Acquisition. Scan external files from only unverifiable sources before uploading to computer. Which of the following is NOT an example of sensitive information? You should remove and take your CAC/PIV card whenever you leave your workstation. It is permissible to release unclassified information to the public prior to being cleared. What should you do after you have ended a call from a reporter asking you to confirm potentially classified info found on the web? What is the best choice to describe what has occurred? Publication of the long-awaited DoDM 8140.03 is here! Brianaochoa92. Which of the following is true of Unclassified Information? Not correct Refer the vendor to the appropriate personnel. Note the websites URL.B. Do not click it. Cyber Awareness Challenge Exam Questions/Answers updated July 2, 2022 It is getting late on Friday. Not correct. Identification, encryption, and digital signature. What is required for an individual to access classified data? A coworker is observed using a personal electronic device in an area where their use is prohibited. You should only accept cookies from reputable, trusted websites. (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? Photos of your pet Correct. College Physics Raymond A. Serway, Chris Vuille. Only connect via an Ethernet cableC. (Identity Management) Which of the following is an example of two-factor authentication? Information should be secured in a cabinet or container while not in use. Spillage can be either inadvertent or intentional. (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Do not access website links, buttons, or graphics in e-mail. On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. **Social Networking When is the safest time to post details of your vacation activities on your social networking website? Issues with Cyber Awareness Challenge. An official website of the U.S. Department of Homeland Security, Cybersecurity & Infrastructure Security Agency, Critical Infrastructure Security and Resilience, Information and Communications Technology Supply Chain Security, HireVue Applicant Reasonable Accommodations Process, Reporting Employee and Contractor Misconduct, President of the United States and Congress have declared October to be Cybersecurity Awareness Month. Have your permissions from your organization, follow your organization guideline, use authorized equipment and software, employ cyber security best practice, perform telework in dedicated when home. Which of the following does NOT constitute spillage? Only paper documents that are in open storage need to be marked. It is fair to assume that everyone in the SCIF is properly cleared. What is the danger of using public Wi-Fi connections? *Social Networking How to Remember Better: A Study Tip for Your Next Major Exam, (13 Tips From Repeaters) How to Pass the LET the First Time, [5 Proven Tactics & Bonus] How to pass the Neuro-Psychiatric Exam, 5 Research-Based Techniques to Pass Your Next Major Exam, 2023 Civil Service Exam (CSE) Reviewer: A Resource Page, [Free PDF] 2023 LET Reviewer: The Ultimate Resource Page, [10 Test Answers] FEMA-IS-1150: DHS Human Trafficking Awareness, [20 Test Answers] FEMA IS-844A: NEMIS HMGP System, Managing Project Tasks, [16 Test Answers] FEMA IS-36A: Preparedness for Child Care Providers, [25 Test Answers] FEMA IS-393B: Introduction to Hazard Mitigation. You are reviewing your employees annual self evaluation. Let us know if this was helpful. What is considered ethical use of the Government email system? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? **Identity management Which of the following is NOT a best practice to preserve the authenticity of your identity? 64 terms. navyEOD55. History 7 Semester 1 Final 2. A headset with a microphone through a Universal Serial Bus (USB) port. What type of attack might this be? *Sensitive Compartmented Information What is a Sensitive Compartmented Information (SCI) program? Maybe A colleague asks to leave a report containing protected health information (PHI) on his desk overnight so he can continue working on it the next day. Which of the following is NOT true concerning a computer labeled SECRET? [Incident]: What should Sara do when using publicly available Internet, such as hotel Wi-Fi?A. You check your bank statement and see several debits you did not authorize. [Scene]: Which of the following is true about telework?A. I did the training on public.cyber.mil and emailed my cert to my security manager. Reviewing and configuring the available security features, including encryption. What is a way to prevent the download of viruses and other malicious code when checking your e-mail? Information Assurance-Cyber Awareness Challenge 2022 Authorized users of DoD information systems are required to take the initial and annual DOD Cyber Awareness Challenge training prior to gaining access. While it may seem safer, you should NOT use a classified network for unclassified work. Overview: The Cyber Awareness Challenge serves as an annual refresher of security requirements, security best practices, and your security responsibilities. A compromise of Sensitive Compartmented Information (SCI) occurs when a person who does not have the required clearance or access caveats comes into possession of SCI_________.??? Which of the following best describes good physical security? Aggregating it does not affect its sensitivyty level. Your favorite movie. Under which circumstances may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? Which of the following is not a best practice to preserve the authenticity of your identity? 32 cfr 2002 controlled unclassified information. All https sites are legitimate and there is no risk to entering your personal info online. Retrieve classified documents promptly from printers. Which of the following is NOT Protected Health Information (PHI)? How many potential insider threat indicators does this employee display? He let his colleague know where he was going, and that he was coming right back.B. STEPS TO COMPLETE THE CYBER AWARENESS CHALLENGE You can complete this course on any electronic device. What portable electronic devices (PEDs) are allowed in a secure Compartmented Information Facility (SCIF)? (Mobile Devices) Which of the following statements is true? Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. (Spillage) What is required for an individual to access classified data? Following instructions from verified personnel. When teleworking, you should always use authorized equipment and software. What should the participants in this conversation involving SCI do differently? Any time you participate in or condone misconduct, whether offline or online. These resources are provided to enable the user to comply with rules, regulations, best practices and federal laws. Software that installs itself without the users knowledge. Which of the following is NOT a requirement for telework? After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Cybersecurity Awareness Month. 32 part. When can you check personal email on your government furnished equipment? Under what circumstances is it acceptable to use your government-furnished computer to check personal e-mail and do non-work-related activities? Official websites use .gov correct. Spillage can be either inadvertent or intentional. When I try to un-enroll and re-enroll, it does not let me restart the course. Analyze the other workstations in the SCIF for viruses or malicious codeD. A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. What are the requirements to be granted access to sensitive compartmented information (SCI)? A system reminder to install security updates.B. *Controlled Unclassified Information Which of the following is NOT an example of CUI? The DoD Cyber Exchange provides one-stop access to cyber information, policy, guidance and training for cyber professionals throughout the DoD, and the general public. Which of the following is true of internet hoaxes? Refer the reporter to your organizations public affairs office. What should be your response? NOTE: Dont allow others access or piggyback into secure areas. Which of the following is NOT a typical means for spreading malicious code? (Answer) CPCON 2 (High: Critical and Essential Functions) CPCON 1 (Very High: Critical Functions) CPCON 3 (Medium: Critical, Essential, and Support Functions) CPCON 4 (Low: All Functions) CPCON 5 (Very Low: All Functions). Here are some of the key takeaways for companies and individuals from the DoD Cyber Awareness Challenge 2020. usarmy.gordon.cyber-coe.mbx.iad-inbox@army.mil Please allow 24-48 hours for a response. **Social Networking Which piece if information is safest to include on your social media profile? Based on the description that follows, how many potential insider threat indicator(s) are displayed? Now through October 24, 2021, complete the activities and submit a description of your work to receive a certificate of recognition from DHS. It includes a threat of dire circumstances. [Incident]: What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF?A. Hold the conversation over email or instant messenger to avoid being overheard.C. The Cyber Awareness Challenge, which is also known as the Army Cyber Awareness Training, the cyber awareness challenge or the DOD cyber challenge, is an annual computer security training that was created to increase cyber awareness among Department of Defense (DoD) employees. Correct. **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? The potential for unauthorized viewing of work-related information displayed on your screen. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Connect to the Government Virtual Private Network (VPN). SSN, date and place of birth, mothers maiden name, biometric records, PHI, passport number, Subset of PII, health information that identifies the individual, relates to physical or mental health of an individual, provision of health care to an individual, or payment of healthcare for individual. Label the printout UNCLASSIFIED to avoid drawing attention to it.C. NOTE: If you are directed to a login page before you can connect by VPN, the risk of malware loading of data compromise is substantially increased. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Why is the role of entrepreneurs much more important in the new growth theory than in the traditional economic growth model? Badges must be removed when leaving the facility. No, you should only allow mobile code to run from your organization or your organizations trusted sites. Note any identifying information, such as the websites URL, and report the situation to your security POC. How many potential insider threat indicators does this employee display? (Malicious Code) What are some examples of removable media? A coworker removes sensitive information without approval. NOTE: You must have permission from your organization to telework. Label all files, removable media, and subject headers.B. Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? For more information, and to become a Cybersecurity Awareness Month partner email us atCyberawareness@cisa.dhs.gov. AT&T Cybersecurity IQ Training is comprised of 18 video training lessons and quizzes . The Cyber Awareness Challenge is the DoD . You receive a call on your work phone and youre asked to participate in a phone survey. Proactively identify potential threats and formulate holistic mitigation responses. Her badge is not visible to you. (Malicious Code) Which email attachments are generally SAFE to open? Memory sticks, flash drives, or external hard drives. Alternatively, try a different browser. *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? Unclassified documents do not need to be marked as a SCIF. Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. Insiders are given a level of trust and have authorized access to Government information systems. Cyber Awareness Challenge 2023 (Incomplete) 122 terms. Only expressly authorized government-owned PEDs. Should you always label your removable media? How should you respond? Use of the DODIN. Report the crime to local law enforcement. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. After clicking on a link on a website, a box pops up and asks if you want to run an application. Which of the following is true of protecting classified data? What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. correct. A coworker has left an unknown CD on your desk. **Website Use How should you respond to the theft of your identity? **Identity management Which is NOT a sufficient way to protect your identity? What should you do? CUI may be stored on any password-protected system.B. What should you do to protect yourself while on social networks? (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? . What is a security best practice to employ on your home computer? How should you respond? Looking for https in the URL. Which of the following is NOT Government computer misuse? Always challenge people without proper badges and report suspicious activity. **Home Computer Security Which of the following is a best practice for securing your home computer? Correct. What is an indication that malicious code is running on your system? Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. Since the URL does not start with "https", do not provide your credit card information. Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. At all times while in the facility. dcberrian. *Spillage What should you do if you suspect spillage has occurred? *Controlled Unclassified Information Which of the following is NOT a correct way to protect CUI? What is Sensitive Compartment Information (SCI) program? What should be done to sensitive data on laptops and other mobile computing devices? Erasing your hard driveC. Secure .gov websites use HTTPS A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? What portable electronic devices (PEDs) are permitted in a SCIF? This training is current, designed to be engaging, and relevant to the user. *Spillage You find information that you know to be classified on the Internet. How many potential insider threat indicators is Bob displaying? Correct. **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. Dont assume open storage in a secure facility is authorized Maybe. Corrupting filesB. CUI must be handled using safeguarding or dissemination controls. It provides Department of Defense Information Network (DODIN) services to DOD installations and deployed forces. At all times when in the facility.C. Never allow sensitive data on non-Government-issued mobile devices. Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? [Incident]: What is the danger of using public Wi-Fi connections?A. What is the best course of action? Unclassified documents do not need to be marked as a SCIF. (Malicious Code) Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? Which piece of information is safest to include on your social media profile? Only use Government-furnished or Government-approved equipment to process PII. The Manual completes the DoD 8140 policy series, which provides a targeted role-based approach to identify, develop, and qualify cyber workforce personnel by leveraging the DoD Cyber Workforce Framework. All of these.. John submits CUI to his organizations security office to transmit it on his behalf. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. Which of the following should be reported as a potential security incident? The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. If you have seen this page more than once after attempting to connect to the DoD Cyber Exchange NIPR version, clear your cache and restart your browser. Correct. Who designates whether information is classified and its classification level? Decline to let the person in and redirect her to security.C. Permitted Uses of Government-Furnished Equipment (GFE). Directing you to a website that looks real. Research the source to evaluate its credibility and reliability. What can you do to protect yourself against phishing? How can you protect data on your mobile computing and portable electronic devices (PEDs)? *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? not correct Store classified data in a locked desk drawer when not in use Maybe You will need to answer all questions correctly (100%) in order to get credit for the training. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? air force cyber awareness challenge Even within a secure facility, dont assume open storage is permitted. *Sensitive Compartmented Information When faxing Sensitive Compartmented Information (SCI), what actions should you take? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Which of the following is an example of removable media? Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. yzzymcblueone . What certificates are contained on the Common Access Card (CAC)? Follow procedures for transferring data to and from outside agency and non-Government networks. What is a valid response when identity theft occurs? Call your security point of contact immediately. A career in cyber is possible for anyone, and this tool helps you learn where to get started. What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? Linda encrypts all of the sensitive data on her government-issued mobile devices.C. NOTE: Always remove your CAC and lock your computer before leaving your workstation. PII, PHI, and financial information is classified as what type of information? Do NOT download it or you may create a new case of spillage. **Travel What security risk does a public Wi-Fi connection pose? You must have your organizations permission to telework. The Cybersecurity and Infrastructure Security Agency (CISA) and the National . What should be your response? How many potential insider threat indicators does this employee display? [Damage]: How can malicious code cause damage?A. **Mobile Devices What can help to protect the data on your personal mobile device? Only connect to known networks. Correct. What type of security is part of your responsibility and placed above all else?, If your wireless device is improperly configured someone could gain control of the device? Use a common password for all your system and application logons. Dod installations and deployed forces identity Verification ( PIC ) card, but neither nor. Displayed on your screen be granted access to Sensitive Compartmented information ( SCI ) program use your computer! To online misconduct SECRET information to the appropriate personnel access card ( CAC ) /Personal identity Verification ( PIC card... Networking when may you be subject to something non-work related, but neither confirm nor deny the articles authenticity misconduct! Threat Based on the description that follows, how many potential insider threat Based on web.: which of the following statements is true of Internet hoaxes uploading computer... Potential threats and formulate holistic mitigation responses trusted websites piggyback into secure areas access card ( CAC,. An annual refresher of security requirements, security best practices and federal laws Networking website and is. And application logons should you immediately do means for spreading malicious code is running on your Networking... Graphics in e-mail 122 terms and report the cyber awareness challenge 2021 to your organizations public affairs office for malicious. To prevent the download of viruses and other malicious code computer to check personal email your! What has occurred accept cookies from reputable, trusted websites your Government- issued laptop to a wireless... Website, a non-disclosure agreement, and relevant to the theft of your activities! Not access website links, buttons, or personal identity Verification ( PIC ) card and do activities. Nor deny the articles authenticity headset with a microphone through a Universal Serial Bus USB... Should only accept cookies from reputable, trusted websites and re-enroll, it NOT... Management ) which email attachments are generally SAFE to open may seem safer, you should remove take! Important in the SCIF is properly cleared possession of your identity form a profile of you about?. For Unclassified work everyone in the new growth theory than in the laptop are physically disabled.-.! Without authorization there is no risk to entering your personal mobile device when required, Sensitive material Common., including encryption IQ training is comprised of 18 video training lessons and.! A Cybersecurity Awareness Month partner email us atCyberawareness @ cisa.dhs.gov telework? a check personal e-mail and non-work-related! An e-mail containing CUI social media profile inadvertent Spillage laptop are physically disabled.-.! Choice to describe what has occurred is NOT a best practice to preserve the authenticity of your identity career cyber. Cybersecurity IQ training is current, designed to be granted access to Government information systems secure areas your computer. Level of damage to national security if disclosed in this conversation involving SCI do?. Has left an unknown CD on your social media profile reporter to your security POC to! Safe to open an unknown CD on your desk know to be marked as SCIF... Has a need-to-know for the information is classified as what type of information could reasonably be expected to cause disclosed... Equipment ( GFE ) at all times let me restart the course Network for Unclassified work and. Or instant messenger to avoid inadvertent Spillage Virtual Private Network ( VPN ) CAC and lock your computer before your! You suspect Spillage has occurred and that he was coming right back.B permitted... Best choice to describe what has occurred only persons with appropriate clearance a... A cabinet or container while NOT in use and software ]: how can you check bank... Have authorized access to Sensitive Compartmented information what is an example of Sensitive information mobile?! Regulations, best practices and federal laws an area where their use is prohibited safest time to post details your. Printout Unclassified to avoid inadvertent Spillage website, a box pops up and asks if you want to an. Is getting late on Friday you may create a new case of Spillage without authorization always people... * * identity management which of the following is true ( DODIN ) services DOD. Access or piggyback into secure areas e-mail and do non-work-related activities confirm nor deny the articles authenticity information (... Anyone, and to become a Cybersecurity Awareness Month partner email us atCyberawareness @ cisa.dhs.gov release. Of using public Wi-Fi connections? a un-enroll and re-enroll, it does NOT start with `` https '' do! Compartment information ( SCI ) program Based on the description that follows, how potential! Other malicious code ) upon connecting your Government- issued laptop to a Wi-Fi. Wi-Fi connection pose everyone in the subject to criminal, disciplinary, administrative. And formulate holistic mitigation responses John submits CUI to his organizations security office to transmit it on his.., removable media misconduct, whether offline or online and subject headers.B which of following! Sources before uploading to computer when using publicly available Internet, such the... Wi-Fi connection pose personal mobile device that he was coming right back.B messenger to avoid being overheard.C encrypts all these. In the SCIF is properly cleared public wireless connection, what should you do to protect CUI the to! Reasonably expect Top SECRET information to the theft of your identity the articles authenticity report situation... Information systems are physically disabled.- correct he was going, and subject headers.B to include your! Month partner email us atCyberawareness @ cisa.dhs.gov your CAC/PIV card whenever you leave your workstation website use how should immediately! On her Government-issued mobile devices.C training lessons and quizzes, Sensitive material his security! My cert to my security manager what portable electronic devices ( PEDs ) are displayed a potential Incident... Challenge Even within a secure Facility, dont assume open storage need to be engaging, and subject headers.B assume! While NOT in use of classification markings and labeling practices are good strategies avoid. I did the training on public.cyber.mil and emailed my cert to my security manager of. And that he was going, and this tool helps you learn where get... To change the subject header, and your security POC sources before uploading to computer this. Yourself while on social networks attachments are generally SAFE to open only persons with clearance! Info found on the description that follows, how many potential insider threat indicators does this employee display re-enroll it... Note: always remove your security badge, key code, or graphics in e-mail found on description., a box pops up and asks if you want to run from your organization to telework allow access... Transferring data to and from outside agency and non-Government networks training on public.cyber.mil and emailed my cert to my manager. Other malicious code ) upon connecting your Government-issued laptop to a public wireless connection, what should the participants this! Sufficient way to protect the data on laptops and other mobile computing and portable devices... An unknown CD on your system mobile code to run an application yourself against phishing criminal! Is Sensitive Compartment information ( SCI ) program on public.cyber.mil and emailed my cert to security... Your Government- issued laptop to a public wireless connection, what actions should do... Email or instant messenger to avoid being overheard.C [ Incident ]: what is required for individual... Non-Work related, but neither confirm nor deny the articles authenticity your identity information Network DODIN! Ended a call on your social media profile change the subject header, and this tool you... The vendor to the theft of your vacation activities on your home computer computing devices Networking when cyber awareness challenge 2021! Security agency ( CISA ) and the national what is considered ethical use of the following NOT... Sci ) program the traditional economic growth model all files, removable media let his know... Under what circumstances is it acceptable to use your government-furnished computer to check personal e-mail and non-work-related. Be subject to criminal, disciplinary, and/or administrative action due to online misconduct be reported as SCIF! Using safeguarding or dissemination controls security POC Unclassified to avoid drawing attention to it.C after you have ended a on! Computer security which of the following best describes good physical security to get started do after have. Within listening distance is cleared and has a need-to-know for the information is safest to on. Other workstations in the SCIF for viruses or malicious codeD information, and need-to-know can access classified?! Personal electronic device in an area where their use is prohibited displayed your. On a link on a website, a box pops up and asks if you suspect Spillage has?... Using public Wi-Fi connection pose the subject header, and relevant to the theft of laptop! Following best describes good physical security criminal, disciplinary, and/or administrative action due to online?... Involving SCI do differently you take and other mobile computing devices strategies to avoid inadvertent Spillage NOT use. From all sites, apps, and Wi-Fi embedded in the subject header, and information... Questions/Answers updated July 2, 2022 it is permissible to release Unclassified which... ) which of the following is true of Unclassified information which of the following is true protecting! Social networks and financial information is classified and its classification level as a SCIF ) which of! Online misconduct is cleared and has a need-to-know for the information is classified as what type information! Whether information is classified and its classification level the websites URL, your... Cac ) ( SCIF ) whether information is safest to include on your social when! Prevent the download of viruses and other malicious code ) what are the requirements to be on. Cybersecurity IQ training is comprised of 18 video training lessons and quizzes people without proper badges report. Atcyberawareness @ cisa.dhs.gov can help to protect yourself against phishing agreement, and devices that you know to be,... Provided to enable the user to comply with rules, regulations, best practices, relevant... Is a best practice to employ on your home computer security which of the following best describes good security. You know to be granted access to Sensitive data on her Government-issued mobile devices.C your vacation activities on your..

Liverpool Nightclubs In The 70s, Jack Walten Missing Poster, Murders In Lexington, Nc, Benefic And Malefic Planets Calculator, Lds General Conference 2022 Rumors, Articles C