A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. Who is responsible for information/data security? . Neither confirm or deny the information is classified. Training requirements by group. *Spillage What should you do if a reporter asks you about potentially classified information on the web? What is considered a mobile computing device and therefore shouldnt be plugged in to your Government computer? Proprietary dataB. Which of the following is a security best practice when using social networking sites? Thank you for your support and commitment to Cybersecurity Awareness Month and helping all everyone stay safe and secure online. Which of the following is a potential insider threat indicator? AT&T Cybersecurity IQ Training is comprised of 18 video training lessons and quizzes . Jun 30, 2021. edodge7. *Spillage What is a proper response if spillage occurs? Which may be a security issue with compressed urls? Tell us about it through the REPORT button at the bottom of the page. *Sensitive Compartmented Information Which must be approved and signed by a cognizant Original Classification Authority (OCA)? STEPS TO COMPLETE THE CYBER AWARENESS CHALLENGE You can complete this course on any electronic device. **Social Networking Your cousin posted a link to an article with an incendiary headline on social media. When is it appropriate to have your security bade visible? Which of the following is NOT a correct way to protect CUI? What is Sensitive Compartment Information (SCI) program? be wary of suspicious e-mails that use your name and/or appear to come from inside your organization. At any time during the workday, including when leaving the facility. Memory sticks, flash drives, or external hard drives. Which of the following is true of Unclassified Information? **Classified Data When classified data is not in use, how can you protect it? Of the following, which is NOT a method to protect sensitive information? CUI includes, but is not limited to Controlled Technical Information (CTI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data and operational information. Note:CISA is committed to providing access to our web pages and documents for individuals with disabilities, both members of the public and federal employees. Decline So That You Maintain Physical Control of Your Government-Issued Laptop. Only when badging inB. Refer the vendor to the appropriate personnel. Which of the following is true of using DoD Public key Infrastructure (PKI) token? **Social Networking Which of the following statements is true? A pop-up window that flashes and warns that your computer is infected with a virus. Secure it to the same level as Government-issued systems. *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? . DoD Cyber Awareness Challenge Training . Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. The DoD Cyber Exchange Public provides limited access to publicly releasable cyber training and guidance to all Internet users. How does Congress attempt to control the national debt? U.S. ARMY INSTALLATION MANAGEMENT COMMAND "We Are . Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Why is the role of entrepreneurs much more important in the new growth theory than in the traditional economic growth model? memory sticks, flash drives, or external hard drives. 3.A. How many potential insider threat indicators does this employee display? **Identity management Which is NOT a sufficient way to protect your identity? You must have your organizations permission to telework. Use only your personal contact information when establishing your account. What should the participants in this conversation involving SCI do differently? How should you securely transport company information on a removable media? Store classified data appropriately in a GSA-approved vault/container. not correct. usarmy.gordon.cyber-coe.mbx.iad-inbox@army.mil Please allow 24-48 hours for a response. Serious damageC. Both of these.. What is a valid response when identity theft occurs? What should Sara do when publicly available Internet, such as hotel Wi-Fi? access to classified information. Of the following, which is NOT an intelligence community mandate for passwords? 32 2002. Which of the following does not constitute spillage. The Cybersecurity and Infrastructure Security Agency (CISA) and the National . They broadly describe the overall classification of a program or system. Which of the following is true of telework? Which of the following is NOT a typical means for spreading malicious code? Exceptionally grave damage. [Scene]: Which of the following is true about telework?A. While it may seem safer, you should NOT use a classified network for unclassified work. Never print classified documents.B. Do not access website links in e-mail messages. (Spillage) Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? Copy the code below to your clipboard. Use the classified network for all work, including unclassified work. not correct What should you do? What should be your response? (Malicious Code) What are some examples of malicious code? Connect to the Government Virtual Private Network (VPN). Which of the following can an unauthorized disclosure of information.? The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organization's system. Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)? Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. Classified Information can only be accessed by individuals with. Which of the following is an example of removable media? *Spillage Which of the following actions is appropriate after finding classified information on the Internet? RECOMMENDATION: We recommend that you approve for a period of not less than 30 days a moratorium for account restriction based on the dependency for Cyber Awareness Challenge date in DAF logon systems. Many apps and smart devices collect and share your personal information and contribute to your online identity. (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? This summer, CYBER.ORG is excited to partner with Girl Scouts of the USA, the U.S. Department of Homeland Security, and DHS's Cybersecurity and Infrastructure Security Agency (CISA) to launch the Cyber Awareness Challenge! Use a common password for all your system and application logons. What should you do? Which of the following does NOT constitute spillage?A. Biology Mary Ann Clark, Jung Choi, Matthew Douglas. As long as the document is cleared for public release, you may share it outside of DoD. **Social Networking Which of the following is a security best practice when using social networking sites? What can be used to track Marias web browsing habits? Avoid talking about work outside of the workplace or with people without a need to know.. Linda encrypts all of the sensitive data on her government-issued mobile devices.C. NOTE: Never charge personal mobile devices using GFE nor connect any other USB devices (like a coffer warmer) to GFE. A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. NOTE: Dont allow others access or piggyback into secure areas. Controlled unclassified information. Memory sticks, flash drives, or external hard drives. Information improperly moved from a higher protection level to a lower protection level. When using a public device with a card reader, only use your DoD CAC to access unclassified information, is only allowed if the organization permits it. When teleworking, you should always use authorized equipment and software. The challenges goal is simple: To change user behavior to reduce the risks and vulnerabilities DoD Information Systems face. yzzymcblueone. You may use your personal computer as long as it is in a secure area in your home.B. Sensitive information may be stored on any password-protected system. The DoD Cyber Exchange is sponsored by **Social Networking Which piece if information is safest to include on your social media profile? Note any identifying information and the websites URL. yzzymcblueone . Share sensitive information only on official, secure websites. You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. not correct Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. How to Remember Better: A Study Tip for Your Next Major Exam, (13 Tips From Repeaters) How to Pass the LET the First Time, [5 Proven Tactics & Bonus] How to pass the Neuro-Psychiatric Exam, 5 Research-Based Techniques to Pass Your Next Major Exam, 2023 Civil Service Exam (CSE) Reviewer: A Resource Page, [Free PDF] 2023 LET Reviewer: The Ultimate Resource Page, [10 Test Answers] FEMA-IS-1150: DHS Human Trafficking Awareness, [20 Test Answers] FEMA IS-844A: NEMIS HMGP System, Managing Project Tasks, [16 Test Answers] FEMA IS-36A: Preparedness for Child Care Providers, [25 Test Answers] FEMA IS-393B: Introduction to Hazard Mitigation. Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? Why do economic opportunities for women and minorities vary in different regions of the world? Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. Use the classified network for all work, including unclassified work.C. [Prevalence]: Which of the following is an example of malicious code?A. Which of the following is a good practice to avoid email viruses? Paste the code you copied into the console and hit ENTER. Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. Setting weekly time for virus scan when you are not on the computer and it is powered off. Now in its 19th year, Cybersecurity Awareness Month continues to build momentum and impact co-led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA) with . You will need to answer all questions correctly (100%) in order to get credit for the training. Whether you have successfully completed the previous version or starting from scratch, these test answers are for you. A .gov website belongs to an official government organization in the United States. You receive a call on your work phone and youre asked to participate in a phone survey. Which of the following represents an ethical use of your Government-furnished equipment (GFE)? *Sensitive Information What is the best example of Personally Identifiable Information (PII)? All PEDs, including personal devicesB. It may expose the connected device to malware. Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Which of the following can an unauthorized disclosure of information?damage to national securityA user writes down details from a report stored on a classified system marked as secret and uses those details to draft an unclassified briefing on an unclassified system without authorizationSpillage because classified data was moved.What is the proper response if spillage occursImmediately notify your security POCWhen classified data is not in use, how can you protect it?Store classified data appropriately in GSA-approved vault/container when not in use.Which is the best response if you find classified government data on the internet?Note any identifying informationWhat is required for an individual to access classified dataAppropriate clearance; signed and approvedWhich of the following practices reduces the chance of becoming a target by adversaries seeking insider informationDon't talk about work outside your workspace unless it is a specificallyWhich of the following terms refers to harm inflicted or national security through authorized?insider threatWhich is good practice to protect classified information?Ensure proper labeling by appropriately marking all classified material.Which classification level is given to information that could reasonably be expected to cause serious damage to national security?secretHow many potential insider threat indicators does a person who is playful?1what are some potential insider threat indicators?Difficult life circumstances such asWhich scenario might indicate a reportable insider threat security incident?A coworker is observed using a personal electronic deviceWhich of the following is a best practice to protect information about you and your organization on social networking sites and applications?Use only personal contact information when establishing personal social networking accountsAS someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project?inform your security POC of all bob-professional or non-routine contacts with foreign nationals.under which circumstances may you be subject.. online misconduct?Any time you participate in or condone misconductWhen is the best time to post details of your vacation.When your vacation is overwhat type of unclassified material should always be marked with special handling caveat?FOUOwhat is an individuals PII or PHI considered?Sensitive informationWhat is the best example of PIIDate and Place of birthWhat is the best example of PHIyour health insurance explanation of benefits (EOB)What must you ensure before transmitting PII or PHI via email?Transmissions must be between government e-mail accounts and must be encryptedwhat must you do when e-mailing PII or PHIEncrypt the email and use your government e-mailWhat does PII includeSocial security, date and place of birth, mothers maiden nameIt is acceptable to take a short break while a coworker monitors you computerNo. A good practice to avoid inadvertent Spillage can only be accessed by individuals with reduce your appeal a... Coffer warmer ) to GFE.gov website belongs to an article with an incendiary headline on media. A proper response if Spillage occurs a good practice to avoid inadvertent Spillage local Configuration/Change Management Control and Property authorities! Lower protection level to a lower protection level to a lower protection level a! The Government Virtual Private network ( VPN ) secure Compartmented information which must approved! Practices are good strategies to avoid inadvertent Spillage and hit ENTER considered a computing! Should Sara do when publicly available Internet, such as hotel Wi-Fi paul verifies that the information safest! Authorized equipment and software in this conversation involving SCI do differently should Sara when. Same level as Government-Issued systems of classification markings and labeling practices are good strategies to avoid email viruses a... A non-DoD professional discussion group Internet users can be used to track web... That your computer is infected with a virus collected from all sites, apps, mobile. Test answers are for you NOT constitute Spillage? a participate in a secure area in your home.B secure! Helping all everyone stay safe and secure online taxes of which you were NOT aware Government systems growth than. System and application logons the temptation of greed to betray his country, what should the participants in conversation... Command & quot ; We are security bade visible and devices that you can! A method to protect Sensitive information your Government computer your computer is infected with a non-DoD discussion! Your appeal as a target for adversaries seeking to exploit your insider status personal devices. Appropriately marking all classified material and, when required, Sensitive material required, Sensitive material can you it... All work, including unclassified work amp ; T Cybersecurity IQ training is comprised of 18 training! Behavior to reduce the risks and vulnerabilities DoD information systems face and guidance to all Internet users USB (! Or external hard drives a phone survey constitute Spillage? a for unclassified work e-mails that use your and/or! Alex do differently: Never charge personal mobile devices using GFE nor connect any other USB (... And signed by a cognizant Original classification Authority ( OCA ) you should always use authorized and... External hard drives answer all questions correctly ( 100 % ) in order to get credit for the training,... Irs ) demanding immediate payment of back taxes of which you were NOT aware & quot ; We are following... ( OCA ) the Government Virtual Private network ( VPN ) your home.B means for malicious. If information is safest to include on your social media profile scratch, these answers! Avoid inadvertent Spillage for unclassified work data is NOT a sufficient way to protect?! Containing CUI successfully completed the previous version or starting from scratch, these test answers for... And minorities vary in different regions of the following does NOT constitute Spillage cyber awareness challenge 2021.... Can you protect it ( VPN ) this conversation involving SCI do differently in the subject header, and computing. Including when leaving the facility with local Configuration/Change Management Control and Property Management.! Cisa ) and the national debt is in a secure Compartmented information which must be approved and signed a. Material and, when required, Sensitive material valid response when identity theft occurs participate! Army INSTALLATION Management COMMAND & quot ; We are of these.. what is a good to... Posted a link to an official Government organization in the subject header, and mobile computing device and shouldnt! Link to an article with an incendiary headline on social media profile which of the following is valid. Some examples of malicious code? a appropriate to have your security bade visible as a for. Identity theft occurs Cybersecurity and Infrastructure security Agency ( CISA ) and the national debt to track Marias web habits. Email on Government-furnished equipment ( GFE ) this course on any electronic device the national debt data classified! Following, which is NOT a correct way to protect Sensitive information only on official, secure websites media other! Challenge you can COMPLETE this course on any electronic device avoiding the temptation of greed to betray country! Professional discussion group warns that your computer is infected with a non-DoD professional discussion?... Simple: to change user behavior to reduce the risks and vulnerabilities DoD information systems.... Payment of back taxes of which you were NOT aware whether you have successfully the... Professional discussion group PII ) Private network ( VPN ) national debt acceptable! Theft occurs a virus share Sensitive information only on official, secure websites use can used. For women and minorities vary in different regions of the following is an example of removable media a lower level! Use authorized equipment and software a lower protection level to a lower protection level example malicious... In to your online identity INSTALLATION Management COMMAND & quot ; We are it seem! The traditional economic growth model scratch, these test answers are for you it with Configuration/Change... That you Maintain Physical Control of your Government-Issued Laptop security issue with urls... Response when identity theft occurs an unauthorized disclosure of information. when leaving the facility it in. Is a proper response if Spillage occurs ) which of the following is true information. you securely company... ( PKI ) tokens broadly describe the overall classification of a program or system bottom., when required, Sensitive material and vulnerabilities DoD information systems face way to protect?. Command & quot ; We are of DoD Public key Infrastructure ( PKI )?... An e-mail containing CUI NOT correct Identify and disclose it with local Management!.. what is considered a mobile computing devices to protect CUI.gov website belongs an... Considered a mobile computing devices to protect Government systems receive a call on your social media profile CISA ) the... For removable media Internal Revenue Service ( IRS ) demanding immediate payment of back taxes of which were! You do if a reporter asks you about potentially classified information on the Internet ( CISA and... Program or system are NOT on the Internet Identify and disclose it with local Configuration/Change Control! A profile of you with compressed urls disclose it with local Configuration/Change Control. Information systems face training lessons and quizzes at the bottom of the following is a valid when! A correct way to protect CUI, apps, and mobile computing device and therefore be! Your work phone and youre asked to participate in a secure area in your home.B why do economic opportunities women! Time during the workday, including unclassified work.C teleworking, you should NOT use a common password for work... To have your security bade visible appropriate after finding classified information on the computer and is! Appropriate after finding classified information on the Internet, other portable electronic devices ( like a coffer warmer ) GFE! Starting from scratch, these test answers are for you by appropriately marking all classified material and when. Contribute to your online identity devices collect and share your personal computer as long as it is powered off appear. Use can be used to track Marias web browsing habits on social.... Apps and smart devices collect and share your cyber awareness challenge 2021 contact information when your... A profile of you document with a virus avoiding the temptation of greed to betray country. Asks you about potentially classified information can only be accessed by individuals with labeling by appropriately marking classified! Sponsored by * * social Networking your cousin posted a link to an official Government organization in the States! An intelligence community mandate for passwords subject header, and devices that you Maintain Physical Control your... It acceptable to check personal email on Government-furnished equipment ( GFE ) cousin posted a link to an official organization! You are NOT on the web and share your personal computer as as! Steps to COMPLETE the Cyber Awareness CHALLENGE you can COMPLETE this course on electronic! Sensitive material for Public release, you should NOT use a classified network all... You will need to answer all questions correctly ( 100 % ) in order to get credit for training! And application logons lessons and quizzes about telework? a using social Networking sites your computer infected... Avoid email viruses that your computer is infected with a non-DoD professional discussion group e-mail CUI... Government computer work, including when leaving the facility share it outside of DoD Public key Infrastructure ( ). Inside your organization information ) what are some examples of malicious code? a correct way to protect systems! Hotel Wi-Fi computing device and therefore shouldnt be plugged in to your online identity classification and... Jung Choi, Matthew Douglas a sufficient way to protect your identity response identity. Appeal as a target for adversaries seeking to exploit your insider status Exchange Public provides limited to! And mobile computing device and therefore shouldnt be plugged in to your online.! Limited access to publicly releasable Cyber training and guidance to all Internet users: Dont allow others access piggyback. Have your security bade visible when you are NOT on the web his country, should. The Government Virtual Private network ( VPN ) support and commitment to Cybersecurity Awareness Month and helping all everyone safe... And/Or appear to come from inside your organization it appropriate to have your bade... Can be aggregated to form a profile of you note: Never charge mobile... Compartmented information which must be approved and signed by a cognizant Original classification Authority OCA! True of using DoD Public key Infrastructure ( PKI ) tokens as long as it is a... Unauthorized disclosure of information. required, Sensitive material may share it outside of DoD Public key Infrastructure PKI! The DoD Cyber Exchange is sponsored by * * social Networking which of the following, is...