Store it in a locked desk drawer after working hours. 1.To provide opportunities for individuals and businesses to open checking accounts __________, To write rules and guidelines for financial institutions under its supervision __________, To be the lender of last resort for financial institutions __________, To conduct the nations monetary policy with the goals of maintaining full employment and price stability __________, 5. When vacation is over, after you have returned home. What structures visible in the stained preparation were invisible in the unstained preparation? Which may be a security issue with compressed urls? How many potential insiders threat indicators does this employee display? (GFE) When can you check personal e-mail on your Government-furnished equipment (GFE)? Social Security Number; date and place of birth; mothers maiden name. laptops, fitness bands, tablets, smartphones, electric readers, and Bluetooth devices. What can you do to protect yourself against phishing? **Social Engineering What is TRUE of a phishing attack? Unclassified information is a threat to national security. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? When would be a good time to post your vacation location and dates on your social networking website? While it may seem safer, you should NOT use a classified network for unclassified work. What information relates to the physical or mental health of an individual? **Mobile Devices What should you do when going through an airport security checkpoint with a Government-issued mobile device? You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? Use only personal contact information when establishing your personal account. not correct Which of the following individuals can access classified data? As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. Spillage can be either inadvertent or intentional. **Insider Threat How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? internet-quiz. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. **Physical Security At which Cyberspace Protection Condition (CPCON) is the priority focus on critical functions only? Memory sticks, flash drives, or external hard drives. be wary of suspicious e-mails that use your name and/or appear to come from inside your organization. Which of the following is NOT a home security best practice? Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. 10-3 X-ray Interaction with Matter, Fundamentals of Engineering Economic Analysis, David Besanko, Mark Shanley, Scott Schaefer. **Insider Threat Which of the following should be reported as a potential security incident (in accordance with you Agencys insider threat policy)? A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. Proactively identify potential threats and formulate holistic mitigation responses. Remove security badge as you enter a restaurant or retail establishment. Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? The EPAs Controlled Unclassified Information (CUI) Program issued its Interim CUI Policy in December 2020. Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. What is the best choice to describe what has occurred? (Home computer) Which of the following is best practice for securing your home computer? We thoroughly check each answer to a question to provide you with the most correct answers. **Classified Data Which of the following is a good practice to protect classified information? Note any identifying information, such as the website's URL, and report the situation to your security POC. Accepting the default privacy settings. Search by Location. Which is a way to protect against phishing attacks? (Spillage) What should you do when you are working on an unclassified system and receive an email with a classified attachment? Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, CITI Ethics, Responsible Conduct, RCR, Law, HTH And IRB Answers, EVERFI Achieve Consumer Financial Education Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Google Analytics Individual Qualification Exam Answers, Everfi Module 4 Credit Scores Quiz Answers, Which Of The Following Is Not Considered A Potential Insider Threat Indicator. You must have your organizations permission to telework. Neither confirm or deny the information is classified. All https sites are legitimate. What is required for an individual to access classified data? Who designates whether information is classified and its classification level? What action should you take first? Your comments are due on Monday. You should only accept cookies from reputable, trusted websites. Secure personal mobile devices to the same level as Government-issued systems. (Correct) -It does not affect the safety of Government missions. Do not access website links in e-mail messages. **Identity management Which of the following is an example of two-factor authentication? asked in Internet by voice (265k points) Question : Which of the following is true about unclassified data? ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. THIS IS THE BEST ANSWER . **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? After clicking on a link on a website, a box pops up and asks if you want to run an application. *Sensitive Compartmented Information When is it appropriate to have your security badge visible? Let us know if this was helpful. Which of the following is an example of punishment by application? Security Classification Guides (SCGs).??? -It never requires classification markings. How many potential insider threat indicators does this employee display? **Identity Management Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. After you have returned home following the vacation. -Ask them to verify their name and office number Matt Monroe, a 20-year U. S. Air Force veteran and current operations manager at Omnistruct, explains the breakdown, "There are four classified information categories in the military based on the severity of damage that the information's release would cause. A .gov website belongs to an official government organization in the United States. Definition 1 / 24 -It must be released to the public immediately. Correct, Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. A coworker removes sensitive information without authorization. #1) Open WEKA and select "Explorer" under 'Applications'. **Social Networking Your cousin posted a link to an article with an incendiary headline on social media. Keep your operating system and software up to date: This will help patch any security vulnerabilities in your software. Report the crime to local law enforcement. Which designation marks information that does not have potential to damage national security? Which is a good practice to protect classified information? **Home Computer Security Which of the following is a best practice for securing your home computer? The CAC/PIV is a controlled item and contains certificates for: An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? What is required for an individual to access classified data? Which of the following is NOT a security best practice when saving cookies to a hard drive? Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. Exceptionally grave damage to national security. What are some potential insider threat indicators? Which of the following is NOT a correct way to protect sensitive information? Unclassified documents do not need to be marked as a SCIF. What is considered a mobile computing device and therefore shouldnt be plugged in to your Government computer? Aggregating it does not affect its sensitivyty level. Which of the following actions is appropriate after finding classified Government information on the internet? Which of the following is NOT a correct way to protect CUI? Malicious code can include viruses, worms, and macros. On September 14, 2016, NARA issued a final rule amending 32 CFR Part 2002 to establish a uniform policy for all Federal agencies and prescribe Government-wide program implementation standards, including designating, safeguarding, disseminating, marking, decontrolling, and disposing of CUI; self-inspection and oversight requirements; and other facets of the CUI Program. **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sires visited? In addition to offering an overview of cybersecurity best practices, the challenge also provides awareness of potential and common cyber threats. EPAs CUI Program is responsible for issuing CUI policy, procedures, training, and guidance to program offices and regions, along with providing oversight and reporting on the Agencys progress on meeting NARAs CUI deadlines. It is created or received by a healthcare provider, health plan, or employer. **Insider Threat A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. (Malicious Code) What are some examples of removable media? Linda encrypts all of the sensitive data on her government-issued mobile devices. Reviewing and configuring the available security features, including encryption. What type of social engineering targets particular individuals, groups of people, or organizations? (Spillage) When is the safest time to post details of your vacation activities on your social networking website? You can't have 1.9 children in a family (despite what the census might say ). What is a best practice to protect data on your mobile computing device? Click the card to flip Flashcards Learn Test Match Created by Jamie_Lancaster Terms in this set (24) Malicious code can mask itself as a harmless e-mail attachment, downloadable file, or website. At EPA, the CUI Program is housed in the Libraries and Accessibility Division (LAD) within the Office of Mission Supports (OMS), Office of Enterprise Information Programs (OEIP). What is an individual's Personally Identifiable Information (PII) or Protected Health Information (PHI) considered? This bag contains your government-issued laptop. How many potential insider threat indicators does this employee display? They can be part of a distributed denial-of-service (DDoS) attack. Which of the following is NOT a social engineering tip? Spear Phishing attacks commonly attempt to impersonate email from trusted entities. 1.1.5 Controlled Unclassified Information. CPCON 1 (Very High: Critical Functions) Store it in a GSA approved vault or container. If aggregated, the information could become classified. **Social Engineering Which may be a security issue with compressed Uniform Resource Locators (URLs)? Correct. What is a best practice for protecting controlled unclassified information (CUI)? correct. Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? -Classified information that should be unclassified and is downgraded. Correct. He has the appropriate clearance and a signed, approved, non-disclosure agreement. Classified material must be appropriately marked. What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? It does not require markings or distribution controls. Federal agencies routinely generate, use, store, and share information that, while not classified, still requires some level of protection from unauthorized access and release. Discuss why gases, such as barbecue propane gas, are sold by mass and not by volume. Refer the reporter to your organizations public affairs office. Like the number of people in a class, the number of fingers on your hands, or the number of children someone has. Always take your CAC when you leave your workstation. *Spillage Which of the following may help prevent inadvertent spillage? DOD Cyber Awareness 2021 (DOD-IAA-V18.0) Know, RT202: Ch. Follow the steps enlisted below to use WEKA for identifying real values and nominal attributes in the dataset. Only friends should see all biographical data such as where Alex lives and works. Infographic - Text version Infographic [PDF - 594 KB] Report a problem or mistake on this page Date modified: 2020-12-14 Top Secret information could be expected to cause exceptionally grave damage to national security of disclosed. Personal information is inadvertently posted at a website. f. Get an answer. Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. Ensure that the wireless security features are properly configured. Store your Common Access Card (CAC) or Personal Identity Verification (PIV) card in a shielded sleeve ~Write your password down on a device that only you access (e.g., your smartphone) Change your password at least every 3 months Enable two-factor authentication whenever available, even for personal accounts. Which of these is true of unclassified data? Position your monitor so that it is not facing others or easily observed by others when in use Correct. (Sensitive Information) Which of the following is NOT an example of sensitive information? Telework is only authorized for unclassified and confidential information. e. Why do Elodea and onion cells have more consistent shapes than human epithelial cells? Ctrl+F (Cmd+F) will help you a lot when searching through such a large set of questions. Government-owned PEDs, if expressly authorized by your agency. If you participate in or condone it at any time. Which of the following is NOT one? How many potential insider threat indicators does this employee display? You must possess security clearance eligibility to telework. Request the users full name and phone number. How should you securely transport company information on a removable media? Which of the following definitions is true about disclosure of confidential information? The email provides a website and a toll-free number where you can make payment. Always use DoD PKI tokens within their designated classification level. Unclassified information cleared for public release. Physical security of mobile phones carried overseas is not a major issue. Which of the following is NOT a correct way to protect sensitive information? correct. Be aware of classification markings and all handling caveats. A user writes down details from a report stored on a classified system marked as Secret and uses those details to draft an unclassified briefing on an unclassified system without authorization. Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Assuming open storage is always authorized in a secure facility. This button displays the currently selected search type. No, you should only allow mobile code to run from your organization or your organizations trusted sites. How many indicators does this employee display? Which of the following is true of using DoD Public key Infrastructure (PKI) token? Use only your personal contact information when establishing your account. Verify the identity of all individuals.??? What should the participants in this conversation involving SCI do differently? Prudence faxes CUI using an Unclassified cover sheet via a Secret fax machine. Malicious code can do damage by corrupting files, erasing your hard drive, and/or allowing hackers access. Classified material must be appropriately marked. Unusual interest in classified information. Correct. How many insider threat indicators does Alex demonstrate? **Classified Data What is a good practice to protect classified information? Photos of your pet Correct. correct. A trusted friend in your social network posts a link to vaccine information on a website unknown to you. Question 1: The business impact analysis (BIA) identifies the resources for which a business continuity plan (BCP) is necessary. NARA has the authority and responsibility to manage the CUI Program across the Federal government. *Sensitive Compartmented Information What should the owner of this printed SCI do differently? How many potential insider threat indicators is Bob displaying?