What type of security is part of your responsibility and placed above all else?, If your wireless device is improperly configured someone could gain control of the device? Verify the identity of all individuals.??? Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? (Spillage) Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? What should you do? Correct. Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? correct. There are many travel tips for mobile computing. (Malicious Code) What are some examples of malicious code? d. giving a spanking or a scolding. You can't have 1.9 children in a family (despite what the census might say ).
Cyber Awareness Flashcards by Jedi Master | Brainscape difficult life circumstances such as substance abuse, divided loyalty or allegiance to the U.S., and extreme, persistent interpersonal difficulties. How can you protect your organization on social networking sites? What action should you take? Darryl is managing a project that requires access to classified information. Federal agencies routinely generate, use, store, and share information that, while not classified, still requires some level of protection from unauthorized access and release. Note any identifying information and the websites URL. Which of the following is NOT sensitive information? (Answer) CPCON 2 (High: Critical and Essential Functions) CPCON 1 (Very High: Critical Functions) CPCON 3 (Medium: Critical, Essential, and Support Functions) CPCON 4 (Low: All Functions) CPCON 5 (Very Low: All Functions). Government-owned PEDs when expressly authorized by your agency. Sensitive information may be stored on any password-protected system. Only allow mobile code to run from your organization or your organizations trusted sites. **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? Use TinyURLs preview feature to investigate where the link leads. Linda encrypts all of the sensitive data on her government-issued mobile devices. Which of the following is NOT a good way to protect your identity? Classified information that should be unclassified and is downgraded. (Home computer) Which of the following is best practice for securing your home computer? Sensitive information. What should you do if a reporter asks you about potentially classified information on the web? Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Always use DoD PKI tokens within their designated classification level. Assuming open storage is always authorized in a secure facility. Which of the following is NOT a typical result from running malicious code? UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. **Insider Threat Which scenario might indicate a reportable insider threat? Look for a digital signature on the email. The Chinese Spy Balloon Showdown The discovery of a Chinese surveillance balloon floating over the United States has added to the rising tensions between the two superpowers. See the discussed example before. What is the best course of action? Mark SCI documents appropriately and use an approved SCI fax machine. How many insider threat indicators does Alex demonstrate? How many potential insiders threat indicators does this employee display? What describes how Sensitive Compartmented Information is marked? c. ignoring a tantrum Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. In setting up your personal social networking service account, what email address should you use? **Social Networking When is the safest time to post details of your vacation activities on your social networking website? Enable automatic screen locking after a period of inactivity. Only paper documents that are in open storage need to be marked. Phishing can be an email with a hyperlink as bait. Use a common password for all your system and application logons. Of the following, which is NOT a security awareness tip? Which of the following statements is NOT true about protecting your virtual identity? The email provides a link to a personnel portal where you must enter your personal information as part of an effort to standardize recordkeeping.
Working With Sensitive Information - Canada.ca **Use of GFE Under what circumstances is it acceptable to use your Government-furnished computer to check personal e-mail and do other non-work-related activities? The EPA will phase out legacy markings and safeguarding practices as implementation proceeds. What should be your response? Bob, a coworker, has been going through a divorce, has financial difficulties and is displaying hostile behavior. What action should you take first? ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? Since the URL does not start with https, do not provide you credit card information. (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. On a NIPRNET system while using it for a PKI-required task. Unclassified information cleared for public release. correct. You are having lunch at a local restaurant outside the installation, and you find a cd labeled favorite song. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Which of the following is an example of a strong password? CUI was established to standardize the way the Executive branch handles sensitive information that requires dissemination controls. E-mailing your co-workers to let them know you are taking a sick day. Looking at your MOTHER, and screaming THERE SHE BLOWS! At all times while in the facility. This lets the service person know when the tank is "full." Examples are: Patient names, Social Security numbers, Drivers license numbers, insurance details, and birth dates. Ask for information about the website, including the URL.
The Following Is True About Unclassified Data - faqcourse.com Which Of The Following Is True About Unclassified Data (GFE) When can you check personal e-mail on your Government-furnished equipment (GFE)? What is a valid response when identity theft occurs? **Social Networking Which of the following information is a security risk when posted publicly on your social networking profile?
What Exactly is CUI? (and How to Manage It) - Security Boulevard Connect and share knowledge within a single location that is structured and easy to search. correct. However, unclassified data. Infographic - Text version Infographic [PDF - 594 KB] Report a problem or mistake on this page Date modified: 2020-12-14 Alexa May, director of accounts, received a bill for $648\$648$648, dated April 666, with sales terms 2/10,1/15,n/302/10, 1/15, n/302/10,1/15,n/30. What is an individual's Personally Identifiable Information (PII) or Protected Health Information (PHI) considered? **Classified Data Which classification level is given to information that could reasonably be expected to cause serious damage to national security? **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. Executive Order 13556, Controlled Unclassified Information, requires the Executive Branch to establish an open and uniform program for managing [unclassified] information that requires safeguarding or dissemination controls pursuant to and consistent with laws, regulations, and Government-wide policies. The National Archives and Records Administration (NARA) was named the Executive Agent (EA) responsible for overseeing the CUI Program. In which situation below are you permitted to use your PKI token? For Government-owned devices, use approved and authorized applications only. *Sensitive Information Under which circumstances is it permitted to share an unclassified draft document with a non-DoD professional discussion group? *Malicious Code After visiting a website on your Government device, a popup appears on your screen. NARAissuespolicy directives and publishesan annualreportto the President of the United Stateson the status of agency CUI Program implementation in accordance with Executive Order 13556, Controlled Unclassified Information. Antihistamines are used to treat the symptoms, such as sneezing, that are due to inflammation caused by irritants in the airways. *Spillage A user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. If you participate in or condone it at any time. Which of the following is a proper way to secure your CAC/PIV? Linda encrypts all of the sensitive data on her government issued mobile devices. Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. No, you should only allow mobile code to run from your organization or your organizations trusted sites. correct. What information should you avoid posting on social networking sites? What should be done to protect against insider threats? Use personal information to help create strong passwords. Unclassified information can become a threat to national security. (Malicious Code) What is a common indicator of a phishing attempt? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Create separate user accounts with strong individual passwords. You must have your organization's permission to telework c. You may use unauthorized software as long as your computer's antivirus software is up to date. Write your password down on a device that only you access. Classified information that should be unclassified and is downgraded. February 8, 2022. Which may be a security issue with compressed Uniform Resource Locators (URLs)? Q&A for work. Store your Common Access Card (CAC) or Personal Identity Verification (PIV) card in a shielded sleeve ~Write your password down on a device that only you access (e.g., your smartphone) Change your password at least every 3 months Enable two-factor authentication whenever available, even for personal accounts. correct. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? -Ask them to verify their name and office number Which Of The Following Is Not A Correct Way To Protect CUI. *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Do not access website links in e-mail messages. Label all files, removable media, and subject headers with appropriate classification markings. Should you always label your removable media? As long as the document is cleared for public release, you may release it outside of DoD. (Sensitive Information) Which of the following is true about unclassified data? What should be your response? Which of the following statements is true? Which may be a security issue with compressed urls? Insiders are given a level of trust and have authorized access to Government information systems. What is the danger of using public Wi-Fi connections? Which of the following is NOT a security best practice when saving cookies to a hard drive? Correct. P2P (Peer-to-Peer) software can do the following except: Allow attackers physical access to network assets. **Physical Security Within a secure area, you see an individual who you do not know and is not wearing a visible badge. Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. At EPA, the CUI Program is housed in the Libraries and Accessibility Division (LAD) within the Office of Mission Supports (OMS), Office of Enterprise Information Programs (OEIP). Under which circumstances may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? What is the best example of Protected Health Information (PHI)? A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. What should be your response? Which of the following is NOT an example of Personally Identifiable Information (PII)? Use only your personal contact information when establishing your account. Which of the following does not constitute spillage. Which of the following makes Alexs personal information vulnerable to attacks by identity thieves? Note any identifying information, such as the websites URL, and report the situation to your security POC. Which of following is true of protecting classified data? Compute The Average Kids Per Family. You must have permission from your organization. Use TinyURL's preview feature to investigate where the link leads. Aggregating it does not affect its sensitivyty level. (Spillage) What type of activity or behavior should be reported as a potential insider threat?