Remove and take it with you whenever you leave your workstation. You find information that you know to be classified on the Internet. Which of the following is NOT an example of CUI? Which of the following is NOT a correct way to protect sensitive information? Which is NOT a method of protecting classified data? *Spillage What should you do when you are working on an unclassified system and receive an email with a classified attachment? Added 8/5/2020 8:06:16 PM. As long as the document is cleared for public release, you may release it outside of DoD. CUI may be stored only on authorized systems or approved devices. A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. not correct. Which of the following information is a security risk when posted publicly on your social networking profile? data. a. **Insider Threat What function do Insider Threat Programs aim to fulfill? What security device is used in email to verify the identity of sender? you don't need to do anything special to protect this information cyber. Protection may be required for privacy, law enforcement, contractual protections, or other reasons. Mark SCI documents appropriately and use an approved SCI fax machine. No, you should only allow mobile code to run from your organization or your organizations trusted sites. **Insider Threat Which scenario might indicate a reportable insider threat? Photos of your pet Correct. Which of the following should you do immediately? Correct. Create separate user accounts with strong individual passwords. difficult life circumstances such as substance abuse, divided loyalty or allegiance to the U.S., and extreme, persistent interpersonal difficulties. What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? What should you do? Store classified data appropriately in a GSA-approved vault/container when not in use. **Classified Data Which of the following is true of protecting classified data? What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. (Mobile Devices) Which of the following statements is true? **Insider Threat Which of the following should be reported as a potential security incident (in accordance with you Agencys insider threat policy)? You must have your organization's permission to telework c. You may use unauthorized software as long as your computer's antivirus software is up to date. Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? What should you do after you have ended a call from a reporter asking you to confirm potentially classified info found on the web? Discrete data involves whole numbers (integers - like 1, 356, or 9) that can't be divided based on the nature of what they are. **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? Identification, encryption, and digital signature. What type of security is part of your responsibility and placed above all else?, If your wireless device is improperly configured someone could gain control of the device? Which of the following does not constitute spillage. Only friends should see all biographical data such as where Alex lives and works. Your password and the second commonly includes a text with a code sent to your phone. What is a best practice for protecting controlled unclassified information (CUI)? Not correct. correct. Which of the following is a security best practice when using social networking sites? What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? Which Of The Following Statements About Adding Social Networks To Hootsuite Is False? Based on the description that follows, how many potential insider threat indicator(s) are displayed? Retrieve classified documents promptly from printers. *Sensitive Compartmented Information What is a Sensitive Compartmented Information (SCI) program? Looking at your MOTHER, and screaming THERE SHE BLOWS! **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? Top Secret information could be expected to cause exceptionally grave damage to national security of disclosed. What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? 1.1.4 Social Networking. *Spillage Which of the following is a good practice to aid in preventing spillage? NARA has the authority and responsibility to manage the CUI Program across the Federal government. Maybe Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Some examplesyou may be familiar with: TheFederalCUI Registry,shows authorized categoriesandassociated markings, as well as applicable safeguarding, dissemination, and decontrol procedures. correct. **Identity management Which of the following is an example of two-factor authentication? What action should you take? 1.1.1 Spillage. Which of the following is NOT Protected Health Information (PHI)? Which of the following is true of Controlled Unclassified information (CUI)? Learn more about Teams A type of phishing targeted at high-level personnel such as senior officials. (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? What is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? (Malicious Code) While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. **Social Engineering Which of the following is a way to protect against social engineering? Is this safe? What amount is due if Alexa pays on or betwee n April 222222 and May 666? (Spillage) Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? (Malicious Code) What are some examples of removable media? ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Looking for https in the URL. Personal information is inadvertently posted at a website. 1.1.5 Controlled Unclassified Information. correct. Which is a way to protect against phishing attacks? Correct, Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. Refer the vendor to the appropriate personnel. What should you do? Spillage because classified data was moved to a lower classification level system without authorization. Classified information that should be unclassified and is downgraded. Alexa May, director of accounts, received a bill for $648\$648$648, dated April 666, with sales terms 2/10,1/15,n/302/10, 1/15, n/302/10,1/15,n/30. You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. Classified information is defined in PL 96-456, the Classified Information Procedures Act: All to Friends Only. Do not access website links, buttons, or graphics in e-mail. Permitted Uses of Government-Furnished Equipment (GFE). Let us have a look at your work and suggest how to improve it! correct. What is a best practice to protect data on your mobile computing device? What should the participants in this conversation involving SCI do differently? Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? Debra ensures not correct With WEKA users, you can access WEKA sample files. Which of the following may be helpful to prevent inadvertent spillage? Executive Order 13526 Classified National Security Information, PersonallyIdentifiable Information (PII), Sensitive Personally Identifiable Information (SPII), Proprietary Business Information (PBI) or currently known within EPA as Confidential Business Information (CBI), Unclassified Controlled Technical Information (UCTI). Matt Monroe, a 20-year U. S. Air Force veteran and current operations manager at Omnistruct, explains the breakdown, "There are four classified information categories in the military based on the severity of damage that the information's release would cause. It never requires classification markings, is true about unclassified data. In the following situations, determine if the duty describes would be one of the Fed is responsible or is not responsible to enforce. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? (Malicious Code) Which of the following is true of Internet hoaxes? Updated 8/5/2020 8:06:16 PM. What action should you take? classified-document. Which is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF). New answers. You receive an email at your official Government email address from an individual at the Office of Personnel Management (OPM). Connect and share knowledge within a single location that is structured and easy to search. Classification markings and handling caveats. 1.1.2 Classified Data. At all times while in the facility. Which method would be the BEST way to send this information? A smartphone that transmits credit card payment information when held in proximity to a credit card reader. The physical security of the device. Search by Location. CUI may be stored on any password-protected system. Which of the following is not considered an example of data hiding? Which of the following is NOT a correct way to protect CUI? Contents hide. When expanded it provides a list of search options that will switch the search inputs to match the current selection. A coworker uses a personal electronic device in a secure area where their use is prohibited. Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. **Social Networking When is the safest time to post details of your vacation activities on your social networking profile? All of these. Use the classified network for all work, including unclassified work. It is releasable to the public without clearance. How Do I Answer The CISSP Exam Questions? (controlled unclassified information) Which of the following is NOT correct way to protect CUI? What is a valid response when identity theft occurs? What is a possible indication of a malicious code attack in progress? Who can be permitted access to classified data? Which of the following is a good practice for telework? Lionel stops an individual in his secure area who is not wearing a badge. *Sensitive Information What is the best example of Personally Identifiable Information (PII)? Use the classified network for all work, including unclassified work. You check your bank statement and see several debits you did not authorize. Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? CPCON 2 (High: Critical and Essential Functions) A pop-up window that flashes and warns that your computer is infected with a virus. *Controlled Unclassified Information Which of the following is NOT an example of CUI? Which of the following is true of sharing information in a Sensitive Compartmented Information Facility (SCIF)? Verify the identity of all individuals.??? Correct. **Website Use How should you respond to the theft of your identity? Before long she has also purchased shoes from several other websites. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)? How should you securely transport company information on a removable media? You receive an email from a company you have an account with. It is permissible to release unclassified information to the public prior to being cleared. Under which circumstances may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? Three or more. What Are Some Examples Of Malicious Code Cyber Awareness? (Sensitive Information) Which of the following is NOT an example of sensitive information? Decline So That You Maintain Physical Control of Your Government-Issued Laptop. Here you can find answers to the DoD Cyber Awareness Challenge. Assuming open storage is always authorized in a secure facility. Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. Write your password down on a device that only you access. CUI is government created or owned information that requires safeguarding or dissemination controls consistent with applicable laws, regulations and government wide policies. Information should be secured in a cabinet or container while not in use. Which is NOT a way to protect removable media? What action should you take? *Controlled Unclassified Information Which of the following is NOT a correct way to protect CUI? correct. You many only transmit SCI via certified mail. Which of the following is not Controlled Unclassified Information (CUI)? ALways mark classified information appropriately and retrieve classified documents promptly from the printer. Asked 8/5/2020 6:29:36 PM. The following table lists the number of drivers in the United States, the number of fatal accidents, and the number of total accidents in each age group in 2002. 8. What should be your response? Which is NOT a wireless security practice? **Insider Threat A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Within a secure area, you see an individual you do not know. They can be part of a distributed denial-of-service (DDoS) attack. **Mobile Devices What should you do when going through an airport security checkpoint with a Government-issued mobile device? It does not require markings or distribution controls. The email provides a website and a toll-free number where you can make payment. (2) War planning documents which contain worldwide -- (a) Planning data and assumptions, (b) Wartime planning factors for the use of nuclear weapons, (c) Intelligence estimates of enemy capabilities, (d) Force composition and development, and A man you do not know is trying to look at your Government-issued phone and has asked to use it. Controlled unclassified information. Which of the following is NOT a criterion used to grant an individual access to classified data? the following is true about unclassified data fy23 controlled unclassified information cui quizlet what is true of controlled unclassified information What. What is best practice while traveling with mobile computing devices? Dont assume open storage in a secure facility is authorized Maybe. Amendments to a variety of policy documents as well as others referencing Confidential Business Information (CBI) submissions or handling, Changes to paper and e-forms and instructions for their submission to EPA. *Spillage What should you do if a reporter asks you about potentially classified information on the web? What should you do? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? What should the owner of this printed SCI do differently? Right-click the link and select the option to preview??? Which of the following demonstrates proper protection of mobile devices? If aggregated, the information could become classified. It never requires classification markings, is true about unclassified data. Decline to let the person in and redirect her to security. In which situation below are you permitted to use your PKI token? The CAC/PIV is a controlled item and contains certificates for: An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? What is the best response if you find classified government data on the internet? Ask for information about the website, including the URL. Which piece of information is safest to include on your social media profile? Which of the following is a good practice to avoid email viruses? You have reached the office door to exit your controlled area. "Unclassified" or a lack of security marking denotes non-sensitive information. A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. Which of the following is a reportable insider threat activity? Research the source of the article to evaluate its credibility and reliability. Which of the following best describes good physical security? Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. Why might "insiders" be able to cause damage to their organizations more easily than others? Connect to the Government Virtual Private Network (VPN).?? Correct. 1.1.3 Insider Threat. A coworker removes sensitive information without approval. Which is an untrue statement about unclassified data? correct. What should you do to protect yourself while on social networks? A coworker brings a personal electronic device into prohibited areas. Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? Follow the steps enlisted below to use WEKA for identifying real values and nominal attributes in the dataset. **Insider Threat Which type of behavior should you report as a potential insider threat? (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? They may be used to mask malicious intent. What describes how Sensitive Compartmented Information is marked? Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. JavaScript appears to be disabled on this computer. Senior government personnel, military or civilian. Which of the following should be reported as a potential security incident? asked in Internet by voice (265k points) internet. The potential for unauthorized viewing of work-related information displayed on your screen. **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sires visited? Preventing an authorized reader of an object from deleting that object B. What is an individual's Personally Identifiable Information (PII) or Protected Health Information (PHI) considered? In unsupervised machine learning, clustering is the most common process used to identify and group similar entities or items together. Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. Since the URL does not start with https, do not provide you credit card information. Darryl is managing a project that requires access to classified information. **Use of GFE When can you check personal e-mail on your Government-furnished equipment (GFE)? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. Which of the following may help to prevent spillage? Call your security point of contact immediately. *Spillage Which of the following may help prevent inadvertent spillage? **Home Computer Security What should you consider when using a wireless keyboard with your home computer? Unclassified information cleared for public release. Monitor credit card statements for unauthorized purchases, Thumb drives, memory sticks, and flash drives are examples of. EPAs CUI Program is responsible for issuing CUI policy, procedures, training, and guidance to program offices and regions, along with providing oversight and reporting on the Agencys progress on meeting NARAs CUI deadlines. **Removable Media in a SCIF What portable electronic devices (PEDs) are allowed in a Sensitive Compartmented Information Facility (SCIF)? Phishing can be an email with a hyperlink as bait. Refer the reporter to your organizations public affairs office. Validate friend requests through another source before confirming them. A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. *Sensitive Compartmented Information When faxing Sensitive Compartmented Information (SCI), what actions should you take? Of the following, which is NOT a security awareness tip? EPA anticipates beginning CUI practices (designating, marking, safeguarding, disseminating, destroying, and decontrolling) starting in FY2023. Of the following, which is NOT a method to protect sensitive information? You know this project is classified. d. giving a spanking or a scolding. Only allow mobile code to run from your organization or your organizations trusted sites. PII includes, but is not limited to, social security numbers, date and places of birth, mothers maiden names, biometric records, and PHI. They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. **Classified Data What is a good practice to protect classified information? **Website Use While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. . *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complain about the credit card bills that his wife runs up. CUI may be stored on any password-protected system. What should you do if someone asks to use your government issued mobile device (phone/laptop..etc)? What is the best choice to describe what has occurred? **Identity management Which is NOT a sufficient way to protect your identity? Which of these is true of unclassified data? Which of the following is a good practice to protect classified information? (Sensitive Information) What type of unclassified material should always be marked with a special handling caveat? UNCLASSIFIED - CLASSIFICATION MARKINGS FOR TRAINING PURPOSES ONLY Marking in the Electronic Environment Short Student Guide Center for Development of Security Excellence Page 4 UNCLASSIFIED - CLASSIFICATION MARKINGS FOR TRAINING PURPOSES ONLY IM and Chat Instant messages and chats are brief, text-based message exchanges and conversations. For example, when you buy propane for your barbecue, your tank is placed on a scale while it is filled under high pressure (Figure 7). -Ask them to verify their name and office number A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. (1) A strategic plan documenting the overall conduct of a war. We recommend Norton Security or McAfee Total Protection. How do you think antihistamines might work? The challenges goal is simple: To change user behavior to reduce the risks and vulnerabilities DoD Information Systems face. (Malicious Code) Which email attachments are generally SAFE to open? What should be your response? What is a security best practice to employ on your home computer? Note any identifying information and the websites URL. *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Immediately notify your security point of contact. Digitally signed e-mails are more secure. Report the crime to local law enforcement. (Mobile Devices) When can you use removable media on a Government system? What action should you take? The EPAs Controlled Unclassified Information (CUI) Program issued its Interim CUI Policy in December 2020. Who designates whether information is classified and its classification level? Use the government email system so you can encrypt the information and open the email on your government issued laptop. Malicious code can include viruses, worms, and macros. **Classified Data Which of the following is true of telework? What information most likely presents a security risk on your personal social networking profile? A colleague removes sensitive information without seeking authorization in order to perform authorized telework. When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag.