Which of the following is a clue to recognizing a phishing email? (Spillage) Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? (Spillage) What type of activity or behavior should be reported as a potential insider threat? correct. Many apps and smart devices collect and share your personal information and contribute to your online identity. **Mobile Devices What can help to protect the data on your personal mobile device? UNCLASSIFIED - CLASSIFICATION MARKINGS FOR TRAINING PURPOSES ONLY Marking in the Electronic Environment Short Student Guide Center for Development of Security Excellence Page 4 UNCLASSIFIED - CLASSIFICATION MARKINGS FOR TRAINING PURPOSES ONLY IM and Chat Instant messages and chats are brief, text-based message exchanges and conversations. Briefly describe what you have learned. **Home Computer Security Which of the following is a best practice for securing your home computer? what should be your response be? -It never requires classification markings. A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. When leaving your work area, what is the first thing you should do? Which of the following is a reportable insider threat activity? Use a single, complex password for your system and application logons. Should you always label your removable media? (Malicious Code) What is a good practice to protect data on your home wireless systems? Lock your device screen when not in use and require a password to reactivate. Only expressly authorized government-owned PEDs. Which of the following is a concern when using your Government-issued laptop in public? true-statement. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. What Are Some Examples Of Malicious Code Cyber Awareness? Which is a way to protect against phishing attacks? Social Security Number; date and place of birth; mothers maiden name. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? A colleague removes sensitive information without seeking authorization in order to perform authorized telework. Based on the description that follows, how many potential insider threat indicator(s) are displayed? Which of the following is NOT a criterion used to grant an individual access to classified data? Which of the following is true about unclassified data? You know that this project is classified. correct. *Spillage Which of the following is a good practice to prevent spillage? Always use DoD PKI tokens within their designated classification level. Use only your personal contact information when establishing your account. Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. correct. Validate all friend requests through another source before confirming them. (Mobile Devices) When can you use removable media on a Government system? Everything you need to know aboutControlled UnclassifiedInformation(CUI). What action is recommended when somebody calls you to inquire about your work environment or specific account information? correct. Which of the following is NOT a potential insider threat? Which of these is true of unclassified data? Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. Darryl is managing a project that requires access to classified information. Download the information. (Spillage) What should you do when you are working on an unclassified system and receive an email with a classified attachment? (Identity Management) What certificates are contained on the Common Access Card (CAC)? The email has an attachment whose name contains the word secret. -It must be released to the public immediately. How many potential insiders threat indicators does this employee display? It may expose the connected device to malware. How are Trojan horses, worms, and malicious scripts spread? **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sires visited? Which of the following demonstrates proper protection of mobile devices? What certificates are contained on the Common Access Card (CAC)? *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? **Removable Media in a SCIF What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? Which Of The Following Statements About Adding Social Networks To Hootsuite Is False? Matt Monroe, a 20-year U. S. Air Force veteran and current operations manager at Omnistruct, explains the breakdown, "There are four classified information categories in the military based on the severity of damage that the information's release would cause. Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. General Services Administration (GSA) approval. You check your bank statement and see several debits you did not authorize. **Mobile Devices Which of the following helps protect data on your personal mobile devices? f. Get an answer. (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? All https sites are legitimate and there is no risk to entering your personal info online. You receive an email at your official Government email address from an individual at the Office of Personnel Management (OPM). Let us know if this was helpful. If you participate in or condone it at any time. **Identity management Which is NOT a sufficient way to protect your identity? CUI is not classified information. Store classified data appropriately in a GSA-approved vault/container. Always use DoD PKI tokens within their designated classification level. At all times while in the facility. Some examplesyou may be familiar with: TheFederalCUI Registry,shows authorized categoriesandassociated markings, as well as applicable safeguarding, dissemination, and decontrol procedures. Correct. It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number. Its classification level may rise when aggregated. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. What should you do if someone asks to use your government issued mobile device (phone/laptop..etc)? Malicious code can mask itself as a harmless e-mail attachment, downloadable file, or website. Third, the neighbor ground points of an unclassified point are searched from multiple subspaces. Use the government email system so you can encrypt the information and open the email on your government issued laptop. Controlled Unclassified Information (CUI) Purpose of the CUI Program. Which of the following is a good practice to avoid email viruses? E-mailing your co-workers to let them know you are taking a sick day. **Insider Threat What is an insider threat? However, unclassified data. When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. 1).Compared with CK, straw addition treatments (S and SG) significantly (P < 0.01) increased the emission rate and cumulative emission of CO 2 and the cumulative CO 2 . Which of the following is true about telework? A Common Access Card and Personal Identification Number. Correct. NARA has the authority and responsibility to manage the CUI Program across the Federal government. Why might "insiders" be able to cause damage to their organizations more easily than others? Only paper documents that are in open storage need to be marked. 4. *Sensitive Compartmented Information When faxing Sensitive Compartmented Information (SCI), what actions should you take? *Spillage What is a proper response if spillage occurs? How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. You receive a call on your work phone and youre asked to participate in a phone survey. In the following situations, determine if the duty describes would be one of the Fed is responsible or is not responsible to enforce. #2) Select the "Pre-Process" tab. Preventing an authorized reader of an object from deleting that object B. A medium secure password has at least 15 characters and one of the following. Connect and share knowledge within a single location that is structured and easy to search. After you have returned home following the vacation. Like the number of people in a class, the number of fingers on your hands, or the number of children someone has. Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? Classified material must be appropriately marked. Correct. Verify the identity of all individuals.??? Understanding and using the available privacy settings. When unclassified data is aggregated, its classification level may rise. Controlled Unclassified Information (CUI) is information that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies, but is not classified under Executive Order 13526 "Classified National Security Informat What are examples of CUI? When using a public device with a card reader, only use your DoD CAC to access unclassified information, is only allowed if the organization permits it. What information most likely presents a security risk on your personal social networking profile? If aggregated, the information could become classified. How can you protect yourself on social networking sites? **Classified Data What level of damage can the unauthorized disclosure of information classified as Confidential reasonably be expected to cause? **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. A coworker removes sensitive information without authorization. Search for an answer or ask Weegy. What should be done to sensitive data on laptops and other mobile computing devices? What should be done to protect against insider threats? **Website Use While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. **Social Networking Your cousin posted a link to an article with an incendiary headline on social media. Reviewing and configuring the available security features, including encryption. A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. PII, PHI, and financial information is classified as what type of information? What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? Report the suspicious behavior in accordance with their organizations insider threat policy. Ask them to verify their name and office number. (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? Since the URL does not start with https, do not provide you credit card information. **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? Attempting to access sensitive information without need-to-know. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive new car, and has unexplained absences from work. Use personally-owned wired headsets and microphones only in designated areas, New interest in learning a foreign language. (1) A strategic plan documenting the overall conduct of a war. Request the users full name and phone number. The emission rate of CO 2 from the soils reached the maximum on the 1st day of incubation and the sequence of CO 2 emission rate and cumulative emission under different amendment treatments was as SG > S > G > CK > N (Fig. In which situation below are you permitted to use your PKI token? Secure .gov websites use HTTPS (social networking) When is the safest time to post details of your vacation activities on your social networking profile? *Spillage You find information that you know to be classified on the Internet. Where. Which of the following is NOT sensitive information? (Malicious Code) What are some examples of removable media? Which of the following does not constitute spillage. Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical functions only? Senior government personnel, military or civilian. The physical security of the device. *Insider Threat Which of the following is a potential insider threat indicator? It may be compromised as soon as you exit the plane. What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? Which of the following best describes good physical security? You must have your organizations permission to telework. (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. Which of the following is a good practice for telework? Historically, each agency developed its own practices for sensitive unclassified information, resulting in a patchwork of systems across the Executive branch, in which similar information might be defined or labeled differently, or where dissimilar information might share a definition and/or label. *Spillage Which of the following may help to prevent spillage? They can be part of a distributed denial-of-service (DDoS) attack. Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. How should you respond? **Insider Threat Which of the following is NOT considered a potential insider threat indicator? 1.1 Standard Challenge Answers. You can't have 1.9 children in a family (despite what the census might say ). What should you do? What is the best choice to describe what has occurred? __________, To supervise bank holding companies and state member banks __________, To make loans to businesses who want to expand their operations __________, To operate the check-clearing system for the nation __________, to provide financial services to the federal government and serve as the bankers bank for commercial banks and other depositary institutions __________, To serve as the fiscal agent of the U.S. government __________, To place printed paper currency and newly minted coins into circulation __________. The CUI Registry is the Government-wide online repository for Federal-level guidance regarding CUI policy and practice. Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. Decline to let the person in and redirect her to security. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Neither confirm or deny the information is classified. Classified material must be appropriately marked. **Social Engineering What is TRUE of a phishing attack? Spillage because classified data was moved to a lower classification level system without authorization. cyber-awareness. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. How many potential insider threat indicators does this employee display? CPCON 5 (Very Low: All Functions). 1 Cyber Awareness Challenge 2023 Answers. A colleague enjoys playing video games online, regularly use social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited. The CAC/PIV is a controlled item and contains certificates for: An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? **Identity management Which of the following is an example of a strong password? What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. Research the source of the article to evaluate its credibility and reliability. Which of the following is NOT an example of Personally Identifiable Information (PII)? a. Correct. You are logged on to your unclassified computer and just received an encrypted email from a co-worker. Sensitive information may be stored on any password-protected system. Exceptionally grave damage to national security. What actions should you take with a compressed Uniform Resource Locator (URL) on a website known to you? Search for an answer or ask Weegy. Public service, notably service in the United States Department of Defense or DoD, is a public trust. **Classified Data When classified data is not in use, how can you protect it? *Insider Threat Which of the following is a reportable insider threat activity? #1) Open WEKA and select "Explorer" under 'Applications'. 5. *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). Which of the following is NOT a social engineering tip? Correct. Note any identifying information, such as the website's URL, and report the situation to your security POC. *Malicious Code Which of the following is NOT a way that malicious code spreads? (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? What type of attack might this be? ?Access requires Top Secret clearance and indoctrination into SCI program.??? Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? Federal agencies routinely generate, use, store, and share information that, while not meeting the threshold for classification as national security or atomic energy information, requires some level of protection from unauthorized access and release. b. Use TinyURL's preview feature to investigate where the link leads. Which of the following demonstrates proper protection of mobile devices? How many potential insider threat indicators is Bob displaying? (Travel) Which of the following is a concern when using your Government-issued laptop in public? **Mobile Devices Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? ! (A type of phishing targeted at senior officials) Which is still your FAT A$$ MOTHER! CUI includes, but is not limited to Controlled Technical Information (CTI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data and operational information. View email in plain text and dont view email in Preview Pane. **Social Networking Which of the following information is a security risk when posted publicly on your social networking profile? Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card. What is the best course of action? Follow procedures for transferring data to and from outside agency and non-Government networks. You must have your organization's permission to telework. (Answer) CPCON 2 (High: Critical and Essential Functions) CPCON 1 (Very High: Critical Functions) CPCON 3 (Medium: Critical, Essential, and Support Functions) CPCON 4 (Low: All Functions) CPCON 5 (Very Low: All Functions). Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? Which of the following individuals can access classified data? Only paper documents that are in open storage need to be marked. Do not download it. Thiswill enabletimely and consistent informationsharing andincreasetransparency throughout the Federal government and with non-Federal stakeholders. What should you do if a reporter asks you about potentially classified information on the web? Use only personal contact information when establishing your personal account. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. When traveling or working away from your main location, what steps should you take to protect your devices and data? Which of the following is NOT a correct way to protect CUI? Which of the following is a good practice to prevent spillage. **Travel Which of the following is true of traveling overseas with a mobile phone? *Sensitive Compartmented Information What is Sensitive Compartmented Information (SCI)? (Sensitive Compartmented Information) What describes how Sensitive Compartmented Information is marked? Which of the following is NOT one? Which of the following is an example of two-factor authentication? Ive tried all the answers and it still tells me off, part 2.
