asked in Internet by voice (265k points) internet. How should you securely transport company information on a removable media? Which scenario might indicate a reportable insider threat security incident? A coworker has asked if you want to download a programmers game to play at work. Three or more. When unclassified data is aggregated, its classification level may rise. While it may seem safer, you should NOT use a classified network for unclassified work. Which of these is true of unclassified data?-It must be released to the public immediately.-Its classification level may rise when aggregated. Course Introduction Introduction . What portable electronic devices (PEDs) are permitted in a SCIF? Thats the only way we can improve. Search the Registry: Categories, Markings and Controls: Category list CUI markings Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. Which of the following is NOT a potential insider threat? You know that this project is classified. Permitted Uses of Government-Furnished Equipment (GFE). As a security best practice, what should you do before exiting? They can be part of a distributed denial-of-service (DDoS) attack. *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? You may use your personal computer as long as it is in a secure area in your home b. Store it in a locked desk drawer after working hours. Cyber Challenge.txt - Cyber Awareness What should you do When is the best time to post details of your vacation activities on your social networking website? Note the websites URL and report the situation to your security point of contact. (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? **Website Use While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. CUI was established to standardize the way the Executive branch handles sensitive information that requires dissemination controls. Which of the following is true about telework? CUI includes, but is not limited to Controlled Technical Information (CTI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data and operational information. Following instructions from verified personnel. Back up your data: This will help you recover your data if it's lost or corrupted. Use personally-owned wired headsets and microphones only in designated areas, New interest in learning a foreign language. P2P (Peer-to-Peer) software can do the following except: Allow attackers physical access to network assets. Make note of any identifying information and the website URL and report it to your security office. The email provides a link to a personnel portal where you must enter your personal information as part of an effort to standardize recordkeeping. Filter by: All $ Off % Off Free Online Offline. The proper security clearance and indoctrination into the SCI program. Bob, a coworker, has been going through a divorce, has financial difficulties and is displaying hostile behavior. Here you can find answers to the DoD Cyber Awareness Challenge. Which of the following is not considered an example of data hiding? 1.1.2 Classified Data. How can you protect yourself from social engineering? **Insider Threat Which type of behavior should you report as a potential insider threat? (Correct) -It does not affect the safety of Government missions. (Malicious Code) What is a common indicator of a phishing attempt? Only paper documents that are in open storage need to be marked. A coworker is observed using a personal electronic device in an area where their use is prohibited. How do you respond? You can email your employees information to yourself so you can work on it this weekend and go home now. Hostility or anger toward the United States and its policies. Which method would be the BEST way to send this information? This button displays the currently selected search type. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. **Identity Management Which of the following is the nest description of two-factor authentication? Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? No, you should only allow mobile code to run from your organization or your organizations trusted sites. What describes how Sensitive Compartmented Information is marked? Official websites use .gov (Insider Threat) Based on the description that follows, how many potential insider threat indicator(s) are displayed? **Physical Security Within a secure area, you see an individual who you do not know and is not wearing a visible badge. (Spillage) Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? Controlled Unclassified Information (CUI) | GSA Ch 1 Flashcards by Josh Selkirk | Brainscape What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? What is the basis for the handling and storage of classified data? true-statement. **Physical Security What is a good practice for physical security? Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. Your health insurance explanation of benefits (EOB). A colleague often makes others uneasy with her persistent efforts to obtain information about classified project where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. Which of the following is a best practice for physical security? *Sensitive Compartmented Information When is it appropriate to have your security badge visible? For Government-owned devices, use approved and authorized applications only. Directing you to a website that looks real. Secure .gov websites use HTTPS 4. **Insider Threat Which of the following should be reported as a potential security incident? Under What Circumstances Could Unclassified? Which of the following is NOT an example of Personally Identifiable Information (PII)? Exceptionally grave damage. Her badge is not visible to you. Controlled Unclassified Information (CUI) Program Frequently Asked Media containing Privacy Act information, PII, and PHI is not required to be labeled. Memory sticks, flash drives, or external hard drives. Which of the following is a good practice to protect classified information? Working With Sensitive Information - Canada.ca -TRUE The use of webmail is -is only allowed if the organization permits it Using webmail may bypass built in security features. Note any identifying information, such as the websites URL, and report the situation to your security POC. What Exactly is CUI? (and How to Manage It) - Security Boulevard Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. A colleague removes sensitive information without seeking authorization in order to perform authorized telework. T/F. Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? Ensure that the wireless security features are properly configured. What should you consider when using a wireless keyboard with your home computer? cyber. Which of the following is NOT a social engineering tip? Report the crime to local law enforcement. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card. Which scenario might indicate a reportable insider threat? You must possess security clearance eligibility to telework. (Malicious Code) Which email attachments are generally SAFE to open? Controlled Unclassified Information (CUI) is informationthat requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies, but is not classified under Executive Order 13526 "Classified National Security Informat What are examples of CUI? A .gov website belongs to an official government organization in the United States. As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. You find information that you know to be classified on the Internet. #1) Open WEKA and select "Explorer" under 'Applications'. How can you protect yourself on social networking sites? not correct. Which of the following is true about unclassified data? Unclassified information cleared for public release. DOD Cyber Awareness Challenge 2019 - Subjecto.com Which of the following is an example of Protected Health Information (PHI)? Use only personal contact information when establishing your personal account. **Social Networking Which piece if information is safest to include on your social media profile? correct. Adversaries exploit social networking sites to disseminate fake news Correct. **Insider Threat What do insiders with authorized access to information or information systems pose? What Should You Do When Working On An Unclassified System And Receive Select the information on the data sheet that is personally identifiable information (PII). **Social Networking As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? (Malicious Code) Which of the following is true of Internet hoaxes? WEKA Datasets, Classifier And J48 Algorithm For Decision Tree Classified information that should be unclassified and is downgraded. **Social Networking Which of the following is a security best practice when using social networking sites? Share sensitive information only on official, secure websites. What is the best choice to describe what has occurred? Access requires a formal need-to-know determination issued by the Director of National Intelligence.? Which of these is true of unclassified data? Sensitive information may be stored on any password-protected system. Confirm the individuals need-to-know and access. you don't need to do anything special to protect this information Which of the following may be helpful to prevent inadvertent spillage? ALways mark classified information appropriately and retrieve classified documents promptly from the printer. e. Why do Elodea and onion cells have more consistent shapes than human epithelial cells? Which is NOT a method of protecting classified data? Unknown data is categorized by the system; an analyst then reviews the results Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? Physical security of mobile phones carried overseas is not a major issue. What should be your response? What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. not correct Darryl is managing a project that requires access to classified information. 1.1 Standard Challenge Answers. **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? Controlled Unclassified Information (CUI) Purpose of the CUI Program. Note That The Integers Should Be Type Cast To Doubles. You receive an email at your official Government email address from an individual at the Office of Personnel Management (OPM). Assuming open storage is always authorized in a secure facility. (controlled unclassified information) Which of the following is NOT an example of CUI? Which of these is true of unclassified data? Secure it to the same level as Government-issued systems. CUI may be stored on any password-protected system. *Spillage Which of the following is a good practice to prevent spillage? (Malicious Code) A coworker has asked if you want to download a programmers game to play at work. Social Security Number, date and place of birth, mothers maiden name. *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? You are leaving the building where you work. Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. (Identity Management) Which of the following is an example of two-factor authentication? Which may be a security issue with compressed Uniform Resource Locators (URLs)? (Spillage) What should you do when you are working on an unclassified system and receive an email with a classified attachment? Based on the description that follows how many potential insider threat indicators are displayed? Store your Common Access Card (CAC) or Personal Identity Verification (PIV) card in a shielded sleeve ~Write your password down on a device that only you access (e.g., your smartphone) Change your password at least every 3 months Enable two-factor authentication whenever available, even for personal accounts. **Social Engineering What action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. It never requires classified markings, it is true about unclassified data. How many indicators does this employee display? What type of activity or behavior should be reported as a potential insider threat? Many apps and smart devices collect and share your personal information and contribute to your online identity. What function do Insider Threat Programs aim to fulfill? They can be part of a distributed denial-of-service (DDoS) attack. Use TinyURLs preview feature to investigate where the link leads. In unsupervised machine learning, clustering is the most common process used to identify and group similar entities or items together. Classified DVD distribution should be controlled just like any other classified media. -It must be released to the public immediately. Retrieve classified documents promptly from printers. **Social Engineering Which of the following is a way to protect against social engineering? **Travel Which of the following is true of traveling overseas with a mobile phone? A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complain about the credit card bills that his wife runs up. (Travel) Which of the following is a concern when using your Government-issued laptop in public? How do you think antihistamines might work? In addition to offering an overview of cybersecurity best practices, the challenge also provides awareness of potential and common cyber threats. d. How do the size and shape of a human epithelial cell differ from those of the Elodea and onion cells that you examined earlier? Second, unclassified points are regarded as ground seeds if the distances between the points and the detected planes are less than a buffer difference threshold. Which of these is true of unclassified data? Correct. Your password and a code you receive via text message. (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Which of the following may help to prevent inadvertent spillage? A Progressive Plane Detection Filtering Method for Airborne LiDAR Data Executive Order 13526 Classified National Security Information, PersonallyIdentifiable Information (PII), Sensitive Personally Identifiable Information (SPII), Proprietary Business Information (PBI) or currently known within EPA as Confidential Business Information (CBI), Unclassified Controlled Technical Information (UCTI). Cyber Awareness 2022 I Hate CBT's A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. What should you do? Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. Leaked classified or controlled information is still classified/controlled even if it has already been compromised. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. What type of security is part of your responsibility and placed above all else?, If your wireless device is improperly configured someone could gain control of the device? correct. All to Friends Only. Cyber Awareness 2022. Spillage can be either inadvertent or intentional. The attributes of identified ground seeds are modified to ground points. (social networking) Which of the following is a security best practice when using social networking sites? Based on the description that follows, how many potential insider threat indicator(s) are displayed? A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. Ask for information about the website, including the URL. Using NIPRNet tokens on systems of higher classification level. Unclassified documents do not need to be marked as a SCIF. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Reviewing and configuring the available security features, including encryption. What type of data must be handled and stored properly based on classification markings and handling caveats? Validate all friend requests through another source before confirming them. Unclassified documents do not need to be marked as a SCIF. A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. It may be compromised as soon as you exit the plane. **Classified Data Which of the following is true of telework? Which of the following should be done to keep your home computer secure? When using your government-issued laptop in public environments, with which of the following should you be concerned? Who designates whether information is classified and its classification level? a. The National Archives and Records Administration (NARA) serves as the Controlled Unclassified Information (CUI) Executive Agent (EA). Alexa May, director of accounts, received a bill for $648\$648$648, dated April 666, with sales terms 2/10,1/15,n/302/10, 1/15, n/302/10,1/15,n/30. Retrieve classified documents promptly from printers. A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. Which of the following attacks target high ranking officials and executives? Which of the following is NOT Protected Health Information (PHI)? (Home computer) Which of the following is best practice for securing your home computer? (Sensitive Information) Which of the following represents a good physical security practice? (Spillage) What should you do if a reporter asks you about potentially classified information on the web? When would be a good time to post your vacation location and dates on your social networking website? What should you do? Briefly describe what you have learned. Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. Which of the following is true of protecting classified data? What is required for an individual to access classified data? How should you respond? Which of the following is true of internet hoaxes? You should only accept cookies from reputable, trusted websites. How many potential insiders threat indicators does this employee display. which of the following is true about unclassified Courses 442 View detail Preview site You are working at your unclassified system and receive an email from a coworker containing a classified attachment. What should you do? Immediately notify your security point of contact. Decline to let the person in and redirect her to security. Which may be a security issue with compressed urls? Who can be permitted access to classified data? **Social Engineering What is TRUE of a phishing attack? Maybe Explain. Which of the following is NOT a correct way to protect CUI? Refer the vendor to the appropriate personnel. Adversaries exploit social networking sites to disseminate fake news. **Use of GFE When can you check personal e-mail on your Government-furnished equipment (GFE)? Back To Business I.T. on LinkedIn: #mfa #2fa #multifactorauthentication 1 Answer/Comment. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive new car, and has unexplained absences from work. Unusual interest in classified information. Compute The Average Kids Per Family. What is a security best practice to employ on your home computer? Which of the following is NOT a correct way to protect sensitive information? PII, PHI, and financial information is classified as what type of information? When gases are sold they are usually compressed to high pressures. A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. What is a best practice to protect data on your mobile computing device? The CUI Registry is the Government-wide online repository for Federal-level guidance regarding CUI policy and practice. **Identity management Which is NOT a sufficient way to protect your identity? Teams. Do not access links or hyperlinked media such as buttons and graphics in email messages. A program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. (Spillage) Which of the following is a good practice to aid in preventing spillage? what should be your response be? Classified material must be appropriately marked. Write your password down on a device that only you access. Which of the following definitions is true about disclosure of confidential information? What is considered ethical use of the Government email system? -Classified information that should be unclassified and is downgraded. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. How can you guard yourself against Identity theft? classified-document. *Social Networking *Controlled Unclassified Information Which of the following is NOT an example of CUI? How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? **Social Engineering How can you protect yourself from internet hoaxes? What should you do? CPCON 1 (Very High: Critical Functions) What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? Which of the following practices reduces the chance of becoming a target by adversaries seeking insider information? (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only?