Exit. General Services Administration (GSA) approval. All PEDs, including personal devices b. You are logged on to your unclassified computer and just received an encrypted email from a co-worker. Use of GFE (Incident): Permitted Uses of Government-Furnished Equipment (GFE) A No to all: Viewing or downloading pornography, gambling online, conducting a private money-making venture, using unauthorized software, Illegally downloading copyrighted material, making unauthorized configuration changes. Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. Linda encrypts all of the sensitive data on her government-issued mobile devices. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. An experiment consists of tossing three fair (not weighted) coins, except that one of the three coins has a head on both sides. It may expose the connected device to malware. answered by admic (1.0m points) selected by voice. Where this is the case you should also state clearly in your proposal the details of the prior contract and the associated intellectual property contract conditions. (Spillage) What should you do if a reporter asks you about potentially classified information on the web? b. **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? (Sensitive Information) Which of the following represents a good physical security practice? d. All of these. Under the terms of DEFCON 705 any intellectual property generated under the contract belongs to the contractor. Classified DVD distribution should be controlled just like any other classified media. Classified information that should be unclassified and is downgraded. Who can be permitted access to classified data? Use only personal contact information when establishing your personal account. Software that installs itself without the users knowledge, Malicious Code (Damage): How can malicious code cause damage? A coworker has asked if you want to download a programmers game to play at work. *Spillage What is a proper response if spillage occurs? Calculate the margin of safety in terms of the number of units. Which of the following is not a best practice to preserve the authenticity of your identity? You find information that you know to be classified on the Internet. b. What should you do? (Malicious Code) Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? Enable automatic screen locking after a period of inactivity. Spread Linda encrypts all of the sensitive data on her government issued mobile devices. Personal information is inadvertently posted at a website. Which of the following best describes the sources that contribute to your online identity. b.
End of COVID-19 Emergency: Legal Implications for Healthcare Providers Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card.
Government Furnished Equipment (GFE) - AcqNotes **Social Networking Your cousin posted a link to an article with an incendiary headline on social media. Based on the description that follows, how many potential insider threat indicator(s) are displayed? a. Security updates are ready to install. Correct. What is the danger of using public Wi-Fi connections? Incident #2 Looking for https in the URL. - Updated Terms and conditions. lock Calculate the margin of safety in terms of sales revenue. The following practices help prevent viruses and the downloading of malicious code except. 2 0 obj
not correct It may be compromised as soon as you exit the plane. Which of the following is NOT Protected Health Information (PHI)? Call your security point of contact immediately. Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Government Furnished Equipment (GFE) is the generic term for materiel loaned to a contractor. Using unauthorized software. **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? Malicious code can mask itself as a harmless e-mail attachment, downloadable file, or website. Do not access website links in e-mail messages. They can be part of a distributed denial-of-service (DDoS) attack. Which of the following is a clue to recognizing a phishing email? A Form 388 will be sent to you if youre successful under a DASA competition. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? **Classified Data What is required for an individual to access classified data? Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. What should be your response? Incident
What should you do? (Malicious Code) What are some examples of malicious code? This HHS Policy supersedes the CMS ARS 3.0 CM-2 Enhancement 7 Configure Systems or Components for High Risk Areas control. You must possess security clearance eligibility to telework. A type of phishing targeted at high-level personnel such as senior officials. Ask the individual to see an identification badge. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Sign up to get the latest information about your choice of CMS topics. What should you do if a reporter asks you about potentially classified information on the web? Remove your security badge after leaving your controlled area or office building. **Classified Data Which of the following is true of protecting classified data? c. Do not access website links in e-mail messages. It would be best to contact the institution using verified contact information to confirm. *Social Networking Security Classification Guides (SCGs).??? **Social Networking Which of the following best describes the sources that contribute to your online identity? Only use Government-furnished or Government-approved equipment to process CUI, including PII. Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? You are working at your unclassified system and receive an email from a coworker containing a classified attachment. Ask them to verify their name and office number. Depending on the specifics of any proposed change of use, including any building work . Which of the following is NOT a correct way to protect sensitive information? Alex demonstrates a lot of potential insider threat indicators. Laptop (Take CAC out), PIN note (Never write your PIN.
DoD Cyber Awareness 2019 - Subjecto.com You must have your organizations permission to telework. **Website Use While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? At all times when in the facility c. At any time during the workday, including when leaving the facility. Which of the following is NOT a DoD special requirement for tokens? Classified information that should be unclassified and is downgraded. What should the employee do differently? endstream
endobj
1072 0 obj
<>stream
However, the equipment can be furnished by the Government if it is in the best interest of the Government to provide GFE for use by the contractor. Sensitive Compartmented Information (Incident #2): What should the owner of this printed SCI do differently? On a computer at the public library to check your DOD email.D. They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. Mobile Devices (Incident): Which of the following demonstrates proper protection of mobile devices? A colleague asks to leave a report containing protected health information (PHI) on his desk overnight so he can continue working on it the next day. When your vacation is over, after you have returned home. Make note of any identifying information and the website URL and report it to your security office. When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? What type of data must be handled and stored properly based on classification markings and handling caveats? Employees who require equipment as a reasonable accommodation must contact their reasonable accommodation coordinator in the Office of Human Resources Management or their supervisor for assistance. endobj
Exception. CPCON 1. Contact the IRS using their publicly available, official contact information. NOT permitted uses of government-furnished equip (GFE) for: Viewing or downloading p*rn*graphy. Only paper documents that are in open storage need to be marked. Always check to make sure you are using the correct network for the level of data. John submits CUI to his organizations security office to transmit it on his behalf. Validate friend requests through another source before confirming them. Which of the following is a good practice to protect classified information? CUI may be stored on any password-protected system. What security risk does a public Wi-Fi connection pose? Assuming open storage is always authorized in a secure facility. (Spillage) What is required for an individual to access classified data? What actions should you take prior to leaving the work environment and going to lunch? Research the source to evaluate its credibility and reliability. Mark SCI documents appropriately and use an approved SCI fax machine. GFE is normally specified in a Request for Proposal (RFP) or contract. We reserve the right to add additional contractual conditions if individual circumstances dictate. - correct Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)?
**Identity management Which of the following is an example of a strong password? Spillage: Which of the following does NOT constitute spillage?a. Your DOD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the Non-classified Internet Protocol Router Network (NIPRNet). b. Retrieve classified documents promptly from printers. They can become an attack vector to other devices on your home network. All to Friends Only. (controlled unclassified information) Which of the following is NOT an example of CUI? (social networking) When is the safest time to post details of your vacation activities on your social networking profile? 1.3 GENERAL REQUIREMENTS ***** NOTE: Indicate the configuration and layout for all food . Access to and use of the information of this website is at the user's risk. Photos of your pet Correct. Attempting to access sensitive information without need-to-know. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material.
PDF Cyber Awareness Challenge 2022 Information Security Family and relationships - Friends Only Store it in a General Services Administration (GSA)-approved vault or container. Which Of The Following Statements About Adding Social Networks To Hootsuite Is False?
DOD CYBER AWARENESS Flashcards | Quizlet Building 5 *Spillage .What should you do if a reporter asks you about potentially classified information on the web? 0-`*0r+u,1+~p]"WC0`=0uG!o8zGkv57?8/ssmZ]bw>V3^aiKPH(pUcWqR)u
KmPy (TL2 In which situation below are you permitted to use your PKI token? Write your password down on a device that only you access. Personally-owned external monitors may be connected to DoD-issued computers in telework environments via VGA or DVI, but not via USB. How was one of the weaknesses of a free enterprise economy illustrated by the Great Depression? Of the following, which is NOT a problem or concern of an Internet hoax? Use the classified network for all work, including unclassified work. CUI must be handled using safeguarding or dissemination controls. An official website of the United States government Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. \text{Expense}&(l)&\text{Credit}&\text{Debit}\\ Call your security point of contact immediately. endobj
What should you do? Which of the following is NOT a criterion used to grant an individual access to classified data? We will keep the title; abstract; total price; technology area; organisation; and any related prior submission reference number, detailed in your proposal. Only use Government-approved equipment to process PII. Illegal downloading copyrighted materials. Classified material must be appropriately marked. You must have your organizations permission to telework c. You may use unauthorized software as long as your computers antivirus software is up to date. endobj
How can you avoid downloading malicious code? Connect to the Government Virtual Private Network (VPN). Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? Which of the following is a practice that helps to protect you from identity theft? Physical Security: (Incident #1): What should the employee do differently? Press release data. Appropriate confidentiality agreements will be put in place. What is the unit product cost for Job 413? Chillmax Company plans to sell 3,500 pairs of shoes at $60 each in the coming year. What is an indication that malicious code is running on your system? (Malicious Code) While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. As well as the technical aspects, value for money will also be taken into consideration during the assessment of your proposal. \text{Asset}&&&\text{Debit}\\ Full Rights Versions only contain Foreground Information information generated under the work that we contract with you. Social Security Number, date and place of birth, mothers maiden name. We will make payment in accordance with the terms of the relevant contract. Correct. Confirm the individuals need-to-know and access. Which of the following statements is NOT true about protecting your virtual identity?
Article - Pneumatic Compression Devices - Policy Article (A52488) Instruction Memorandum No. Name and profile picture - Any Making unauthorized configuration changes - No. Incident #1 You must appoint a person whos responsible for all communications with us. Which of the following is true of transmitting Sensitive Compartmented Information (SCI)? (Permitted Uses of Government-Furnished Equipment GFE)), Viewing or downloading pornography - No (Spillage) What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? Based on the description that follows how many potential insider threat indicators are displayed? c. Both of these, Use of GFE (Incident): Permitted Uses of Government-Furnished Equipment (GFE). What should be your response? \text{Capital Stock}&\text{Credit}&&\\ Exceptionally grave damage. Only when there is no other charger available. A trusted friend in your social network posts a link to vaccine information on a website unknown to you. A federal government website managed and paid for by the U.S. Centers for Medicare & Medicaid Services. Is this safe? ~A coworker brings a personal electronic device into a prohibited area. When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? (Home computer) Which of the following is best practice for securing your home computer? Decline to let the person in and redirect her to security. What is NOT Personally Identifiable Information (PII)? CUI may be stored on any password-protected system. What should you do? Birthday - Friends Only . What certificates are contained on the Common Access Card (CAC)? Then select Submit. Which of the following is true of Internet of Things (IoT) devices? Which of the following is true of protecting classified data? Use a common password for all your system and application logons. A Common Access Card and Personal Identification Number. Badges must be visible and displayed above the waist at all times when in the facility. Malicious Code (Prevalence): Which of the following is an example of malicious code? Which of the following is true of traveling overseas with a mobile phone. Which of the following represents an ethical use of your Government-furnished equipment (GFE)? a. **Social Networking Which of the following is a security best practice when using social networking sites? What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? NON-MEDICAL NECESSITY COVERAGE AND PAYMENT RULES. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. *Malicious Code What are some examples of malicious code? Mobile devices and applications can track your location without your knowledge or consent. Which may be a security issue with compressed Uniform Resource Locators (URLs)? We thoroughly check each answer to a question to provide you with the most correct answers. This is a spear phishing attempt, and it would be best to report it to security. Which scenario might indicate a reportable insider threat? Which of the following may help to prevent spillage? Prudence faxes CUI using an Unclassified cover sheet via a Secret fax machine. (Sensitive Information) Which of the following is true about unclassified data? ;A- fKpe'xfX@na=lzt
Qh|(j@SYG}~1BY/6:{HqMvD`
KNZ/)t\+b*"gO1s 1304). Which of the following is true of downloading apps? The property provided to contractors for repair or overhaul is not subject to the requirements of the paragraph of bullet #2 above in this section. CPCON 1 (Very High: Critical Functions) *Spillage What should you do if a reporter asks you about potentially classified information on the web? In providing such information you consent to such disclosure. When submitting your proposal, you must provide a resourcing plan that identifies, where possible, the nationalities of those proposed research workers that you intend working on this phase. What security device is used in email to verify the identity of sender? Use TinyURLs preview feature to investigate where the link leads. What is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? Compromise of data b. **Social Engineering Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? **Classified Data Which of the following must you do before using and unclassified laptop and peripherals in a collateral environment?
DOD Cyber Awareness Challenge 2019 (DOD-IAA-V16.0) Which of the following is NOT one? As a security best practice, what should you do before exiting? Media containing Privacy Act information, PII, and PHI is not required to be labeled. The container prevents malware, intruders, system resources or other applications from interacting with the . What should the participants in this conversation involving SCI do differently? Insider threat: (Ellens statement) How many insider threat indicators does Alex demonstrate? b. On a computer displaying a notification to update the antivirus softwareB. Avoid talking about work outside of the workplace or with people without a need-to-know, Report the suspicious behavior in accordance with their organization's insider threat policy. What portable electronic devices (PEDs) are permitted in a SCIF? Which of the following is a good practice to protest classified information? elsieteel.
Cyber Awareness Challenge 2023 Answers Quizzma **Social Engineering Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Never allow sensitive data on non-Government-issued mobile devices. What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. Social Security Number; date and place of birth; mothers maiden name. Use the classified network for all work, including unclassified work. b. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Not correct Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? (Identity Management) Which of the following is an example of two-factor authentication? Official websites use .govA Which of the following should you NOT do if you find classified information on the internet? Serious damage c. Exceptionally grave damage. 1 0 obj
After clicking on a link on a website, a box pops up and asks if you want to run an application. Which of the following statements is true of cookies? Department Guidance Use of Government Furnished Equipment (GFE) During Foreign Travel. What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? Proactively identify potential threats and formulate holistic mitigation responses. Government furnished property is a bit of an umbrella term.
DOD Cyber Awareness Challenge 2019- Knowledge Check T/F. If you receive a phone call from a stranger asking for information about your invoice payment process, you should: Crucial information about a user or organization can be gained through. Implement Wi-Fi Protected Access 2 (WPA2) Personal encryption at a minimum. They have similar features, and the same rules and protections apply to both.