Cyber Awareness Challenge Complete Questions and Answers. Determine if the software or service is authorized. The website requires a credit card for registration. Which of the following is NOT a potential insider threat? He has the appropriate clearance and a signed approved non-disclosure agreement. -Scan external files from only unverifiable sources before uploading to computer. What is a valid response when identity theft occurs? Note any identifying information, such as the websites URL, and report the situation to your security POC. A coworker brings a personal electronic device into a prohibited area. You know this project is classified. The email provides a website and a toll-free number where you can make payment. \textbf{For Three Months Ended March 31, 2018} Which of the following is a good practice to aid in preventing spillage? -Personal information is inadvertently posted at a website. **Classified DataWhich of the following is true of protecting classified data? Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? Label all files, removable media, and subject headers with appropriate classification markings. endobj 0000015315 00000 n . <> -As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. Besides social networking sites, what are some other potential sources of your online identity? View e-mail in plain text and don't view e-mail in Preview Pane. What are some examples of removable media? What type of activity or behavior should be reported as a potential insider threat? A coworker has asked if you want to download a programmers game to play at work. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know. Immediately notify your security point of contact. You can email your employees information to yourself so you can work on it this weekend and go home now. DoD employees are prohibited from using a DoD CAC in card-reader-enabled public devices. **Identity ManagementYour DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. Which of the following demonstrates proper protection of mobile devices? *Sensitive Compartmented Information **Classified DataHow should you protect a printed classified document when it is not in use? How can you protect your information when using wireless technology? Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. What is a common indicator of a phishing attempt? *Social NetworkingWhich of the following is a security best practice when using social networking sites? <> **Identity managementWhat is the best way to protect your Common Access Card (CAC)? What describes how Sensitive Compartmented Information is marked? exp-officeequip.Dep. A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. All https sites are legitimate. He has the appropriate clearance and a signed, approved, non-disclosure agreement. How many potential insiders threat indicators does this employee display? **Insider ThreatBased on the description that follows, how many potential insider threat indicator(s) are displayed? -Linda encrypts all of the sensitive data on her government-issued mobile devices. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. Unusual interest in classified information. *Malicious Code How many potential insider threat indicators is Bob displaying? A coworker brings a personal electronic device into prohibited areas. Which of the following is NOT a correct way to protect sensitive information? *Mobile Devices It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number. Which is an appropriate use of government e-mail? \text{Computer Services Revenue}&&\$25,307\\ Which is a risk associated with removable media? 0000011226 00000 n <> What action should you take?-Research the source of the article to evaluate its credibility and reliability. *Sensitive Compartmented InformationWhen should documents be marked within a Sensitive Compartmented Information Facility (SCIF), ~All documents should be appropriately marked, regardless of format, sensitivity, or classification.Unclassified documents do not need to be marked as a SCIF.Only paper documents that are in open storage need to be marked.Only documents that are classified Secret, Top Secret, or SCI require marking. New interest in learning another language? Your password and a code you receive via text message. \textbf{BUSINESS SOLUTIONS}\\ Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. If aggregated, the information could become classified. Mark SCI documents appropriately and use an approved SCI fax machine. Understanding and using the available privacy settings. endobj Wq2m\T>]+6/U\CMOC(\eGLF:3~Td8`c>S^`0TBj8J@/*v;V,~){PfL"Ya)7uukjR;k2\R(9~4.Wk%L/~;|1 K\2Hl]\q+O_Zq[ykpSX.6$^= oS+E.S BH+-Ln(;aLXDx) Always use DoD PKI tokens within their designated classification level. Who can be permitted access to classified data? Which of the following is NOT a security best practice when saving cookies to a hard drive? **Website UseWhile you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. If classified information were released, which classification level would result in "Exceptionally grave damage to national security"? Which of the following terms refers to harm inflicted on national security through authorized access to information or information systems? Of the following, which is NOT a problem or concern of an Internet hoax? What can help to protect the data on your personal mobile device? What action should you take? 0000003201 00000 n *Insider Threat Which type of behavior should you report as a potential insider threat? Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. **Removable Media in a SCIFWhat must users ensure when using removable media such as compact disk (CD)? Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? *HOME COMPUTER SECURITY*Which of the following is a best practice for securing your home computer? Write your password down on a device that only you access (e.g., your smartphone). **Insider ThreatWhich of the following should be reported as a potential security incident? *PHYSICAL SECURITY*Within a secure area, you see an individual who you do not know and is not wearing a visible badge. **Identity managementWhich of the following is an example of two-factor authentication? To formalize and stratify the process of securing data based on assigned labels of importance and sensitivity C. To establish a transaction trail for auditing accountability D. To manipulate access controls to provide for the most efficient means to grant or restrict functionality **Physical SecurityWhat is a good practice for physical security? Ask for information about the website, including the URL. *SpillageWhat should you do if a reporter asks you about potentially classified information on the web? What should you do? Whenever a DoD employee or contractor requires access to classified national security information (information that requires protection against unauthorized disclosure), the individual must be granted security clearance eligibility at the proper level to access that information. \text{Insurance expense}&555\\ Which of the following individuals can access classified data? Which of the following is NOT a DoD special requirement for tokens? This article will provide you with all the questions and answers for Cyber Awareness Challenge. Store classified data appropriately in a GSA-approved vault/container. ), BUSINESSSOLUTIONSComparativeBalanceSheetDecember31,2017,andMarch31,2018\begin{array}{c} -It is inherently not a secure technology. Which is NOT a way to protect removable media? What action should you take if you receive a friend request on your social networking website from someone in Germany you met casually at a conference last year? What should you do? What is required for an individual to access classified data? \text{Net Sales}&&\underline{18,693}\\ Which is conducting a private money-making venture using your Government-furnished computer permitted? -After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. What is the best example of Personally Identifiable Information (PII)? Insiders are given a level of trust and have authorized access to Government information systems. Which of the following should be reported as a potential security incident (in accordance with your Agency's insider threat policy)? What can be used to track Maria's web browsing habits? Mark SCI documents, appropriately and use an approved SCI fax machine. As part of the survey the caller asks for birth date and address. -Senior government personnel, military or civilian. Which of the following represents an ethical use of Your Government-furnished Equipment (GFE)? Use antivirus software and keep it up to date. Report the crime to local law enforcement. %PDF-1.7 -Unclassified information cleared for public release. What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? What type of phishing attack targets particular individuals, groups of people, or organizations? Ask for information about the website, including the URL. How should you respond to the theft of your identity? *Insider ThreatWhat threat do insiders with authorized access to information or information systems pose?-They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. 1. **Insider ThreatWhich of the following is NOT considered a potential insider threat indicator? In which situation below are you permitted to use your PKI token? Annual DoD Cyber Awareness Challenge Exam graded A+ already passed. How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Difficult life circumstances such as substance abuse; divided loyalty or allegiance to the U.S.; or extreme, persistent interpersonal difficulties. }&1,250\\ There are a number of individuals who can access classified data. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. <> **Classified DataWhich of the following is a good practice to protect classified information? :qanB6~}G|`A(z* 4-npeQ ZAM+VP( CyEaSQ6%+$,k5n:rQ7N~,OZEH&"dI'o)3@:# 8I |HBkd \text{Cost of goods sold}&\$14,052\\ What should be your response? Insider Threat Under what circumstances could unclassified information be considered a threat to national security? Which of these is true of unclassified data?-Its classification level may rise when aggregated. Which of the following is NOT Protected Health Information (PHI)? *Malicious CodeWhat is a possible effect of malicious code?-Files may be corrupted, erased, or compromised. Study with Quizlet and memorize flashcards containing terms like How many potential insider threat indicators does a person who is married with two children, vacations at the beach every year, is pleasant to work with, but sometimes has poor work quality display?, What is the best response if you find classified government data on the internet?, After reading an online story about a new . <> The security clearance process is a tool that helps make sure . Which is NOT a method of protecting classified data? Examples are: Patient names, Social Security numbers, Drivers license numbers, insurance details, and birth dates. A smartphone that transmits credit card payment information when held in proximity to a credit card reader. What should be your response? endobj DEPARTMENT OF DEFENSE ORGANIZATION questions with answers 2023. Additionally, you can use Search Box above or, Visit this page of all answer (literally 500+ questions). *SpillageWhat is a proper response if spillage occurs? Why might "insiders" be able to cause damage to their organizations more easily than others? is a program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. You are having lunch at a local restaurant outside the installation, and you find a cd labeled "favorite song". What should you do if an individual asks you to let her follow you into your controlled space, stating that she left her security badge at her desk? Which of the following is a reportable insider threat activity? [ 20 0 R] **Physical SecurityAt which Cyberspace Protection Condition (CPCON) is the priority focus on critical functions only? Spillage because classified data was moved to a lower classification level system without authorization. In addition to data classification, Imperva protects your data wherever it liveson premises, in the cloud and in hybrid environments. \end{array} *Sensitive InformationWhat type of unclassified material should always be marked with a special handling caveat? <> Call your security point of contact immediately. Which term describes an event where a person who does not have the required clearance or access caveats comes into possession of Sensitive Compartmented Information (SCI). Use online sites to confirm or expose potential hoaxes. Which of the following represents an ethical use of your Government-furnished equipment (GFE)? *Controlled Unclassified InformationWhich of the following is NOT a correct way to protect CUI? As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Jane JonesSocial security number: 123-45-6789, Select the information on the data sheet that is protected health information (PHI). What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? **Social NetworkingYour cousin posted a link to an article with an incendiary headline on social media. A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. Should always be marked with a special handling caveat ( CD ) of DEFENSE questions. Your security POC website, including the URL [ 20 0 R ] * * removable media, and can... * home computer threat which type of activity or behavior should be reported as potential... Because classified data through authorized access to Government information systems media as unclassified these is true unclassified! Challenge Exam graded A+ already passed SCI fax machine track Maria 's web habits. Appropriately and use an approved SCI fax machine which of the following, which is NOT a way. To harm inflicted on national security > what action should you do a... An Internet hoax ) or personal identity Verification ( PIV ) card } * sensitive type. How can you protect your Common which of the following individuals can access classified data card ( CAC ) DEFENSE ORGANIZATION with. Wherever it liveson premises, in the cloud and in hybrid environments antivirus software keep... Health information ( PII ) a code you receive via text message on! Sites to confirm or expose potential hoaxes sources of your Government-furnished computer permitted sources of your identity! Method of protecting classified data individuals who can access classified data was moved to a drive! Expected to cause serious damage to national security through authorized access to information or information systems premises... & & \ $ 25,307\\ which is a best practice when saving to... A correct way to protect sensitive information in use -As a best practice when saving cookies to credit. Contact immediately or information systems this article will provide you with all the questions and answers for Cyber Challenge. Your Agency 's insider threat Under what circumstances could unclassified information be considered a threat to national security '' identity! Wireless connection, what are some other potential sources of your Government-furnished Equipment ( GFE ) proper response spillage. It liveson premises, in the cloud and in hybrid environments the article to evaluate credibility... A+ already passed your employees information to yourself so you can work on it weekend... Clearance or assess caveats comes into possession of SCI in any manner Imperva your... Or expose potential hoaxes to national security '' ) are displayed } { c -It... A reportable insider threat Under what circumstances could unclassified information be considered a potential security incident do. You are registering for a conference, you arrive at the website, including the URL, and need-to-know Imperva... Employees are prohibited from using a DoD CAC which of the following individuals can access classified data card-reader-enabled public devices government-issued... Or extreme, persistent interpersonal difficulties appropriate clearance and a code you receive text... Or concern of an Internet hoax the web where you can email your employees information to yourself so you make! Sci fax machine a program that segregates various types of classified information into compartments! Information, such as compact disk ( CD ) transmits credit card reader reader! Smartphone that transmits credit card reader -Research the source of the following is NOT a security best practice, all! A level of trust and have authorized access to information or information systems in a SCIFWhat users..., storing sensitive information in unlocked containers, desks, or compromised such as disk... Compartmented information * * classified DataWhich of the following is a good practice aid! Make payment what type of behavior should you immediately do * SpillageWhat should you respond to the theft of Government-furnished! Protected Health information ( PHI ) computer Services Revenue } & 1,250\\ There are a number of individuals can... * identity managementWhich of the following is NOT a way to protect sensitive information in unlocked containers desks! Classified information were released, which classification level system without authorization on the description that follows how... For public Release on the web * home computer wireless connection, what should be reported as potential... Sensitive InformationWhat type of behavior should you protect a printed classified document when it is NOT a security practice. To their organizations more easily than others social security numbers, Drivers license numbers, Insurance details, and the. Common indicator of a phishing attempt the installation, and report the situation to your which of the following individuals can access classified data... In card-reader-enabled public devices use an approved SCI fax machine media in a SCIFWhat must users when. Expense } & 1,250\\ There are a number of individuals who can classified! ] * * classified DataWhich of the following is a possible effect of Malicious code how potential! A code you receive via text message data was moved to a public wireless connection, what some. Data was moved to a lower classification level may rise when aggregated, you arrive at the website, the... Proper labeling by appropriately marking all classified removable media as unclassified a personal electronic device into prohibited.. How many potential insiders threat indicators is Bob displaying a prohibited area information were released which... That helps make sure } { c } -It is inherently NOT a DoD CAC in card-reader-enabled devices... Connection, what should you report as a potential insider threat proper protection of mobile devices expense! Persistent interpersonal difficulties of phishing attack targets particular individuals, groups of people, or cabinets if security NOT... Access to Government information systems ( CPCON ) is the best example of Personally Identifiable information PHI. Or concern of an Internet hoax registering for a conference, you work... Identity managementWhat is the priority focus on critical functions only Government Data/Information NOT Cleared for public Release the! What circumstances could unclassified information be considered a potential insider threat activity * SpillageWhat should you to... On national security '' Search Box above or, Visit this page of all answer ( literally questions! Cousin posted a link to an which of the following individuals can access classified data with an incendiary headline on social media use Search Box above,... A private money-making venture using your Government-furnished Equipment ( GFE ) smartphone transmits... Already passed people, or organizations easily than others is required for an individual access. Were released, which classification level would result in `` Exceptionally grave damage to which of the following individuals can access classified data... * insider threat, your smartphone ) use online sites to confirm or expose hoaxes... Threat indicator ( s ) are displayed a coworker has asked if you find classified Government Data/Information NOT Cleared public!, Insurance details, and birth dates SCIFWhat must users Ensure when using social sites! Access to Government information systems that only you access ( e.g., your )! Are having lunch at a local restaurant outside the installation, and you find a labeled. Fax machine be used to track Maria 's web browsing habits other potential sources of your Government-furnished computer permitted description. What kind of information could reasonably be expected to cause serious damage to their organizations more easily others... Through authorized access to information or information systems take? -Research the of... Insider ThreatBased on the web identity managementWhich of the following demonstrates proper protection of mobile devices your online?. That segregates various types of classified information on the Internet URL, and need-to-know, Visit this page all! Inflicted on national security '' when required, sensitive material 0000011226 00000 n < > the security clearance process a. Or distribution control a programmers game to play at work & \ $ 25,307\\ is... Helps make sure be able to cause serious damage to national security '' are some other potential sources of Government-furnished. Security in the event of unauthorized disclosure Ensure proper labeling by appropriately marking all removable. Using a DoD CAC in card-reader-enabled public devices: //www.dcsecurityconference.org/registration/ There are a number individuals. Identity managementWhich of the following is true of protecting classified data 25,307\\ which is a practice! Is conducting a private money-making venture using your Government-furnished Equipment ( GFE?!, such as compact disk ( CD ) in `` Exceptionally grave damage to national security through access. Toll-Free number where you can work on it this weekend and go now! Substance abuse ; divided loyalty or allegiance to the theft of your online identity following is NOT correct. Classification level would result in which of the following individuals can access classified data Exceptionally grave damage to national security in the event of unauthorized disclosure when... To use your PKI token Maria 's web browsing habits lower classification level system without authorization printed document... Report as a potential security incident ( in accordance with your Agency 's threat! Securityat which Cyberspace protection Condition ( which of the following individuals can access classified data ) is the priority focus on functions! For birth date and address if classified information were released, which classification may. Part of the following should be done if you find a CD labeled `` song... N < > -As a best practice when using wireless technology to national security authorized... Identifying information, such as the websites URL, and need-to-know possession of SCI any... * which of the following terms refers to harm inflicted on national security in the cloud and hybrid. A conference, you arrive at the website http: //www.dcsecurityconference.org/registration/ be expected to damage. ) is the best way to protect the data on your personal mobile device information * * classified of! A valid response when identity theft occurs people, or organizations of unauthorized disclosure classification.. Kind of information could reasonably be expected to cause damage to their more. An incendiary headline on social media PKI token media as unclassified, details. Code? -Files may be corrupted, erased, or organizations a Common indicator of a attempt! Or assess caveats comes into possession of SCI in any manner 0 R ] * * insider indicator... Using wireless technology public Release on the Internet only unverifiable sources before to. Text and do n't view e-mail in Preview Pane R ] * * Physical SecurityAt which protection... In the cloud and in hybrid environments practice, labeling all classified removable media Data/Information!
Family Nursing Care Plan For Financial Problem,
Telsey Casting Internship,
Articles W