In which situation below are you permitted to use your PKI token? What should you do? Of the following, which is NOT a security awareness tip? Which of the following does NOT constitute spillage? Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? tell your colleague that it needs to be secured in a cabinet or container. Only expressly authorized government-owned PEDs. What is the best response if you find classified government data on the internet? Which of the following is true of Internet of Things (IoT) devices? Many apps and smart devices collect and share your personal information and contribute to your online identity. Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. Which of the following is a best practice for handling cookies? Changes to various data systems that store and sometimes share sensitive information outside EPA. true-statement. What is a way to prevent the download of viruses and other malicious code when checking your e-mail? Preventing an authorized reader of an object from deleting that object B. Unclassified information can become a threat to national security. What actions should you take with a compressed Uniform Resource Locator (URL) on a website known to you? (Sensitive Information) Which of the following represents a good physical security practice? Media containing Privacy Act information, PII, and PHI is not required to be labeled. -TRUE What action is recommended when somebody calls you to inquire about your work environment or specific account information? Store it in a shielded sleeve to avoid chip cloning. Remove security badge as you enter a restaurant or retail establishment. While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Taking classified documents from your workspace. internet-quiz. You are reviewing your employees annual self evaluation. Like the number of people in a class, the number of fingers on your hands, or the number of children someone has. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Report the suspicious behavior in accordance with their organizations insider threat policy. Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. Position your monitor so that it is not facing others or easily observed by others when in use Correct. DOD Cyber Awareness 2021 (DOD-IAA-V18.0) Know, RT202: Ch. It is permissible to release unclassified information to the public prior to being cleared. Correct. EPAs CUI Program is responsible for issuing CUI policy, procedures, training, and guidance to program offices and regions, along with providing oversight and reporting on the Agencys progress on meeting NARAs CUI deadlines. Refer the reporter to your organizations public affairs office. Individuals must avoid referencing derivatively classified reports classified higher than the recipient.??? Validate all friend requests through another source before confirming them. Correct. ! (A type of phishing targeted at senior officials) Which is still your FAT A$$ MOTHER! When traveling or working away from your main location, what steps should you take to protect your devices and data? A colleague removes sensitive information without seeking authorization in order to perform authorized telework. **Identity management What is the best way to protect your Common Access Card (CAC)? When unclassified data is aggregated, its classification level may rise. Official websites use .gov Figure 1. **Insider Threat What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? internet. CUI must be handled using safeguarding or dissemination controls. d. giving a spanking or a scolding. The popup asks if you want to run an application. **Insider Threat Which of the following is NOT considered a potential insider threat indicator? Looking at your MOTHER, and screaming THERE SHE BLOWS! What action should you take? **Use of GFE When can you check personal e-mail on your Government-furnished equipment (GFE)? Correct. To determine premiums for automobile insurance, companies must have an understanding of the variables that affect whether a driver will have an accident. 1.1.1 Spillage. Use a common password for all your system and application logons. Linda encrypts all of the sensitive data on her government-issued mobile devices. *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. What should you do? Which of the following is a concern when using your Government-issued laptop in public? Scan external files from only unverifiable sources before uploading to computer. Let us have a look at your work and suggest how to improve it! Which of the following is not a best practice to preserve the authenticity of your identity? Which of the following is true of downloading apps? What is the best choice to describe what has occurred? -Ask them to verify their name and office number What is the best choice to describe what has occurred? What should you do? Let us know if this was helpful. Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. Hostility or anger toward the United States and its policies. A coworker uses a personal electronic device in a secure area where their use is prohibited. A passenger in the Land Rover Freelander that T-boned the hatchback said the BMW had been driven out of the unclassified road towards Shipton-under-Wychwood 'like a bat out of hell' - giving . What should you do if a reporter asks you about potentially classified information on the web? What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? Which of the following is a security best practice when using social networking sites? **Insider Threat Which type of behavior should you report as a potential insider threat? Search for an answer or ask Weegy. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Government-owned PEDs, if expressly authorized by your agency. The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. Accepting the default privacy settings. Classified Information can only be accessed by individuals with. This bag contains your government-issued laptop. The age of the driver may top the list of variables. Classified material must be appropriately marked. Proactively identify potential threats and formulate holistic mitigation responses. A coworker has left an unknown CD on your desk. **Insider Threat What is an insider threat? . *Spillage. (Malicious Code) A coworker has asked if you want to download a programmers game to play at work. Permitted Uses of Government-Furnished Equipment (GFE). It never requires classification markings, is true about unclassified data. Only friends should see all biographical data such as where Alex lives and works. Q&A for work. When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? What is considered a mobile computing device and therefore shouldnt be plugged in to your Government computer? Which may be a security issue with compressed Uniform Resource Locators (URLs)? Sensitive information. (controlled unclassified information) Which of the following is NOT an example of CUI? Carrying his Social Security Card with him, DoD employees are prohibited from using a DoD CAC in card-reader-enabled public device, Assigned a classification level by a supervisor. You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? You are leaving the building where you work. Which of the following is NOT a correct way to protect sensitive information? Linda encrypts all of the sensitive data on her government issued mobile devices. What type of social engineering targets particular individuals, groups of people, or organizations? It contains certificates for identification, encryption, and digital signature. The challenges goal is simple: To change user behavior to reduce the risks and vulnerabilities DoD Information Systems face. Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. Which of the following is NOT considered sensitive information? Based on the description that follows, how many potential insider threat indicator(s) are displayed? (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? What is an indication that malicious code is running on your system? Label all files, removable media, and subject headers with appropriate classification markings. Which of the following is an example of removable media? Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? It may expose the connected device to malware. Organizational Policy Not correct Which of the following is a good practice to protect classified information? **Social Engineering What is TRUE of a phishing attack? Third, the neighbor ground points of an unclassified point are searched from multiple subspaces. (Spillage) What is required for an individual to access classified data? Who designates whether information is classified and its classification level? Remove your security badge after leaving your controlled area or office building. Which of these is true of unclassified data? A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. (Correct) -It does not affect the safety of Government missions. (Identity Management) Which of the following is an example of two-factor authentication? Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? Dont allow other access or to piggyback into secure areas. A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. Lock your device screen when not in use and require a password to reactivate. cyber-awareness. Correct. correct. For example, when you buy propane for your barbecue, your tank is placed on a scale while it is filled under high pressure (Figure 7). For programmatic questions regarding Controlled Unclassified Information (CUI), including any challenges to CUI marked by EPA, pleasecontact EPA's CUI Program Office. Use a single, complex password for your system and application logons. Correct, Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. Research the source to evaluate its credibility and reliability. the following is true about unclassified data fy23 controlled unclassified information cui quizlet what is true of controlled unclassified information What. Were mitochondria as abundant in human epithelial cells as in onion epidermal cells (procedure 4.6)? You know this project is classified. Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. **Classified Data Which of the following must you do before using and unclassified laptop and peripherals in a collateral environment? Of the following, which is NOT a method to protect sensitive information? UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. Which of the following is true about unclassified data? Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. Dofficult life circumstances, such as death of spouse. What type of attack might this be? Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? How can you protect yourself from social engineering? Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? What actions should you take prior to leaving the work environment and going to lunch? correct. Which scenario might indicate a reportable insider threat security incident? *Spillage What should you do if a reporter asks you about potentially classified information on the web? What should be your response? The EPAs Controlled Unclassified Information (CUI) Program issued its Interim CUI Policy in December 2020. The attributes of identified ground seeds are modified to ground points. e. Why do Elodea and onion cells have more consistent shapes than human epithelial cells? 1.1.2 Classified Data. -It never requires classification markings. Use TinyURL's preview feature to investigate where the link leads. f. Get an answer. *Spillage Which of the following is a good practice to prevent spillage? **Classified Data When classified data is not in use, how can you protect it? c. What similarities and differences are there between plant and animal cells? Memory sticks, flash drives, or external hard drives. What should Sara do when publicly available Internet, such as hotel Wi-Fi? All data transfers via the internet are not 100% secure and there might be some security vulnerabilities. Since the URL does not start with https, do not provide your credit card information. Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. Log in for more information. You must have your organizations permission to telework. Personal information is inadvertently posted at a website. When your vacation is over, after you have returned home. Which of the following is not considered a potential insider threat indicator? Select the information on the data sheet that is personally identifiable information (PII). We thoroughly check each answer to a question to provide you with the most correct answers. **Insider Threat What function do Insider Threat Programs aim to fulfill? Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Select the information on the data sheet that is protected health information (PHI). What is NOT Personally Identifiable Information (PII)? Which of the following statements is true? The website requires a credit card for registration. An investment in knowledge pays the best interest.. Ans: True Question 2: The Government Information Security Reform Act (Security Reform Act) of 2000 focuses on management View the full answer (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Within a secure area, you see an individual you do not know. NARAissuespolicy directives and publishesan annualreportto the President of the United Stateson the status of agency CUI Program implementation in accordance with Executive Order 13556, Controlled Unclassified Information. It never requires classification markings, is true about unclassified data. How many potential insider threat indicators does this employee display? Refer the reporter to your organizations public affairs office. (Malicious Code) While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. This lets the service person know when the tank is "full." Mark SCI documents appropriately and use an approved SCI fax machine. You should remove and take your CAC/PIV card whenever you leave your workstation. How many potential insider threat indicators does this employee display? The physical security of the device. How should you respond? A Coworker has asked if you want to download a programmers game to play at work. A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complain about the credit card bills that his wife runs up. Exceptionally grave damage to national security. Store classified data appropriately in a GSA-approved vault/container. Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? Retrieve classified documents promptly from printers. **Use of GFE Under what circumstances is it acceptable to use your Government-furnished computer to check personal e-mail and do other non-work-related activities? *Controlled Unclassified Information Which of the following is NOT a correct way to protect CUI? Leaked classified or controlled information is still classified/controlled even if it has already been compromised. Insiders are given a level of trust and have authorized access to Government information systems. **Social Networking Which of the following information is a security risk when posted publicly on your social networking profile? In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? Use personal information to help create strong passwords. What should be your response? Identification, encryption, and digital signature. you don't need to do anything special to protect this information When your vacation is over, and you have returned home. Which of the following is true of sharing information in a Sensitive Compartmented Information Facility (SCIF)? Which of the following is NOT one? *Sensitive Compartmented Information Which must be approved and signed by a cognizant Original Classification Authority (OCA)? Classified information is defined in PL 96-456, the Classified Information Procedures Act: Ensure proper labeling by appropriately marking all classified material. When is the best time to post details of your vacation activities on your social networking website? What should the participants in this conversation involving SCI do differently? If you participate in or condone it at any time. **Classified Data What level of damage can the unauthorized disclosure of information classified as Confidential reasonably be expected to cause? On a NIPRNET system while using it for a PKI-required task. Teams. What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? What should you do if a reporter asks you about potentially classified information on the web? Which of the following is an example of two-factor authentication? What action should you take? **Social Engineering What action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)? Your password and a code you receive via text message. Which of these is true of unclassified data? Refer the reporter to your organizations public affairs office. **Classified Data Which of the following is a good practice to protect classified information? **Classified Data What is a good practice to protect classified information? Try this test to determine if it's considered unclassified, classified or protected, and check out tips on what to do and what not to do when working with sensitive information. correct. which of the following is true about unclassified Courses 442 View detail Preview site **Identity Management Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. *Insider Threat Which of the following is a potential insider threat indicator? data. Not correct. When using a fax machine to send sensitive information, the sender should do which of the following? What should you do? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. 870 Summit Park Avenue Auburn Hills, MI 48057. A program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. What should you do? **Classified Data Which classification level is given to information that could reasonably be expected to cause serious damage to national security? UNCLASSIFIED - CLASSIFICATION MARKINGS FOR TRAINING PURPOSES ONLY Marking in the Electronic Environment Short Student Guide Center for Development of Security Excellence Page 4 UNCLASSIFIED - CLASSIFICATION MARKINGS FOR TRAINING PURPOSES ONLY IM and Chat Instant messages and chats are brief, text-based message exchanges and conversations. Ask for information about the website, including the URL. Which of the following is a security best practice for protecting Personally Identifiable Information (PII)? Mark SCI documents appropriately and use an approved SCI fax machine. A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. b. taking away a toy or treat Which of the following is true of internet hoaxes? A type of phishing targeted at high-level personnel such as senior officials. Monitor credit card statements for unauthorized purchases, Thumb drives, memory sticks, and flash drives are examples of.