How can you protect yourself from social engineering? Others may be able to view your screen. (Correct) -It does not affect the safety of Government missions. Which of the following is NOT a home security best practice? How should you respond? Sensitive information. Which of the following is true of transmitting Sensitive Compartmented Information (SCI)? Verify the identity of all individuals.??? All https sites are legitimate and there is no risk to entering your personal info online. Individuals must avoid referencing derivatively classified reports classified higher than the recipient.??? **Social Engineering What is TRUE of a phishing attack? Maybe Search the Registry: Categories, Markings and Controls: Category list CUI markings Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? Which is NOT a method of protecting classified data? What should you do? For programmatic questions regarding Controlled Unclassified Information (CUI), including any challenges to CUI marked by EPA, pleasecontact EPA's CUI Program Office. The email provides a website and a toll-free number where you can make payment. The attributes of identified ground seeds are modified to ground points. Right-click the link and select the option to preview??? What function do Insider Threat Programs aim to fulfill? What should you do? You know this project is classified. (GFE) When can you check personal e-mail on your Government-furnished equipment (GFE)? Connect to the Government Virtual Private Network (VPN).?? Infographic - Text version Infographic [PDF - 594 KB] Report a problem or mistake on this page Date modified: 2020-12-14 What should Sara do when publicly available Internet, such as hotel Wi-Fi? In setting up your personal social networking service account, what email address should you use? #2) Select the "Pre-Process" tab. It never requires classification markings, is true about unclassified data. Which of the following definitions is true about disclosure of confidential information? **Social Engineering Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? (Mobile Devices) Which of the following statements is true? Which of the following is an example of a strong password? While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. By Quizzma Team / Technology. Write your password down on a device that only you access. Third, the neighbor ground points of an unclassified point are searched from multiple subspaces. *Spillage Which of the following is a good practice to aid in preventing spillage? Unusual interest in classified information. Not correct. 1.1.5 Controlled Unclassified Information. A colleague enjoys playing video games online, regularly use social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited. You are reviewing your employees annual self evaluation. Controlled Unclassified Information (CUI): Controlled Unclassified information was defined in the Executive Order 13556 as information held by or generated for the Federal Government that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations and government-wide policies that isn't classified Assuming open storage is always authorized in a secure facility. Who can be permitted access to classified data? Unclassified is a security classification assigned to official information that does not warrant the assignment of Confidential, Secret, or Top Secret markings but which is not publicly-releasable without authorization. Which of the following is a concern when using your Government-issued laptop in public? Annual DoD Cyber Awareness Challenge Training, DOD Cyber Awareness Challenge 2019: Knowledge, DOD Cyber Awareness Challenge 2019 (DOD-IAA-V, Operations Management: Sustainability and Supply Chain Management, Elliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson, Anderson's Business Law and the Legal Environment, Comprehensive Volume, David Twomey, Marianne Jennings, Stephanie Greene. **Home Computer Security How can you protect your information when using wireless technology? Which of the following is NOT a type of malicious code? Research the source of the article to evaluate its credibility and reliability. **Social Networking Which piece if information is safest to include on your social media profile? (Sensitive Information) What type of unclassified material should always be marked with a special handling caveat? **Mobile Devices Which of the following helps protect data on your personal mobile devices? difficult life circumstances such as substance abuse, divided loyalty or allegiance to the U.S., and extreme, persistent interpersonal difficulties. You are working at your unclassified system and receive an email from a coworker containing a classified attachment. Classified information that should be unclassified and is downgraded. Let us know if this was helpful. (Spillage) What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? Note the websites URL and report the situation to your security point of contact. You should remove and take your CAC/PIV card whenever you leave your workstation. Immediately notify your security point of contact. What should you do? 1.1.2 Classified Data. (Malicious Code) Which of the following is true of Internet hoaxes? You must have permission from your organization. Everything you need to know aboutControlled UnclassifiedInformation(CUI). Is it okay to run it? The questions are broken into the following sections: Controlled Unclassified Information (CUI) isinformation that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies,but is not classified underExecutive Order 13526 Classified National Security Informationorthe Atomic Energy Act, as amended. **Insider Threat Which of the following is NOT considered a potential insider threat indicator? correct. Based on the description that follows, how many potential insider threat indicator(s) are displayed? When is it appropriate to have your security badge visible? Contact the IRS using their publicly available, official contact information. What actions should you take prior to leaving the work environment and going to lunch? Social Security Number, date and place of birth, mothers maiden name. Never allow sensitive data on non-Government-issued mobile devices. When expanded it provides a list of search options that will switch the search inputs to match the current selection. You are leaving the building where you work. What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. For example, when you buy propane for your barbecue, your tank is placed on a scale while it is filled under high pressure (Figure 7). A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. The email has an attachment whose name contains the word secret. Here you can find answers to the DoD Cyber Awareness Challenge. -Its classification level may rise when aggregated. A compromise of Sensitive Compartmented Information (SCI) occurs when a person who does not have the required clearance or access caveats comes into possession of SCI_________.??? Don't talk about work outside your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners. Monitor credit card statements for unauthorized purchases, Thumb drives, memory sticks, and flash drives are examples of. You have reached the office door to exit your controlled area. Personal information is inadvertently posted at a website. internet-quiz. Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Validate all friend requests through another source before confirming them. (Answer) CPCON 2 (High: Critical and Essential Functions) CPCON 1 (Very High: Critical Functions) CPCON 3 (Medium: Critical, Essential, and Support Functions) CPCON 4 (Low: All Functions) CPCON 5 (Very Low: All Functions). 5. **Travel What is a best practice while traveling with mobile computing devices? When may you be subject to criminal, disciplinary, and/or administrative action due to online harassment, bullying, stalking, hazing, discrimination, or retaliation? What can help to protect the data on your personal mobile device. What is a valid response when identity theft occurs? Which of the following is true of Sensitive Compartmented Information (SCI)? They broadly describe the overall classification of a program or system. not correct. *Malicious Code After visiting a website on your Government device, a popup appears on your screen. Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. The EPA will phase out legacy markings and safeguarding practices as implementation proceeds. (Spillage) What type of activity or behavior should be reported as a potential insider threat? **Insider Threat Which type of behavior should you report as a potential insider threat? Since the URL does not start with https, do not provide you credit card information. Correct. What action should you take? Look for a digital signature on the email. The potential for unauthorized viewing of work-related information displayed on your screen. Only use Government-furnished or Government-approved equipment to process PII. A coworker has left an unknown CD on your desk. Which of the following is true of the Common Access Card (CAC) or Personal Identity Verification (PIV) card? Select the information on the data sheet that is personally identifiable information (PII). Spillage can be either inadvertent or intentional. Which of the following is not considered an example of data hiding? Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. We recommend Norton Security or McAfee Total Protection. (Malicious Code) What are some examples of removable media? Before long she has also purchased shoes from several other websites. **Insider Threat Which of the following should be reported as a potential security incident? What is the danger of using public Wi-Fi connections? Looking at your MOTHER, and screaming THERE SHE BLOWS! Always check to make sure you are using the correct network for the level of data. *Sensitive Compartmented Information Which must be approved and signed by a cognizant Original Classification Authority (OCA)? Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Select the information on the data sheet that is protected health information (PHI). How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Of the following, which is NOT an intelligence community mandate for passwords? What is a security best practice to employ on your home computer? Which of the following is a reportable insider threat activity? No, you should only allow mobile code to run from your organization or your organizations trusted sites. Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? Malicious code can mask itself as a harmless e-mail attachment, downloadable file, or website. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. What does Personally Identifiable information (PII) include? Tell us about it through the REPORT button at the bottom of the page. You receive an inquiry from a reporter about potentially classified information on the internet. They can be part of a distributed denial-of-service (DDoS) attack. What should you do? Unclassified documents do not need to be marked as a SCIF. While it may seem safer, you should NOT use a classified network for unclassified work. Not correct What is the best example of Protected Health Information (PHI)? Which of the following is true of internet hoaxes? not correct. Validate friend requests through another source before confirming them. (Sensitive Compartmented Information) What describes how Sensitive Compartmented Information is marked? **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? Decline So That You Maintain Physical Control of Your Government-Issued Laptop. Rating. (controlled unclassified information) Which of the following is NOT an example of CUI? Were mitochondria as abundant in human epithelial cells as in onion epidermal cells (procedure 4.6)? *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. Compute The Average Kids Per Family. Which of the following represents a good physical security practice? 1 Answer/Comment. When using your government-issued laptop in public environments, with which of the following should you be concerned? A. This button displays the currently selected search type. Call your security point of contact immediately. Which of the following is NOT an example of Personally Identifiable Information (PII)? Which of the following actions can help to protect your identity? A coworker removes sensitive information without authorization. They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. How do you think antihistamines might work? The CUI Registry is the Government-wide online repository for Federal-level guidance regarding CUI policy and practice. A medium secure password has at least 15 characters and one of the following. All https sites are legitimate. Correct. What should the owner of this printed SCI do differently? Mobile devices and applications can track your location without your knowledge or consent. It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number. (Malicious Code) Which email attachments are generally SAFE to open? ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. It is getting late on Friday. Added 8/5/2020 8:06:16 PM. You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. Immediately notify your security point of contact. You believe that you are a victim of identity theft. Which of the following is NOT considered sensitive information? Which of the following is true of Internet of Things (IoT) devices? A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. All data transfers via the internet are not 100% secure and there might be some security vulnerabilities. -TRUE What action is recommended when somebody calls you to inquire about your work environment or specific account information? Which of the following is NOT a typical means for spreading malicious code? Classified material must be appropriately marked. Three or more. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? What should you do to protect classified data? A type of phishing targeted at senior officials. Ensure proper labeling by appropriately marking all classified material. Information improperly moved from a higher protection level to a lower protection level. P2P (Peer-to-Peer) software can do the following except: Allow attackers physical access to network assets. Never allow sensitive data on non-Government-issued mobile devices. What is a way to prevent the download of viruses and other malicious code when checking your e-mail? It is not corporate intellectual property unless created for or included in requirements related to a government contract. I may decide not to consent to these terms, but, if I do not consent to all of these terms, then I agree not to proceed with creating an account or moving forward with filling out the application, and I understand that I will not be . Share sensitive information only on official, secure websites. Which of the following should be done to keep your home computer secure? Classified DVD distribution should be controlled just like any other classified media. This lets the service person know when the tank is "full." A user writes down details from a report stored on a classified system marked as Secret and uses those details to draft an unclassified briefing on an unclassified system without authorization. Ans: True Question 2: The Government Information Security Reform Act (Security Reform Act) of 2000 focuses on management View the full answer Let us have a look at your work and suggest how to improve it! Government-owned PEDs when expressly authorized by your agency. Who is responsible for information/data security? b. taking away a toy or treat Store classified data appropriately in a GSA-approved vault/container. Unclassified documents do not need to be marked as a SCIF. -Classified information that should be unclassified and is downgraded. internet-quiz. (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? **Insider Threat What type of activity or behavior should be reported as a potential insider threat? Store classified data appropriately in a GSA-approved vault/container when not in use. **Social Networking Which of the following is a security best practice when using social networking sites? The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. Which may be a security issue with compressed urls? A colleague asks to leave a report containing protected health information (PHI) on his desk overnight so he can continue working on it the next day. The following practices help prevent viruses and the downloading of malicious code except. Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? What portable electronic devices (PEDs) are permitted in a SCIF? Refer the reporter to your organizations public affairs office. **Identity management Which of the following is an example of two-factor authentication? Where. CPCON 2 (High: Critical and Essential Functions) Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. *Spillage Which of the following actions is appropriate after finding classified information on the Internet? Which of the following statements is true? You are logged on to your unclassified computer and just received an encrypted email from a co-worker. When gases are sold they are usually compressed to high pressures. A headset with a microphone through a Universal Serial Bus (USB) port. The Chinese Spy Balloon Showdown The discovery of a Chinese surveillance balloon floating over the United States has added to the rising tensions between the two superpowers. The EPAs Controlled Unclassified Information (CUI) Program issued its Interim CUI Policy in December 2020. Based on the description that follows, how many potential insider threat indicator(s) are displayed? (Malicious Code) Which of the following is NOT a way that malicious code spreads? ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. (Malicious Code) Which are examples of portable electronic devices (PEDs)? Follow instructions given only by verified personnel. Click on "Open File". Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. In which situation below are you permitted to use your PKI token? You receive an email from a company you have an account with. Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. At EPA, the CUI Program is housed in the Libraries and Accessibility Division (LAD) within the Office of Mission Supports (OMS), Office of Enterprise Information Programs (OEIP). Which of the following is NOT true concerning a computer labeled SECRET? In which situation below are you permitted to use your PKI token? The emission rate of CO 2 from the soils reached the maximum on the 1st day of incubation and the sequence of CO 2 emission rate and cumulative emission under different amendment treatments was as SG > S > G > CK > N (Fig. You receive a call on your work phone and youre asked to participate in a phone survey. ALways mark classified information appropriately and retrieve classified documents promptly from the printer. They can be part of a distributed denial-of-service (DDoS) attack. It does not require markings or distribution controls. Which of the following is a practice that helps to protect you from identity theft? *Sensitive Compartmented Information What should the owner of this printed SCI do differently? Original classification authority Correct. Correct. The CAC/PIV is a controlled item and contains certificates for: An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? It never requires classification markings, is true about unclassified data. (Sensitive Information) What should you do if a commercial entity, such as a hotel reception desk, asks to make a photocopy of your Common Access Card (CAC) for proof of Federal Government employment? A measure of how much useful work each unit of input energy provides. *Spillage Which of the following may help to prevent spillage? Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? Which Of The Following Statements About Adding Social Networks To Hootsuite Is False? You receive an inquiry from a reporter about government information not cleared for public release. Read the latest news from the Controlled Unclassified Information (CUI) program. Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. What is the basis for the handling and storage of classified data? You check your bank statement and see several debits you did not authorize. How many potential insiders threat indicators does this employee display. *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? **Identity Management Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? Decline to let the person in and redirect her to security. When your vacation is over, after you have returned home. (Sensitive Information) What must the dissemination of information regarding intelligence sources, methods, or activities follow? A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. It does not require markings or distribution controls. *Sensitive Compartmented Information What must the dissemination of information regarding intelligence sources, methods, or activities follow? If aggregated, the information could become classified. Which of the following is not considered a potential insider threat indicator? It may expose the connected device to malware. **Social Networking Which of the following statements is true? **Social Networking Your cousin posted a link to an article with an incendiary headline on social media. Which of the following is NOT a social engineering tip? (Home computer) Which of the following is best practice for securing your home computer? Which of the following practices reduces the chance of becoming a target by adversaries seeking insider information? Only paper documents that are in open storage need to be marked. Directives issued by the Director of National Intelligence. a. putting a child in time-out Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card. Correct. (Malicious Code) What are some examples of malicious code? *Insider Threat Which of the following is a potential insider threat indicator? Prudence faxes CUI using an Unclassified cover sheet via a Secret fax machine. Connect to the Government Virtual Private Network (VPN). Which of the following is NOT Protected Health Information (PHI)? Proactively identify potential threats and formulate holistic mitigation responses. Based on the description that follows, how many potential insider threat indicator (s) are displayed? (Identity Management) Which of the following is an example of two-factor authentication? Explain. Jozeal. classified-document. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Which of the following best describes wireless technology? He has the appropriate clearance and a signed, approved, non-disclosure agreement. New answers. Which of the following is NOT one? cyber-awareness. 1.1.3 Insider Threat. A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. How can you protect yourself on social networking sites? Only paper documents that are in open storage need to be marked. Many apps and smart devices collect and share your personal information and contribute to your online identity. Permitted Uses of Government-Furnished Equipment (GFE). what should you do? Which of the following is NOT sensitive information? Senior government personnel, military or civilian. *Sensitive Information Which of the following is an example of Protected Health Information (PHI)? What should be your response? Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. -Its classification level may rise when aggregated. What is considered ethical use of the Government email system? What information most likely presents a security risk on your personal social networking profile? **Use of GFE When can you check personal e-mail on your Government-furnished equipment (GFE)? How are Trojan horses, worms, and malicious scripts spread? The National Archives and Records Administration (NARA) serves as the Controlled Unclassified Information (CUI) Executive Agent (EA). **Social Engineering What action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)? Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. 10-3 X-ray Interaction with Matter, Fundamentals of Engineering Economic Analysis, David Besanko, Mark Shanley, Scott Schaefer. What amount is due if Alexa pays on or betwee n April 222222 and May 666? Transmit classified information via fax machine only Not correct *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. It is created or received by a healthcare provider, health plan, or employer. What information posted publicly on your personal social networking profile represents a security risk? Which of the following is NOT considered a potential insider threat indicator? correct. **Classified Data What level of damage can the unauthorized disclosure of information classified as Confidential reasonably be expected to cause? *Sensitive Information What is the best example of Personally Identifiable Information (PII)? After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. Malicious code can do the following except? Protection may be required for privacy, law enforcement, contractual protections, or other reasons. Use the classified network for all work, including unclassified work. (Spillage) What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? #1) Open WEKA and select "Explorer" under 'Applications'. Filter by: All $ Off % Off Free Online Offline. Phishing can be an email with a hyperlink as bait. Accepting the default privacy settings. What are some potential insider threat indicators? When would be a good time to post your vacation location and dates on your social networking website?
Jujutsu Kaisen Death List, Lufthansa Travel Regulations To Germany, How To Say Someone Died Of Cancer In Obituary, Articles W
Jujutsu Kaisen Death List, Lufthansa Travel Regulations To Germany, How To Say Someone Died Of Cancer In Obituary, Articles W