**Travel Which of the following is true of traveling overseas with a mobile phone? Here you can find answers to the DoD Cyber Awareness Challenge. Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approves for access to the NIPRNET. Which of the following is an example of removable media? c. Report it to security. HTMO@[)4T@c4RIhj{v 1068 0 obj <> endobj $l*#p^B{HA<>C^9OdND_ ` On a system of a higher classification level, such as the Secret Internet Protocol Router Network (SIPRNet), On a NIPRNet system while using it for a PKI-required task, What guidance is available for marking Sensitive Compartmented Information (SCI)?A. Spillage: Which of the following should you NOT do if you find classified information on the internet? The interim payment plan must provide clearly defined work stages, deliverables with associated payments and timescales. He has the appropriate clearance and a signed, approved, non-disclosure agreement. How many potential insider threat indicators is Bob displaying? A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive new car, and has unexplained absences from work. Which of the following is NOT Government computer misuse? CPCON 5 (Very Low: All Functions). What actions should you take with a compressed Uniform Resource Locator (URL) on a website known to you? It is releasable to the public without clearance. A Coworker has asked if you want to download a programmers game to play at work. Under the PHE, the federal government implemented a range of modifications and waivers impacting Medicare, Medicaid and private insurance requirements, as well as numerous other programs, to provide relief to healthcare . Compromise of data b. (controlled unclassified information) Which of the following is NOT an example of CUI? Set hasDigit to true if the 3-character passCode contains a digit, Critical, Essential, and Support Functions. Which of the following is NOT a good way to protect your identity? Which of the following is NOT a potential insider threat? **Classified Data Which of the following is true of telework? *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? On a NIPRNet system while using it for a PKI-required taskC. The Governments official GFE policy is stated in Federal Acquisition Regulation (FAR) section 45.102 Policy which states: As part of its responsibility for acquisition planning (FAR Part 7, Acquisition Planning), the requiring activity (project or program manager or purchase request generator) decides whether or not to furnish property to Contractors. NOT permitted uses of government-furnished equip (GFE) for: Viewing or downloading p*rn*graphy. *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? (Wrong). Do not use any personally owned/non-organizational removable media on your organizations systems. Approved Security Classification Guide (SCG). Full Rights Versions only contain Foreground Information information generated under the work that we contract with you. What type of social engineering targets senior officials? *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? CUI must be handled using safeguarding or dissemination controls. 2) Difficult life circumstances, such as death of spouse. *Sensitive Compartmented Information What should the owner of this printed SCI do differently? A headset with a microphone through a Universal Serial Bus (USB) port. How can you protect yourself from social engineering? They provide guidance on reasons for and duration of classification of information. Validate all friend requests through another source before confirming them. (Spillage) What should you do if a reporter asks you about potentially classified information on the web? a. Label all files, removable media, and subject headers. Select Yes or No for each item. c. Analyze the other workstations in the SCIF for viruses or malicious code. Which of the following is NOT an appropriate way to protect against inadvertent spillage? Which of the following is true about telework? cyber-awareness email government organisation permission equipment 1 answer Under what circumstances is it acceptable to use your Government-furnished computer to check person e-mail asked in Internet by voice (263k points) internet internet-quiz cyber cyber-awareness government computer email personal policy 1 answer ?Access requires Top Secret clearance and indoctrination into SCI program.??? Which is an untrue statement about unclassified data? Which of the following is a good practice to avoid email viruses? Which of the following actions can help to protect your identity? Decline to let the person in and redirect her to security c. Let the person in but escort her back t her workstation and verify her badge. You have rejected additional cookies. Retrieve classified documents promptly from printers. **Classified Data How should you protect a printed classified document when it is not in use? Top Secret information could be expected to cause exceptionally grave damage to national security of disclosed. What should you do? Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. Found a mistake? Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. This information will only be used for the purposes for which it is provided to us. Malicious code can do damage by corrupting files, erasing your hard drive, and/or allowing hackers access. At all times when in the facility c. At any time during the workday, including when leaving the facility. Linda encrypts all of the sensitive data on her government issued mobile devices. Contractors are ordinarily required to furnish all property necessary to perform Government contracts. Which scenario might indicate a reportable insider threat? c. Classified information that is intentionally moved to a lower protection level without authorization. Use a single, complex password for your system and application logons. Press release data c. Financial information. You check your bank statement and see several debits you did not authorize. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. The popup asks if you want to run an application. *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). It wont be used for other purposes, without us having obtained the necessary rights and permissions to do so. Which of the following is a good practice to protect classified information? What should Sara do when using publicly available Internet, such as hotel Wi-Fi? th Xe>_ Use your legitimate antivirus software to perform a virus scan instead. Information should be secured in a cabinet or container while not in use. Label all files, removable media, and subject headers with appropriate classification markings. a. Only when badging in b. Report the crime to local law enforcement. **Classified Data What is a good practice to protect classified information? Which of the following attacks target high ranking officials and executives? &\textbf{Increas}&\textbf{Decrease}&\textbf{Normal Balance}\\ \end{array} It contains certificates for identification, encryption, and digital signature. CUI must be handled using safeguarding or dissemination controls. stream Adversaries exploit social networking sites to disseminate fake news Correct. Incident Note the websites URL and report the situation to your security point of contact. How many potential insider threat indicators does this employee display? **Social Engineering Which may be a security issue with compressed Uniform Resource Locators (URLs)? Well use the email address that you used to create your account and the telephone number in your profile to contact you. This may be a malicious code attack. requirements to access classified information. How many potential insiders threat indicators does this employee display. _I`vm `V k\Up k[t]I*+oDa,~v0j:g5wVoLQ:@n-62.Sm-"z.Z~-C-K8Yt_@}aVa{]ppwB6#fR4,r\+ l-sZO15 What actions should you take prior to leaving the work environment and going to lunch? The following guidance will help you to understand what these terms and conditions mean. Which of these is true of unclassified data? Edited/new version of DASA Short form contract uploaded to documents, Update to text from 'All competitions will use the new' to 'Many competitions, especially Phase 1 earlier TRL competitions, will use the new', Please note we have updated our short form contract template. Turn on automatic downloading b. For the specific purposes of considering additional funding for a competition and onward exploitation opportunities, DASA also reserves the right to share information in your proposal in-confidence with any UK Government Department. DOD CYBER AWARENESS. The general policy is to have the contractor furnish the equipment needed. Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? A coworker removes sensitive information without approval. Country A has a (n) ___ in the production of a good if it can produce the good at lower opportunity cost than country B . Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? Follow procedures for transferring data to and from outside agency and non-government networks. sensitive but unclassified. (Identity Management) What certificates are contained on the Common Access Card (CAC)? He let his colleague know where he was going, and he was coming right back. What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF? Who designates whether information is classified and its classification level? a. Incident How Do I Answer The CISSP Exam Questions? Taking classified documents from your workspace. When examining theories of phobia etiology, this situation would be reflective of ____________ theory. **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? What should you do? (Malicious Code) What are some examples of malicious code? what should you do? You receive an email from a company you have an account with. Mark SCI documents appropriately and use an approved SCI fax machine. Controlled Unclassified Information (CUI). A coworker removes sensitive information without authorization. **Identity management Which is NOT a sufficient way to protect your identity? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. At all times while in the facility. Which of the following should you NOT do if you find classified information on the internet? *Malicious Code Which of the following is NOT a way that malicious code spreads? Download the information. Understanding and using the available privacy settings. Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. cyber-awareness permission government equipment action answer Under what circumstances is it acceptable to use your Government-furnished computer to check person e-mail asked in Internet by voice (263k points) internet internet-quiz cyber cyber-awareness government computer email personal policy answer What security risk does a public Wi-Fi connection pose? Verify the identity of all individuals.??? b. Understanding and using the available privacy settings. (Malicious Code) Which are examples of portable electronic devices (PEDs)? c. This is never okay. Government Furnished Resources (GFR) is personnel, most commonly Service Personnel on long-term loan or secondment. Chillmax Company plans to sell 3,500 pairs of shoes at $60 each in the coming year. \text{Revenue}&&&\text{Credit}\\ What type of data must be handled and stored properly based on classification markings and handling caveats? What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? *Spillage Which of the following is a good practice to prevent spillage? What is the best example of Protected Health Information (PHI)? Maybe. endobj | cpLo' ;8?NfW\\T| This short and simple contracting method aims to encourage engagement with DASA, whilst having the complexities of some other contracting methods removed. Quizzma is a free online database of educational quizzes and test answers. (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? Nothing. Confirm the individuals need-to-know and access. (Spillage) Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? Which of the following is true of Controlled Unclassified Information (CUI)? Calculate the margin of safety in terms of sales revenue. Sensitive Compartmented Information (Incident #2): What should the owner of this printed SCI do differently? Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. endstream endobj 1073 0 obj <>stream Illegal downloading copyrighted materials. It is your responsibility as an employee to protect and conserve Government-owned or -leased property and vehicles and to use them only for authorized purposes. \text{Liability}&&\text{Debit}&\\ Verified answer. You receive an inquiry from a reporter about government information not cleared for public release. **Mobile Devices Which of the following helps protect data on your personal mobile devices? The challenges goal is simple: To change user behavior to reduce the risks and vulnerabilities DoD Information Systems face. In your proposal to us, you must describe the deliverables from your project; in other words, what will be produced and delivered as a result of the project. When checking in at the airline counter for a business trip Decline so that you maintain physical contact of your Government-issued laptop. *Insider Threat Which of the following is a reportable insider threat activity? correct. Decline So That You Maintain Physical Control of Your Government-Issued Laptop. What is the basis for the handling and storage of classified data? **Website Use Which of the following statements is true of cookies? Which of the following is true of removable media and portable electronic devices (PEDs)? Controlled unclassified information. It is created or received by a healthcare provider, health plan, or employer. Which is a way to protect against phishing attacks? Describe the major components of the strategic management process. Storage devices (e.g., USB memory sticks, hard drives, etc.) ( There is no way to know where the link actually leads. *Sensitive Compartmented Information What is a Sensitive Compartmented Information (SCI) program? What is best practice while traveling with mobile computing devices? the whistleblower protection enhancement act relates to reporting. What is the best choice to describe what has occurred? What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. Which of the following is true of downloading apps? Report the suspicious behavior in accordance with their organizations insider threat policy. To access this memo please visit: It is permissible to release unclassified information to the public prior to being cleared. Security updates are ready to install. Personal information is inadvertently posted at a website. \text{Income statement accounts:}&&&\\ CUI may be stored only on authorized systems or approved devices. The Contractor shall use Standard Form 1428 for Inventory Disposal. **Insider Threat Which type of behavior should you report as a potential insider threat? a. correct. Which of the following is an example of a strong password? Correct How many potential insider threat indicators does this employee display? Setting weekly time for virus scan when you are not on the computer and it is powered off. Linda encrypts all of the sensitive data on her government-issued mobile devices. Only documents that are classified Secret, Top Secret, or SCI require marking. Which of the following is a potential insider threat indicator? **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? Classified information that should be unclassified and is downgraded. How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Correct. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. You find information that you know to be classified on the Internet. Since the URL does not start with https, do not provide you credit card information. (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. As detailed in the ISC, you must mark your deliverables in accordance with the document marking scheme detailed therein. Which of the following is not a best practice to preserve the authenticity of your identity? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Looking at your MOTHER, and screaming THERE SHE BLOWS! How should you protect a printed classified document when it is not in use? What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? \text{Expense}&(l)&\text{Credit}&\text{Debit}\\ What should you do? Expires: 09/30/2023. What should Sara do when using publicly available Internet, such as hotel Wi-Fi? Select all violations at this unattended workstation. Which scenario might indicate a reportable insider threat security incident? A colleague often makes others uneasy with her persistent efforts to obtain information about classified project where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. Access requires a formal need-to-know determination issued by the Director of National Intelligence.? Use of GFE (Incident): Permitted Uses of Government-Furnished Equipment (GFE) A No to all: Viewing or downloading pornography, gambling online, conducting a private money-making venture, using unauthorized software, Illegally downloading copyrighted material, making unauthorized configuration changes. b. shall not modify, cannibalize, or make alterations to U.S. Forest Service property. Therefore, if there is a demonstrable need that can only be met via GFA, this should be detailed in your proposal. Removable Media in a SCIF (Incident): What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF? Do not access website links, buttons, or graphics in e-mail. You should confirm that a site that wants to store a cookie uses an encrypted link. CPCON 4 (Low: All Functions) a. (Answer) CPCON 2 (High: Critical and Essential Functions) CPCON 1 (Very High: Critical Functions) CPCON 3 (Medium: Critical, Essential, and Support Functions) CPCON 4 (Low: All Functions) CPCON 5 (Very Low: All Functions). Bob, a coworker, has been going through a divorce, has financial difficulties and is displaying hostile behavior. What is the basis for handling and storage of classified data? (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. **Social Engineering Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? You are misusing a Government vehicle when you use it for your personal benefit as opposed to using it for the benefit of the Government. Which of the following is NOT a requirement for telework? (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? When submitting your proposal, you must provide a resourcing plan that identifies, where possible, the nationalities of those proposed research workers that you intend working on this phase. In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? GFE consists of: b. !qB I }h\;3. 6ggq~|:s]kZ]G QXW+"?REz0@z:Zg3>xCi3/Jr[/e,jVIW~7"{?Q3 It would be best to contact the institution using verified contact information to confirm. Hostility or anger toward the United States and its policies. Which of the following is true of Unclassified information? Which of the following individuals can access classified data? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. How many insider threat indicators does Alex demonstrate? Exception. Which of the following is not Controlled Unclassified Information (CUI)? This bag contains your government-issued laptop. (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Read more about MOD ethical approval and other regulations which may affect your work. The proper security clearance and indoctrination into the SCI program. Unclassified documents do not need to be marked as a SCIF. \text{Retained Earnings}&&&\text{Credit}\\ Which of the following is true about telework? News stories, speeches, letters and notices, Reports, analysis and official statistics, Data, Freedom of Information releases and corporate reports. correct. (social networking) Which of the following is a security best practice when using social networking sites? Which of the following is a reportable insider threat activity? P2P (Peer-to-Peer) software can do the following except: Allow attackers physical access to network assets. Who designates whether information is classified and its classification level? In your opinion, will there be individual differences? c. Nothing. See PGI 245.103-72, Government- furnished property (GFP) attachments to solicitations and awards.
