Validate friend requests through another source before confirming them. What should you do? When using a fax machine to send sensitive information, the sender should do which of the following? (Travel) Which of the following is a concern when using your Government-issued laptop in public? UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. Many apps and smart devices collect and share your personal information and contribute to your online identity. Managing government information when working remotely *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). Should you always label your removable media? Controlled Unclassified Information (CUI) | National Archives SSN, date and place of birth, mothers maiden name, biometric records, PHI, passport number, Subset of PII, health information that identifies the individual, relates to physical or mental health of an individual, provision of health care to an individual, or payment of healthcare for individual. Classified material must be appropriately marked. data. You should remove and take your CAC/PIV card whenever you leave your workstation. Understanding and using the available privacy settings. Do not download it. What should Sara do when publicly available Internet, such as hotel Wi-Fi? Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? Which of the following is NOT an example of CUI? (Sensitive Information) What type of unclassified material should always be marked with a special handling caveat? Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. which of the following is true about unclassified data - Weegy What can be used to track Marias web browsing habits? A Coworker has asked if you want to download a programmers game to play at work. How should you respond? -TRUE What action is recommended when somebody calls you to inquire about your work environment or specific account information? How many potential insiders threat indicators does this employee display. What action should you take? It does not require markings or distribution controls. *Malicious Code After visiting a website on your Government device, a popup appears on your screen. Correct. It contains certificates for identification, encryption, and digital signature. What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? Remove your security badge after leaving your controlled area or office building. Organizational Policy Not correct Never allow sensitive data on non-Government-issued mobile devices. Is it okay to run it? Spear Phishing attacks commonly attempt to impersonate email from trusted entities. Which of the following is NOT Protected Health Information (PHI)? (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? Spillage because classified data was moved to a lower classification level system without authorization. (Insider Threat) Based on the description that follows, how many potential insider threat indicator(s) are displayed? CPCON 1 (Very High: Critical Functions) Prudence faxes CUI using an Unclassified cover sheet via a Secret fax machine. No. A coworker has left an unknown CD on your desk. Is this safe? true-statement. **Social Engineering Which of the following is a way to protect against social engineering? *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? How many potential insider threat indicators does this employee display? Unclassified documents do not need to be marked as a SCIF. #1) Open WEKA and select "Explorer" under 'Applications'. (Correct) -It does not affect the safety of Government missions. The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. Which of the following is true of using DoD Public key Infrastructure (PKI) token? Cyber Awareness 2022 I Hate CBT's What should be done to protect against insider threats? What should the participants in this conversation involving SCI do differently? An official website of the United States government. (Malicious Code) What is a good practice to protect data on your home wireless systems? Correct. (Correct)-It does not affect the safety of Government missions.-It never requires classification markings. Request the users full name and phone number. When vacation is over, after you have returned home. You must have your organization's permission to telework. What should you do? Where. Updated 8/5/2020 8:06:16 PM. Search the Registry: Categories, Markings and Controls: Category list CUI markings Have your permissions from your organization, follow your organization guideline, use authorized equipment and software, employ cyber security best practice, perform telework in dedicated when home. A coworker has asked if you want to download a programmer's game to play at work. Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? Sensitive information. As long as the document is cleared for public release, you may release it outside of DoD. What is the best response if you find classified government data on the internet? The EPAs Controlled Unclassified Information (CUI) Program issued its Interim CUI Policy in December 2020. Transmit classified information via fax machine only Not correct (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? 1.1.3 Insider Threat. Maybe. *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? Let us have a look at your work and suggest how to improve it! Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Which of the following is true of internet hoaxes? Write your password down on a device that only you access. What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? Never allow sensitive data on non-Government-issued mobile devices. Some examplesyou may be familiar with: TheFederalCUI Registry,shows authorized categoriesandassociated markings, as well as applicable safeguarding, dissemination, and decontrol procedures. Controlled Unclassified Information (CUI) Program Frequently Asked Unknown data is categorized by the system; an analyst then reviews the results -It never requires classification markings. *Sensitive Compartmented Information What must the dissemination of information regarding intelligence sources, methods, or activities follow? It is releasable to the public without clearance. 10-3 X-ray Interaction with Matter, Fundamentals of Engineering Economic Analysis, David Besanko, Mark Shanley, Scott Schaefer. Which of the following is true of Protected Health Information (PHI)? 5. Which of the following definitions is true about disclosure of confidential information? Unclassified documents do not need to be marked as a SCIF. *Spillage What should you do if you suspect spillage has occurred? Correct. It is not corporate intellectual property unless created for or included in requirements related to a government contract. (Identity Management) What certificates are contained on the Common Access Card (CAC)? The questions are broken into the following sections: Controlled Unclassified Information (CUI) isinformation that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies,but is not classified underExecutive Order 13526 Classified National Security Informationorthe Atomic Energy Act, as amended. **Home Computer Security What should you consider when using a wireless keyboard with your home computer? How should you respond? When can you check personal email on your government furnished equipment? Cyber Awareness Challenge Complete Questions and Answers *Sensitive Information Under what circumstances could classified information be considered a threat to national security? On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Which is an untrue statement about unclassified data? Which of the following is an example of two-factor authentication? Which of the following is an example of malicious code? Use personal information to help create strong passwords. Which piece of information is safest to include on your social media profile? **Insider Threat Which of the following is NOT considered a potential insider threat indicator? ALways mark classified information appropriately and retrieve classified documents promptly from the printer. Which of the following is NOT a type of malicious code? Which of the following is a practice that helps to protect you from identity theft? **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? Top Secret information could be expected to cause exceptionally grave damage to national security of disclosed. 1.1.1 Spillage. "Unclassified" or a lack of security marking denotes non-sensitive information. A coworker removes sensitive information without approval. What action should you take? What Are Some Examples Of Malicious Code Cyber Awareness? Quizzma is a free online database of educational quizzes and test answers. Darryl is managing a project that requires access to classified information. *Spillage Which of the following actions is appropriate after finding classified information on the Internet? Use TinyURL's preview feature to investigate where the link leads. Which of the following individuals can access classified data? There are many travel tips for mobile computing. (Spillage) When is the safest time to post details of your vacation activities on your social networking website? What is required for an individual to access classified data? Individuals must avoid referencing derivatively classified reports classified higher than the recipient.??? They may be used to mask malicious intent. ~A coworker brings a personal electronic device into a prohibited area. *Spillage What is a proper response if spillage occurs? **Classified Data Which classification level is given to information that could reasonably be expected to cause serious damage to national security? CPCON 4 (Low: All Functions) Dont allow other access or to piggyback into secure areas. Which of the following is a good practice to avoid email viruses? Unclassified is a security classification assigned to official information that does not warrant the assignment of Confidential, Secret, or Top Secret markings but which is not publicly-releasable without authorization. Only friends should see all biographical data such as where Alex lives and works. **Insider Threat Which type of behavior should you report as a potential insider threat? correct. Use personally-owned wired headsets and microphones only in designated areas, New interest in learning a foreign language. Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. What should you consider when using a wireless keyboard with your home computer? What is an individual's Personally Identifiable Information (PII) or Protected Health Information (PHI) considered? Classified data: (Scene) Which of the following is true about telework? **Insider Threat What function do Insider Threat Programs aim to fulfill? Of the following, which is NOT an intelligence community mandate for passwords? A coworker brings a personal electronic device into prohibited areas. **Use of GFE Under what circumstances is it acceptable to use your Government-furnished computer to check personal e-mail and do other non-work-related activities? What is best practice while traveling with mobile computing devices? Which may be a security issue with compressed Uniform Resource Locators (URLs)? When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. It never requires classified markings, it is true about unclassified data. (Mobile Devices) When can you use removable media on a Government system? *Sensitive Compartmented Information What is a Sensitive Compartmented Information (SCI) program? Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, CITI Ethics, Responsible Conduct, RCR, Law, HTH And IRB Answers, EVERFI Achieve Consumer Financial Education Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Google Analytics Individual Qualification Exam Answers, Everfi Module 4 Credit Scores Quiz Answers, Which Of The Following Is Not Considered A Potential Insider Threat Indicator. Maria is at home shopping for shoes on Amazon.com. To determine premiums for automobile insurance, companies must have an understanding of the variables that affect whether a driver will have an accident. There are no choices provides which make it hard to pick the untrue statement about unclassified data. CUI may be stored only on authorized systems or approved devices. (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? **Identity management Which of the following is an example of two-factor authentication? Of the following, which is NOT a method to protect sensitive information? Note any identifying information, such as the website's URL, and report the situation to your security POC. The popup asks if you want to run an application. Attachments contained in a digitally signed email from someone known. Note any identifying information, such as the websites URL, and report the situation to your security POC. No, you should only allow mobile code to run from your organization or your organizations trusted sites. (Sensitive Information) What should you do if a commercial entity, such as a hotel reception desk, asks to make a photocopy of your Common Access Card (CAC) for proof of Federal Government employment? Store it in a shielded sleeve to avoid chip cloning. A man you do not know is trying to look at your Government-issued phone and has asked to use it. Refer the reporter to your organizations public affairs office. **Mobile Devices What should you do when going through an airport security checkpoint with a Government-issued mobile device? Insiders are given a level of trust and have authorized access to Government information systems. -Ask them to verify their name and office number (1) A strategic plan documenting the overall conduct of a war. *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? What should you do? When unclassified data is aggregated, its classification level may rise. Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. What information most likely presents a security risk on your personal social networking profile? A coworker uses a personal electronic device in a secure area where their use is prohibited. A medium secure password has at least 15 characters and one of the following. What type of data must be handled and stored properly based on classification markings and handling caveats? Use only personal contact information when establishing personal social networking accounts, never use Government contact information. Which of the following should you NOT do if you find classified information on the internet? Note the websites URL and report the situation to your security point of contact. **Physical Security Within a secure area, you see an individual who you do not know and is not wearing a visible badge. If authorized, what can be done on a work computer? What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Linda encrypts all of the sensitive data on her government issued mobile devices. Which of the following is an example of a strong password? They provide guidance on reasons for and duration of classification of information. *Sensitive Compartmented Information When is it appropriate to have your security badge visible? what should you do? A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. What portable electronic devices (PEDs) are permitted in a SCIF? The age of the driver may top the list of variables. -It never requires classification markings. What should you do if a reporter asks you about potentially classified information on the web? **Social Networking Which of the following information is a security risk when posted publicly on your social networking profile? *Spillage Which of the following is a good practice to prevent spillage? You are working at your unclassified system and receive an email from a coworker containing a classified attachment. While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. . **Website Use Which of the following statements is true of cookies? You can't have 1.9 children in a family (despite what the census might say ). Use only your personal contact information when establishing your account. What information relates to the physical or mental health of an individual? Looking at your MOTHER, and screaming THERE SHE BLOWS! Only use Government-furnished or Government-approved equipment to process PII. A colleague often makes others uneasy with her persistent efforts to obtain information about classified project where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. **Classified Data Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? What should be your response? Which is an untrue statement about unclassified data? - Getvoice.org Create separate user accounts with strong individual passwords. A **Social Networking Your cousin posted a link to an article with an incendiary headline on social media. Classification markings and handling caveats. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Accepting the default privacy settings. When your vacation is over, after you have returned home. Which of the following is NOT true of traveling overseas with a mobile phone? You check your bank statement and see several debits you did not authorize. When gases are sold they are usually compressed to high pressures. PII includes, but is not limited to, social security numbers, date and places of birth, mothers maiden names, biometric records, and PHI. Store classified data appropriately in a GSA-approved vault/container when not in use. The emission rate of CO 2 from the soils reached the maximum on the 1st day of incubation and the sequence of CO 2 emission rate and cumulative emission under different amendment treatments was as SG > S > G > CK > N (Fig. *Spillage What should you do when you are working on an unclassified system and receive an email with a classified attachment? A colleague saves money for an overseas vacation every year, is a . Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. Contents hide. Her badge is not visible to you. As a security best practice, what should you do before exiting? **Insider Threat Which of the following should be reported as a potential security incident (in accordance with you Agencys insider threat policy)?