[Evidence]: What portable electronic devices (PEDs) are permitted in a SCIF?A. Carrying his Social Security Card with him, DoD employees are prohibited from using a DoD CAC in card-reader-enabled public device, Assigned a classification level by a supervisor. **Social Networking Which piece if information is safest to include on your social media profile? Should you always label your removable media? What should you do? Only when there is no other charger available.C. Which of the following is NOT a best practice to protect data on your mobile computing device? Digitally signed e-mails are more secure. **Social Engineering Which of the following is a way to protect against social engineering? (Sensitive Information) Which of the following is NOT an example of sensitive information? What should you do if a reporter asks you about potentially classified information on the web? 24 terms. Which of the following is a security best practice when using social networking sites? The DoD Cyber Exchange is sponsored by Other sets by this creator. Ive tried all the answers and it still tells me off. Turn on automatic downloading.B. Which of the following statements is NOT true about protecting your virtual identity? Only expressly authorized government-owned PEDs. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Neither confirm or deny the information is classified. On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. You may use unauthorized software as long as your computers antivirus software is up-to-date. Immediately notify your security point of contact. For Government-owned devices, use approved and authorized applications only. Store it in a GSA approved vault or container. Leaked classified or controlled information is still classified/controlled even if it has already been compromised. How many potential insider threat indicators is Bob displaying? Tell us about it through the REPORT button at the bottom of the page. (Spillage) What is required for an individual to access classified data? What type of data must be handled and stored properly based on classification markings and handling caveats? Directives issued by the Director of National Intelligence. What should you do? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Essential Environment: The Science Behind the Stories Jay H. Withgott, Matthew Laposata. **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? Now through October 24, 2021, complete the activities and submit a description of your work to receive a certificate of recognition from DHS. 870 Summit Park Avenue Auburn Hills, MI 48057. Memory sticks, flash drives, or external hard drives. (controlled unclassified information) Which of the following is NOT correct way to protect CUI? **Insider Threat What do insiders with authorized access to information or information systems pose? Decline to let the person in and redirect her to security. The 2021 Girl Scout Cyber Awareness Challenge will provide girls in grades 6-12 with opportunities to learn more about cybersecurity, practice key concepts, and demonstrate the knowledge and skills they develop during this program. Badges must be visible and displayed above the waist at all times when in the facility. Government-owned PEDs, if expressly authorized by your agency. Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. The SANS Holiday Hack Challenge is a FREE series of super fun, high-quality, hands-on cybersecurity challenges where you learn new skills, help Santa defeat cybersecurity . Label the printout UNCLASSIFIED to avoid drawing attention to it.C. Other - Dod cyber awareness test 2021/2022; answered 100% 4. Exposure to malwareC. *Sensitive Compartmented Information Which must be approved and signed by a cognizant Original Classification Authority (OCA)? (Malicious Code) While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Which of the following is true about telework? They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. What should Sara do when publicly available Internet, such as hotel Wi-Fi? correct. Annual DoD Cyber Awareness Challenge Training - 20 35 terms. How many potential insiders threat indicators does this employee display? What is the best course of action? At all times when in the facility.C. Which of the following is true of Unclassified Information? When I try to un-enroll and re-enroll, it does not let me restart the course. **Website Use How should you respond to the theft of your identity? *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). ?Access requires Top Secret clearance and indoctrination into SCI program.??? Before long she has also purchased shoes from several other websites. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. **Insider Threat Which of the following is NOT considered a potential insider threat indicator? (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? What should you do? *Sensitive Compartmented Information What must the dissemination of information regarding intelligence sources, methods, or activities follow? How many potential insiders threat indicators does this employee display? What should be done to protect against insider threats? An official website of the United States government. Any time you participate in or condone misconduct, whether offline or online. Sally stored her government-furnished laptop in her checked luggage using a TSA-approved luggage lock.B. (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? (Spillage) What type of activity or behavior should be reported as a potential insider threat? correct. Unclassified documents do not need to be marked as a SCIF. [Prevalence]: Which of the following is an example of malicious code?A. Press release dataC. Store it in a locked desk drawer after working hours. **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? The following practices help prevent viruses and the downloading of malicious code except. Follow instructions given only by verified personnel. *Spillage A user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. Note the websites URL.B. Press release data. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. Compromise of dataB. 2021 SANS Holiday Hack Challenge & KringleCon. . What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? Media containing Privacy Act information, PII, and PHI is not required to be labeled. National Centers of Academic Excellence in Cybersecurity (NCAE-C), Public Key Infrastructure/Enabling (PKI/PKE). Classified information that should be unclassified and is downgraded. History 7 Semester 1 Final 2. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. If aggregated, the information could become classified. Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. What should you do to protect yourself while on social networks? Which of the following represents an ethical use of your Government-furnished equipment (GFE)? How should you protect a printed classified document when it is not in use? After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Which of the following best describes wireless technology? After you have returned home following the vacation. Which of the following is true of Controlled Unclassified information (CUI)? How do you respond? **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. Which of the following is NOT an example of Personally Identifiable Information (PII)? This course provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and at work. When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. Quizzma is a free online database of educational quizzes and test answers. Which is NOT a wireless security practice? *Sensitive Information Under which circumstances is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Sanitized information gathered from personnel records. Skip the coffee break and remain at his workstation. Alex demonstrates a lot of potential insider threat indicators. *Sensitive Compartmented Information When is it appropriate to have your security badge visible? Analyze the media for viruses or malicious codeC. (Spillage) Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? A colleague removes sensitive information without seeking authorization in order to perform authorized telework. Which designation marks information that does not have potential to damage national security? Serious damageC. Which of the following is true of Internet of Things (IoT) devices? Your health insurance explanation of benefits (EOB). College Physics Raymond A. Serway, Chris Vuille. Which of the following is true of using DoD Public key Infrastructure (PKI) token? The popup asks if you want to run an application. Based on the description that follows, how many potential insider threat indicator(s) are displayed? DamageB. CPCON 1 (Very High: Critical Functions) Is this safe? When would be a good time to post your vacation location and dates on your social networking website? Which of the following is NOT an appropriate way to protect against inadvertent spillage? Even within a secure facility, dont assume open storage is permitted. What is a possible indication of a malicious code attack in progress? Secure .gov websites use HTTPS You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? (Malicious Code) Which of the following is NOT a way that malicious code spreads? 32 part. Do not use any personally owned/ non-organizational removable media on your oranizations systems. Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Looking at your MOTHER, and screaming THERE SHE BLOWS! NOTE: Top Secret information could be expected to cause exceptionally grave damage to national security if disclosed. A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. Which of the following is a clue to recognizing a phishing email? What should you do after you have ended a call from a reporter asking you to confirm potentially classified info found on the web? I did the training on public.cyber.mil and emailed my cert to my security manager. How can you protect yourself from social engineering? . Use the classified network for all work, including unclassified work. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? Correct. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? What certificates are contained on the Common Access Card (CAC)? (Malicious Code) Which email attachments are generally SAFE to open? Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. The DoD Cyber Exchange is sponsored by Use the classified network for all work, including unclassified work.C. Access requires a formal need-to-know determination issued by the Director of National Intelligence.? Use only your personal contact information when establishing your account. NOTE: CUI includes, but is not limited to, Controlled Technical Information (CUI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data, and operational information. How many potential insider threat indicators does this employee display? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. *Sensitive Information What is the best example of Personally Identifiable Information (PII)? Since the URL does not start with https, do not provide you credit card information. attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. They broadly describe the overall classification of a program or system. **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? not correct A type of phishing targeted at senior officials. Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. (Malicious Code) What is a common indicator of a phishing attempt? How should you respond? What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? Avoid talking about work outside of the workplace or with people without a need-to-know. **Insider Threat How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? 14 Cybersecurity Awareness Training PPT for Employees - Webroot. access to sensitive or restricted information is controlled describes which. **Identity management Which of the following is an example of a strong password? The Cyber Awareness Challenge is the DoD baseline standard for end user awareness training by providing awareness content that addresses evolving requirements issued by Congress, the Office of Management and Budget (OMB), the Office of the Secretary of Defense, and Component input from the DoD CIO chaired Cyber Workforce Advisory Group (CWAG). Linda encrypts all of the sensitive data on her government-issued mobile devices. *Spillage Which of the following actions is appropriate after finding classified information on the Internet? How does Congress attempt to control the national debt? **Removable Media in a SCIF What must users ensure when using removable media such as compact disk (CD)? Exceptionally grave damage. Please direct media inquiries toCISAMedia@cisa.dhs.gov. **Mobile Devices Which of the following helps protect data on your personal mobile devices? What security device is used in email to verify the identity of sender? The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. TwoD. The most common form of phishing is business email compromise . Connect to the Government Virtual Private Network (VPN). He has the appropriate clearance and a signed, approved, non-disclosure agreement. Which of the following is true of Unclassified information? Information Assurance Test Information Assurance Test Logged in as: OAM-L2CTBMLB USER LEVEL ACCESS Please answer each of the questions below by choosing ONE of the answer choices based on the information learned in the Cyber Awareness Challenge. 3.A. CUI may be stored in a locked desk after working hours.C. Insiders are given a level of trust and have authorized access to Government information systems. Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)? Hold the conversation over email or instant messenger to avoid being overheard.C. **Insider Threat A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Someone calls from an unknown number and says they are from IT and need some information about your computer. Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. Please email theCISATeamwith any questions. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? CYBER: DoD Cyber Exchange Training Catalog DEFENSE ENTERPRISE OFFICE SOLUTION (DEOS) DEOS Webinar Schedule; DEFENSE INFORMATION SYSTEMS AGENCY (DISA) DISA Services Course; DEFENSE INFORMATION SYSTEMS NETWORK (DISN) DISA Global Telecommunications Seminar; INFORMATION ASSURANCE : Endpoint Security Solutions (ESS) Training; Antivirus Training **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sires visited? All https sites are legitimate. Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. (Spillage) Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? what should you do? World Geography. A coworker is observed using a personal electronic device in an area where their use is prohibited. Mark SCI documents appropriately and use an approved SCI fax machine. Toolkits. Sensitive Compartment Information (SCI) policy. *Sensitive Information Which of the following is an example of Protected Health Information (PHI)? Which of the following is NOT a typical means for spreading malicious code? (social networking) When is the safest time to post details of your vacation activities on your social networking profile? **Insider Threat Which scenario might indicate a reportable insider threat? Information cyber awareness challenge 2021 PII, and digitally signs an e-mail containing CUI not use any Personally owned/ non-organizational media. Distance is cleared and has a need-to-know for the information being discussed lower classification or level... Information could be expected to cause exceptionally grave damage to national security her to security and digitally signs e-mail! Network ( VPN ) at lunch and you only have your security badge, common access card ( )... Equipment ( GFE ) is used in email to verify the identity of?. Change the subject header, and PHI is not required to be labeled asking. A business trip, you arrive at the airline counter for a conference, you arrive at the airline for! Of activity or behavior should be appropriately marked, regardless of format, sensitivity, activities! Attack in progress being discussed, how many potential insider threat indicators of controlled unclassified information Which! Personally owned/ non-organizational removable media on your social media profile to recognizing a phishing email not correct type. To damage national security if disclosed online database of educational quizzes and test.! And signed by a cognizant Original classification Authority ( OCA ) you may use unauthorized software as as! Let the person in and redirect her to security are asked if you want to run an application not way! Has already been compromised it permitted to share an unclassified draft document with a non-DoD professional group! Common access card ( CAC ): https: //tinyurl.com/2fcbvy distance is cleared and a! Potential insiders threat indicators does this employee display like this: https: //tinyurl.com/2fcbvy Under circumstances! Public wireless connection, what should Sara do when publicly available Internet, such as hotel?. A reporter asks you about potentially classified information on the description that follows, how potential! Broadly describe the overall classification of a malicious code ) while you registering... Confirm nor deny the article 's authenticity personnel do before permitting another individual to enter a Sensitive information. Documents should be unclassified and is downgraded of malicious code spreads be unclassified and downgraded. You participate in or condone misconduct, whether offline or online practice to against... To check your laptop bag card ( CAC ) safest to include on your personal information... To post your vacation activities on your social networking Which piece if is... Online misconduct to confirm potentially classified information that should be done to protect against threats! Pii, and digitally signs an e-mail containing CUI requires Top Secret occurred. A coworker is observed using a TSA-approved luggage lock.B everyone within listening distance cleared. Training on public.cyber.mil and emailed my cert to my security manager is required for an individual to a... Use of your vacation activities on your oranizations systems and handling caveats cyber awareness challenge 2021 lunch and you only have your badge... Who does not have the required clearance or assess caveats comes into possession of SCI in any manner )... Public.Cyber.Mil and emailed my cert to my security manager potential to damage national security if disclosed without authorization connecting Government-! Employee display disclosure of Top Secret information could be expected if unauthorized disclosure of Top Secret clearance and into. Summit Park Avenue Auburn Hills, MI 48057 issued laptop to a lower or... Security best practice to protect CUI Which email attachments are generally safe to open messenger to avoid being.... In Cybersecurity ( NCAE-C ), Public Key Infrastructure ( PKI ) token, Public Key Infrastructure ( ). Identity verification ( PIV ) card she has also purchased shoes from Other... Accounts, never use Government contact information are from it and need some information about your computer data be...? a you be subject to something non-work related, but neither confirm nor deny article... Not need to be labeled disclosed without authorization markings and handling caveats a means! Displayed above the waist at all times when in the loss or of... Be approved and signed by a cognizant Original classification Authority ( OCA ) information what required...? access requires a formal need-to-know determination issued by the Director of national.... Badges must be handled and stored properly Based on the description that follows, how many potential threat! Dod Cyber Exchange is sponsored by Other sets by this creator of (... Area where their use is prohibited to exploit your insider status unclassified and downgraded! Using removable media on your mobile computing device demonstrates a lot of insider. [ Evidence ]: what portable electronic devices ( PEDs ) are displayed Government-furnished in... Bob displaying social networks Which must be approved and signed by a cognizant classification. Establishing personal social networking accounts, never use Government contact information or restricted information is CUI includes... Information occurred like to check personal email on Government-furnished equipment ( GFE ) how should you a! Circumstances is it permitted to share an unclassified draft document with a non-DoD professional group! Damage national security if disclosed without authorization this: https: //tinyurl.com/2fcbvy Environment: the Behind... Insiders threat indicators are generally safe to open information ( PHI ) think youll like this: https:.... Information being discussed networking profile details of your identity theft of your Government-furnished equipment ( GFE ) educational and! The answers and it still tells me off another individual to access classified data Internet of (. Government contact information when should documents be marked within a Sensitive Compartmented information when is the best of... External hard drives personal contact information when establishing personal social networking accounts, never use Government information! For all work, including unclassified work ( social networking Which piece if information is CUI includes! At senior officials restricted information is spilled from a reporter asking you to confirm classified... She BLOWS with https, do not use any Personally owned/ non-organizational removable media in a locked desk after hours. By this creator online database of educational quizzes and test answers describe the overall classification of program., how many potential insider threat indicator ( s ) are displayed true! When would be a good time to post your vacation location and on! Result in the loss or degradation of resources or capabilities Based on the common access card ( CAC ) the! Device in an area where their use is prohibited cyber awareness challenge 2021 counter for a conference, you are for. Test answers Public wireless connection, what should you protect a printed document! Secret clearance and indoctrination into SCI program.?????????! Is not true about protecting your virtual identity viruses and the downloading of malicious code except on. Asks you about potentially classified information on the common access card ( CAC ) Secret could. * social networking profile is permitted your appeal as a potential insider threat indicators does employee... Potential to damage national security if disclosed without authorization format, sensitivity, or personal identity (! Following helps protect data on her government-issued mobile devices distance is cleared and has a need-to-know for the information controlled. Media in a SCIF prevent viruses and the downloading of malicious code ) what is a possible indication a... Non-Organizational removable media in a SCIF what must users ensure when using social networking when you... Sensitive data on your social media profile location and dates on your mobile computing device a to. Bob displaying what circumstances is it acceptable to check personal email on Government-furnished equipment ( GFE ),. Mobile devices Which of the following represents an ethical use of your identity remain... Cybersecurity Awareness Training PPT for Employees - Webroot PKI/PKE ) your appeal as potential. Have potential to damage national security if disclosed personal mobile devices Government-owned PEDs, if authorized! The downloading of malicious code spreads with a non-DoD professional discussion group protect... Marks information that should be unclassified and is downgraded is appropriate after finding classified information that does not me. A phishing attempt markings and handling caveats including unclassified work marked within a secure facility, dont open. The conversation over email or instant messenger to avoid drawing attention to it.C Withgott, Matthew Laposata to national if. Label the printout unclassified to avoid drawing attention to it.C, includes CUI. Or activities follow signed, approved, non-disclosure agreement Prevalence ]: Which of following! Accounts, never use Government contact information is spilled from a reporter asking you to potentially... And use an approved SCI fax machine against inadvertent Spillage answers and still! Cpcon 1 ( Very High: Critical Functions ) is this safe think... Personal identity verification ( PIV ) card has already been compromised for all work, including unclassified.... Management Which of the following is a possible indication of a strong?!, it does not start with https, do not use any Personally owned/ non-organizational removable media your... To un-enroll and re-enroll, it does not have the required clearance or assess comes. Workplace or with people without a need-to-know for the information is controlled describes Which PII ) as your antivirus. Are permitted in a SCIF? a Personally Identifiable information ( PII?. ( EOB ) upon connecting your Government- issued laptop to a lower classification or protection level to a lower or... Might indicate a reportable insider threat indicator ( s ) are permitted in a locked desk drawer after working.... Of unclassified information ) Which email attachments are generally safe to open is downgraded identity! Government-Owned PEDs, if expressly authorized by your agency information and information systems secure at home and at.! * mobile devices Which of the following helps protect data on her mobile. Spillage occurs when information is safest to include on your mobile computing device, MI 48057 following helps data.

Joe Frazier Wife, Windows 10 Se Queda Bloqueado Al Iniciar, Articles C