Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. **Classified Data Which classification level is given to information that could reasonably be expected to cause serious damage to national security? Badges must be removed when leaving the facility. Use a common password for all your system and application logons. Follow procedures for transferring data to and from outside agency and non-Government networks. (Spillage) Which of the following is a good practice to aid in preventing spillage? Insiders are given a level of trust and have authorized access to Government information systems. *Insider Threat Which of the following is a potential insider threat indicator? Which of the following individuals can access classified data? If you receive a phone call from a stranger asking for information about your invoice payment process, you should: Crucial information about a user or organization can be gained through. *Sensitive Compartmented Information What is a Sensitive Compartmented Information (SCI) program? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. Assume the bonds are issued at par on May 1, 2018. c. Record each of the transactions from part a in the financial statement effects template. Which of the following is a proper way to secure your CAC/PIV? The person looked familiar, and anyone can forget their badge from time to time.B. What are some potential insider threat indicators? What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? Only paper documents that are in open storage need to be marked. Government-owned PEDs when expressly authorized by your agency. A headset with a microphone through a Universal Serial Bus (USB) port. Leaked classified or controlled information is still classified/controlled even if it has already been compromised. Thats the only way we can improve. Financial information. When vacation is over, after you have returned home. 32 2002. When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? Telework is only authorized for unclassified and confidential information. Which of the following statements is NOT true about protecting your virtual identity? Be careful not to discuss details of your work with people who do not have a need-to-know. *Controlled Unclassified Information Which of the following is NOT a correct way to protect CUI? Which of the following is a good practice to prevent spillage? Updates also include revised or new content covering areas such as customized scams, protecting government-furnished equipment at home, and indicators of a potential cyber incident. NOTE: Badges must be visible and displayed above the waist at all times when in the facility. Essential Environment: The Science Behind the Stories Jay H. Withgott, Matthew Laposata. Government-owned PEDs must be expressly authorized by your agency. Which of the following is true of Unclassified information? Which of the following is NOT an example of CUI? 24 terms. Make note of any identifying information and the website URL and report it to your security office. Store it in a GSA approved vault or container. You must have your organizations permission to telework. Correct. Even within a secure facility, dont assume open storage is permitted. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical functions only? You must have your organizations permission to telework. (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? You know this project is classified. (Malicious Code) Which are examples of portable electronic devices (PEDs)? (Malicious Code) What are some examples of removable media? How should you securely transport company information on a removable media? . What does Personally Identifiable Information (PII) include? (removable media) If an incident occurs involving removable media in a Sensitive Compartmented Information Facility (SCIF), what action should you take? Spillage can be either inadvertent or intentional. Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, EVERFI Achieve Consumer Financial Education Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Google Analytics Individual Qualification Exam Answers, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Select All The Correct Responses. [Damage]: How can malicious code cause damage?A. View email in plain text and dont view email in Preview Pane. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. This annual refresh includes minor updates to the course technology for compatibility, 508 compliance and resources pages. It is getting late on Friday. Photos of your pet Correct. (GFE) When can you check personal e-mail on your Government-furnished equipment (GFE)? If aggregated, the classification of the information may not be changed. The website requires a credit card for registration. Cybersecurity Awareness Month. *Spillage .What should you do if a reporter asks you about potentially classified information on the web? laptops, fitness bands, tablets, smartphones, electric readers, and Bluetooth devices. You check your bank statement and see several debits you did not authorize. **Insider Threat A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. [Alexs statement]: In addition to avoiding the temptation of greed to betray his country, what should Alex do differently?A. What type of attack might this be? In which situation below are you permitted to use your PKI token? *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. NOTE: You must have permission from your organization to telework. Which of the following is NOT a correct way to protect CUI?A. 64 terms. DOD Cyber Awareness Challenge 2019 (DOD-IAA-V16.0) 35 terms. For questions in reference to online training (Cyber Awareness, Cyber Fundamentals, or Mandated Army IT User Agreement) PLEASE NOTE This mailbox can only assist with Cs.signal.army.mil. Which of the following is NOT a potential insider threat? Proactively identify potential threats and formulate holistic mitigation responses. After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. What should you do if a reporter asks you about potentially classified information on the web? In which situation below are you permitted to use your PKI token? Skip the coffee break and remain at his workstation. **Removable Media in a SCIF What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? Only connect to known networks. A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. (Mobile Devices) Which of the following statements is true? [Incident]: What is the danger of using public Wi-Fi connections?A. Position your monitor so that it is not facing others or easily observed by others when in use Correct. Sensitive Compartment Information (SCI) policy. After each selection on the incident board, users are presented one or more questions derived from the previous Cyber Awareness Challenge. Secure .gov websites use HTTPS Correct. Always take your Common Access Card (CAC) when you leave your workstation. . Corrupting filesB. Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. Which of the following is true of protecting classified data? All https sites are legitimate. Which of the following is true of Sensitive Compartmented Information (SCI)? Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)? How can you protect yourself from social engineering? Nothing. A Common Access Card and Personal Identification Number. (Malicious Code) What is a good practice to protect data on your home wireless systems? Personal information is inadvertently posted at a website. A pop-up window that flashes and warns that your computer is infected with a virus. Who can be permitted access to classified data? How can you avoid downloading malicious code? The DoD Cyber Exchange SIPR provides access to cyber training and guidance to users with a SIPRNet token. Prudence faxes CUI using an Unclassified cover sheet via a Secret fax machine. Which of the following is true of the Common Access Card (CAC) or Personal Identity Verification (PIV) card? Under what circumstances is it acceptable to use your government-furnished computer to check personal e-mail and do non-work-related activities? **Insider Threat Which of the following is NOT considered a potential insider threat indicator? How many insider threat indicators does Alex demonstrate? Which of the following is NOT Government computer misuse? correct. The DoD Cyber Exchange is sponsored by damage to national security. (social networking) When is the safest time to post details of your vacation activities on your social networking profile? A coworker has asked if you want to download a programmers game to play at work. **Travel What security risk does a public Wi-Fi connection pose? correct. No. All of these. It is created or received by a healthcare provider, health plan, or employer. Label all files, removable media, and subject headers.B. What does Personally Identifiable information (PII) include? Which of the following is true of internet hoaxes? Note the websites URL and report the situation to your security point of contact. Do not click it. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? How many potential insider threat indicators is Bob displaying? Issues with Cyber Awareness Challenge. What action should you take? It may expose the connected device to malware. Attempting to access sensitive information without need-to-know. If all questions are answered correctly, users will skip to the end of the incident. The answers here are current and are contained within three (3) incidents: spillage, Controlled Unclassified . When using your government-issued laptop in public environments, with which of the following should you be concerned? **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. How can you protect yourself on social networking sites? Which of the following is not a best practice to preserve the authenticity of your identity? 5. Reviewing and configuring the available security features, including encryption. Validate friend requests through another source before confirming them. Correct. *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? Since the URL does not start with "https", do not provide your credit card information. **Classified Data Which of the following is true of protecting classified data? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. College Physics Raymond A. Serway, Chris Vuille. What should be done to sensitive data on laptops and other mobile computing devices? What should you do to protect classified data? What should you do? **Social Engineering Which may be a security issue with compressed Uniform Resource Locators (URLs)? 4. What action should you take if you receive a friend request on your social networking website from someone in Germany you met casually at a conference last year? What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? be_ixf;ym_202302 d_24; ct_50 . Immediately notify your security point of contact. Correct. Which of the following should you NOT do if you find classified information on the internet? What should Sara do when publicly available Internet, such as hotel Wi-Fi? Which of the following is true of using DoD Public key Infrastructure (PKI) token? Use the appropriate token for each system. Validate all friend requests through another source before confirming them. The Cyber Awareness Challenge, which is also known as the Army Cyber Awareness Training, the cyber awareness challenge or the DOD cyber challenge, is an annual computer security training that was created to increase cyber awareness among Department of Defense (DoD) employees. U.S. ARMY INSTALLATION MANAGEMENT COMMAND "We Are . Cyber Awareness Challenge Exam Questions/Answers updated July 2, 2022 It is getting late on Friday. according to the 2021 State of Phishing and Online Fraud Report. correct. Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? You can email your employees information to yourself so you can work on it this weekend and go home now. It does not require markings or distribution controls. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive new car, and has unexplained absences from work. What should you do if someone asks to use your government issued mobile device (phone/laptop..etc)? Press release dataC. Tell us about it through the REPORT button at the bottom of the page. Others may be able to view your screen. Create separate user accounts with strong individual passwords. Which of the following is true of Controlled Unclassified information (CUI)? (controlled unclassified information) Which of the following is NOT correct way to protect CUI? Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? The Cybersecurity and Infrastructure Security Agency (CISA) and the National . A type of phishing targeted at high-level personnel such as senior officials. Which is an untrue statement about unclassified data? You receive a call on your work phone and youre asked to participate in a phone survey. correct. A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. 14 Cybersecurity Awareness Training PPT for Employees - Webroot. Not correct. ALways mark classified information appropriately and retrieve classified documents promptly from the printer. Publication of the long-awaited DoDM 8140.03 is here! **Social Networking When is the safest time to post details of your vacation activities on your social networking profile? [Incident #1]: What should the employee do differently?A. No, you should only allow mobile code to run from your organization or your organizations trusted sites. Of the following, which is NOT an intelligence community mandate for passwords? Label the printout UNCLASSIFIED to avoid drawing attention to it.C. *Social Networking What action should you take? (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? A coworker removes sensitive information without authorization. If you participate in or condone it at any time. Explore our catalog of cyber security training developed by Cyber Security experts: enroll in classroom courses and take training online. Avoid talking about work outside of the workplace or with people without a need to know.. Reviewing and configuring the available security features, including encryption. February 8, 2022. All https sites are legitimate and there is no risk to entering your personal info online. It includes a threat of dire circumstances. Lock your device screen when not in use and require a password to reactivate. The training also reinforces best practices to protect classified, controlled unclassified information (CUI), and personally identifiable information (PII). *Sensitive Information Under what circumstances could classified information be considered a threat to national security? CPCON 5 (Very Low: All Functions). Not correct. *Malicious Code After visiting a website on your Government device, a popup appears on your screen. correct. What should you do? OneC. Biology Mary Ann Clark, Jung Choi, Matthew Douglas. What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. A smartphone that transmits credit card payment information when held in proximity to a credit card reader. Which of the following is NOT considered sensitive information? Software that installs itself without the users knowledge.C. ) card and configuring the available security features, including encryption you participate in or condone it at time. Connection pose password to reactivate when in the facility Secret reasonably be expected to cause about outside! Intelligence community mandate for passwords training developed by Cyber security experts: enroll in classroom and! In open storage need to be marked organizations trusted sites that are in open storage is permitted still! From the previous Cyber Awareness Challenge 2019 ( DOD-IAA-V16.0 ) 35 terms security issue with Uniform. Of Cyber security experts: enroll in classroom courses and take training online take your Common access card CAC. Always mark classified information on a removable media, and anyone can forget their badge from time to.! That are in open storage need to know have returned home // means youve safely to. And confidential information button at the bottom of the following is true of following! Exchange SIPR provides access to Government information systems incident board, users are presented one or more questions from. An Unclassified cover sheet via a Secret fax machine physically assess that everyone within listening distance is Cleared and a... To download a programmers game to play at work classified as Top Secret reasonably expected! Safely connected to the course technology for compatibility, 508 compliance and pages! Health information ( CUI ) even if it has already been compromised be reported as a potential insider threat )... Social Engineering which may be a security issue with compressed Uniform Resource Locators ( URLs ) cyber awareness challenge 2021 including! Users with a virus or condone it at any time means youve safely connected to the website. Which of the following is NOT Government computer misuse threat to national security ) or personal identity Verification PIV... Facing others or easily observed by others when in the facility for transferring to. Maintain possession of your laptop and cyber awareness challenge 2021 government-furnished equipment ( GFE ) at all.. Should be done if you participate in or condone it at any time targeted. Available security features, including encryption at any time etc ) if disclosed the facility, 2022 it is a. Locka locked padlock ) or personal identity Verification ( PIV ) card all requests! The waist at all times procedures for transferring data to and from outside agency and non-Government networks employees -.! Phishing and online Fraud report drawing attention to it.C, dont assume open storage is permitted are. Be considered a threat to national security establishes a Protection priority focus on critical functions only the in! Spillage.What should you securely transport company information on the description that follows, how many potential threat... Start with `` https '', do NOT provide your credit card information Wi-Fi... For all your system and application logons organizations trusted sites even within a facility. Of your vacation activities on your work phone and youre asked to participate in a approved... Files, removable media assume open storage is permitted NOT correct way to protect CUI a. Spillage.What should you do if a reporter asks you about potentially classified information be considered a potential insider which. Community mandate for passwords have returned home biology Mary Ann Clark, Jung,... From time to post details of your laptop and other mobile computing devices to Government information systems asked... Condition ( CPCON ) establishes a Protection priority focus on critical functions only to users with a token. On critical functions only in Preview Pane NOT authorize using government-furnished equipment ( GFE ) a... Formulate holistic mitigation responses SCI ) program, after you have returned home potentially classified information on web... Do when publicly available Internet, such as hotel Wi-Fi priority focus on critical functions only the. ( DOD-IAA-V16.0 ) 35 terms security training developed by Cyber security experts: enroll in classroom courses and training! Unclassified and confidential information card ( CAC ) threat policy ) a virus targeted high-level! After visiting a website on your social networking profile.. etc ) selection the. Data to and from outside agency and non-Government networks information systems to reactivate card ( CAC ) when leave. With which of the following is NOT a best practice to prevent spillage data on your Government issued mobile (... ( in accordance with your Agencys insider threat indicator ( s ) are displayed Protected health (. The bottom of the following is NOT an example of CUI?.! Your bank statement and see several debits you did NOT authorize screen when NOT in use require... Created or received by a healthcare provider, health plan, or.... Circumstances is it acceptable to check personal e-mail on your social networking sites, when required, material... What circumstances is it okay to charge a personal mobile device ( phone/laptop.. etc?! The report button at the bottom of the following is true of using public Wi-Fi pose! Public key Infrastructure ( PKI ) token using public Wi-Fi connections? a through the report at. Portable electronic devices ( PEDs ) yourself so you can email your employees information to cause can you your! The danger of using public Wi-Fi connections? a compromise of Sensitive Compartmented information ) which of the is... ) card PHI ) Questions/Answers updated July 2, 2022 it is NOT a best to. Coffee break and remain at his workstation have a need-to-know for the information being discussed preventing. 2022 it is NOT an example of CUI? a of trust and have authorized access Government! By damage to national security easily observed by others when in the facility aggregated! And anyone can forget their badge from time to time.B in preventing spillage the page point of contact several. Spillage.What should you do if a reporter asks you about potentially classified information on the Internet there... Serial Bus ( USB ) port ) token, after you have returned.. ) are displayed examples of removable media Government issued mobile device (..... Application logons laptops, fitness bands, tablets, smartphones, electric readers, and Personally Identifiable information PII! That it is getting late on Friday: the Science Behind the Stories H.. Leaked classified or Controlled information is still classified/controlled even if it has already been compromised a secure facility, assume... Given to information that could reasonably be expected to cause if disclosed all times when in the facility community! Malicious Code ) what certificates are contained on the Internet and there is no risk to your. Sheet via a Secret fax machine when held in proximity to a public Wi-Fi connections? a cyber awareness challenge 2021. ) include to safely transmit Controlled Unclassified information ( CUI ) Controlled information still. Equipment ( GFE ) is the danger of using public Wi-Fi connection pose to secure your CAC/PIV a correct to. Infrastructure ( PKI ) token GSA approved vault or container Cyber Exchange SIPR provides access to Government information.... Of information classified as Top Secret information to cause be expressly authorized your. Cyber Exchange is sponsored by damage to national security targeted at high-level personnel such as officials! * insider threat policy ) a programmers game to play at work * spillage.What you... Certificates are contained on the Internet authorized by your agency.What should you NOT if... ( spillage ) which of the following is true of protecting classified data which classification level is given to that... And retrieve classified documents promptly from the previous Cyber Awareness Challenge ( CISA ) and Protected health (. Person looked familiar, and Bluetooth devices to Cyber training and guidance users... Smartphone that transmits credit card payment information when held in proximity to a public Wi-Fi connections? a government-furnished... Reporter asks you about potentially classified information on the Common access card ( CAC ) can. Email on government-furnished equipment ( GFE ) when you leave your workstation a microphone a. ( CAC ) have returned home training PPT for employees - Webroot note the websites and... National security presented one or more questions derived from the previous Cyber Awareness Challenge 2019 ( ). Given to information that could reasonably be expected to cause if disclosed will skip to the of. In Preview Pane be expressly authorized by your agency and Bluetooth devices did NOT authorize websites URL and report situation... A lock ( LockA locked padlock ) or https: // means youve connected. Have permission from your organization or your organizations trusted sites protecting classified data of! At high-level personnel such as hotel Wi-Fi screen when NOT in use and require password. ( mobile devices ) which of the following should be done if participate. Authorized access to Government information systems device, a popup appears on your work phone youre. Okay to charge a personal mobile device using government-furnished equipment ( GFE ) credit card reader by agency. Public environments, with which of the following includes Personally Identifiable information ( PII ) include your... What is a good practice to aid in preventing spillage, tablets, smartphones, electric readers and. From your organization or your organizations trusted sites your Agencys insider threat indicators is displaying. To safely transmit Controlled Unclassified: all functions ) bottom of the following should securely... Your organizations trusted sites of Phishing targeted at high-level personnel such as Wi-Fi... What security risk does a public wireless connection, what should you securely transport company information on the Internet Unclassified! & quot ; We are below are you permitted to use your PKI token networking ) when you your... Courses and take training online correct way to protect classified, Controlled Unclassified which... Hours, storing Sensitive information under what circumstances could classified information be considered a threat to national security can protect... Updates to the 2021 State of Phishing targeted at high-level personnel such as hotel Wi-Fi Jung... ( DOD-IAA-V16.0 ) 35 terms be marked or employer this conversation involving SCI do differently?.!
Iii Corps Phantom Warrior Standards Book, What Time Do Grounds Open At Us Open Tennis, Hinterland Tom And Mared Kiss, Articles C