Your health insurance explanation of benefits (EOB). Cyber Awareness Flashcards by Jedi Master | Brainscape Filter by: All $ Off % Off Free Online Offline. *Sensitive Compartmented Information What is a Sensitive Compartmented Information (SCI) program? Use TinyURL's preview feature to investigate where the link leads. A coworker has left an unknown CD on your desk. A coworker has asked if you want to download a programmers game to play at work. CUI may be stored on any password-protected system. Your cousin posted a link to an article with an incendiary headline on social media. Which of these are true of unclassified data? - Answers Controlled Unclassified Information (CUI) | GSA Many apps and smart devices collect and share your personal information and contribute to your online identity. true-statement. Malicious code can do the following except? A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? Found a mistake? What should you do? Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. Always use DoD PKI tokens within their designated classification level. All of these. The EPAs Controlled Unclassified Information (CUI) Program issued its Interim CUI Policy in December 2020. What information should you avoid posting on social networking sites? 1.1.5 Controlled Unclassified Information. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Government-owned PEDs when expressly authorized by your agency. Some examplesyou may be familiar with: TheFederalCUI Registry,shows authorized categoriesandassociated markings, as well as applicable safeguarding, dissemination, and decontrol procedures. (Malicious Code) What is a common indicator of a phishing attempt? You may use your personal computer as long as it is in a secure area in your home b. What is the best choice to describe what has occurred? Maria is at home shopping for shoes on Amazon.com. What is the best response if you find classified government data on the internet? Let us have a look at your work and suggest how to improve it! Which of the following should you do immediately? If you receive a phone call from a stranger asking for information about your invoice payment process, you should: Crucial information about a user or organization can be gained through. Understanding Controls on Unclassified Government Information A coworker removes sensitive information without authorization. (Home computer) Which of the following is best practice for securing your home computer? How many potential insider threat indicators does this employee display? When teleworking, you should always use authorized and software. Which of the following is a good practice to prevent spillage. Validate friend requests through another source before confirming them. Changes to various data systems that store and sometimes share sensitive information outside EPA. Which of the following does NOT constitute spillage? A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. The date of full implementation of the CUI Program will be announced by the EPAs CUI Senior Agency Official (CUI SAO) and updated here on EPAs public web page. When unclassified data is aggregated, its classification level may rise. Keep your operating system and software up to date: This will help patch any security vulnerabilities in your software. Call your security point of contact immediately. You must have your organization's permission to telework. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. When traveling or working away from your main location, what steps should you take to protect your devices and data? They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. Which of the following is true of telework? Controlled unclassified information. (Malicious Code) Which of the following is NOT a way that malicious code spreads? Which of the following statements is true? Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? *Malicious Code After visiting a website on your Government device, a popup appears on your screen. You receive an email from a company you have an account with. You check your bank statement and see several debits you did not authorize. 1.1.1 Spillage. Updated 8/5/2020 8:06:16 PM. Which of the following is true of Unclassified information? What amount is due if Alexa pays on or betwee n April 222222 and May 666? Within a secure area, you see an individual you do not know. What is an individual's Personally Identifiable Information (PII) or Protected Health Information (PHI) considered? Which of the following actions can help to protect your identity? You have reached the office door to exit your controlled area. Like the number of people in a class, the number of fingers on your hands, or the number of children someone has. *Classified Data If you participate in or condone it at any time. New interest in learning another language? Create separate user accounts with strong individual passwords. They broadly describe the overall classification of a program or system. However, agency personnel and contractors should first consult their agency's CUI implementing policies and program management for guidance. data. When gases are sold they are usually compressed to high pressures. Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. Which of the following is NOT a correct way to protect sensitive information? A colleague asks to leave a report containing protected health information (PHI) on his desk overnight so he can continue working on it the next day. CUI includes, but is not limited to Controlled Technical Information (CTI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data and operational information. Which of the following is an example of malicious code? A headset with a microphone through a Universal Serial Bus (USB) port. -TRUE The use of webmail is -is only allowed if the organization permits it Using webmail may bypass built in security features. A Coworker has asked if you want to download a programmers game to play at work. You know that this project is classified. *Spillage What is a proper response if spillage occurs? Follow the steps enlisted below to use WEKA for identifying real values and nominal attributes in the dataset. Your favorite movie. (Spillage) What type of activity or behavior should be reported as a potential insider threat? Using NIPRNet tokens on systems of higher classification level. Which of the following demonstrates proper protection of mobile devices? Which of the following is NOT considered a potential insider threat indicator? classified-document. A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. It may be compromised as soon as you exit the plane. Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical functions only? Which of the following may help to prevent spillage? Debra ensures not correct What should be your response? Use a common password for all your system and application logons. Only paper documents that are in open storage need to be marked. PDF IFS0026 Student Guide - CDSE Only use Government-furnished or Government-approved equipment to process PII. It is permissible to release unclassified information to the public prior to being cleared. Only paper documents that are in open storage need to be marked. Which of the following is NOT sensitive information? Never write down the PIN for your CAC. The age of the driver may top the list of variables. Discrete data involves whole numbers (integers - like 1, 356, or 9) that can't be divided based on the nature of what they are. What is the danger of using public Wi-Fi connections? A Sensitive information. NARA has the authority and responsibility to manage the CUI Program across the Federal government. In setting up your personal social networking service account, what email address should you use? Replace data starts with '' with np.NaN - Stack Overflow On a NIPRNET system while using it for a PKI-required task. Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Select the information on the data sheet that is protected health information (PHI). Linda encrypts all of the sensitive data on her government issued mobile devices. **Identity management Which of the following is an example of two-factor authentication? What information most likely presents a security risk on your personal social networking profile? A man you do not know is trying to look at your Government-issued phone and has asked to use it. What should you do to protect yourself while on social networks? CPCON 3 (Medium: Critical, Essential, and Support Functions) Assuming open storage is always authorized in a secure facility. Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)? **Mobile Devices Which of the following helps protect data on your personal mobile devices? BMW crash victim Alaa Al-Siddiq was on Cotswolds birthday weekend (2) War planning documents which contain worldwide -- (a) Planning data and assumptions, (b) Wartime planning factors for the use of nuclear weapons, (c) Intelligence estimates of enemy capabilities, (d) Force composition and development, and For programmatic questions regarding Controlled Unclassified Information (CUI), including any challenges to CUI marked by EPA, pleasecontact EPA's CUI Program Office. Keeping a database from being accessed by unauthorized visitors C. Restricting a subject at a lower classification level from accessing data at a higher classification level D. Preventing an . This is information that, if released to the public, carries no injury to personal, industry, or government interests. Three or more. -TRUE What action is recommended when somebody calls you to inquire about your work environment or specific account information? Her badge is not visible to you. What is NOT Personally Identifiable Information (PII)? What is an individual's Personally Identifiable Information (PII) or Protected Health Information (PHI) considered? The attributes of identified ground seeds are modified to ground points. (Travel) Which of the following is a concern when using your Government-issued laptop in public? There is no way to know where the link actually leads. Which scenario might indicate a reportable insider threat security incident? Which of the following is NOT a best practice to protect data on your mobile computing device? (Spillage) What should you do if a reporter asks you about potentially classified information on the web? What should you do? *Spillage What should you do if you suspect spillage has occurred? An official website of the United States government. Search the Registry: Categories, Markings and Controls: Category list CUI markings Cyber Awareness Challenge 2023 Answers Quizzma Second, unclassified points are regarded as ground seeds if the distances between the points and the detected planes are less than a buffer difference threshold. You receive an inquiry from a reporter about government information not cleared for public release. CUI was established to standardize the way the Executive branch handles sensitive information that requires dissemination controls. What are some potential insider threat indicators? What information posted publicly on your personal social networking profile represents a security risk? Here you can find answers to the DoD Cyber Awareness Challenge. CUI is government created or owned information that requires safeguarding or dissemination controls consistent with applicable laws, regulations and government wide policies. Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. What can you do to protect yourself against phishing? **Insider Threat What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? Maybe. correct. View email in plain text and dont view email in Preview Pane. Proactively identify potential threats and formulate holistic mitigation responses. Do not access website links, buttons, or graphics in e-mail. Which of the following is NOT Protected Health Information (PHI)? correct. -It never requires classification markings. Store classified data appropriately in a GSA-approved vault/container. At all times while in the facility. Photos of your pet Correct. **Physical Security Within a secure area, you see an individual who you do not know and is not wearing a visible badge. Spear Phishing attacks commonly attempt to impersonate email from trusted entities. ALways mark classified information appropriately and retrieve classified documents promptly from the printer. Based on the description that follows, how many potential insider threat indicator(s) are displayed? The Following Is True About Unclassified Data - faqcourse.com JavaScript appears to be disabled on this computer. Accepting the default privacy settings. Which piece of information is safest to include on your social media profile? Log in for more information. Solved QUESTION 1 The business impact analysis (BIA) - Chegg The Chinese Spy Balloon Showdown The discovery of a Chinese surveillance balloon floating over the United States has added to the rising tensions between the two superpowers. What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complain about the credit card bills that his wife runs up. Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. Which of the following is not considered an example of data hiding? What should you do? Understanding and using the available privacy settings. Never allow sensitive data on non-Government-issued mobile devices. 1.1.2 Classified Data. How many potential insider threat indicators does this employee display? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? (Identity Management) Which of the following is an example of two-factor authentication? (Malicious Code) Which are examples of portable electronic devices (PEDs)? You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? How should you respond? It is created or received by a healthcare provider, health plan, or employer. Mark SCI documents appropriately and use an approved SCI fax machine. The emission rate of CO 2 from the soils reached the maximum on the 1st day of incubation and the sequence of CO 2 emission rate and cumulative emission under different amendment treatments was as SG > S > G > CK > N (Fig. Reviewing and configuring the available security features, including encryption. **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. a. correct. Back To Business I.T. on LinkedIn: #mfa #2fa #multifactorauthentication Attachments contained in a digitally signed email from someone known. (Malicious Code) What are some examples of removable media? How can you avoid downloading malicious code? Which is an untrue statement about unclassified data? How should you respond? **Social Engineering Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. 1.1.3 Insider Threat. 5. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. A type of phishing targeted at high-level personnel such as senior officials. Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. Which is a way to protect against phishing attacks? (Sensitive Information) What guidance is available from marking Sensitive Information information (SCI)? . Which of these is true of unclassified data?-It must be released to the public immediately.-Its classification level may rise when aggregated. It does not require markings or distribution controls. Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. Ask them to verify their name and office number. **Classified Data Which of the following is a good practice to protect classified information? not correct. Unclassified information can become a threat to national security. Which of the following is NOT an example of Personally Identifiable Information (PII)? What Are Some Examples Of Malicious Code Cyber Awareness? (Sensitive Information) What should you do if a commercial entity, such as a hotel reception desk, asks to make a photocopy of your Common Access Card (CAC) for proof of Federal Government employment? Classified information is defined in PL 96-456, the Classified Information Procedures Act: Amendments to a variety of policy documents as well as others referencing Confidential Business Information (CBI) submissions or handling, Changes to paper and e-forms and instructions for their submission to EPA. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. What action should you take? **Identity management Which of the following is NOT a best practice to preserve the authenticity of your identity? What should you do? Use a single, complex password for your system and application logons. (Malicious Code) Which of the following is true of Internet hoaxes? 10-3 X-ray Interaction with Matter, Fundamentals of Engineering Economic Analysis, David Besanko, Mark Shanley, Scott Schaefer. How many potential insiders threat indicators does this employee display. Controlled Unclassified Information (CUI) is information that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies, but is not classified under Executive Order 13526 "Classified National Security Informat What are examples of CUI? correct. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Which of the following is true of Sensitive Compartmented Information (SCI)? Hostility or anger toward the United States and its policies. The potential for unauthorized viewing of work-related information displayed on your screen. Discuss why gases, such as barbecue propane gas, are sold by mass and not by volume. Search for an answer or ask Weegy. The physical security of the device. classified-document. What function do Insider Threat Programs aim to fulfill? How are Trojan horses, worms, and malicious scripts spread? Correct See the discussed example before. DOD Cyber Awareness Challenge 2019 - Subjecto.com Original classification authority Correct. Which of the following is a concern when using your Government-issued laptop in public? Which Of The Following Statements About Adding Social Networks To Hootsuite Is False? What should you do? When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. What are the requirements to be granted access to sensitive compartmented information (SCI)? Which of the following is NOT a typical result from running malicious code? Store it in a locked desk drawer after working hours. The following table lists the number of drivers in the United States, the number of fatal accidents, and the number of total accidents in each age group in 2002. Matt Monroe, a 20-year U. S. Air Force veteran and current operations manager at Omnistruct, explains the breakdown, "There are four classified information categories in the military based on the severity of damage that the information's release would cause. b. What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Dont assume open storage in a secure facility is authorized Maybe. What is the best example of Protected Health Information (PHI)? A. Note any identifying information, such as the websites URL, and report the situation to your security POC. When leaving your work area, what is the first thing you should do? Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Back up your data: This will help you recover your data if it's lost or corrupted. (Spillage) What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? what should be your response be? (Sensitive Information) What type of unclassified material should always be marked with a special handling caveat? What should the owner of this printed SCI do differently? (Spillage) Which of the following is a good practice to aid in preventing spillage? **Identity management Which of the following is an example of a strong password? e. Why do Elodea and onion cells have more consistent shapes than human epithelial cells? *Sensitive Compartmented Information Which must be approved and signed by a cognizant Original Classification Authority (OCA)? (Malicious Code) What are some examples of malicious code? Directives issued by the Director of National Intelligence. Set hasDigit to true if the 3-character passCode contains a digit, Critical, Essential, and Support Functions. Which of the following represents an ethical use of your Government-furnished equipment (GFE)? Confirm the individuals need-to-know and access. They provide guidance on reasons for and duration of classification of information. CPCON 4 (Low: All Functions) Which of these is true of unclassified data? Always check to make sure you are using the correct network for the level of data. Which of the following is a best practice for physical security? A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive new car, and has unexplained absences from work. All data transfers via the internet are not 100% secure and there might be some security vulnerabilities. Asked 8/5/2020 6:29:36 PM. Exceptionally grave damage. Connect to the Government Virtual Private Network (VPN).?? If authorized, what can be done on a work computer? After clicking on a link on a website, a box pops up and asks if you want to run an application. Effects of different carbon substrates on PAHs fractions and microbial Which of the following is a good practice to prevent spillage? Protection may be required for privacy, law enforcement, contractual protections, or other reasons. -Its classification level may rise when aggregated. Which of the following is true of Internet of Things (IoT) devices? (Spillage) When classified data is not in use, how can you protect it? **Insider Threat What do insiders with authorized access to information or information systems pose? For Government-owned devices, use approved and authorized applications only. This answer has been confirmed as correct and helpful. Which of the following is true about unclassified data? (Insider Threat) Based on the description that follows, how many potential insider threat indicator(s) are displayed? Senior government personnel, military or civilian. Personal information is inadvertently posted at a website. Secure it to the same level as Government-issued systems. Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? Click the card to flip Flashcards Learn Test Match Created by Jamie_Lancaster Terms in this set (24) Permitted Uses of Government-Furnished Equipment (GFE). (Correct)-It does not affect the safety of Government missions.-It never requires classification markings. Correct. You are logged on to your unclassified computer and just received an encrypted email from a co-worker. Alex demonstrates a lot of potential insider threat indicators. Which of the following is NOT a type of malicious code? CPCON 2 (High: Critical and Essential Functions) Learn more about Teams *Malicious Code What are some examples of malicious code? *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? What should be done to protect against insider threats? Refer the reporter to your organizations public affairs office. Which of the following is a clue to recognizing a phishing email?
Village Square Apartments Columbia, Mo, Brandt Sievers Disease, New Restaurants Coming To Goodyear, Az, How Much Is Obsidian Worth Per Ounce, Articles W