Which of the following is a concern when using your Government-issued laptop in public? Unclassified information cleared for public release. What is the best response if you find classified government data on the internet? *Controlled Unclassified Information Which of the following is NOT an example of CUI? Information should be secured in a cabinet or container while not in use. As long as the document is cleared for public release, you may share it outside of DoD. What action is recommended when somebody calls you to inquire about your work environment or specific account information? **Classified Data What is a good practice to protect classified information? A type of phishing targeted at senior officials. EPAs CUI Program is responsible for issuing CUI policy, procedures, training, and guidance to program offices and regions, along with providing oversight and reporting on the Agencys progress on meeting NARAs CUI deadlines. UNCLASSIFIED - CLASSIFICATION MARKINGS FOR TRAINING PURPOSES ONLY Marking in the Electronic Environment Short Student Guide Center for Development of Security Excellence Page 4 UNCLASSIFIED - CLASSIFICATION MARKINGS FOR TRAINING PURPOSES ONLY IM and Chat Instant messages and chats are brief, text-based message exchanges and conversations. (Malicious Code) Which of the following is true of Internet hoaxes? What should you do? Which of the following is true of Security Classification Guides? What should you do if a reporter asks you about potentially classified information on the web? Photos of your pet Correct. Looking at your MOTHER, and screaming THERE SHE BLOWS! What information most likely presents a security risk on your personal social networking profile? New interest in learning another language? Use personal information to help create strong passwords. **Social Networking Which of the following is a security best practice when using social networking sites? As long as the document is cleared for public release, you may release it outside of DoD. Reviewing and configuring the available security features, including encryption. In which situation below are you permitted to use your PKI token? Ask them to verify their name and office number. This task is performed with the aim of finding similarities in data points and grouping similar data points together. **Insider Threat How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? With WEKA users, you can access WEKA sample files. **Social Engineering How can you protect yourself from internet hoaxes? You believe that you are a victim of identity theft. (Spillage) When is the safest time to post details of your vacation activities on your social networking website? Refer the reporter to your organizations public affairs office. Which of the following is true about unclassified data? Before long she has also purchased shoes from several other websites. Which of the following is NOT true concerning a computer labeled SECRET? Correct. Attempting to access sensitive information without need-to-know, Avoid talking about work outside of the workplace or with people without a need-to-know, Report the suspicious behavior in accordance with their organizations insider threat policy. Secure .gov websites use HTTPS (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? (Home computer) Which of the following is best practice for securing your home computer? The email states your account has been compromised and you are invited to click on the link in order to reset your password. DOD Cyber Awareness 2021 (DOD-IAA-V18.0) Know, RT202: Ch. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Use only personal contact information when establishing your personal account. A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Correct. Dofficult life circumstances, such as death of spouse. A medium secure password has at least 15 characters and one of the following. Try this test to determine if it's considered unclassified, classified or protected, and check out tips on what to do and what not to do when working with sensitive information. What type of data must be handled and stored properly based on classification markings and handling caveats? Which of the following is true of traveling overseas with a mobile phone. Use a single, complex password for your system and application logons. Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? Executive Order 13556, Controlled Unclassified Information, requires the Executive Branch to establish an open and uniform program for managing [unclassified] information that requires safeguarding or dissemination controls pursuant to and consistent with laws, regulations, and Government-wide policies. The National Archives and Records Administration (NARA) was named the Executive Agent (EA) responsible for overseeing the CUI Program. Never allow sensitive data on non-Government-issued mobile devices. All https sites are legitimate. What should you do if someone forgets their access badge (physical access)? All to Friends Only. Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. EPA anticipates beginning CUI practices (designating, marking, safeguarding, disseminating, destroying, and decontrolling) starting in FY2023. Why might "insiders" be able to cause damage to their organizations more easily than others? What does Personally Identifiable Information (PII) include? 1 Cyber Awareness Challenge 2023 Answers. Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. Keeping a database from being accessed by unauthorized visitors C. Restricting a subject at a lower classification level from accessing data at a higher classification level D. Preventing an . What action should you take first? Select the information on the data sheet that is personally identifiable information (PII). What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Note That The Integers Should Be Type Cast To Doubles. What should you do if a reporter asks you about potentially classified information on the web? Correct. What is a best practice to protect data on your mobile computing device? When traveling or working away from your main location, what steps should you take to protect your devices and data? When is the best time to post details of your vacation activities on your social networking website? When would be a good time to post your vacation location and dates on your social networking website? What Are Some Examples Of Malicious Code Cyber Awareness? Even within a secure facility, dont assume open storage is permitted. You are leaving the building where you work. After you have returned home following the vacation. . A coworker removes sensitive information without approval. Correct. If classified information were released, which classification level would result in Exceptionally grave damage to national security? NARAissuespolicy directives and publishesan annualreportto the President of the United Stateson the status of agency CUI Program implementation in accordance with Executive Order 13556, Controlled Unclassified Information. **Identity management Which of the following is an example of two-factor authentication? Original classification authority Correct. Not correct. Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? In the following situations, determine if the duty describes would be one of the Fed is responsible or is not responsible to enforce. Which of the following does NOT constitute spillage? Which of the following is a good practice to prevent spillage. When unclassified data is aggregated, its classification level may rise. How do you respond? You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. (Spillage) What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? the following is true about unclassified data fy23 controlled unclassified information cui quizlet what is true of controlled unclassified information What. Which of the following is NOT an appropriate way to protect against inadvertent spillage? Accepting the default privacy settings. What should be done to sensitive data on laptops and other mobile computing devices? Contents hide. What should you do? *Spillage. **Insider Threat A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Which of the following practices reduces the chance of becoming a target by adversaries seeking insider information? Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. PII, PHI, and financial information is classified as what type of information? Which of the following makes Alexs personal information vulnerable to attacks by identity thieves? (social networking) When is the safest time to post details of your vacation activities on your social networking profile? *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? *Spillage Which of the following may help to prevent spillage? Which of the following is true about unclassified data? You have reached the office door to exit your controlled area. Which of the following attacks target high ranking officials and executives? You are logged on to your unclassified computer and just received an encrypted email from a co-worker. Which of the following is not considered an example of data hiding? If you participate in or condone it at any time. Which of the following is a proper way to secure your CAC/PIV? Which of the following is NOT a security best practice when saving cookies to a hard drive? What portable electronic devices (PEDs) are permitted in a SCIF? After you have returned home following the vacation. Controlled Unclassified Information (CUI) is informationthat requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies, but is not classified under Executive Order 13526 "Classified National Security Informat What are examples of CUI? Information improperly moved from a higher protection level to a lower protection level. c. What similarities and differences are there between plant and animal cells? Lionel stops an individual in his secure area who is not wearing a badge. You must have your organizations permission to telework. The website requires a credit card for registration. Ctrl+F (Cmd+F) will help you a lot when searching through such a large set of questions. When using a public device with a card reader, only use your DoD CAC to access unclassified information, is only allowed if the organization permits it. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. **Classified Data Which of the following must you do before using and unclassified laptop and peripherals in a collateral environment? Look for a digital signature on the email. Unclassified documents do not need to be marked as a SCIF. Which of the following is an example of removable media? data. The date of full implementation of the CUI Program will be announced by the EPAs CUI Senior Agency Official (CUI SAO) and updated here on EPAs public web page. CUI may be stored only on authorized systems or approved devices. You must have permission from your organization. Which is NOT a wireless security practice? (Correct) -It does not affect the safety of Government missions. *Sensitive Compartmented Information Which must be approved and signed by a cognizant Original Classification Authority (OCA)? Attempting to access sensitive information without need-to-know. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? Which of the following is an example of malicious code? Remove your security badge after leaving your controlled area or office building. Note any identifying information, such as the website's URL, and report the situation to your security POC. What should be your response? Many apps and smart devices collect and share your personal information and contribute to your online identity. A coworker has left an unknown CD on your desk. Which of the following is not a best practice to preserve the authenticity of your identity? Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? As part of the survey the caller asks for birth date and address. A pop-up window that flashes and warns that your computer is infected with a virus. Request the users full name and phone number. What type of security is part of your responsibility and placed above all else?, If your wireless device is improperly configured someone could gain control of the device? Media containing Privacy Act information, PII, and PHI is not required to be labeled. Which of the following is NOT a home security best practice? Report the suspicious behavior in accordance with their organizations insider threat policy. When vacation is over, after you have returned home. *Insider Threat Which of the following is a reportable insider threat activity? When leaving your work area, what is the first thing you should do? ALways mark classified information appropriately and retrieve classified documents promptly from the printer. The popup asks if you want to run an application. Which of the following represents a good physical security practice? How can you protect your organization on social networking sites? Which of the following is an example of Protected Health Information (PHI)? **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. Executive Order 13526 Classified National Security Information, PersonallyIdentifiable Information (PII), Sensitive Personally Identifiable Information (SPII), Proprietary Business Information (PBI) or currently known within EPA as Confidential Business Information (CBI), Unclassified Controlled Technical Information (UCTI). What should be your response? Which of the following best describes good physical security? true-statement. *Spillage Which of the following is a good practice to prevent spillage? **Social Engineering What is TRUE of a phishing attack? Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? 1.1 Standard Challenge Answers. Asked 8/5/2020 6:29:36 PM. Which scenario might indicate a reportable insider threat? How can you guard yourself against Identity theft? You receive an inquiry from a reporter about potentially classified information on the internet. CUI includes, but is not limited to Controlled Technical Information (CTI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data and operational information. Only use Government-furnished or Government-approved equipment to process PII. **Mobile Devices Which of the following helps protect data on your personal mobile devices? **Insider Threat What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? What is a possible indication of a malicious code attack in progress? What should you do? There are no choices provides which make it hard to pick the untrue statement about unclassified data. Taking classified documents from your workspace. This is information that, if released to the public, carries no injury to personal, industry, or government interests. CPCON 2 (High: Critical and Essential Functions) Log in for more information. Scan external files from only unverifiable sources before uploading to computer. What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause?

Wyckoff Hospital Visiting Hours, Articles W