Files may be corrupted, erased, or compromised. He has the appropriate clearance and a signed, approved non-disclosure agreement. -Carrying his Social Security Card with him. **Mobile DevicesWhat should you do when going through an airport security checkpoint with a Government-issued mobile device? *SpillageWhat should you do if a reporter asks you about potentially classified information on the web? Which type of information includes personal, payroll, medical, and operational information? What action should you take? Classified material must be appropriately marked. *SpillageWhat is a proper response if spillage occurs? Which of the following is an example of removable media? *SpillageWhat should you do if a reporter asks you about potentially classified information on the web? Darryl is managing a project that requires access to classified information. -Scan external files from only unverifiable sources before uploading to computer. What is required for an individual to access classified data? Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? Which of the following is NOT a requirement for telework? Maintain visual or physical control of the device. Which of following is true of protecting classified data? **Classified DataWhich of the following is a good practice to protect classified information? **Home Computer SecurityWhat should you consider when using a wireless keyboard with your home computer? 0000001676 00000 n 22 0 obj What would you do if you receive a game application request on your government computer that includes permission to access your friends, profile information, cookies, and sites visited? **Mobile DevicesWhat can help to protect the data on your personal mobile device? To formalize and stratify the process of securing data based on assigned labels of importance and sensitivity C. To establish a transaction trail for auditing accountability D. To manipulate access controls to provide for the most efficient means to grant or restrict functionality What portable electronic devices (PEDs) are allowed in a Sensitive Compartmented Information Facility (SCIF)? 12 0 obj Transmissions must be between Government e-mail accounts and must be encrypted and digitally signed when possible. Which of the following is NOT an appropriate way to protect against inadvertent spillage?-Use the classified network for all work, including unclassified work. Which is NOT a sufficient way to protect your identity? Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. The email provides a link to a personnel portal where you must enter your personal information as part of an effort to standardize recordkeeping. **Physical SecurityWhich Cyber Protection Condition (CPCON) is the priority focus on critical and essential functions only? 17 0 obj Always remove your CAC and lock your computer before leaving your workstation. What is a common indicator of a phishing attempt? Memory sticks, flash drives, or external hard drives. -Ask them to verify their name and office number. 10 0 obj They may be used to mask malicious intent. The Maybe Pay Life Insurance Co. is trying to sell you an investment policy that will pay you and your heirs $40,000 per year forever. **Removable Media in a SCIFWhat must users ensure when using removable media such as compact disk (CD)? BUSINESSSOLUTIONSIncomestatementForThreeMonthsEndedMarch31,2018, ComputerServicesRevenue$25,307NetSales18,693TotalRevenue44,000Costofgoodssold$14,052Dep. How many potential insider threat indicators does this employee display? mobile devices and applications can track Your location without your knowledge or consent. How many potential insider threat indicators does this employee display? <> -If aggregated, the classification of the information may not be changed. *Identity ManagementWhat is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? What advantages do "insider threats" have over others that allows them to cause damage to their organizations more easily? Which of the following is an example of malicious code? -Phishing can be an email with a hyperlink as bait. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. *Malicious CodeAfter visiting a website on your Government device, a popup appears on your screen. Store classified data appropriately in a GSA-approved vault/container when not in use. x\[o8~G{(EELMT[N-5s/-rbtv0qm9$s'uzjxOf Note any identifying information and the website's Uniform Resource Locator (URL). **Social NetworkingWhat should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? \text{Computer supplies expense}&1,305\\ Determine if the software or service is authorized. Sensitive information may be stored on any password-protected system. After you have returned home following the vacation. Which may be a security issue with compressed URLs? Do not access links or hyperlinked media such as buttons and graphics in email messages. **Insider ThreatBased on the description that follows, how many potential insider threat indicator(s) are displayed? He has the appropriate clearance and a signed, approved, non-disclosure agreement. endstream *MOBILE DEVICES*Which of the following is an example of near field communication (NFC)? An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? What describes how Sensitive Compartmented Information is marked? A colleague saves money for an overseas vacation every year, is a single father, and occasionally consumes alcohol. What is the best example of Personally Identifiable Information (PII)? *TravelWhat security risk does a public Wi-Fi connection pose?-It may expose the connected device to malware. Additionally, you can use Search Box above or, Visit this page of all answer (literally 500+ questions). *Spillage.What should you do if a reporter asks you about potentially classified information on the web? *Mobile Devices -Senior government personnel, military or civilian. What must you ensure if you work involves the use of different types of smart card security tokens? A colleague often makes others uneasy with her persistent efforts to obtain information about classified project where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. Lock your device screen when not in use and require a password to reactivate. How many potential insider threat indicators does a person who is married with two children, vacations at the beach every year, is pleasant to work with, but sometimes has poor work quality display? exp-officeequip.400Dep. Based on the description that follows how many potential insider threat indicators are displayed? Protecting CUI . \text{Cost of goods sold}&\$14,052\\ **Insider ThreatWhich of the following should be reported as a potential security incident? Of the following, which is NOT an intelligence community mandate for passwords? How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? *Spillage.What should you do if a reporter asks you about potentially classified information on the web? CUI may be stored on any password-protected system. Ask for information about the website, including the URL. Avoid a potential security violation by using the appropriate token for each system. What should you do? What should you do? Ive tried all the answers and it still tells me off, part 2. The email provides a website and a toll-free number where you can make payment. Write your password down on a device that only you access (e.g., your smartphone). Which is an untrue statement about unclassified data? What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? Interview: Dr. Martin Stanisky Baker was Ms. Jones's psychiatrist for three months. What is a good practice for physical security? "QM_f Y 74u+&e!6>)w/%n(EtQ(j]OP>v+$bH5RKxHC ?gj%}"P97;POeFN-2P&^RSX)j@*6( *Identity Management What should be your response? While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. What should you do if a reporter asks you about potentially classified information on the web? A well-planned data classification system makes essential data easy to find and retrieve. *Classified DataWhich of the following individuals can access classified data?-Darryl is managing a project that requires access to classified information. You should only accept cookies from reputable, trusted websites. What is a common method used in social engineering? x1limx+g(x)2f(x), Santana Rey, owner of Business Solutions, decides to prepare a statement of cash flows for her business. When using a fax machine to send sensitive information, the sender should do which of the following? E-mailing your co-workers to let them know you are taking a sick day. eZkF-uQzZ=q; Label all files, removable media, and subject headers with appropriate classification markings. **Insider ThreatHow many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? You know this project is classified. \text{Insurance expense}&555\\ 0000011226 00000 n stream Which of the following is a god practice to protect classified information?-Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. (Correct). <> It includes a threat of dire circumstances. Which must be approved and signed by a cognizant Original Classification Authority (OCA)? \end{array} **Identity managementWhich is NOT a sufficient way to protect your identity? **Identity ManagementYour DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. 0000002497 00000 n The website requires a credit card for registration. You can email your employees information to yourself so you can work on it this weekend and go home now. **Social EngineeringWhich of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? Select the information on the data sheet that is protected health information (PHI). -Look for a digital signature on the email. limx12f(x)x+g(x)\lim\limits_{x\rightarrow1}\frac{2-f(x)}{x+g(x)} The website requires a credit card for registration. 16 0 obj Darryl is managing a project that requires access to classified information. Which of the following represents an ethical use of your Government-furnished equipment (GFE)? **Insider ThreatBased on the description that follows, how many potential insider threat indicator(s) are displayed? Follow instructions given only by verified personnel. *Malicious CodeWhich of the following is NOT a way that malicious code spreads? 0000006504 00000 n Recall that owner Santana Rey contributed $25,000 to the business in exchange for additional stock in the first quarter of 2018 and has received$4,800 in cash dividends. Which of the following is NOT Government computer misuse? Report the crime to local law enforcement. Which of the following is NOT true of traveling overseas with a mobile phonePhysical security of mobile phones carried overseas is not a major issue. Since the URL does not start with https, do not provide you credit card information. Shred personal documents; never share passwords, and order a credit report annually. Store classified data appropriately in a GSA-approved vault/container. Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. **Identity managementWhich of the following is NOT a best practice to preserve the authenticity of your identity? In which situation below are you permitted to use your PKI token? Which of the following is a practice that helps to protect you from identity theft? 0000015479 00000 n Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Jane JonesSocial security number: 123-45-6789, Select the information on the data sheet that is protected health information (PHI). *Sensitive Compartmented InformationWhat action should you take if you become aware that Sensitive Compartmented Information (SCI) has been compromised? Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. <> You receive an email at your official Government email address from an individual at the Office of Personnel Management (OPM). **Classified DataWhich classification level is given to information that could reasonably be expected to cause serious damage to national security? How are Trojan horses, worms, and malicious scripts spread? A coworker brings a personal electronic device into a prohibited area. endobj Encrypt the e-mail and use your Government e-mail account. A user writes down details from a report stored on a classified system marked as Secret and uses those details to draft an unclassified briefing on an unclassified system without authorization. -Monitor credit card statements for unauthorized purchases. 4 0 obj Which of the following is NOT a potential insider threat? As long as the document is cleared for public release, you may release it outside of DoD. 9 0 obj %PDF-1.7 **Social EngineeringWhat is TRUE of a phishing attack? After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. **Social EngineeringWhich is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? Explain your reasoning. endobj What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? 0000000975 00000 n Which of the following represents a good physical security practice? 15 0 obj true traveling overseas mobile phone cyber awareness. What is a best practice to protect data on your mobile computing device? **Social EngineeringHow can you protect yourself from internet hoaxes? *Sensitive Compartmented InformationWhen faxing Sensitive Compartmented Information (SCI), what actions should you take? *Sensitive InformationWhat type of unclassified material should always be marked with a special handling caveat? *Mobile DevicesWhat can help to protect the data on your personal mobile device? What is considered ethical use of the Government email system?