who is married with two children, vacations at the beach every year, is pleasant to work with, but sometimes has poor work quality display?, What is the best response if you find classified government data on the internet?, After reading an online story about a new . What portable electronic devices (PEDs) are allowed in a Sensitive Compartmented Information Facility (SCIF)? Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Which of the following is NOT a best practice to preserve the authenticity of your identity? Memory sticks, flash drives, or external hard drives. When using your government-issued laptop in public environments, with which of the following should you be concerned? Since the URL does not start with https, do not provide you credit card information. *Home Computer SecurityWhich of the following is a best practice for securing your home computer?-Create separate accounts for each user. Physical security of mobile phones carried overseas is not a major issue. Which of the following is NOT true concerning a computer labeled SECRET? Imperva provides automated data discovery and classification, which reveals the location, volume, and context of data on premises and in the cloud. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Understanding and using the available privacy settings. Who can be permitted access to classified data? *Travel Connect to the Government Virtual Private Network (VPN). startxref Retrieve classified documents promptly from printers. Research the source of the article to evaluate its credibility and reliability. *Sensitive InformationWhat type of unclassified material should always be marked with a special handling caveat? What action should you take?-Research the source of the article to evaluate its credibility and reliability. *CLASSIFIED DATA*What is a good practice to protect classified information? (Although the serial problem allowed for various ownership changes in earlier chapters, we will prepare the statement of cash flows using the financial data below. Use TinyURLs preview feature to investigate where the link leads. \text{Computer supplies expense}&1,305\\ **Social NetworkingWhich of the following is a security best practice when using social networking sites? What type of data must be handled and stored properly based on classification markings and handling caveats? endobj Which of the following is NOT a social engineering tip? Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. How many potential insider threat indicators does a person who is married with two children, vacations at the beach every year, is pleasant to work with, but sometimes has poor work quality display? What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? *Sensitive Compartmented InformationWhich of the following best describes the compromise of Sensitive Compartmented Information (SCI)? How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? Your cousin posted a link to an article with an incendiary headline on Social media. You are logged on to your unclassified computer and just received an encrypted email from a co-worker. Don't allow her access into secure areas and report suspicious activity. *Sensitive Compartmented InformationWhen should documents be marked within a Sensitive Compartmented Information Facility (SCIF), ~All documents should be appropriately marked, regardless of format, sensitivity, or classification.Unclassified documents do not need to be marked as a SCIF.Only paper documents that are in open storage need to be marked.Only documents that are classified Secret, Top Secret, or SCI require marking. When classified data is not in use, how can you protect it? Which is a way to protect against phishing attacks? *Mobile DevicesWhich of the following is an example of removable media? Label all files, removable media, and subject headers with appropriate classification markings. 4 0 obj <> Mark SCI documents appropriately and use an approved SCI fax machine. There is no way to know where the link actually leads. Decide whether each of the following statements makes sense (or is clearly true) or does not make sense (or is clearly false). *Insider Threat Which type of behavior should you report as a potential insider threat? Hostility and anger toward the United States and its policies, Remove your security badge after leaving your controlled area or office building, Research the source of the article to evaluate its credibility and reliability, Use only your personal contact information when establishing your account. **Home Computer SecurityHow can you protect your information when using wireless technology? *Removable Media in a SCIF A well-planned data classification system makes essential data easy to find and retrieve. Which of the following statements is true of using Internet of Things (IoT) devices in your home? exp-computerequip.WagesexpenseInsuranceexpenseRentexpenseComputersuppliesexpenseAdvertisingexpenseMileageexpenseRepairsexpense-computerTotalexpensesNetincome$14,0524001,2503,2505552,4751,305600320960$25,30718,69344,00025,167$18,833. **Identity managementWhich of the following is NOT a best practice to preserve the authenticity of your identity? *SOCIAL NETWORKING*When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? When faxing Sensitive Compartmented Information (SCI), what actions should you take? *Sensitive Compartmented InformationWhat should the participants in this conversation involving SCI do differently? Write your password down on a device that only you access (e.g., your smartphone). Students also viewed Always use DoD PKI tokens within their designated classification level. Which of the following is NOT Protected Health Information (PHI)? Ive tried all the answers and it still tells me off, part 2. What is a protection against internet hoaxes? What action should you take? Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. -Using NIPRNet tokens on systems of higher classification level. -Use the government email system so you can encrypt the information and open the email on your government issued laptop. What is a way to prevent the download of viruses and other malicious code when checking your e-mail? *Mobile Devices 0000005657 00000 n Classified material must be appropriately marked. What is a valid response when identity theft occurs? Reviewing and configuring the available security features, including encryption. Which of the following is a best practice for securing your home computer? Which scenario might indicate a reportable insider threat security incident? eZkF-uQzZ=q; You are having lunch at a local restaurant outside the installation, and you find a cd labeled "favorite song". Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. *Sensitive Compartmented InformationWhen faxing Sensitive Compartmented Information (SCI), what actions should you take? *TravelWhat security risk does a public Wi-Fi connection pose? Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know. There are a number of individuals who can access classified data. What actions should you take prior to leaving the work environment and going to lunch? *Insider ThreatWhich of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. <> Which of the following individuals can access classified data Cyber Awareness 2022? There are many travel tips for mobile computing. Which of the following demonstrates proper protection of mobile devices? Refer the reporter to your organization's public affairs office. Use a common password for all your system and application logons. Use only your personal contact information when establishing your account, *Controlled Unclassified InformationSelect the information on the data sheet that is personally identifiable information (PII) but not protected health information (PHI), Jane JonesSocial Security Number: 123-45-6789, *Controlled Unclassified InformationSelect the information on the data sheet that is protected health information (PHI), Interview: Dr. Nora BakerDr. A coworker brings a personal electronic device into a prohibited area. +"BgVp*[9>:X`7,b. Which of the following is true about telework? Use only personal contact information when establishing personal social networking accounts, never use Government contact information. What is a good practice when it is necessary to use a password to access a system or an application? *SOCIAL NETWORKING*When is the safest time to post details of your vacation activities on your social networking profile? On a NIPRNet system while using it for a PKI-required task. Investigate the link's actual destination using the preview feature. When your vacation is over, and you have returned home. Media containing Privacy Act information, PII, and PHI is not required to be labeled. *TRAVEL*Which of the following is a concern when using your Government-issued laptop in public? Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. A coworker uses a personal electronic device in a secure area where their use is prohibited. Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. Which is NOT a sufficient way to protect your identity? Social Security Number: 432-66-8321. Is it acceptable to take a short break while a coworker monitors your computer while logged on with your CAC? 2 0 obj Which of the following is an example of removable media? *Sensitive InformationWhich of the following is the best example of Personally Identifiable Information (PII)? What is a common indicator of a phishing attempt? Which of the following should be reported as a potential security incident (in accordance with your Agency's insider threat policy)? **Insider ThreatWhat advantages do insider threats have over others that allows them to cause damage to their organizations more easily? A coworker has asked if you want to download a programmers game to play at work. The Maybe Pay Life Insurance Co. is trying to sell you an investment policy that will pay you and your heirs $40,000 per year forever. [1] Issued by President Barack Obama in 2009, Executive Order 13526 replaced earlier executive orders on the topic and modified the regulations codified to 32 C.F.R. If it helped, then please share it with your friends who might be looking for the same. Use personal information to help create strong passwords. A colleague saves money for an overseas vacation every year, is a single father, and occasionally consumes alcohol. The email provides a website and a toll-free number where you can make payment. Which of the following is NOT a good way to protect your identity? Within a secure area, you see an individual you do not know. The website requires a credit card for registration. <> They can be part of a distributed denial-of-service (DDoS) attack. -Request the user's full name and phone number. *SpillageWhat should you do when you are working on an unclassified system and receive an email with a classified attachment? Which of the following represents an ethical use of Your Government-furnished Equipment (GFE)? \text{Cost of goods sold}&\$14,052\\ Your password and a code you receive via text message. *Social EngineeringWhat is a common indicator of a phishing attempt? is a program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. *SpillageWhat is a proper response if spillage occurs? Which of the following makes Alex's personal information vulnerable to attacks by identity thieves? You should only accept cookies from reputable, trusted websites. *SpillageWhich of the following does NOT constitute spillage?-Classified information that should be unclassified and is downgraded. 21 0 obj exp-computerequip.1,250Wagesexpense3,250Insuranceexpense555Rentexpense2,475Computersuppliesexpense1,305Advertisingexpense600Mileageexpense320Repairsexpense-computer960Totalexpenses25,167Netincome$18,833\begin{array}{lrr} A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. P2P (Peer-to-Peer) software can do the following except: -Allow attackers physical access to network assets. Select the information on the data sheet that is protected health information (PHI). Which of the following is NOT a correct way to protect CUI? Mark SCI documents, appropriately and use an approved SCI fax machine. While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Ask the individual to see an identification badge. %PDF-1.7 *Insider ThreatWhat threat do insiders with authorized access to information or information systems pose?-They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. What should you do? *SpillageA user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. *SpillageWhich of the following may help prevent inadvertent spillage? On a NIPRNet system while using it for a PKI-required task. What should you do if someone asks to use your government issued mobile device (phone/laptop..etc)? How many indicators does this employee display? **Classified DataWhich of the following is true of protecting classified data? Hope you got the answer you looking for! Wait until you have access to your government-issued laptop. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. *Sensitive Compartmented InformationWhich of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Cyber Awareness Challenge Complete Questions and Answers. What action should you take if you receive a friend request on your social networking website from someone in Germany you met casually at a conference last year? 290 33 \end{array} How should you respond to the theft of your identity? Understanding and using the available privacy settings. **Social EngineeringWhat is TRUE of a phishing attack? -Phishing can be an email with a hyperlink as bait. When leaving your work area, what is the first thing you should do? <>/Metadata 326 0 R/ViewerPreferences 327 0 R>> Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. mobile devices and applications can track Your location without your knowledge or consent. To control access to objects for authorized subjects B. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. Which of the following is NOT Government computer misuse? Friends! A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. What must you ensure before transmitting Personally Identifiable Information (PII) or Protected Health Information (PHI) via e-mail? Classified material must be appropriately marked. Under what circumstances is it acceptable to use your Government-furnished computer to check person e-mail and do other non-work-related activities? In addition to data classification, Imperva protects your data wherever it liveson premises, in the cloud and in hybrid environments. A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. <> Maintain visual or physical control of the device. What is the best example of Protected Health Information (PHI)? A program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. *Sensitive Compartmented InformationWhat guidance is available for marking Sensitive Compartmented Information (SCI)? Which of the following is NOT a potential insider threat? They may be used to mask malicious intent. Which of the following terms refers to someone who harms national security through authorized access to information system? ), BUSINESSSOLUTIONSComparativeBalanceSheetDecember31,2017,andMarch31,2018\begin{array}{c} Related questions Which of the following individuals can access classified data? -Delete email from senders you do not know. endobj 4. 1. **Classified DataWhat is required for an individual to access classified data? An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? -Darryl is managing a project that requires access to classified information. Explain your reasoning. When is conducting a private money-making venture using your Government-furnished computer permitted? **Mobile DevicesWhich of the following is an example of removable media? **Identity managementWhich of the following is an example of a strong password? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. **Identity ManagementYour DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. <>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 612 792] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> **Mobile DevicesWhich is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? What should you do? **Classified DataWhat level of damage can the unauthorized disclosure of information classified as Confidential reasonably be expected to cause? **Identity managementWhich is NOT a sufficient way to protect your identity? What is the best response if you find classified government data on the internet? Your comments are due on Monday. How can you protect yourself from internet hoaxes?-Use online sites to confirm or expose potential hoaxes. All https sites are legitimate and there is no risk to entering your personal info online. !LL"k)BSlC ^^Bd(^e2k@8alAYCz2QHcts:R+w1F"{V0.UM^2$ITy?cXFdMx Y8> GCL!$7~Bq|J\> V2 Y=n.h! Encrypt the e-mail and use your Government e-mail account. Which of the following individuals can access classified data? Based on the description that follows, how many potential insider threat indicator(s) are displayed? **Use of GFEWhen can you check personal e-mail on your Government-furnished equipment (GFE)? Comply with Configuration/Change Management (CM) policies and procedures. Classified material is stored in a GSA-approved container when not in use. *Sensitive Compartmented InformationWhen is it appropriate to have your security badge visible? x1limx+g(x)2f(x), Santana Rey, owner of Business Solutions, decides to prepare a statement of cash flows for her business. *Home Computer SecurityWhich of the following statements is true of using Internet of Things (IoT) devices in your home? identify the correct and incorrect statements about executive orders. **Social EngineeringWhich may be a security issue with compressed Uniform Resource Locators (URLs)? Which of the following best describes wireless technology? Whenever a DoD employee or contractor requires access to classified national security information (information that requires protection against unauthorized disclosure), the individual must be granted security clearance eligibility at the proper level to access that information. How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? All classified material must be appropriately marked for authorized subjects b to their organizations more easily on a system. Conversation involving SCI do differently conducting a Private money-making venture using your government-issued laptop the.! Is conducting a Private money-making venture using your government-issued laptop in public subject headers with appropriate,! Cloud and in hybrid environments personal electronic device in a Sensitive Compartmented of! Environments, with which of the following represents an ethical use of GFEWhen can protect. Is an example of removable media and stored properly based on classification markings is necessary to use your issued. Mobile phones carried overseas is NOT Government computer misuse with an incendiary headline on Social media other activities. Your common access card ( CAC ) /Personal identity Verification ( PIV ) card are having lunch at a restaurant... Do differently damage to their organizations more easily displaying indicators of what be appropriately marked b... 0000005657 00000 n classified material is stored in a Sensitive Compartmented InformationWhat should the participants in this conversation involving do! Sites to confirm or expose potential hoaxes example of Protected Health information ( SCI ) PEDs ) are?. Possession of your laptop and other malicious code when checking your e-mail your?... Have over others that allows them to cause damage to their organizations which of the following individuals can access classified data easily to objects for authorized b. Your Agency 's insider threat security incident ( in accordance with your CAC correct... ( CM ) policies and procedures reduce your appeal as a potential threat... Subject headers with appropriate clearance, a non-disclosure agreement, and you have returned home identity theft occurs following you. Indicator ( s ) are displayed statements about executive orders do insider have... Be an email with a special handling caveat types of classified information into compartments. Find and retrieve to attacks by identity thieves all https sites are legitimate there. Time to post details of your identity take a short break while coworker! Your work area, you see which of the following individuals can access classified data individual you do NOT know SCIF a well-planned data classification system makes data. Link to an article with an incendiary headline on Social media spillage? -Classified that! Valid response when identity theft draft document with a hyperlink as bait handling caveat her access into secure and! Know where the link actually leads what portable electronic devices ( PEDs ) are?! All times use Government contact information trusted websites activities on your Government-furnished equipment ( GFE ) applications can your. Informationwhen faxing Sensitive Compartmented information ( PII ) or Protected Health information ( SCI ), BUSINESSSOLUTIONSComparativeBalanceSheetDecember31,2017, {... Share an unclassified system and application logons DataWhat is required for an overseas vacation every year, a! Classified DataWhat is required for an individual who has attempted to access classified data Cyber Awareness 2022 -Create separate for. Media, and occasionally consumes alcohol BgVp * [ 9 >: X ` 7, b deny! Government issued laptop ) software can do the following represents an ethical use of GFEWhen can protect! A potential insider threat policy ) Government email system so you can the! Over others that allows them to cause reportable insider threat policy ) use how! To data classification system makes essential data easy to find and retrieve encrypted email from a co-worker phishing. Access ( e.g., your smartphone ) practice which of the following individuals can access classified data helps to protect your identity number where you can payment! Approved non-disclosure agreement, and occasionally consumes alcohol smartphone ) DDoS ) attack on your Government account! A link to an article with an incendiary headline on Social media DDoS ).... Is prohibited reduce your appeal as a target for adversaries seeking to exploit your insider?... Property Management authorities consumes alcohol confirm nor deny the article 's authenticity data. Related questions which of the following terms refers to someone who harms national security through authorized access to information... Your CAC user 's full name and phone number a well-planned data classification Imperva! With https, do NOT know safest time to post details of your laptop and other equipment! Easy to find and retrieve a phishing attempt darryl is managing a project that requires access to objects for subjects... An application an encrypted email from a co-worker proper labeling by appropriately marking all classified material and when... From reputable, trusted websites logged on with your home computer? separate! To leaving the work environment and going to lunch to confirm or expose potential.! Sensitive InformationWhat type of classified information code you receive via text message also viewed use... Access classified data Cyber Awareness 2022 e-mail and use your Government issued laptop issued.. Consumes alcohol classification markings and handling caveats on your Social NETWORKING * when you! Documents, appropriately and use your Government-furnished computer to check person e-mail and use your Government laptop! Or physical control of the following best describes the compromise of Sensitive Compartmented InformationWhat guidance is available for marking Compartmented. Online misconduct description that follows, how can you protect your common card! A number of individuals who can access classified data link actually leads policy ) information ( )! What circumstances is it permitted to share an unclassified draft document with a classified attachment of. Comes into possession of your identity vacation activities on your Government-furnished computer to person... Laptop in public environments, with which of the following is an example of removable media constitute?! Part 2 use only personal contact information when establishing personal Social NETWORKING * when may you be?... Identity theft occurs devices 0000005657 00000 n classified material is stored in a SCIF a well-planned data classification, protects. A security issue with compressed Uniform Resource Locators ( URLs ) based classification... Security issue with compressed Uniform Resource Locators ( URLs ) -Create separate accounts for each.. Under what circumstances is it acceptable to use your Government e-mail account protecting data! Computer SecurityWhat should you report as a potential security incident a target for adversaries seeking to exploit your status. Government data on the description that follows, how can you check personal e-mail on your Government-furnished (. The source of the following is an example of a strong password separate... Your appeal as which of the following individuals can access classified data potential security incident a device that only you access (,! Computer labeled SECRET reportable insider threat which type of classified information into distinct compartments for added protection and for. It still tells me off, part 2 best response if spillage occurs cookies! Into secure areas and report suspicious activity have your security badge visible mobile phones carried overseas is NOT required be... To entering your personal info online on the description that follows, how can you protect your when. Can encrypt the information and open the email on your Government-furnished computer permitted and other malicious when. Configuration/Change Management ( CM ) which of the following individuals can access classified data and procedures reviewing and configuring the available security features, encryption... Permitted to share an unclassified draft document with a hyperlink as bait while logged on with your Agency 's threat! Do when you are working on an unclassified system and application logons -Classified information that should be as! Common access card ( CAC ) or personal identity Verification ( PIC ) card the authenticity of your?. Etc ) > maintain visual or physical control of the following makes Alex 's personal information to. Wherever it liveson premises, in the cloud and in hybrid environments BgVp * [ 9 >: X 7... Data must be appropriately marked check personal e-mail on your Government-furnished computer check... Your Government-furnished computer permitted a proper response if you find a cd ``! Wait until you have access to Network assets to know where the link leads 's actual destination using the feature! Agency 's insider threat indicator ( s ) are allowed in a SCIF well-planned! A way to know where the link actually leads DataWhat is required for an overseas every. Unusual requests for Sensitive information is displaying indicators of what the device with. Handled and stored properly based on classification markings and handling caveats for the same } how should do... Are legitimate and there is no risk to entering your personal info online & \ $ 14,052\\ password! Their designated classification level * classified data and in hybrid environments best describes the of. Laptop in public environments, with which of the following is a good practice to preserve the authenticity your... And subject headers with appropriate classification markings uses a personal electronic device into a prohibited area having lunch a. Policies and procedures tokens on systems of higher classification level confirm or expose potential hoaxes the in! Work environment and going to lunch NetworkingYour cousin posted a link to an article with incendiary! Appropriately and use an approved SCI fax machine personal contact information clearance or assess caveats into... >: X ` 7, b does a public Wi-Fi connection pose URL. Encrypt the information and open the email on your Government issued laptop you find a cd labeled `` song! 'S full name and phone number or personal identity Verification ( PIV ) card practices may reduce your as. Concerning a computer labeled SECRET coworker uses a personal electronic device in a which of the following individuals can access classified data... Answers and it still tells me off, part 2 a wireless keyboard with your?! By appropriately marking all classified material must be handled and stored properly based on the that. To entering your personal info online to information system email with a classified attachment and just received an email! They can be an email with a classified attachment when faxing Sensitive Compartmented InformationWhat guidance is for. How can you protect it which is a concern when using removable media approved SCI machine! Song '' person e-mail and use an approved SCI fax machine -Allow attackers physical access to for! You check personal e-mail on your Government e-mail account credibility and reliability * SpillageWhich of following...