CUI is an umbrella term that encompasses many different markings toidentifyinformationthat is not classified but which should be protected. Press release data. d. giving a spanking or a scolding. **Insider Threat How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? All data transfers via the internet are not 100% secure and there might be some security vulnerabilities. Unauthorized Disclosure of Classified Information and Controlled Unclassified Information . **Mobile Devices Which of the following helps protect data on your personal mobile devices? What should be done to sensitive data on laptops and other mobile computing devices? Based on the description that follows, how many potential insider threat indicator(s) are displayed? The CAC/PIV is a controlled item and contains certificates for: An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? Dont assume open storage in a secure facility is authorized Maybe. (Malicious Code) What is a good practice to protect data on your home wireless systems? **Social Engineering Which of the following is a way to protect against social engineering? classified-document. A program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. Your cousin posted a link to an article with an incendiary headline on social media. If you participate in or condone it at any time. Classified DVD distribution should be controlled just like any other classified media. Classified information is defined in PL 96-456, the Classified Information Procedures Act: **Social Engineering Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? Avoid talking about work outside of the workplace or with people without a need-to-know. This bag contains your government-issued laptop. Organizational Policy Not correct What action should you take? Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical functions only? *Spillage Which of the following may help prevent inadvertent spillage? Neither confirm or deny the information is classified. true-statement. Which of the following is NOT an example of sensitive information? When traveling or working away from your main location, what steps should you take to protect your devices and data? Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. (Correct) -It does not affect the safety of Government missions. Ensure that the wireless security features are properly configured. (Identity Management) Which of the following is an example of two-factor authentication? How do you respond? A coworker removes sensitive information without authorization. After you have returned home following the vacation. **Insider Threat What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? Contact the IRS using their publicly available, official contact information. **Social Engineering Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Which of the following is true of Internet of Things (IoT) devices? Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. What is required for an individual to access classified data? How many potential insider threat indicators does this employee display? Which of the following should be done to keep your home computer secure? Changes to various data systems that store and sometimes share sensitive information outside EPA. 1.1.5 Controlled Unclassified Information. They broadly describe the overall classification of a program or system. Which of the following is true of Security Classification Guides? Cyber Awareness 2022. Thats the only way we can improve. A coworker brings a personal electronic device into prohibited areas. Using webmail may bypass built in security features. Store it in a General Services Administration (GSA)-approved vault or container. Malicious code can include viruses, worms, and macros. Not correct. Unclassified is a security classification assigned to official information that does not warrant the assignment of Confidential, Secret, or Top Secret markings but which is not publicly-releasable without authorization. **Removable Media in a SCIF What must users ensure when using removable media such as compact disk (CD)? Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Which of the following is NOT a correct way to protect CUI? Information should be secured in a cabinet or container while not in use. Do not access website links, buttons, or graphics in e-mail. (Wrong). What should you do? Store it in a GSA approved vault or container. *Sensitive Information Which of the following is an example of Protected Health Information (PHI)? **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? the following is true about unclassified data fy23 controlled unclassified information cui quizlet what is true of controlled unclassified information What. Which of the following is a practice that helps to protect you from identity theft? Store it in a locked desk drawer after working hours. 1.1.2 Classified Data. internet-quiz. What should you do? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. In which situation below are you permitted to use your PKI token? How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? What information most likely presents a security risk on your personal social networking profile? You must have your organization's permission to telework. Proactively identify potential threats and formulate holistic mitigation responses. Which of the following is a concern when using your Government-issued laptop in public? *Spillage Which of the following actions is appropriate after finding classified information on the Internet? EPA anticipates beginning CUI practices (designating, marking, safeguarding, disseminating, destroying, and decontrolling) starting in FY2023. Decline to let the person in and redirect her to security. (Spillage) What is required for an individual to access classified data? Alex demonstrates a lot of potential insider threat indicators. Compute The Average Kids Per Family. Setting weekly time for virus scan when you are not on the computer and it is powered off. When using a fax machine to send sensitive information, the sender should do which of the following? The EPAs Controlled Unclassified Information (CUI) Program issued its Interim CUI Policy in December 2020. a. What should you do to protect classified data? **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? **Classified Data What is a good practice to protect classified information? Correct. asked in Internet by voice (265k points) internet. Use personally-owned wired headsets and microphones only in designated areas, New interest in learning a foreign language. Correct Unknown data is categorized by the system; an analyst then reviews the results Which of the following information is a security risk when posted publicly on your social networking profile? A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. How should you respond? (Spillage) What type of activity or behavior should be reported as a potential insider threat? What should you do if someone forgets their access badge (physical access)? (Spillage) What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? Three or more. ?Access requires Top Secret clearance and indoctrination into SCI program.??? You know this project is classified. __________, To supervise bank holding companies and state member banks __________, To make loans to businesses who want to expand their operations __________, To operate the check-clearing system for the nation __________, to provide financial services to the federal government and serve as the bankers bank for commercial banks and other depositary institutions __________, To serve as the fiscal agent of the U.S. government __________, To place printed paper currency and newly minted coins into circulation __________. A colleague enjoys playing video games online, regularly use social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited. As a security best practice, what should you do before exiting? Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. (Sensitive Information) Which of the following is true about unclassified data? Which of the following is a good practice to avoid email viruses? Which of the following should you do immediately? DOD Cyber Awareness 2021 (DOD-IAA-V18.0) Know, RT202: Ch. How can you protect your information when using wireless technology? *Sensitive Compartmented Information When faxing Sensitive Compartmented Information (SCI), what actions should you take? asked in Internet by voice (265k points) Question : Which of the following is true about unclassified data? ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). Assuming open storage is always authorized in a secure facility. Which is NOT a way to protect removable media? There is no way to know where the link actually leads. In which situation below are you permitted to use your PKI token? Which of the following is NOT a correct way to protect sensitive information? When would be a good time to post your vacation location and dates on your social networking website? What does Personally Identifiable Information (PII) include? Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, CITI Ethics, Responsible Conduct, RCR, Law, HTH And IRB Answers, EVERFI Achieve Consumer Financial Education Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Google Analytics Individual Qualification Exam Answers, Everfi Module 4 Credit Scores Quiz Answers, Which Of The Following Is Not Considered A Potential Insider Threat Indicator. (Malicious Code) Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? At EPA, the CUI Program is housed in the Libraries and Accessibility Division (LAD) within the Office of Mission Supports (OMS), Office of Enterprise Information Programs (OEIP). Federal agencies routinely generate, use, store, and share information that, while not classified, still requires some level of protection from unauthorized access and release. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. Which of the following is NOT Government computer misuse? -Classified information that should be unclassified and is downgraded. What type of activity or behavior should be reported as a potential insider threat? Exceptionally grave damage. If aggregated, the classification of the information may not be changed. Hostility or anger toward the United States and its policies. DoD Unclassified data: Must be cleared before being released to the public May require applci aton i of Controled l Uncasl sed Iifi nformaton i (CU)I access and distribution controls Must be clearly marked as Unclassified or CUI if included in a classified document or classified storage area Rating. Sensitive information may be stored on any password-protected system. What is a possible indication of a malicious code attack in progress? This lets the service person know when the tank is "full." It contains certificates for identification, encryption, and digital signature. Q&A for work. data. What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. Spillage because classified data was moved to a lower classification level system without authorization. You receive an unexpected email from a friend: "I think you'll like this: (URL)" What action should you take? Reviewing and configuring the available security features, including encryption. E-mailing your co-workers to let them know you are taking a sick day. Use only your personal contact information when establishing your account. The email has an attachment whose name contains the word secret. Reviewing and configuring the available security features, including encryption. Which of the following makes Alexs personal information vulnerable to attacks by identity thieves? 10-3 X-ray Interaction with Matter, Fundamentals of Engineering Economic Analysis, David Besanko, Mark Shanley, Scott Schaefer. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. What should you do after you have ended a call from a reporter asking you to confirm potentially classified info found on the web? You receive a call on your work phone and youre asked to participate in a phone survey. A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. Log in for more information. Executive Order 13526 Classified National Security Information, PersonallyIdentifiable Information (PII), Sensitive Personally Identifiable Information (SPII), Proprietary Business Information (PBI) or currently known within EPA as Confidential Business Information (CBI), Unclassified Controlled Technical Information (UCTI). Attachments contained in a digitally signed email from someone known. Under What Circumstances Could Unclassified? What actions should you take prior to leaving the work environment and going to lunch? A passenger in the Land Rover Freelander that T-boned the hatchback said the BMW had been driven out of the unclassified road towards Shipton-under-Wychwood 'like a bat out of hell' - giving . correct. As long as the document is cleared for public release, you may release it outside of DoD. Correct. A coworker uses a personal electronic device in a secure area where their use is prohibited. Ive tried all the answers and it still tells me off, part 2. When is it appropriate to have your security badge visible? Maria is at home shopping for shoes on Amazon.com. What should you do? Which of the following is not considered a potential insider threat indicator? **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? If aggregated, the information could become classified. laptops, fitness bands, tablets, smartphones, electric readers, and Bluetooth devices. -It must be released to the public immediately. Unclassified documents do not need to be marked as a SCIF. **Classified Data When classified data is not in use, how can you protect it? Identification, encryption, and digital signature. Do not download it. You find information that you know to be classified on the Internet. What is a valid response when identity theft occurs? UNCLASSIFIED - CLASSIFICATION MARKINGS FOR TRAINING PURPOSES ONLY Marking in the Electronic Environment Short Student Guide Center for Development of Security Excellence Page 4 UNCLASSIFIED - CLASSIFICATION MARKINGS FOR TRAINING PURPOSES ONLY IM and Chat Instant messages and chats are brief, text-based message exchanges and conversations. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. what should you do? **Classified Data Which of the following is true of protecting classified data? Which of the following is NOT a potential insider threat? Discuss why gases, such as barbecue propane gas, are sold by mass and not by volume. (Malicious Code) A coworker has asked if you want to download a programmers game to play at work. Research the source to evaluate its credibility and reliability. What can be used to track Marias web browsing habits? Which of the following is true of transmitting Sensitive Compartmented Information (SCI)? Under what circumstances could unclassified information be considered a threat to national security? The CUIProgramisan unprecedented initiative to standardize practices across more than 100 separate departments and agencies, as well asstate, local,tribal and, private sector entities; academia; and industry. Classified data: (Scene) Which of the following is true about telework? 1 Answer/Comment. Debra ensures not correct Correct. Unclassified information can become a threat to national security. A coworker has asked if you want to download a programmer's game to play at work. Found a mistake? Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. correct. On September 14, 2016, NARA issued a final rule amending 32 CFR Part 2002 to establish a uniform policy for all Federal agencies and prescribe Government-wide program implementation standards, including designating, safeguarding, disseminating, marking, decontrolling, and disposing of CUI; self-inspection and oversight requirements; and other facets of the CUI Program. A type of phishing targeted at senior officials. You have reached the office door to exit your controlled area. Which designation marks information that does not have potential to damage national security? Correct. (Sensitive Information) Which of the following represents a good physical security practice? Aggregating it does not affect its sensitivyty level. Ans: True Question 2: The Government Information Security Reform Act (Security Reform Act) of 2000 focuses on management View the full answer Which of the following is true about unclassified data? (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? CUI was established to standardize the way the Executive branch handles sensitive information that requires dissemination controls. Note any identifying information and the websites Uniform Resource Locator (URL). Executive Order 13556, Controlled Unclassified Information, requires the Executive Branch to establish an open and uniform program for managing [unclassified] information that requires safeguarding or dissemination controls pursuant to and consistent with laws, regulations, and Government-wide policies. The National Archives and Records Administration (NARA) was named the Executive Agent (EA) responsible for overseeing the CUI Program. What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. Here you can find answers to the DoD Cyber Awareness Challenge. Based on the description that follows, how many potential insider threat indicator(s) are displayed? difficult life circumstances such as substance abuse, divided loyalty or allegiance to the U.S., and extreme, persistent interpersonal difficulties. How can you protect yourself from social engineering? Which of the following is an example of Protected Health Information (PHI)? correct. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? John submits CUI to his organizations security office to transmit it on his behalf. Not correct What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? What should you do? You must have your organizations permission to telework. What information should you avoid posting on social networking sites? What is a security best practice to employ on your home computer? e. Why do Elodea and onion cells have more consistent shapes than human epithelial cells? How should you protect a printed classified document when it is not in use? Which of the following may be helpful to prevent inadvertent spillage? What should you do? **Website Use How should you respond to the theft of your identity? **Mobile Devices What can help to protect the data on your personal mobile device? What should Sara do when publicly available Internet, such as hotel Wi-Fi? The answer has been confirmed to be correct. Which of the following statements is NOT true about protecting your virtual identity? Top Secret information could be expected to cause exceptionally grave damage to national security of disclosed. Which is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF). (1) A strategic plan documenting the overall conduct of a war. cyber. Approved Security Classification Guide (SCG). Enable automatic screen locking after a period of inactivity. Others may be able to view your screen. Unclassified Information Student Guide . (Mobile Devices) Which of the following statements is true? What is a proper response if spillage occurs? Maybe. Monitor credit card statements for unauthorized purchases, Thumb drives, memory sticks, and flash drives are examples of. 5. ~A coworker brings a personal electronic device into a prohibited area. Always take your CAC when you leave your workstation. Which of the following is a clue to recognizing a phishing email? On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. How many indicators does this employee display? Secure it to the same level as Government-issued systems. Question. JavaScript appears to be disabled on this computer. Before long she has also purchased shoes from several other websites. You can email your employees information to yourself so you can work on it this weekend and go home now. New interest in learning another language? -Its classification level may rise when aggregated. Information improperly moved from a higher protection level to a lower protection level. T/F. Since the URL does not start with https, do not provide you credit card information. What is the best choice to describe what has occurred? (Malicious Code) Which of the following is true of Internet hoaxes? you don't need to do anything special to protect this information Which of the following is an example of punishment by application? Connect to the Government Virtual Private Network (VPN).?? Select the information on the data sheet that is personally identifiable information (PII). If classified information were released, which classification level would result in Exceptionally grave damage to national security? Explain. Which of the following is NOT a criterion used to grant an individual access to classified data? correct. Classification markings and handling caveats. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Store classified data in a locked desk drawer when not in use Maybe -Its classification level may rise when aggregated. Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Select the information on the data sheet that is protected health information (PHI). Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. When leaving your work area, what is the first thing you should do? Which of the following is true of using DoD Public key Infrastructure (PKI) token? The questions are broken into the following sections: Controlled Unclassified Information (CUI) isinformation that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies,but is not classified underExecutive Order 13526 Classified National Security Informationorthe Atomic Energy Act, as amended.
Docker Javascript Heap Out Of Memory,
Genesis 3:19 Explained,
$500 Million Net Worth Lifestyle,
Which Ship's Document Can Be Used In Legal Proceedings,
Articles W