How should you respond? PII, PHI, and financial information is classified as what type of information? (Malicious Code) What is a good practice to protect data on your home wireless systems? Which of the following practices reduces the chance of becoming a target by adversaries seeking insider information? How many potential insider threat indicators is Bob displaying? Assuming open storage is always authorized in a secure facility. **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? What should be done to protect against insider threats? Log in for more information. A .gov website belongs to an official government organization in the United States. How many potential insider threat indicators does this employee display? How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? be wary of suspicious e-mails that use your name and/or appear to come from inside your organization. Based on the description that follows how many potential insider threat indicators are displayed? When leaving your work area, what is the first thing you should do? Unclassified Information Student Guide . Not correct *Insider Threat Which of the following is a potential insider threat indicator? *Spillage You find information that you know to be classified on the Internet. How do you think antihistamines might work? DOD Cyber Awareness Challenge 2019 Flashcards | Quizlet Which of the following is NOT true concerning a computer labeled SECRET? The EPAs Controlled Unclassified Information (CUI) Program issued its Interim CUI Policy in December 2020. Which of the following is true of using DoD Public key Infrastructure (PKI) token? A headset with a microphone through a Universal Serial Bus (USB) port. The CUI Registry is the Government-wide online repository for Federal-level guidance regarding CUI policy and practice. CPCON 3 (Medium: Critical, Essential, and Support Functions) not correct. Of the following, which is NOT a problem or concern of an Internet hoax? what should be your response be? Cyber Awareness Challenge 2023 Answers Quizzma Never write down the PIN for your CAC. **Insider Threat Which of the following is NOT considered a potential insider threat indicator? Ch 1 Flashcards by Josh Selkirk | Brainscape How should you respond? A measure of how much useful work each unit of input energy provides. Which of the following statements is true? Classified DVD distribution should be controlled just like any other classified media. Jozeal. (Sensitive Information) What must the dissemination of information regarding intelligence sources, methods, or activities follow? A Coworker has asked if you want to download a programmers game to play at work. Linda encrypts all of the sensitive data on her government issued mobile devices. **Use of GFE Under what circumstances is it acceptable to use your Government-furnished computer to check personal e-mail and do other non-work-related activities? Report the crime to local law enforcement. **Insider Threat A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. You are reviewing your employees annual self evaluation. correct. (Home computer) Which of the following is best practice for securing your home computer? The popup asks if you want to run an application. Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? **Identity Management Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Briefly describe what you have learned. Connect to the Government Virtual Private Network (VPN).?? How do you respond? What Is True About Unclassified Information Decline So That You Maintain Physical Control of Your Government-Issued Laptop. What portable electronic devices (PEDs) are permitted in a SCIF? Phishing can be an email with a hyperlink as bait. (Spillage) What should you do if a reporter asks you about potentially classified information on the web? Which of the following best describes wireless technology? **Social Networking As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? What should you do? (2) War planning documents which contain worldwide -- (a) Planning data and assumptions, (b) Wartime planning factors for the use of nuclear weapons, (c) Intelligence estimates of enemy capabilities, (d) Force composition and development, and Correct. *Malicious Code What are some examples of malicious code? If classified information were released, which classification level would result in Exceptionally grave damage to national security? As a security best practice, what should you do before exiting? Spear Phishing attacks commonly attempt to impersonate email from trusted entities. #2) Select the "Pre-Process" tab. Which of the following is NOT an example of Personally Identifiable Information (PII)? Follow instructions given only by verified personnel. Unclassified information can become a threat to national security. Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? After clicking on a link on a website, a box pops up and asks if you want to run an application. Which of the following is true of traveling overseas with a mobile phone. Unclassified documents do not need to be marked as a SCIF. Transmit classified information via fax machine only Not correct Which may be a security issue with compressed urls? Call your security point of contact immediately. Under what circumstances could unclassified information be considered a threat to national security? Telework is only authorized for unclassified and confidential information. PDF IFS0026 Student Guide - CDSE What should be your response? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. a. *Sensitive Compartmented Information What is Sensitive Compartmented Information (SCI)? **Classified Data What is required for an individual to access classified data? After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Which is a risk associated with removable media? THIS IS THE BEST ANSWER . The email states your account has been compromised and you are invited to click on the link in order to reset your password. cyber. Dofficult life circumstances, such as death of spouse. classified-document. Since the URL does not start with https, do not provide your credit card information. Bob, a coworker, has been going through a divorce, has financial difficulties and is displaying hostile behavior. All data transfers via the internet are not 100% secure and there might be some security vulnerabilities. Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? correct. Ask the individual to see an identification badge. Protection may be required for privacy, law enforcement, contractual protections, or other reasons. -Its classification level may rise when aggregated. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Under What Circumstances Could Unclassified? You know this project is classified. Which of the following is a reportable insider threat activity? There are no choices provides which make it hard to pick the untrue statement about unclassified data. CUI includes, but is not limited to Controlled Technical Information (CTI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data and operational information. What should you do? Keep your operating system and software up to date: This will help patch any security vulnerabilities in your software. Correct. What should be your response? An investment in knowledge pays the best interest.. View email in plain text and dont view email in Preview Pane. *Sensitive Compartmented Information What is a Sensitive Compartmented Information (SCI) program? Always check to make sure you are using the correct network for the level of data. Classified material must be appropriately marked. Who designates whether information is classified and its classification level? 1.1.3 Insider Threat. How should you securely transport company information on a removable media? Organizational Policy Not correct **Social Engineering Which of the following is a way to protect against social engineering? Which of the following is NOT a DoD special requirement for tokens? *Spillage .What should you do if a reporter asks you about potentially classified information on the web? As long as the document is cleared for public release, you may share it outside of DoD. correct. Which is an untrue statement about unclassified data? correct. Which of the following is a clue to recognizing a phishing email? They can become an attack vector to other devices on your home network. What Exactly is CUI? (and How to Manage It) - Security Boulevard Quizzma is a free online database of educational quizzes and test answers. which of the following is true about unclassified Courses 442 View detail Preview site *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? Use TinyURLs preview feature to investigate where the link leads. A coworker brings a personal electronic device into prohibited areas. CUI must be handled using safeguarding or dissemination controls. What action should you take? (Mobile Devices) Which of the following statements is true? Which of the following best describes good physical security? Which of the following is true of the Common Access Card (CAC)? Note the websites URL and report the situation to your security point of contact. Understanding and using the available privacy settings. Many apps and smart devices collect and share your personal information and contribute to your online identity. e. Why do Elodea and onion cells have more consistent shapes than human epithelial cells? Correct **Insider Threat How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? Which of the following is NOT a typical means for spreading malicious code? Use the classified network for all work, including unclassified work. The National Archives and Records Administration (NARA) serves as the Controlled Unclassified Information (CUI) Executive Agent (EA). Not correct Monitor credit card statements for unauthorized purchases, Thumb drives, memory sticks, and flash drives are examples of. This bag contains your government-issued laptop. Spillage can be either inadvertent or intentional. Photos of your pet Correct. In which situation below are you permitted to use your PKI token? Taking classified documents from your workspace. *Sensitive Information Under what circumstances could classified information be considered a threat to national security? Search for an answer or ask Weegy. In unsupervised machine learning, clustering is the most common process used to identify and group similar entities or items together. Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. correct. Back To Business I.T. on LinkedIn: #mfa #2fa #multifactorauthentication What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. Who can be permitted access to classified data? What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? **Use of GFE When can you check personal e-mail on your Government-furnished equipment (GFE)? A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive new car, and has unexplained absences from work. Is it okay to run it? Correct, Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. a. Your password and a code you receive via text message. Historically, each agency developed its own practices for sensitive unclassified information, resulting in a patchwork of systems across the Executive branch, in which similar information might be defined or labeled differently, or where dissimilar information might share a definition and/or label. (Wrong). Where. Which of the following is true of protecting classified data? If aggregated, the information could become classified. Memory sticks, flash drives, or external hard drives. -Its classification level may rise when aggregated. A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. Search not correct It never requires classified markings, it is true about unclassified data. A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. A coworker removes sensitive information without approval. -Ask them to verify their name and office number A type of phishing targeted at high-level personnel such as senior officials. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. **Social Networking Which of the following information is a security risk when posted publicly on your social networking profile? It is created or received by a healthcare provider, health plan, or employer. Use only your personal contact information when establishing your account. Her badge is not visible to you. Contents hide. Three or more. Classified information that should be unclassified and is downgraded. Course Introduction Introduction . Create separate user accounts with strong individual passwords. The potential for unauthorized viewing of work-related information displayed on your screen. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. Press release data. You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? What are some potential insider threat indicators? Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. At all times while in the facility. Correct. "Unclassified" or a lack of security marking denotes non-sensitive information. **Physical Security At which Cyberspace Protection Condition (CPCON) is the priority focus on critical functions only? It contains certificates for identification, encryption, and digital signature. Its classification level may rise when aggregated. What are the requirements to be granted access to sensitive compartmented information (SCI)? Store it in a shielded sleeve to avoid chip cloning. Government-owned PEDs, if expressly authorized by your agency. What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? Question 1: The business impact analysis (BIA) identifies the resources for which a business continuity plan (BCP) is necessary. Which of the following is NOT considered sensitive information? All of these. Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? Search for an answer or ask Weegy. Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? __________, To supervise bank holding companies and state member banks __________, To make loans to businesses who want to expand their operations __________, To operate the check-clearing system for the nation __________, to provide financial services to the federal government and serve as the bankers bank for commercial banks and other depositary institutions __________, To serve as the fiscal agent of the U.S. government __________, To place printed paper currency and newly minted coins into circulation __________. Solved QUESTION 1 The business impact analysis (BIA) - Chegg Law Enforcement Sensitive (LES),and others. CUI may be stored on any password-protected system. 1 Answer/Comment. Store it in a General Services Administration (GSA)-approved vault or container. Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. **Classified Data Which of the following is a good practice to protect classified information? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. Not correct. Only paper documents that are in open storage need to be marked. You must have your organizations permission to telework. What should be your response? . Set hasDigit to true if the 3-character passCode contains a digit, Critical, Essential, and Support Functions. What is a valid response when identity theft occurs? (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? **Mobile Devices Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? 4. How should you protect a printed classified document when it is not in use? PDF Unauthorized Disclosure of Classified Information and Controlled - CDSE Don't talk about work outside your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners. A coworker has asked if you want to download a programmers game to play at work. Which of the following is an example of malicious code? **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? Correct. f. Get an answer. How many insider threat indicators does Alex demonstrate? We recommend Norton Security or McAfee Total Protection. At EPA, the CUI Program is housed in the Libraries and Accessibility Division (LAD) within the Office of Mission Supports (OMS), Office of Enterprise Information Programs (OEIP). 1.1.1 Spillage. Here you can find answers to the DoD Cyber Awareness Challenge. *Social Networking The website requires a credit card for registration. Correct. (Spillage) Which of the following is a good practice to aid in preventing spillage? Explain. Dont assume open storage in a secure facility is authorized Maybe. Cyber Challenge.txt - Cyber Awareness What should you do *Sensitive Compartmented Information Which must be approved and signed by a cognizant Original Classification Authority (OCA)? CUI is not classified information. CUI was established to standardize the way the Executive branch handles sensitive information that requires dissemination controls. Replace data starts with '' with np.NaN - Stack Overflow Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. BMW crash victim Alaa Al-Siddiq was on Cotswolds birthday weekend What type of social engineering targets particular individuals, groups of people, or organizations? Which designation marks information that does not have potential to damage national security? In setting up your personal social networking service account, what email address should you use? Remove security badge as you enter a restaurant or retail establishment. Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. (controlled unclassified information) Which of the following is NOT correct way to protect CUI? New interest in learning another language, Which of the following is a good practice to protect classified information. Controlled Unclassified Information (CUI) | GSA Controlled Unclassified Information (CUI): Controlled Unclassified information was defined in the Executive Order 13556 as information held by or generated for the Federal Government that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations and government-wide policies that isn't classified You find information that you know to be classified on the Internet. *Malicious Code After visiting a website on your Government device, a popup appears on your screen. internet-quiz. (Malicious Code) Which of the following is NOT a way that malicious code spreads? You know this project is classified. Retrieve classified documents promptly from printers. Working With Sensitive Information - Canada.ca Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. Which of the following does NOT constitute spillage? What is required for an individual to access classified data? Managing government information when working remotely A smartphone that transmits credit card payment information when held in proximity to a credit card reader. The CUIProgramisan unprecedented initiative to standardize practices across more than 100 separate departments and agencies, as well asstate, local,tribal and, private sector entities; academia; and industry. Of the following, which is NOT a characteristic of a phishing attempt? Let us have a look at your work and suggest how to improve it! Preventing an authorized reader of an object from deleting that object B. Which of the following is true about unclassified data? - Getvoice.org A Controlled unclassified information. This lets the service person know when the tank is "full." How can you protect data on your mobile computing and portable electronic devices (PEDs)? If you participate in or condone it at any time. Ive tried all the answers and it still tells me off, part 2. Make note of any identifying information and the website URL and report it to your security office. Permitted Uses of Government-Furnished Equipment (GFE). What can help to protect the data on your personal mobile device. Which scenario might indicate a reportable insider threat? Original classification authority Correct. Position your monitor so that it is not facing others or easily observed by others when in use Correct.