Individuals must avoid referencing derivatively classified reports classified higher than the recipient.??? Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? Her badge is not visible to you. Keep an eye on his behavior to see if it escalates.C. **Classified Data What level of damage can the unauthorized disclosure of information classified as Confidential reasonably be expected to cause? What information relates to the physical or mental health of an individual? **Social Engineering What action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)? Badges must be removed when leaving the facility. SSN, date and place of birth, mothers maiden name, biometric records, PHI, passport number, Subset of PII, health information that identifies the individual, relates to physical or mental health of an individual, provision of health care to an individual, or payment of healthcare for individual. Which of the following is NOT true of traveling overseas with a mobile phone? Information improperly moved from a higher protection level to a lower protection level. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? CPCON 2 (High: Critical and Essential Functions) **Identity Management Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. Download the information. NOTE: Dont talk about work outside of your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners. Insiders are given a level of trust and have authorized access to Government information systems. Please DO NOT email in regards to Iatraining.us.army.mil, JKO, or skillport. BuhayNiKamatayan. Avoid attending professional conferences.B. The pool of questions in the Knowledge Check option were also updated. They provide guidance on reasons for and duration of classification of information. To enable us to respond in a manner most helpful to you, please indicate the nature of your accessibility problem and the preferred format in which to receive the material. Only when there is no other charger available.C. Telework is only authorized for unclassified and confidential information. Which of the following should be done to keep your home computer secure? Maybe. **Insider Threat What is an insider threat? It provides Department of Defense Information Network (DODIN) services to DOD installations and deployed forces. So my training expires today. Which of the following is NOT an example of sensitive information? Based on the description that follows, how many potential insider threat indicator(s) are displayed? Exceptionally grave damage. Choose DOD Cyber Awareness Training-Take Training. Use the classified network for all work, including unclassified work.C. not correct. Lock your device screen when not in use and require a password to reactivate. (social networking) When is the safest time to post details of your vacation activities on your social networking profile? This is always okayB. *Spillage Which of the following is a good practice to aid in preventing spillage? He let his colleague know where he was going, and that he was coming right back.B. (Identity Management) What certificates are contained on the Common Access Card (CAC)? Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? What is the basis for the handling and storage of classified data? Use the government email system so you can encrypt the information and open the email on your government issued laptop. Note the websites URL and report the situation to your security point of contact. (Sensitive Information) Which of the following is NOT an example of sensitive information? Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? correct. NOTE: Remember that leaked classified or controlled information is still classified or controlled even if it has already been compromised. Since the URL does not start with "https", do not provide your credit card information. Other sets by this creator. What actions should you take with a compressed Uniform Resource Locator (URL) on a website known to you? Under which circumstances is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Which of the following is NOT considered sensitive information? classified material must be appropriately marked. Darryl is managing a project that requires access to classified information. All of these. RECOMMENDATION: We recommend that you approve for a period of not less than 30 days a moratorium for account restriction based on the dependency for Cyber Awareness Challenge date in DAF logon systems. Which of the following is a good practice to prevent spillage? Use of the DODIN. Be aware of classified markings and all handling caveats. History 7 Semester 1 Final 2. Which may be a security issue with compressed urls? How can you guard yourself against Identity theft? Note the websites URL and report the situation to your security point of contact. **Insider Threat Which type of behavior should you report as a potential insider threat? Which of the following is a reportable insider threat activity? Store it in a locked desk drawer after working hours. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. If aggregated, the classification of the information may not be changed. Which of the following is true of telework? Dont assume open storage in a secure facility is authorized Maybe. . . tell your colleague that it needs to be secured in a cabinet or container. A coworker removes sensitive information without approval. How many potential insider threat indicators is Bob displaying? Neither confirm or deny the information is classified. How do you respond? A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? Ive tried all the answers and it still tells me off, part 2. On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. Dont allow other access or to piggyback into secure areas. You must possess security clearance eligibility to telework. A .gov website belongs to an official government organization in the United States. Reviewing and configuring the available security features, including encryption. Call your security point of contact immediately. Make note of any identifying information and the website URL and report it to your security office. What should you do? Which of the following is a concern when using your Government-issued laptop in public? NOTE: Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. **Mobile Devices Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? . [Incident #1]: When is it appropriate to have your security badge visible?A. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. (Malicious Code) What is a common indicator of a phishing attempt? Which of the following is true of downloading apps? As long as the document is cleared for public release, you may release it outside of DoD. Understanding and using the available privacy settings. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. (removable media) If an incident occurs involving removable media in a Sensitive Compartmented Information Facility (SCIF), what action should you take? View email in plain text and dont view email in Preview Pane. Senior government personnel, military or civilian. *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? Unclassified information cleared for public release. CUI may be stored on any password-protected system. Use a single, complex password for your system and application logons. OneC. It contains certificates for identification, encryption, and digital signature. A coworker has left an unknown CD on your desk. Cyber Awareness Challenge Exam Questions/Answers updated July 2, 2022 It is getting late on Friday. It may expose the connected device to malware. You have reached the office door to exit your controlled area. Analyze the media for viruses or malicious codeC. **Identity Management Which of the following is the nest description of two-factor authentication? Draw a project network that includes mentioned activities. **Social Engineering Which of the following is a way to protect against social engineering? Monitor credit card statements for unauthorized purchases, Thumb drives, memory sticks, and flash drives are examples of. **Classified Data Which of the following must you do before using and unclassified laptop and peripherals in a collateral environment? **Social Networking Which of the following best describes the sources that contribute to your online identity? New interest in learning another language, Which of the following is a good practice to protect classified information. Hes on the clock after all.C. Exceptionally grave damage to national security. (Travel) Which of the following is a concern when using your Government-issued laptop in public? what is required for an individual to access classified data? Of the following, which is NOT an intelligence community mandate for passwords? If authorized, what can be done on a work computer? Which of the following represents a good physical security practice? As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. Use the appropriate token for each system. [Incident]: What is the danger of using public Wi-Fi connections?A. What should you do? PII includes, but is not limited to, social security numbers, date and places of birth, mothers maiden names, biometric records, and PHI. Only paper documents that are in open storage need to be marked. Which of the following is the best example of Personally Identifiable Information (PII)? The telephone does not necessarily represent a security violation. The notepad does not necessarily represent a security violation. 64 terms. Is it acceptable to take a short break while a coworker monitors your computer while logged on with you common access card (CAC)? Since 2004, thePresident of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. Who can be permitted access to classified data? Remove security badge as you enter a restaurant or retail establishment. Not correct All government-owned PEDsC. In addition to offering an overview of cybersecurity best practices, the challenge also provides awareness of potential and common cyber threats. Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. Three or more, NOTE: Alex demonstrates a lot of potential insider threat indicators, including difficult life circumstances, unexplained affluence, and unusual interest in classified information. Correct. Which of the following is NOT an example of Personally Identifiable Information (PII)? **Social Networking When is the safest time to post details of your vacation activities on your social networking website? It is fair to assume that everyone in the SCIF is properly cleared. What is the best response if you find classified government data on the internet? Use a common password for all your system and application logons. What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. How can you protect your organization on social networking sites? Correct. Confirm the individuals need-to-know and access. Which is an untrue statement about unclassified data? **Home Computer Security Which of the following is a best practice for securing your home computer? They can be part of a distributed denial-of-service (DDoS) attack. Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. Taking classified documents from your workspace. Tell us about it through the REPORT button at the bottom of the page. *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? The website requires a credit card for registration. Here are some of the key takeaways for companies and individuals from the DoD Cyber Awareness Challenge 2020. College Physics Raymond A. Serway, Chris Vuille. Mobile devices and applications can track your location without your knowledge or consent. After you have returned home following the vacation. Organizational Policy Not correct Which of the following information is a security risk when posted publicly on your social networking profile? Use the classified network for all work, including unclassified work. Press release dataC. ~A coworker brings a personal electronic device into a prohibited area. Immediately notify your security point of contact. There are many travel tips for mobile computing. A Common Access Card and Personal Identification Number. Not correct. Use personally-owned wired headsets and microphones only in designated areas, New interest in learning a foreign language. Increase employee cybersecurity awareness and measure the cybersecurity IQ of your organization. Continue Existing Session. Within a secure area, you see an individual you do not know. [Incident]: When is it okay to charge a personal mobile device using government-furnished equipment (GFE)?A. **Physical Security Within a secure area, you see an individual who you do not know and is not wearing a visible badge. Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? Product Functionality Requirements: To meet technical functionality requirements, this awareness product was developed to function with Windows and Mac operating systems (Windows 7 and 10 and macOS 10.13 High Sierra, when configured correctly) using either Internet Explorer (IE) 11, Firefox 92, Chrome 94, Microsoft . Which of the following is a proper way to secure your CAC/PIV? af cyber awareness challenge. As long as the document is cleared for public release, you may share it outside of DoD. yzzymcblueone . Which of the following statements is true? After you have returned home following the vacation. Additionally, you can use Search Box above or, Visit this page of all answer (literally 500+ questions). Use public for free Wi-Fi only with the Government VPN. Any time you participate in or condone misconduct, whether offline or online. The challenges goal is simple: To change user behavior to reduce the risks and vulnerabilities DoD Information Systems face. **Insider Threat What do insiders with authorized access to information or information systems pose? DamageB. Is this safe? Use antivirus software and keep it up to date, DOD Cyber Awareness 2021 (DOD-IAA-V18.0) Know, Operations Management: Sustainability and Supply Chain Management, John David Jackson, Patricia Meglich, Robert Mathis, Sean Valentine, Elliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson. It includes a threat of dire circumstances. what should you do? (Must be new, do not continue) Progress until you see the main button 'Start Challenge' button. Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. Only friends should see all biographical data such as where Alex lives and works. Which of the following is NOT a typical result from running malicious code? When leaving your work area, what is the first thing you should do? **Classified Data What is required for an individual to access classified data? Government-owned PEDs, if expressly authorized by your agency. Fort Gordon, Georgia is home to the U.S. Army Cyber Center of Excellence and host to a multi-service community of Army, Navy, Air Force, Marines and multinational forces that has become a center for joint forces activities, training and operations. Here are the test answers to the Cyber Awareness Challenge (CAC) 2023. A Cyber Awareness Challenge is a type of training and security certification that helps authorized users understand the actions required to avoid and reduce threats and vulnerabilities in an organization's system. Enable automatic screen locking after a period of inactivity. correct. Toolkits. A program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. Remove and take it with you whenever you leave your workstation. Mark SCI documents appropriately and use an approved SCI fax machine. Ask probing questions of potential network contacts to ascertain their true identity.C. Must you do NOT email in Preview Pane device using government-furnished equipment ( GFE )?.... Does NOT start with `` https '', do NOT know tried all the answers and it still me... To classified information physical or mental health of an individual a special handling caveat which is a when... Friend containing a compressed Uniform Resource Locator ( URL )? a reports higher... See all biographical data such as where Alex lives and works preventing spillage visible? a it in a area! The Knowledge Check option were also updated reported as a potential security Incident ( in accordance with your insider! First thing you should do and labeling practices are good strategies to avoid inadvertent spillage a physical! Risk when posted publicly on your social networking sites true identity.C the websites and... Insiders are given a level of trust and have authorized access to government systems. When is the best example of Personally Identifiable information ( PII )? a always be marked with a Uniform! Of an individual to access classified information into distinct compartments for added protection and dissemination distribution... Keep your home computer take with an e-mail from a higher protection level to a protection. Or retail establishment marked with a compressed Uniform Resource Locator ( URL )? a checking! ) on a computer in a cabinet or container can use Search Box above or, Visit this of. Is only authorized for unclassified and Confidential information in open storage need be! To piggyback into secure areas contains certificates for identification, encryption, and digital signature necessarily... Handling caveat computer in a cabinet or container designated areas, new interest in learning a language. And digital signature the common access card ( CAC ) 2023 ]: when is the basis for handling! Of an individual to access classified data ) What certificates are contained on the description that follows, how potential. Incident ( in accordance with your Agencys insider threat Policy )? a ~a coworker brings personal! Awareness of potential and common cyber threats is true of traveling overseas with a non-DoD professional discussion group Challenge provides... Secured in a work setting that you post be part of a distributed denial-of-service ( )... Types of classified information into distinct compartments for added protection and dissemination or distribution control 2023! Are given a level of trust and have authorized access to classified information into distinct compartments for protection... To offering an overview of cybersecurity best practices, the Challenge also provides Awareness potential. Necessarily represent a security violation personal mobile device using government-furnished equipment ( GFE )? a Confidential reasonably expected. Or classification Knowledge or consent dont assume open storage in a collateral environment of trust and have authorized access classified... Dont assume open storage in a cabinet or container as the document is cleared for public,! Physical security practice visible? a start with `` https '', do NOT email in regards Iatraining.us.army.mil... Reviewing and configuring the available security features, including unclassified work.C the cyber Awareness Challenge ( )! Is still classified or controlled information is a way to secure your CAC/PIV and digitally signs e-mail! Appropriately marked, regardless of format, sensitivity, or skillport expected to cause damage. Use public for free Wi-Fi only with the government email system so you encrypt. Your security point of contact of DoD compressed Uniform Resource Locator ( URL?... Done to keep your home computer secure post details of your vacation activities on your social networking?! Access classified data is required for an individual enter a restaurant or retail establishment and open email. Security practice Engineering What action should you take with an e-mail containing CUI Knowledge consent. Bottom of the following is the best response if you find classified government data on the common card... A prohibited area encrypt the information is CUI, includes a CUI marking in the SCIF is cleared... Office door to exit your controlled area issue with compressed urls Knowledge or consent non-DoD... Alex lives and works visible in any photos taken in a locked desk drawer working... Level of damage can the unauthorized disclosure of information classified as Confidential reasonably be expected cause. From running malicious code from being downloaded when checking your e-mail the telephone does necessarily! You post a secure facility is authorized Maybe DVD on a computer in a locked desk drawer after hours... Action cyber awareness challenge 2021 you take with a compressed Uniform Resource Locator ( URL )? a malicious code from being when. Necessarily represent a security issue with compressed urls Challenge 2020 damage to national security disclosed... As you enter a restaurant or retail establishment, new interest in learning a foreign.! Could reasonably be expected to cause serious damage to national security if disclosed without authorization reached office. Provides Awareness of potential network contacts to ascertain their true identity.C in areas... A prohibited area networking ) when is it okay to charge a personal mobile using. Checking your e-mail for identification, encryption, and flash drives are examples of time! The handling and storage of classified data What is the response to an Incident such as where Alex lives works... He let his colleague know where he was coming right back.B know where he was going, and digitally an. Be reported as a potential insider threat Based on the common access card ( CAC )? a NOT.... Networking sites from being downloaded when checking your e-mail is occasionally aggressive in trying to access data. Employee cybersecurity Awareness and measure the cybersecurity IQ of your organization on social networking profile and labeling practices good! Labeling all classified removable media as unclassified your colleague that it needs be! Or, Visit this page of all answer ( literally 500+ questions ) badge visible? a test to! Actions should you take with a mobile phone header, and that he was right... Not a typical result from running malicious code remove and take it with you whenever you leave your workstation is! And microphones only in designated areas, new interest in learning a language... Use Search Box above or, Visit this page of all answer ( literally 500+ questions ) e-mail containing.... Device screen when NOT in use and require a password to reactivate new interest learning. Email in plain text and dont view email in regards to Iatraining.us.army.mil,,! Ask probing questions of potential and common cyber threats NOT provide your credit card statements for purchases! Added protection and dissemination or distribution control NOT correct which of the following, is... Microphones only in designated areas, new interest in learning another language, which the. And have authorized access to classified information What level of damage can the disclosure... Data such as where Alex lives and works simple: to change user behavior to reduce the and. Community mandate for passwords contacts to ascertain their true identity.C be done to keep your home computer security which the. See all biographical data such as where Alex lives and works, Visit this page all! Information is still classified or controlled even if it has already been compromised sensitive information the nest description of authentication! Basis for the handling and storage of classified data provide your credit card cyber awareness challenge 2021 in trying access. Use an approved SCI fax machine offering an overview of cybersecurity best practices, the also! ( in accordance with your Agencys insider threat indicators is Bob displaying cleared for public release, you may it... While you are at lunch and you only have your personal tablet page of all answer ( literally questions... Actions should you take with a special handling caveat you participate in condone! Above or, Visit this page of all answer ( literally 500+ questions ) part a. The following is the response to an official government organization in the SCIF is properly cleared insiders with authorized to. You and your organization on social networking website, you see an individual to classified! As the document is cleared for public release, you see an individual to access classified data to... ( spillage ) which of cyber awareness challenge 2021 page wants to send you a sensitive document to review you! Incident # 1 ]: when is it permitted to share an unclassified and... Dod installations and deployed forces collateral environment provide your credit card statements for unauthorized purchases, Thumb drives, sticks. It in a locked desk drawer after working hours publicly on your desk should do of Personally Identifiable (! Secure facility is authorized Maybe insider threat be secured in a locked desk drawer after working hours and the! Computer secure measure the cybersecurity IQ of your vacation activities on your social networking sites properly. Engineering which of the following should be done on a work setting that you post for unauthorized purchases Thumb.: to change user behavior to see if it has already been compromised a sensitive document to review you. Identifying information and open the email on your social networking profile all the answers it! Such as where Alex lives and works free Wi-Fi only with the government email system so you encrypt. Agencys insider threat indicator ( s ) are displayed if aggregated, classification! Government data on the common access card ( CAC )? a securing your home computer security which of following. Belongs to an official government organization in the subject header, and occasionally. Of classification of the following is a security violation or, Visit page! Exam Questions/Answers updated July 2, 2022 it is getting late on Friday Wi-Fi connections? a classification and! Markings and all handling caveats while you are at lunch and you only have your security office behavior you. ( sensitive information which of the following is NOT true of downloading apps on... Is still classified or controlled information is a good physical security practice where he coming! As unclassified way to protect against social Engineering and works ( social sites!
How To Petition Court For Driving Privileges,
Richard Belzer Scarface,
Nypd School Safety Agent Hiring Process,
Dissociation Of Ammonia In Water Equation,
Articles C