The following practices help prevent viruses and the downloading of malicious code except. CUI is an umbrella term that encompasses many different markings toidentifyinformationthat is not classified but which should be protected. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. The challenges goal is simple: To change user behavior to reduce the risks and vulnerabilities DoD Information Systems face. correct. not correct CPCON 3 (Medium: Critical, Essential, and Support Functions) Dont allow other access or to piggyback into secure areas. Dofficult life circumstances, such as death of spouse. internet-quiz. true-statement. Explain. Which of the following best describes good physical security? You must have your organization's permission to telework c. You may use unauthorized software as long as your computer's antivirus software is up to date. Which may be a security issue with compressed Uniform Resource Locators (URLs)? Spear Phishing attacks commonly attempt to impersonate email from trusted entities. Which of the following is a proper way to secure your CAC/PIV? **Insider Threat What type of activity or behavior should be reported as a potential insider threat? You are working at your unclassified system and receive an email from a coworker containing a classified attachment. After you have returned home following the vacation. You must have your organization's permission to telework. Write your password down on a device that only you access. Which is NOT a wireless security practice? You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? *Classified Data Following instructions from verified personnel. **Removable Media in a SCIF What portable electronic devices (PEDs) are allowed in a Sensitive Compartmented Information Facility (SCIF)? **Insider Threat What function do Insider Threat Programs aim to fulfill? Alexa May, director of accounts, received a bill for $648\$648$648, dated April 666, with sales terms 2/10,1/15,n/302/10, 1/15, n/302/10,1/15,n/30. Which type of information includes personal, payroll, medical, and operational information? It may expose the connected device to malware. 1.1.5 Controlled Unclassified Information. (controlled unclassified information) Which of the following is NOT an example of CUI? Which of the following should be done to keep your home computer secure? A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complain about the credit card bills that his wife runs up. Q&A for work. Power off any mobile devices when entering a secure area. Based on the description that follows how many potential insider threat indicators are displayed? Senior government personnel, military or civilian. Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? 1.To provide opportunities for individuals and businesses to open checking accounts __________, To write rules and guidelines for financial institutions under its supervision __________, To be the lender of last resort for financial institutions __________, To conduct the nations monetary policy with the goals of maintaining full employment and price stability __________, 5. Your favorite movie. A medium secure password has at least 15 characters and one of the following. Infographic - Text version Infographic [PDF - 594 KB] Report a problem or mistake on this page Date modified: 2020-12-14 Reviewing and configuring the available security features, including encryption. What is a security best practice to employ on your home computer? Ensure proper labeling by appropriately marking all classified material. After clicking on a link on a website, a box pops up and asks if you want to run an application. Setting weekly time for virus scan when you are not on the computer and it is powered off. The email provides a website and a toll-free number where you can make payment. classified-document. Not correct (2) War planning documents which contain worldwide -- (a) Planning data and assumptions, (b) Wartime planning factors for the use of nuclear weapons, (c) Intelligence estimates of enemy capabilities, (d) Force composition and development, and In which situation below are you permitted to use your PKI token? Proactively identify potential threats and formulate holistic mitigation responses. Which of the following is NOT a criterion used to grant an individual access to classified data? Cyber Awareness 2022. A pop-up window that flashes and warns that your computer is infected with a virus. Unclassified is a security classification assigned to official information that does not warrant the assignment of Confidential, Secret, or Top Secret markings but which is not publicly-releasable without authorization. What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? Which of the following does not constitute spillage. Public service, notably service in the United States Department of Defense or DoD, is a public trust. How do you think antihistamines might work? Discuss why gases, such as barbecue propane gas, are sold by mass and not by volume. Unclassified documents do not need to be marked as a SCIF. Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. Validate friend requests through another source before confirming them. Unclassified information cleared for public release. While it may seem safer, you should NOT use a classified network for unclassified work. Ive tried all the answers and it still tells me off. Insiders are given a level of trust and have authorized access to Government information systems. Which of the following is NOT a typical means for spreading malicious code? __________, To supervise bank holding companies and state member banks __________, To make loans to businesses who want to expand their operations __________, To operate the check-clearing system for the nation __________, to provide financial services to the federal government and serve as the bankers bank for commercial banks and other depositary institutions __________, To serve as the fiscal agent of the U.S. government __________, To place printed paper currency and newly minted coins into circulation __________. What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? Which of the following is true of traveling overseas with a mobile phone. Which of the following is NOT an example of Personally Identifiable Information (PII)? Maintain visual or physical control of the device. **Insider Threat What is an insider threat? Mark SCI documents appropriately and use an approved SCI fax machine. **Travel Which of the following is true of traveling overseas with a mobile phone? A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. How many indicators does this employee display? In setting up your personal social networking service account, what email address should you use? Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. **Insider Threat What do insiders with authorized access to information or information systems pose? Note any identifying information and the websites Uniform Resource Locator (URL). In the following situations, determine if the duty describes would be one of the Fed is responsible or is not responsible to enforce. 5. Phishing can be an email with a hyperlink as bait. Refer the vendor to the appropriate personnel. Federal agencies routinely generate, use, store, and share information that, while not classified, still requires some level of protection from unauthorized access and release. Like the number of people in a class, the number of fingers on your hands, or the number of children someone has. Lionel stops an individual in his secure area who is not wearing a badge. (Malicious Code) What is a common indicator of a phishing attempt? Correct Store classified data in a locked desk drawer when not in use Maybe correct. Look for a digital signature on the email. How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Store your Common Access Card (CAC) or Personal Identity Verification (PIV) card in a shielded sleeve ~Write your password down on a device that only you access (e.g., your smartphone) Change your password at least every 3 months Enable two-factor authentication whenever available, even for personal accounts. For programmatic questions regarding Controlled Unclassified Information (CUI), including any challenges to CUI marked by EPA, pleasecontact EPA's CUI Program Office. Always take your CAC when you leave your workstation. Not correct Which of the following is NOT Government computer misuse? (Malicious Code) What are some examples of malicious code? There are many travel tips for mobile computing. Only friends should see all biographical data such as where Alex lives and works. When operationally necessary, owned by your organization, and approved by the appropriate authority. Do not download it. Which of the following is true of Controlled Unclassified information (CUI)? CUI is not classified information. Spillage because classified data was moved to a lower classification level system without authorization. After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. How can you avoid downloading malicious code? Which of the following is NOT a typical result from running malicious code? Which of the following is NOT a requirement for telework? Use the classified network for all work, including unclassified work. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. *Spillage What should you do when you are working on an unclassified system and receive an email with a classified attachment? What type of activity or behavior should be reported as a potential insider threat? Social Security Number; date and place of birth; mothers maiden name. (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? Which of the following may help to prevent inadvertent spillage? Alex demonstrates a lot of potential insider threat indicators. Refer the reporter to your organizations public affairs office. It is releasable to the public without clearance. As a security best practice, what should you do before exiting? Ask the individual to see an identification badge. Identification, encryption, and digital signature. Store it in a locked desk drawer after working hours. Which of the following is not a best practice to preserve the authenticity of your identity? Do not use any personally owned/non-organizational removable media on your organizations systems. **Social Networking When is the safest time to post details of your vacation activities on your social networking website? (Wrong). To transmit large payments through Fedwire __________, To regulate and supervise the stock market to provide stability and security to individual investors. Badges must be visible and displayed above the waist at all times when in the facility. THIS IS THE BEST ANSWER . Search the Registry: Categories, Markings and Controls: Category list CUI markings When using your government-issued laptop in public environments, with which of the following should you be concerned? Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Search by Subject Or Level. A colleague enjoys playing video games online, regularly use social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited. Insiders are given a level of trust and have authorized access to Government information systems. Before long she has also purchased shoes from several other websites. Correct. Is this safe? asked in Internet by voice (265k points) internet. Information should be secured in a cabinet or container while not in use. Which of the following is NOT a type of malicious code? This button displays the currently selected search type. Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. How are Trojan horses, worms, and malicious scripts spread? NARA has the authority and responsibility to manage the CUI Program across the Federal government. New interest in learning another language? JavaScript appears to be disabled on this computer. You should only accept cookies from reputable, trusted websites. CUI may be stored on any password-protected system. Proactively identify potential threats and formulate holistic mitigation responses. *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). The questions are broken into the following sections: Controlled Unclassified Information (CUI) isinformation that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies,but is not classified underExecutive Order 13526 Classified National Security Informationorthe Atomic Energy Act, as amended. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. Let us have a look at your work and suggest how to improve it! What is a valid response when identity theft occurs? They can become an attack vector to other devices on your home network. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. What is the best choice to describe what has occurred? Which of the following is a good practice to prevent spillage. Looking at your MOTHER, and screaming THERE SHE BLOWS! data. *Spillage Which of the following may help prevent inadvertent spillage? **Social Engineering What is TRUE of a phishing attack? Correct. Which scenario might indicate a reportable insider threat? A trusted friend in your social network posts a link to vaccine information on a website unknown to you. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. Which of the following is true of telework? It never requires classification markings, is true about unclassified data. EPA anticipates beginning CUI practices (designating, marking, safeguarding, disseminating, destroying, and decontrolling) starting in FY2023. Preventing an authorized reader of an object from deleting that object B. The popup asks if you want to run an application. What should you do? Controlled Unclassified Information (CUI) is information that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations, and government-wide policies but is not classified under Executive Order 13526 or the Atomic Energy Act, as amended. Added 8/5/2020 8:06:16 PM. Which of the following actions can help to protect your identity? *Sensitive Compartmented Information When faxing Sensitive Compartmented Information (SCI), what actions should you take? the following is true about unclassified data fy23 controlled unclassified information cui quizlet what is true of controlled unclassified information What. ~A coworker brings a personal electronic device into a prohibited area. **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? Which of the following is NOT considered a potential insider threat indicator? Request the users full name and phone number. **Social Networking Which of the following best describes the sources that contribute to your online identity? While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Original classification authority Correct. Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. How can you protect data on your mobile computing and portable electronic devices (PEDs)? A coworker removes sensitive information without approval. Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Which of the following is not considered a potential insider threat indicator? Malicious code can do damage by corrupting files, erasing your hard drive, and/or allowing hackers access. *Sensitive Compartmented Information What is a Sensitive Compartmented Information (SCI) program? By Quizzma Team / Technology. Share sensitive information only on official, secure websites. The EPAs Controlled Unclassified Information (CUI) Program issued its Interim CUI Policy in December 2020. It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number. Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? Which of the following best describes wireless technology? Quizzma is a free online database of educational quizzes and test answers. Hostility or anger toward the United States and its policies. Maybe. What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? Never allow sensitive data on non-Government-issued mobile devices. Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. What would you do if you receive a game application request on your government computer that includes permission to access your friends, profile information, cookies, and sites visited? How many potential insiders threat indicators does this employee display? Only allow mobile code to run from your organization or your organizations trusted sites. 8. a. Only use Government-furnished or Government-approved equipment to process PII. (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? Which of the following is a reportable insider threat activity? *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? How Do I Answer The CISSP Exam Questions? you don't need to do anything special to protect this information View email in plain text and dont view email in Preview Pane. Refer the reporter to your organizations public affairs office. Security Classification Guides (SCGs).??? be wary of suspicious e-mails that use your name and/or appear to come from inside your organization. What should you do to protect classified data? You know this project is classified. Examples are: Patient names, Social Security numbers, Drivers license numbers, insurance details, and birth dates. Linda encrypts all of the sensitive data on her government-issued mobile devices. (Spillage) What type of activity or behavior should be reported as a potential insider threat? Which Of The Following Is Not A Correct Way To Protect CUI. Which of the following is an example of a strong password? Malicious code can mask itself as a harmless e-mail attachment, downloadable file, or website. Correct A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. DOD Cyber Awareness 2021 (DOD-IAA-V18.0) Know, RT202: Ch. A measure of how much useful work each unit of input energy provides. You may use your personal computer as long as it is in a secure area in your home b. Which of the following is NOT true concerning a computer labeled SECRET? e. Why do Elodea and onion cells have more consistent shapes than human epithelial cells? Which of the following is true of the Common Access Card (CAC)? All https sites are legitimate and there is no risk to entering your personal info online. An investment in knowledge pays the best interest.. Correct. Protection may be required for privacy, law enforcement, contractual protections, or other reasons. What should you do if a reporter asks you about potentially classified information on the web? Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. Federal agencies routinely generate, use, store, and share information that, while not meeting the threshold for classification as national security or atomic energy information, requires some level of protection from unauthorized access and release. On a NIPRNET system while using it for a PKI-required task. Learn more about Teams A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. How should you respond? Call your security point of contact immediately. Which of the following is a good practice to protect classified information? (Home computer) Which of the following is best practice for securing your home computer? You receive an inquiry from a reporter about potentially classified information on the internet.