(Malicious Code) What are some examples of malicious code? **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? It contains certificates for identification, encryption, and digital signature. If aggregated, the classification of the information may not be changed. A. Which of the following is NOT a requirement for telework? (Mobile Devices) When can you use removable media on a Government system? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. How many indicators does this employee display? **Classified Data Which classification level is given to information that could reasonably be expected to cause serious damage to national security? As a security best practice, what should you do before exiting? (removable media) If an incident occurs involving removable media in a Sensitive Compartmented Information Facility (SCIF), what action should you take? a. putting a child in time-out Which of the following is NOT a best practice to protect data on your mobile computing device? What is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. How can you protect your organization on social networking sites? Follow instructions given only by verified personnel. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. It is getting late on Friday. ! (A type of phishing targeted at senior officials) Which is still your FAT A$$ MOTHER! Course Introduction Introduction . Which of these is true of unclassified data?-It must be released to the public immediately.-Its classification level may rise when aggregated. Set hasDigit to true if the 3-character passCode contains a digit, Critical, Essential, and Support Functions. Controlled Unclassified Information (CUI) is information that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations, and government-wide policies but is not classified under Executive Order 13526 or the Atomic Energy Act, as amended. A A coworker removes sensitive information without approval. Learn more about Teams What certificates are contained on the Common Access Card (CAC)? When your vacation is over, and you have returned home. What should be your response? Which of the following is NOT Protected Health Information (PHI)? What action should you take? What is considered a mobile computing device and therefore shouldnt be plugged in to your Government computer? Always check to make sure you are using the correct network for the level of data. What actions should you take with a compressed Uniform Resource Locator (URL) on a website known to you? Phishing can be an email with a hyperlink as bait. Always take your CAC when you leave your workstation. What is an individual's Personally Identifiable Information (PII) or Protected Health Information (PHI) considered? What is NOT Personally Identifiable Information (PII)? Which designation marks information that does not have potential to damage national security? It is permissible to release unclassified information to the public prior to being cleared. A Common Access Card and Personal Identification Number. Of the following, which is NOT a characteristic of a phishing attempt? The potential for unauthorized viewing of work-related information displayed on your screen. Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. Use the classified network for all work, including unclassified work. What is considered ethical use of the Government email system? not correct Keeping a database from being accessed by unauthorized visitors C. Restricting a subject at a lower classification level from accessing data at a higher classification level D. Preventing an . Connect to the Government Virtual Private Network (VPN).?? (Malicious Code) Which are examples of portable electronic devices (PEDs)? Definition 1 / 24 -It must be released to the public immediately. A Progressive Plane Detection Filtering Method for Airborne LiDAR Data Which of the following statements is true? DoD Unclassified data: Must be cleared before being released to the public May require applci aton i of Controled l Uncasl sed Iifi nformaton i (CU)I access and distribution controls Must be clearly marked as Unclassified or CUI if included in a classified document or classified storage area Annual DoD Cyber Awareness Challenge Training, DOD Cyber Awareness Challenge 2019: Knowledge, DOD Cyber Awareness Challenge 2019 (DOD-IAA-V, Operations Management: Sustainability and Supply Chain Management, Elliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson, Anderson's Business Law and the Legal Environment, Comprehensive Volume, David Twomey, Marianne Jennings, Stephanie Greene. Keep your operating system and software up to date: This will help patch any security vulnerabilities in your software. Note any identifying information and the websites Uniform Resource Locator (URL). The age of the driver may top the list of variables. Use personally-owned wired headsets and microphones only in designated areas, New interest in learning a foreign language. **Home Computer Security How can you protect your information when using wireless technology? Controlled Unclassified Information (CUI) is information that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies, but is not classified under Executive Order 13526 "Classified National Security Informat What are examples of CUI? What would you do if you receive a game application request on your government computer that includes permission to access your friends, profile information, cookies, and sites visited? The answer has been confirmed to be correct. e. Why do Elodea and onion cells have more consistent shapes than human epithelial cells? What should you do after you have ended a call from a reporter asking you to confirm potentially classified info found on the web? When gases are sold they are usually compressed to high pressures. Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. Which of the following is a good practice to protect classified information? b. Any time you participate in or condone misconduct, whether offline or online. Which of the following is a proper way to secure your CAC/PIV? **Use of GFE Under what circumstances is it acceptable to use your Government-furnished computer to check personal e-mail and do other non-work-related activities? Cyber Awareness Flashcards by Jedi Master | Brainscape Which of the following is true of using DoD Public key Infrastructure (PKI) token? A medium secure password has at least 15 characters and one of the following. Accepting the default privacy settings. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Access requires a formal need-to-know determination issued by the Director of National Intelligence.? It may expose the connected device to malware. What action should you take? a. **Insider Threat Which type of behavior should you report as a potential insider threat? Malicious code can do damage by corrupting files, erasing your hard drive, and/or allowing hackers access. Create separate user accounts with strong individual passwords. (social networking) When is the safest time to post details of your vacation activities on your social networking profile? As long as the document is cleared for public release, you may share it outside of DoD. How can you protect data on your mobile computing and portable electronic devices (PEDs)? **Travel What is a best practice while traveling with mobile computing devices? How many potential insiders threat indicators does this employee display? What should you do? Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. You may use your personal computer as long as it is in a secure area in your home b. **Social Engineering Which may be a security issue with compressed Uniform Resource Locators (URLs)? Correct. Search the Registry: Categories, Markings and Controls: Category list CUI markings Based on the description that follows, how many potential insider threat indicator(s) are displayed? Figure 1. -It never requires classification markings. You are reviewing your employees annual self evaluation. Which of the following is NOT one? T/F. Follow the steps enlisted below to use WEKA for identifying real values and nominal attributes in the dataset. Which piece of information is safest to include on your social media profile? *Sensitive Compartmented Information What is Sensitive Compartmented Information (SCI)? February 8, 2022. Your password and a code you receive via text message. Which of the following is NOT an example of Personally Identifiable Information (PII)? (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Click the card to flip Flashcards Learn Test Match Created by Jamie_Lancaster Terms in this set (24) What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? How many potential insiders threat indicators does this employee display? How can you protect yourself on social networking sites? Never allow sensitive data on non-Government-issued mobile devices. The questions are broken into the following sections: Controlled Unclassified Information (CUI) isinformation that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies,but is not classified underExecutive Order 13526 Classified National Security Informationorthe Atomic Energy Act, as amended. Your health insurance explanation of benefits (EOB). Unclassified information can become a threat to national security. Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? An official website of the United States government. They can become an attack vector to other devices on your home network. PII, PHI, and financial information is classified as what type of information? Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. -It must be released to the public immediately. Which of the following practices reduces the chance of becoming a target by adversaries seeking insider information? All https sites are legitimate. 1.1.3 Insider Threat. A Coworker has asked if you want to download a programmers game to play at work. Unusual interest in classified information. Law Enforcement Sensitive (LES),and others. Note the websites URL and report the situation to your security point of contact. #1) Open WEKA and select "Explorer" under 'Applications'. Which scenario might indicate a reportable insider threat? Working With Sensitive Information - Canada.ca Only friends should see all biographical data such as where Alex lives and works. Validate all friend requests through another source before confirming them. PDF Unauthorized Disclosure of Classified Information and Controlled - CDSE You many only transmit SCI via certified mail. Using webmail may bypass built in security features. Classified data: (Scene) Which of the following is true about telework? A colleague often makes others uneasy with her persistent efforts to obtain information about classified project where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. Don't talk about work outside your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners. Unclassified documents do not need to be marked as a SCIF. You believe that you are a victim of identity theft. Jozeal. Under which circumstances may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? Remove and take it with you whenever you leave your workstation. Your favorite movie. When unclassified data is aggregated, its classification level may rise. d. giving a spanking or a scolding. (Travel) Which of the following is a concern when using your Government-issued laptop in public? What should you do if a reporter asks you about potentially classified information on the web? Infographic - Text version Infographic [PDF - 594 KB] Report a problem or mistake on this page Date modified: 2020-12-14 What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. Based on the description that follows, how many potential insider threat indicator(s) are displayed? Classified information that should be unclassified and is downgraded. Controlled Unclassified Information (CUI) and Covered Defense **Insider Threat Which scenario might indicate a reportable insider threat? **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sires visited? Controlled Unclassified Information (CUI) Purpose of the CUI Program. *Spillage Which of the following is a good practice to aid in preventing spillage? Which of these is true of unclassified data? What should the participants in this conversation involving SCI do differently? Secure personal mobile devices to the same level as Government-issued systems. The emission rate of CO 2 from the soils reached the maximum on the 1st day of incubation and the sequence of CO 2 emission rate and cumulative emission under different amendment treatments was as SG > S > G > CK > N (Fig. What is an indication that malicious code is running on your system? Which of the following is NOT a DoD special requirement for tokens? Which may be a security issue with compressed Uniform Resource Locators (URLs)? Personal information is inadvertently posted at a website. *Spillage What should you do if a reporter asks you about potentially classified information on the web? **Social Networking Which of the following is a security best practice when using social networking sites? (Malicious Code) Which of the following is true of Internet hoaxes? The website requires a credit card for registration. All https sites are legitimate and there is no risk to entering your personal info online. The email provides a website and a toll-free number where you can make payment. Always use DoD PKI tokens within their designated classification level. Correct. Store classified data in a locked desk drawer when not in use Maybe 1 Cyber Awareness Challenge 2023 Answers. Refer the vendor to the appropriate personnel. What action should you take first? Refer the reporter to your organizations public affairs office. 1.To provide opportunities for individuals and businesses to open checking accounts __________, To write rules and guidelines for financial institutions under its supervision __________, To be the lender of last resort for financial institutions __________, To conduct the nations monetary policy with the goals of maintaining full employment and price stability __________, 5. Which of the following is true of telework? f. Get an answer. Controlled Unclassified Information - Defense Counterintelligence and How many potential insider threat indicators does this employee display? Maintain visual or physical control of the device. You must have your organizations permission to telework. Some examplesyou may be familiar with: TheFederalCUI Registry,shows authorized categoriesandassociated markings, as well as applicable safeguarding, dissemination, and decontrol procedures. Under what circumstances could unclassified information be considered a threat to national security? TheNational Archives and Records Administration (NARA)servesas the Controlled Unclassified Information (CUI) Executive Agent (EA). General Services Administration (GSA) approval. What information relates to the physical or mental health of an individual? What is a proper response if spillage occurs? Thiswill enabletimely and consistent informationsharing andincreasetransparency throughout the Federal government and with non-Federal stakeholders. You should remove and take your CAC/PIV card whenever you leave your workstation. What type of data must be handled and stored properly based on classification markings and handling caveats? Sensitive information may be stored on any password-protected system. c. ignoring a tantrum Carrying his Social Security Card with him, DoD employees are prohibited from using a DoD CAC in card-reader-enabled public device, Assigned a classification level by a supervisor. (Sensitive Information) Which of the following represents a good physical security practice? CUI must be handled using safeguarding or dissemination controls. This task is performed with the aim of finding similarities in data points and grouping similar data points together. What is a best practice to protect data on your mobile computing device? Ch 1 Flashcards by Josh Selkirk | Brainscape The popup asks if you want to run an application. Remove security badge as you enter a restaurant or retail establishment. (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? The date of full implementation of the CUI Program will be announced by the EPAs CUI Senior Agency Official (CUI SAO) and updated here on EPAs public web page. Report the crime to local law enforcement. Teams. It never requires classification markings, is true about unclassified data. cyber. Which of the following is NOT sensitive information? What is a possible indication of a malicious code attack in progress? Solved QUESTION 1 The business impact analysis (BIA) - Chegg what should you do? Official websites use .gov What Are Some Examples Of Malicious Code Cyber Awareness? It does not require markings or distribution controls. DOD Cyber Awareness 2021 (DOD-IAA-V18.0) Know, RT202: Ch. 1.1 Standard Challenge Answers. correct. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Question. What should you do? P2P (Peer-to-Peer) software can do the following except: Allow attackers physical access to network assets. Which of the following does not constitute spillage. correct. Seeker - Vacancy - Detail Overview -Ask them to verify their name and office number New interest in learning another language? *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? *Sensitive Compartmented Information What must the dissemination of information regarding intelligence sources, methods, or activities follow? correct. **Mobile Devices What can help to protect the data on your personal mobile device? There are no choices provides which make it hard to pick the untrue statement about unclassified data. They can be part of a distributed denial-of-service (DDoS) attack. You receive an inquiry from a reporter about potentially classified information on the internet. What should Sara do when publicly available Internet, such as hotel Wi-Fi? Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? Which of the following is true of downloading apps? Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. (Identity Management) Which of the following is an example of two-factor authentication? (1) A strategic plan documenting the overall conduct of a war. On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. internet-quiz. Memory sticks, flash drives, or external hard drives. Which of the following is true of Protected Health Information (PHI)? Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approves for access to the NIPRNET. **Classified Data Which of the following is a good practice to protect classified information? **Social Networking As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? Cyber Awareness 2022 I Hate CBT's Refer the reporter to your organizations public affairs office. Classified information is defined in PL 96-456, the Classified Information Procedures Act: . Look for a digital signature on the email. Dont allow other access or to piggyback into secure areas. Position your monitor so that it is not facing others or easily observed by others when in use Correct. (controlled unclassified information) Which of the following is NOT correct way to protect CUI? which of the following is true about unclassified data - Weegy (Spillage) When classified data is not in use, how can you protect it? Which of the following is NOT a criterion used to grant an individual access to classified data? Which of these is true of unclassified data? SSN, date and place of birth, mothers maiden name, biometric records, PHI, passport number, Subset of PII, health information that identifies the individual, relates to physical or mental health of an individual, provision of health care to an individual, or payment of healthcare for individual. Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. CUI is not classified information. Never allow sensitive data on non-Government-issued mobile devices. *Sensitive Information Under what circumstances could classified information be considered a threat to national security? Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. Controlled unclassified information. **Insider Threat What function do Insider Threat Programs aim to fulfill? The following table lists the number of drivers in the United States, the number of fatal accidents, and the number of total accidents in each age group in 2002. When vacation is over, after you have returned home. **Social Engineering Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? Insiders are given a level of trust and have authorized access to Government information systems. What should the owner of this printed SCI do differently? Ask the individual to see an identification badge. Within a secure area, you see an individual you do not know. The Chinese Spy Balloon Showdown The discovery of a Chinese surveillance balloon floating over the United States has added to the rising tensions between the two superpowers. The Following Is True About Unclassified Data - faqcourse.com Approved Security Classification Guide (SCG). **Website Use How should you respond to the theft of your identity? What action should you take? Ans: True Question 2: The Government Information Security Reform Act (Security Reform Act) of 2000 focuses on management View the full answer true-statement. *Sensitive Information Under which circumstances is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Call your security point of contact immediately. How should you respond? Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. JavaScript appears to be disabled on this computer. When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. A coworker has left an unknown CD on your desk. A user writes down details from a report stored on a classified system marked as Secret and uses those details to draft an unclassified briefing on an unclassified system without authorization. Store your Common Access Card (CAC) or Personal Identity Verification (PIV) card in a shielded sleeve ~Write your password down on a device that only you access (e.g., your smartphone) Change your password at least every 3 months Enable two-factor authentication whenever available, even for personal accounts. What can help to protect the data on your personal mobile device. Delete email from senders you do not know. **Classified Data When classified data is not in use, how can you protect it? You must have your organization's permission to telework. Examples are: Patient names, Social Security numbers, Drivers license numbers, insurance details, and birth dates. You receive an unexpected email from a friend: "I think you'll like this: (URL)" What action should you take? All data transfers via the internet are not 100% secure and there might be some security vulnerabilities. Note the websites URL and report the situation to your security point of contact. What structures visible in the stained preparation were invisible in the unstained preparation? Top Secret information could be expected to cause exceptionally grave damage to national security of disclosed. Identification, encryption, and digital signature. PDF IFS0026 Student Guide - CDSE Proactively identify potential threats and formulate holistic mitigation responses. A measure of how much useful work each unit of input energy provides. (Sensitive Information) What should you do if a commercial entity, such as a hotel reception desk, asks to make a photocopy of your Common Access Card (CAC) for proof of Federal Government employment? Who is responsible for information/data security? When traveling or working away from your main location, what steps should you take to protect your devices and data? Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? the following is true about unclassified data fy23 controlled unclassified information cui quizlet what is true of controlled unclassified information What. *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? (Sensitive Information) Which of the following is NOT an example of sensitive information? **Travel What security risk does a public Wi-Fi connection pose? Unclassified documents do not need to be marked as a SCIF. **Insider Threat What type of activity or behavior should be reported as a potential insider threat? Which of the following actions can help to protect your identity? (Sensitive Information) Which of the following is true about unclassified data? *Insider Threat Which of the following is a reportable insider threat activity? Which of the following is NOT a social engineering tip? Spillage can be either inadvertent or intentional. 870 Summit Park Avenue Auburn Hills, MI 48057. Hostility or anger toward the United States and its policies. If you participate in or condone it at any time. Looking for https in the URL. laptops, fitness bands, tablets, smartphones, electric readers, and Bluetooth devices. It does not require markings or distribution controls. For example, when you buy propane for your barbecue, your tank is placed on a scale while it is filled under high pressure (Figure 7). Ensure proper labeling by appropriately marking all classified material. You know that this project is classified. Maybe. Directing you to a website that looks real. The website requires a credit card for registration. Attachments contained in a digitally signed email from someone known. The challenges goal is simple: To change user behavior to reduce the risks and vulnerabilities DoD Information Systems face.