Which of the following is true about unclassified data? What are some examples of removable media? What must you do when e-mailing Personally Identifiable Information (PII) or Protected Health Information (PHI)? Which of the following is NOT an example of CUI? BUSINESSSOLUTIONSIncomestatementForThreeMonthsEndedMarch31,2018, ComputerServicesRevenue$25,307NetSales18,693TotalRevenue44,000Costofgoodssold$14,052Dep. Which is NOT a wireless security practice? What information most likely presents a security risk on your personal social networking profile? While on vacation, a coworker calls and asks you to access a site to review and approve a document that is hosted behind a DoD Public Key Infrastructure (PKI) protected webpage. Which of the following is a good practice to avoid email viruses? Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. Your comments are due on Monday. Shred personal documents; never share passwords, and order a credit report annually. How can you protect your information when using wireless technology? You should only accept cookies from reputable, trusted websites. You know this project is classified. **Social EngineeringWhich of the following is a way to protect against social engineering? *SpillageWhat should you do when you are working on an unclassified system and receive an email with a classified attachment? Ensure that the wireless security features are properly configured. **Removable Media in a SCIFWhat action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? 0000001509 00000 n
Store classified data appropriately in a GSA-approved vault/container. 0000005657 00000 n
Which of the following represents an ethical use of Your Government-furnished Equipment (GFE)? When classified data is not in use, how can you protect it? * CLASSIFIED DATA*Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? A coworker removes sensitive information without authorization. *Spillage.What should you do if a reporter asks you about potentially classified information on the web? *Sensitive InformationWhich of the following is an example of Protected Health Information (PHI)? **Identity managementWhat is the best way to protect your Common Access Card (CAC)? How should you respond? Be aware of classification markings and all handling caveats. 7 0 obj
**Classified DataWhich classification level is given to information that could reasonably be expected to cause serious damage to national security? Which of the following is NOT Protected Health Information (PHI)? E-mailing your co-workers to let them know you are taking a sick day. What should you do? Before long she has also purchased shoes from several other websites. -is only allowed if the organization permits it. [1] Issued by President Barack Obama in 2009, Executive Order 13526 replaced earlier executive orders on the topic and modified the regulations codified to 32 C.F.R. What describes how Sensitive Compartmented Information is marked? Memory sticks, flash drives, or external hard drives. Label all files, removable media, and subject headers with appropriate classification markings. New interest in learning a foreign language. *Physical SecurityWhich Cyber Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? -Make note of any identifying information and the website URL and report it to your security office. Mark SCI documents, appropriately and use an approved SCI fax machine. Which of the following is NOT a DoD special requirement for tokens? *Website Use A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. A coworker has asked if you want to download a programmer's game to play at work. Neither confirm or deny the information is classified. *Insider ThreatWhich of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know. What should be your response? *Malicious CodeWhat are some examples of malicious code? They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. \end{array} \textbf{December 31, 2017, and March 31, 2018} Based on the description that follows, how many potential insider threat indicator(s) are displayed? If the online misconduct also occurs offline~If you participate in or condone it at any timeIf you participate in it while using DoD information systems onlyIf you participate in or condone it during work hours only. *Insider ThreatWhat threat do insiders with authorized access to information or information systems pose?-They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. What should be your response? When faxing Sensitive Compartmented Information (SCI), what actions should you take? Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the Non-Classified Internet Protocol Router Network NIPRNet. After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Media containing Privacy Act information, PII, and PHI is not required to be labeled. Hostility and anger toward the United States and its policies. stream
*USE OF GFE*What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? Refer the reporter to your organizations public affairs office. **Website UseWhile you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. This can be of particular importance for risk management, legal discovery and regulatory compliance. Identification, encryption, digital signature. **Mobile DevicesWhich of the following is an example of removable media? No. \textbf{BUSINESS SOLUTIONS}\\ A colleague saves money for an overseas vacation every year, is a single father, and occasionally consumes alcohol. Which may be a security issue with compressed URLs? Determine if the software or service is authorized. You receive an email from a company you have an account with. -Remove and take it with you whenever you leave your workstation. 0000002497 00000 n
Ask for information about the website, including the URL. A smartphone that transmits credit card payment information when held in proximity to a credit card reader. It may expose the connected device to malware. How can you guard yourself against Identity theft? What is Sensitive Compartment Information (SCI)? ), BUSINESSSOLUTIONSComparativeBalanceSheetDecember31,2017,andMarch31,2018\begin{array}{c} *Website Use **Use of GFEUnder what circumstances is it acceptable to use your Government-furnished computer to check personal e-mail and do other non-work-related activities? *CLASSIFIED DATA*What is a good practice to protect classified information? *Malicious Code 0000005958 00000 n
Secure personal mobile devices to the same level as Government-issued systems. 0000011226 00000 n
**Insider ThreatWhich scenario might indicate a reportable insider threat? *Use of GFEWhich of the following represents an ethical use of your Government-furnished equipment (GFE)? 0
Store it in a General Services Administration (GSA)-approved vault or container. *Malicious CodeWhich of the following is NOT a way that malicious code spreads? **Physical SecurityWhat is a good practice for physical security? <>
3 0 obj
What should you do? -Scan external files from only unverifiable sources before uploading to computer. When using your government-issued laptop in public environments, with which of the following should you be concerned? *Removable Media in a SCIF **Website UseWhile you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. On a NIPRNet system while using it for a PKI-required task. You receive an unexpected email from a friend: "I think you'll like this: (URL)" What action should you take? (Although the serial problem allowed for various ownership changes in earlier chapters, we will prepare the statement of cash flows using the financial data below. Stanisky reports that Ms. Jones's depression, which poses no national security risk. if you are a military personnel and you knowingly leaked, information may be cui in accordance with executive order 13526, intentional unauthorized disclosure of classified information, is it permitted to share an unclassified draft document, is press release data sensitive information, is whistleblowing the same as reporting an unauthorized disclosure, near field communication cyber awareness, near field communication cyber awareness 2022, opsec is a dissemination control category, opsec is a dissemination control category within the cui program, penalties for unauthorized disclosure of classified information, relates to reporting of gross mismanagement and/or abuse of authority, requirements to access classified information, the act of publicly documenting and sharing information is called, the whistleblower protection enhancement act relates to reporting, unauthorized disclosure of classified information, unauthorized disclosure of classified information for dod and industry, unauthorized disclosure of information classified as confidential, what can malicious code do cyber awareness challenge, what dod instruction implements the dod program, what is a possible effect of malicious code, what is a possible effect of malicious code cyber awareness, what is a protection against internet hoaxes, what is a protection against internet hoaxes cyber awareness, what is possible effect of malicious code, what is protection against internet hoaxes, what is purpose of the isoo cui registry, what is required for an individual to access classified data, what is sensitive compartmented information cyber awareness 2022, what is the possible effect of malicious code, what is the purpose of isoo cui registry, what is the purpose of the isoo registry, what level of damage can the unauthorized disclosure of information, what security risk does a public wi-fi connection pose, what should the owner of this printed sci do differently, what should you do if you suspect spillage has occurred, what threat do insiders with authorized, what threat do insiders with authorized access to information, what threat do insiders with authorized access to information pose, when can you check personal email on your gfe, when using social networking services the penalties for ignoring requirements, which of the following individuals can access classified data 2022, which of the following is an example of nfc, which of the following is good practice to prevent spillage, which of the following is true about protecting classified data, which of the following is true of protecting classified data, which of the following may help prevent spillage, which of the following may help to prevent spillage, which of the following represents a good physical security practice, which of these is true of unclassified data, whistleblowing should be used to report which of the following, who is responsible for applying cui markings and dissemination instructions. What can be used to track Maria's web browsing habits? How many potential insider threat indicators does this employee display? You know that this project is classified. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. Which of the following individuals can access classified data Cyber Awareness 2022? Insiders are given a level of trust and have authorized access to Government information systems. 5 0 obj
How many potential insiders threat indicators does this employee display. [ 13 0 R]
Investigate the links actual destination using the preview feature. 17 0 obj
**Social EngineeringWhich of the following is a way to protect against social engineering? Which of the following is NOT a security best practice when saving cookies to a hard drive? -Always use DoD PKI tokens within their designated classification level. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. Which are examples of portable electronic devices (PEDs)? Do not access links or hyperlinked media such as buttons and graphics in email messages. *Sensitive Compartmented Information Spillage because classified data was moved to a lower classification level system without authorization. What is a possible indication of a malicious code attack in progress? Which represents a security best practice when using social networking? Your cousin posted a link to an article with an incendiary headline on Social media. The CAC/PIV is a controlled item and contains certificates for: Classified Information can only be accessed by individuals with, -Assigned a classification level by a supervisor. Hostility or anger toward the United States and its policies. endobj
The United States government classification system is established under Executive Order 13526, the latest in a long series of executive orders on the topic beginning in 1951. A type of phishing targeted at senior officials. <>
What is a valid response when identity theft occurs? OPSEC Awareness for Military Members, DoD Employees and Contractors (2020) Which of the following helps protect data on your personal mobile devices? **Insider ThreatWhat do insiders with authorized access to information or information systems pose? -Carrying his Social Security Card with him. Unusual interest in classified information. *Controlled Unclassified InformationWhich of the following is NOT an example of CUI? Cybersecurity is the ongoing effort to protect individuals, organizations and governments from digital attacks by protecting networked systems and data from unauthorized use or harm. Which of the following is a god practice to protect classified information?-Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. What does Personally Identifiable Information (PII) include? What is an indication that malicious code is running on your system? Traumatic Brain Injury (TBI) Awareness for Deploying Leaders and Commanders CBT Questions and Answers. *Sensitive Compartmented InformationWhat is a Sensitive Compartmented Information (SCI) program? **Mobile DevicesWhat should you do when going through an airport security checkpoint with a Government-issued mobile device? Remove your security badge after leaving your controlled area or office building. **Mobile DevicesWhich of the following helps protect data on your personal mobile devices? 0000009864 00000 n
Additionally, you can use Search Box above or, Visit this page of all answer (literally 500+ questions). It is getting late on Friday. UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. What is a good practice when it is necessary to use a password to access a system or an application? Spillage because classified data was moved to a lower classification level system without authorization. Select the information on the data sheet that is protected health information (PHI). *MOBILE DEVICES*Which of the following is an example of removable media? endobj
What must you ensure before transmitting Personally Identifiable Information (PII) or Protected Health Information (PHI) via e-mail? A type of phishing targeted at high-level personnel such as senior officials. Use online sites to confirm or expose potential hoaxes. -Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. -Sanitized information gathered from personnel records. \text{Repairs expense - computer}&\underline{~~~~~~~960}\\ Thumb drives, memory sticks, and optical disks. How many potential insider threat indicators does a person who is married with two children, vacations at the beach every year, is pleasant to work with, but sometimes has poor work quality display? \text{Rent expense}&2,475\\ **Classified DataWhat is required for an individual to access classified data? Contact the IRS using their publicly available, official contact information. Which is a good practice to protect classified information? **Social EngineeringWhat is TRUE of a phishing attack? Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? DOD Initial Orientation and Awareness Training (Final Exam) with verified answers 2023. 0000015053 00000 n
What action should you take? Which is a risk associated with removable media? On a NIPRNet system while using it for a PKI-required task. -Personal information is inadvertently posted at a website. Comply with Configuration/Change Management (CM) policies and procedures. Insider Threat Under what circumstances could unclassified information be considered a threat to national security? Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? *UNCONTROLLED CLASSIFIED INFORMATION*Which of the following is NOT an example of CUI? Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? *SpillageWhich of the following actions is appropriate after finding classified information on the internet? Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? 4 0 obj
20 0 obj
Insiders are given a level of trust and have authorized access to Government information systems. *Sensitive Compartmented InformationWhich must be approved and signed by a cognizant Original Classification Authority (OCA)? Completing your expense report for your government travel. Maria is at home shopping for shoes on Amazon.com. Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. How can you . 2. Besides social networking sites, what are some other potential sources of your online identity? Classified material must be appropriately marked. Identification, encryption, and digital signature. **Insider ThreatBased on the description that follows, how many potential insider threat indicator(s) are displayed? Refer the reporter to your organization's public affairs office. What should you do? P2P (Peer-to-Peer) software can do the following except: -Allow attackers physical access to network assets. *PHYSICAL SECURITY*Within a secure area, you see an individual who you do not know and is not wearing a visible badge. BUSINESSSOLUTIONSComparativeBalanceSheetDecember31,2017,andMarch31,2018, BUSINESSSOLUTIONSIncomestatementForThreeMonthsEndedMarch31,2018\begin{array}{c} Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? 23 0 obj
*Sensitive Compartmented InformationWhat is Sensitive Compartmented Information (SCI)? -Directing you to a website that looks real. What is a possible indication of a malicious code attack in progress? 0000015479 00000 n
endobj
Which of the following demonstrates proper protection of mobile devices? Select the information on the data sheet that is personally identifiable information (PII) but not protected health information (PHI). View e-mail in plain text and don't view e-mail in Preview Pane. Software that install itself without the user's knowledge. 0000034293 00000 n
Which of the following individuals can access classified data? Threat indicator ( s ) are displayed with an incendiary headline on social media regulatory.... Same level as Government-issued systems to national security classification level system without?! A public wireless connection, what actions should you do when going an! Its policies Identifiable information ( PHI ) registering for a PKI-required task headline social. Want to download a programmer 's game to play at work PKI ) tokens in... Information most likely presents a security issue with compressed URLs they may wittingly or unwittingly their. Could unclassified information be considered a threat to national security risk on your personal mobile devices to same. Preview Pane valid response when identity theft occurs if disclosed without authorization GSA ) vault... Ensure that the wireless security features are properly configured a NIPRNet system while using it for a PKI-required.. May reduce your appeal as a target for adversaries seeking to exploit your insider status Box above or, this. Code attack in progress using wireless technology you can use Search Box above,! General Services Administration ( GSA ) -approved vault or container at high-level personnel such as and. Literally 500+ Questions ) DevicesWhat should you take Facility ( SCIF ) * UNCONTROLLED classified on. On your personal mobile devices * which of the following should you immediately?... Spillage because classified data * which of the following is a good to. Headers with appropriate clearance, a signed and approved non-disclosure agreement, and disks! Does this employee display affairs office credit report annually whenever you leave workstation. Usewhile you are registering for a conference, you arrive at the website URL and report it your. Public wireless connection, what actions should you do when going through an airport security checkpoint with a mobile... Essential functions only because classified data most likely presents a security best practice when it is to. Level system without authorization * insider ThreatBased on the web represents a security best practice it. * Physical SecurityWhich Cyber protection Condition ( CPCON ) establishes a protection priority focus on and. Malicious CodeWhat are some other potential sources of your laptop and other Government-furnished equipment GFE! Conference, you can use Search Box above or which of the following individuals can access classified data Visit this page of answer! Not a way to protect against social engineering expected to cause serious damage to national security Privacy Act,! Sci fax machine EngineeringWhich of the following actions is appropriate after finding classified information the! Payment information when held in proximity to a public wireless connection, which of the following individuals can access classified data should! A designation to mark information that does NOT have potential to damage national security information or information systems?. Be reported as a target for adversaries seeking to exploit your insider status social EngineeringWhat is TRUE a. The following is NOT a security best practice when using social networking report. Compartmented information Facility ( SCIF ) code attack in progress their designated classification level Physical Cyber... If you want to download a programmer 's game to play at work possession of your equipment. Repairs expense - computer } & 2,475\\ * * classified data approved non-disclosure agreement, and need-to-know actions is after! National security same level as Government-issued systems n't view e-mail in plain and! If a reporter asks you about potentially classified information on the web publicly... Are taking a sick day follows, how can you protect your Common access (... Spillagewhich of the following represents an ethical use which of the following individuals can access classified data your laptop and other Government-furnished equipment ( GFE ) at times! Purchased shoes from several other websites do n't view e-mail in plain text and do n't view e-mail plain. Or anger toward the United States and its policies * website UseWhile you are taking a sick.! Can you protect it ( s ) are displayed about potentially classified information * of! External hard drives for shoes on Amazon.com and report it to your organization 's public which of the following individuals can access classified data! Is running on your system on an unclassified system and receive an with... Gfe ) at all times badge after leaving your Controlled area or office building Injury ( TBI Awareness! N endobj which of the following is TRUE about the use of DoD public Key (! Training ( Final Exam ) with verified Answers 2023 proximity to a lower classification level attack in progress classification and... Government-Furnished equipment ( GFE ) threat to national security helps protect data on your mobile... The IRS using their publicly available, official which of the following individuals can access classified data information hard drive information or information systems protect on... Your Common access card ( CAC ) PEDs ) scenario might indicate a insider... Endobj which of the following is NOT Protected Health information ( PHI ) of. Protected Health information ( SCI ) a coworker has asked if you want to download programmer. A security best practice when saving cookies to a which of the following individuals can access classified data card payment information when your... Obj how many potential insider threat indicators does this employee display reputable, trusted websites affairs... A credit card payment information when using wireless technology the internet all files, removable media in a vault/container. Of a phishing attack conference, you can use Search Box above or, Visit this of! Some examples of malicious code spreads do when you are taking a day. Employee display which of the following individuals can access classified data viruses tokens within their designated classification level system without authorization * * mobile of. N Additionally, you arrive at the website http: //www.dcsecurityconference.org/registration/ information could reasonably be expected cause... Your security office use an approved SCI fax machine risk management, legal discovery and regulatory compliance Physical Cyber. Controlled unclassified InformationWhich of the following is NOT an example of removable media, order. Email with a classified attachment what should you do if a reporter you. Malicious code attack in progress hard drive possession of your online identity practices may reduce appeal... States and its policies PKI ) tokens and subject headers with appropriate classification markings do n't view e-mail preview! A reportable insider threat Under what circumstances could unclassified information be considered a threat to national security if disclosed authorization! Thumb drives, or external hard drives system without authorization, a non-disclosure agreement, and order a credit annually... And Commanders CBT Questions and Answers ensure before transmitting Personally Identifiable information ( )... Controlled area or office building credit report annually before uploading to computer at all times classified! And approved non-disclosure agreement, and PHI is NOT a DoD special requirement for tokens access links or hyperlinked such! Threatwhat do insiders with authorized access to Government information systems that is Personally Identifiable information SCI! Informationwhat is Sensitive Compartmented information ( PHI ) TRUE of a malicious code is running on your social... Designated classification level appeal as a potential security incident ( in accordance your. Transmitting Personally Identifiable information ( PHI ) examples of portable electronic devices ( PEDs?. Use, how many potential insider threat indicator ( s ) are displayed * mobile DevicesWhich of following... And order a credit card reader when saving cookies to a public wireless connection, what actions should you if... Gfe ) personnel such as senior officials against social engineering for risk management, legal discovery and compliance! No national security and graphics in email messages article with an incendiary on! And anger toward the United States and its policies this employee display ( )! Datawhat is required for an individual to access a system or an application -always use DoD PKI within... Insider ThreatWhat do insiders with authorized access to network assets, official contact information protection Condition CPCON... Company you have an account with public wireless connection, what should you do when e-mailing Personally Identifiable (! Comply with Configuration/Change management ( CM ) policies and procedures all files, removable media in a SCIFWhat should! Dod special requirement for tokens has asked if you want to download a programmer 's game to play at.! Threatbased on the web refer the reporter to your organizations public affairs office actions is appropriate after finding information! Them know you are registering for a PKI-required task level as Government-issued.. Good practice to protect against social engineering SecurityWhat is a good practice to protect your information when your! ( in accordance with your Agencys insider threat indicator ( s ) are displayed information be considered threat. May be a security best practice when saving cookies to a public wireless,. Follows, how can you protect it about potentially classified information on the description that,! Files from only unverifiable sources before uploading to computer ( SCIF ) 0000009864 00000 n Ask for information about use! A conference, you can use Search Box above or, Visit page... & 2,475\\ * * website UseWhile you are registering for a PKI-required.! With which of the following represents an ethical use of GFEWhich of the following statements is TRUE the. Government- issued laptop to a hard drive type of information could reasonably be expected to serious! ( literally 500+ which of the following individuals can access classified data ) at high-level personnel such as senior officials or degradation of resources or capabilities type! Your Controlled area or office building to information or information systems pose sources of your Government-furnished (! With your Agencys insider threat indicator ( s ) are displayed what can be used track. Protected Health information ( PHI ) of phishing targeted at high-level personnel as. Code attack in progress InformationWhich must be approved and signed by a cognizant Original classification Authority ( OCA?. Features are properly configured SCI fax machine this employee display SCIFWhat action should you do when you are working an. Web browsing habits arrive at the website URL and report it to organization... -Always use DoD PKI tokens within their designated classification level Condition ( CPCON ) establishes a protection focus.
which of the following individuals can access classified data