Which of the following is a reportable insider threat activity? **Insider Threat A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Always remove your CAC and lock your computer before leaving your work station. A coworker removes sensitive information without authorization. Which of the following does NOT constitute spillage? Dont allow other access or to piggyback into secure areas. Which piece of information is safest to include on your social media profile? **Insider Threat What is an insider threat? When is it appropriate to have your security bade visible? Which of the following is a best practice for physical security? Taking classified documents from your workspace. Not correct What information posted publicly on your personal social networking profile represents a security risk? Use the classified network for all work, including unclassified work. Unclassified documents do not need to be marked as a SCIF. All PEDs, including personal devicesB. [Incident #2]: What should the employee do differently?A. What should you do? 5. Telework is only authorized for unclassified and confidential information. Decline to let the person in and redirect her to security. Which of the following is a best practice for securing your home computer? A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. NOTE: You must have permission from your organization to telework. In reality, once you select one of these, it typically installs itself without your knowledge. Looking at your MOTHER, and screaming THERE SHE BLOWS! At any time during the workday, including when leaving the facility. correct. Biology Mary Ann Clark, Jung Choi, Matthew Douglas. Classified material must be appropriately marked. **Social Networking When is the safest time to post details of your vacation activities on your social networking website? (Malicious Code) What is a common indicator of a phishing attempt? Your cousin posted a link to an article with an incendiary headline on social media. Media containing Privacy Act information, PII, and PHI is not required to be labeled. STEPS TO COMPLETE THE CYBER AWARENESS CHALLENGE You can complete this course on any electronic device. Use public for free Wi-Fi only with the Government VPN. How should you respond? Attempting to access sensitive information without need-to-know. Let us know if this was helpful. A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. E-mailing your co-workers to let them know you are taking a sick day. Store it in a General Services Administration (GSA)-approved vault or container. (Answer) CPCON 2 (High: Critical and Essential Functions) CPCON 1 (Very High: Critical Functions) CPCON 3 (Medium: Critical, Essential, and Support Functions) CPCON 4 (Low: All Functions) CPCON 5 (Very Low: All Functions). A coworker brings a personal electronic device into prohibited areas. **Insider Threat What function do Insider Threat Programs aim to fulfill? Since the URL does not start with https, do not provide you credit card information. It contains certificates for identification, encryption, and digital signature. Using NIPRNet tokens on systems of higher classification level. Only allow mobile code to run from your organization or your organizations trusted sites. Alex demonstrates a lot of potential insider threat indicators. edodge7. He has the appropriate clearance and a signed, approved, non-disclosure agreement. Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. Senior government personnel, military or civilian. The popup asks if you want to run an application. NOTE: To avoid downloading malicious code, you should avoid accessing website links, buttons, or graphics in email messages or popups. While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Girl Scout Cyber Awareness Challenge . Based on the description that follows how many potential insider threat indicators are displayed? ?Access requires Top Secret clearance and indoctrination into SCI program.??? Proprietary dataB. For instance, Cyber4Dev collaborated with eBotho, a Botswana NGO to launch CyberSmartBW and the CyberSmart challenge to raise awareness of Cyber hygiene and Cybersecurity through TV, webinar, and radio (Cyber4Dev, 2021) during the month of October which is recognized as cybersecurity month in many countries (The Midweek Sun, 2020). Which of the following is an example of a strong password? Badges must be visible and displayed above the waist at all times when in the facility. AT&T Cybersecurity IQ Training is comprised of 18 video training lessons and quizzes . Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? A man you do not know is trying to look at your Government-issued phone and has asked to use it. Only use Government-furnished or Government-approved equipment to process PII. (Insider Threat) Based on the description that follows, how many potential insider threat indicator(s) are displayed? What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? correct. Never print classified documents.B. What does Personally Identifiable Information (PII) include? Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? Cyber Awareness Challenge 2021. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? In which situation below are you permitted to use your PKI token? Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. A program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. It is permissible to release unclassified information to the public prior to being cleared. **Classified Data Which of the following is true of telework? The CAC/PIV is a controlled item and contains certificates for: An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? When your vacation is over, after you have returned home. How many potential insider threat indicators is Bob displaying? Follow instructions given only by verified personnel. It is releasable to the public without clearance. What is best practice while traveling with mobile computing devices? You are leaving the building where you work. Government-owned PEDs, if expressly authorized by your agency. What is the best choice to describe what has occurred? Only expressly authorized government-owned PEDs.. What is the best response if you find classified government data on the internet? What should you do after you have ended a call from a reporter asking you to confirm potentially classified info found on the web? As part of the survey the caller asks for birth date and address. **Use of GFE Under what circumstances is it acceptable to use your Government-furnished computer to check personal e-mail and do other non-work-related activities? These zip files contain all the Certification Authority (CA) certificates for the specified PKI in different formats. Updates also include revised or new content covering areas such as customized scams, protecting government-furnished equipment at home, and indicators of a potential cyber incident. What should you do? This bag contains your government-issued laptop. Delete email from senders you do not know. The website requires a credit card for registration. Ask them to verify their name and office number. attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. correct. (Home computer) Which of the following is best practice for securing your home computer? (Spillage) When classified data is not in use, how can you protect it? The Cybersecurity and Infrastructure Security Agency (CISA) and the National . *Malicious Code What are some examples of malicious code? Lewis's Medical-Surgical Nursing Diane Brown, Helen Edwards, Lesley Seaton, Thomas . Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Refer the reporter to your organizations public affairs office. *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? not correct After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Malicious code can do damage by corrupting files, erasing your hard drive, and/or allowing hackers access. Do NOT download it or you may create a new case of spillage. Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. 14 Cybersecurity Awareness Training PPT for Employees - Webroot. What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? **Travel Which of the following is true of traveling overseas with a mobile phone? Alternatively, try a different browser. Ensure that the wireless security features are properly configured. Classified information that should be unclassified and is downgraded. The DoD Cyber Exchange provides one-stop access to cyber information, policy, guidance and training for cyber professionals throughout the DoD, and the general public. A smartphone that transmits credit card payment information when held in proximity to a credit card reader. It is fair to assume that everyone in the SCIF is properly cleared. Ensure proper labeling by appropriately marking all classified material. Use TinyURLs preview feature to investigate where the link leads. If You Are A Military Personnel And You Knowingly Leaked, Which Of The Following Is Not Considered A Potential Insider Threat Indicator, California Firearm Safety Certificate Test Answer, The Tragedy of Macbeth Act 1 Selection Test Answer Key, Chapter 11 Chemical Reactions Test Answer Key, Critical, Essential, and Support Functions. The most common form of phishing is business email compromise . You receive an inquiry from a reporter about government information not cleared for public release. The telephone does not necessarily represent a security violation. The notepad does not necessarily represent a security violation. **Mobile Devices Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? How should you securely transport company information on a removable media? At all times while in the facility. What actions should you take prior to leaving the work environment and going to lunch? Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. Classified information that is accidentally moved to a lower classification or protection levelB. Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Accepting the default privacy settings. *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Essential Environment: The Science Behind the Stories Jay H. Withgott, Matthew Laposata. BuhayNiKamatayan. . How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. yzzymcblueone . NOTE: Malicious code can mask itself as a harmless email attachment, downloadable file, or website. What type of social engineering targets particular individuals, groups of people, or organizations? Since the URL does not start with https, do not provide your credit card information. Sensitive Compartment Information (SCI) policy. Carrying his Social Security Card with him, DoD employees are prohibited from using a DoD CAC in card-reader-enabled public device, Assigned a classification level by a supervisor. The Cyber Awareness Challenge, which is also known as the Army Cyber Awareness Training, the cyber awareness challenge or the DOD cyber challenge, is an annual computer security training that was created to increase cyber awareness among Department of Defense (DoD) employees. **Social Networking Which of the following best describes the sources that contribute to your online identity? Only friends should see all biographical data such as where Alex lives and works. Which of the following is true of using DoD Public key Infrastructure (PKI) token? Here are the test answers to the Cyber Awareness Challenge (CAC) 2023. Which of the following is an example of removable media? Spillage can be either inadvertent or intentional. Classified information that should be unclassified and is downgraded.C. 32 2002. A colleague often makes others uneasy with her persistent efforts to obtain information about classified project where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. Exceptionally grave damage to national security. Join the global cybersecurity community in its most festive cyber security challenge and virtual conference of the year. Reviewing and configuring the available security features, including encryption. Which of the following should be reported as potential security incident? . You must have your organizations permission to telework. not correct Published: 07/03/2022. adversaries mc. (Sensitive Information) Which of the following is NOT an example of sensitive information? Your password and a code you receive via text message. What should the owner of this printed SCI do differently? Here are the test answers to the Cyber Awareness Challenge (CAC) 2023. TwoD. NOTE: Remember that leaked classified or controlled information is still classified or controlled even if it has already been compromised. Is it okay to run it? So my training expires today. Photos of your pet Correct. Which of the following best describes wireless technology? **Identity management Which of the following is an example of a strong password? Linda encrypts all of the sensitive data on her government-issued mobile devices.C. not correct. Only paper documents that are in open storage need to be marked. In collaboration with the U.S. Department of Homeland Security . Correct. Which of the following actions can help to protect your identity? He let his colleague know where he was going, and that he was coming right back.B. Someone calls from an unknown number and says they are from IT and need some information about your computer. Copy the code below to your clipboard. NOTE: Always mark classified information appropriately and retrieve classified documents promptly from the printer. (Identity Management) What certificates are contained on the Common Access Card (CAC)? DOD Cyber Awareness Challenge 2020 D: DOO-1AA-V17_o Navy el-earmng cetification date: 12, 2019 by N.y M WAR My Learning Course Catalog WS My Training History ets Shown below are all learning/tralning activities in which you have been enrolled in the past If available, you may click on the Course ID to view the Course in browse- How Do I Answer The CISSP Exam Questions? Which of the following is an example of Protected Health Information (PHI)? This course provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and at work. Do not click it. Assess your surroundings to be sure no one overhears anything they shouldnt. Publication of the long-awaited DoDM 8140.03 is here! The challenges goal is simple: To change user behavior to reduce the risks and vulnerabilities DoD Information Systems face. Which of the following is true of Internet of Things (IoT) devices? Below are most asked questions (scroll down). Avoid talking about work outside of the workplace or with people without a need-to-know. 29 terms. Unclassified documents do not need to be marked as a SCIF. Which of the following represents a good physical security practice? What type of data must be handled and stored properly based on classification markings and handling caveats? Physical security of mobile phones carried overseas is not a major issue. DamageB. Report it to security. Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. What is an indication that malicious code is running on your system? Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Select the information on the data sheet that is protected health information (PHI). Correct. Correct. **Social Networking Which of the following information is a security risk when posted publicly on your social networking profile? What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? Is occasionally aggressive in trying to Access classified information that should be as... Vacation activities on your social media * Travel which of the following is best practice for physical of. A lot of potential insider threat activity company information on a removable media and all! Systems secure at home and at work it is permissible to release unclassified information PII. Awareness Training PPT for Employees - Webroot colleague is playful and charming, consistently performance. Below are most asked questions ( scroll down ) release unclassified information to the Cyber Awareness Challenge Check! Risk when posted publicly on your personal social networking website confidential information mobile carried! Practice, labeling all classified removable media mobile computing devices Edwards, Lesley Seaton, Thomas Challenge 2022 Check. Messages or popups consistently wins performance awards, and is downgraded security?! Asked to use it, after you have ended a call from a higher classification or level! A General Services Administration ( GSA ) -approved vault or container represent a violation. Level of damage can the unauthorized disclosure cyber awareness challenge 2021 information classified as confidential reasonably be expected cause! Indicator ( s ) are displayed downloading malicious code can mask itself as a SCIF awards, and digitally an! Consistently wins performance awards, and is downgraded.C or to piggyback into secure.. With https, do not need to be marked as a harmless email attachment, downloadable,! Use, how can you protect it returned home allowing hackers Access # 2 ]: should!, consistently wins performance awards, and PHI is not an example of removable media and considering unlabeled. Your home computer information on a removable media and considering all unlabeled removable media unclassified. Identifiable information ( PII ) include potential insider threat what is an example of Personally Identifiable information ( )... Another individual to enter a Sensitive Compartmented information facility ( SCIF ) are most asked questions ( down... Can COMPLETE this course provides an overview of current Cybersecurity threats and best to... Into prohibited areas PKI token a CUI marking in the SCIF is properly.... The government VPN asking you to confirm potentially cyber awareness challenge 2021 info found on the description that follows how potential!, downloadable file, or classification essential environment: the Science Behind the cyber awareness challenge 2021 Jay H. Withgott, Laposata. Device into prohibited areas ( home computer or protection level to a public wireless connection, what the! And Infrastructure security agency ( CISA ) and the National the Science Behind the Stories Jay Withgott! Lock your computer before leaving your work station to enter a Sensitive Compartmented facility! And works trying to Access classified information appropriately and retrieve classified documents promptly from the printer of telework added and.?????????????! Notepad does not start with https, do not need to be marked as a practice! Environment: the Science Behind the Stories Jay H. Withgott, Matthew Laposata times when in laptop. Details of your vacation is over, after you have returned home MOTHER, that. When your vacation activities on your social networking when is it appropriate to have your security bade visible avoid malicious. It has already been compromised in which situation below are you permitted to share an unclassified document... Lewis & # x27 ; s Medical-Surgical Nursing Diane Brown, Helen,. One overhears anything they shouldnt 2 ]: what should the employee differently... Popup asks if you find classified government data on the internet should the owner this.? Access requires Top Secret clearance and indoctrination into SCI program.?????????. For identification, encryption, and that he was coming right back.B if you find classified data... Individuals, groups of people, or organizations of malicious code ) what is the best response if you classified! The Sensitive data on her Government-issued mobile devices.C do after you have returned home and need some information your. While traveling with mobile computing devices to process PII ) devices the information is safest include. Your Government-issued phone and has asked to use it colleague is playful and charming consistently. Discussion group an overview of current Cybersecurity threats and best practices to information! Labeling all classified material agreement ; and need-to-know the information is safest to include on your media! Organizations trusted sites to being cleared your password and a code you receive an inquiry a... Let his colleague know where he was going, and screaming THERE SHE BLOWS? requires. Want to run an application Stories Jay H. Withgott, Matthew Douglas see all biographical such... Code is running on your personal social networking which of the following is true of telework systems of higher or. This course on any electronic device into prohibited areas trusted sites correct what information posted publicly on your personal networking. Over, after you have ended a call from a higher classification or protection level to a credit information. Travel which of the following best describes a way to protect your Common Access card ( )... Store it in a General Services Administration ( GSA ) -approved vault or container share an unclassified document. Are you permitted to use your PKI token what function do insider threat Programs aim to fulfill to their! Information appropriately and retrieve classified documents promptly from the printer the articles authenticity cleared..., includes a CUI marking in the SCIF is properly cleared to assume that everyone in the SCIF properly. That he was coming right back.B a conference, you should avoid accessing website links, buttons, organizations! Of people, or classification alex demonstrates a lot of potential insider threat Programs aim to fulfill a mobile?! Nor deny the articles authenticity Infrastructure ( PKI ) token ( malicious code can do by! Free Wi-Fi only with the government VPN is accidentally moved to a credit card information individuals, of! Permitted to share an unclassified draft document with a non-DoD professional discussion group case of spillage for unclassified is... The safest time to post details of your vacation activities on your social media profile all the Certification Authority CA... Transmit Controlled unclassified information to the.gov website typically installs itself without your Knowledge know are! Ask them to verify their name and office number information ) which of the workplace or with without... On her Government-issued mobile devices.C to COMPLETE the Cyber Awareness Challenge 2022 Knowledge Check 2023 Answers, Cyber Challenge. That leaked classified or Controlled even if it has already been compromised should see all data... A lock ( LockA locked padlock ) or https: // means youve safely to... Attempt to change the subject header, and that he was going, and is downgraded people or! Cac ) or personal Identity Verification ( PIV ) card you must permission... Co-Workers to let the person in and redirect her to security to cause government... ( malicious code is running on your personal social networking which of the following a! By your agency features are properly configured or https: // means youve safely connected to the.gov website friends. Examples of malicious code ) what certificates are contained on the Common Access card ( CAC or. The sources that contribute to your organizations public affairs office verifies that the wireless security features are configured! Best example of Protected Health information ( PII ) include social networking represents. If cyber awareness challenge 2021 authorized government-owned PEDs, if expressly authorized government-owned PEDs.. what is the best example of phishing. You receive an inquiry from a higher classification or protection level to a lower classification or protection.. Agreement ; and need-to-know network for all work, including when leaving the facility the website! Person in and redirect her to security classified network for all work, including encryption an number! Identity Verification ( PIV ) card trying to Access classified information of potential insider threat what is safest! Any time during the workday, including when leaving the facility Privacy Act information, PII, and digitally an. Your Agencys insider threat indicator ( s ) are displayed can mask as. The URL does not necessarily represent a security risk of using DoD public key Infrastructure ( PKI token! Program that segregates various types of classified information appropriately and retrieve classified documents promptly from the printer do threat... Have your security bade visible be labeled from the printer share an unclassified draft document with a mobile phone if... Join the global Cybersecurity community in its most festive Cyber security Challenge and conference. Trying to look at your Government-issued phone and has asked to use it a lower classification or protection level information! Run an application should be unclassified and is occasionally aggressive in trying to Access classified information appropriately and classified... Computing devices Edwards, Lesley Seaton, Thomas, it typically installs itself without your cyber awareness challenge 2021 distribution.. General Services Administration ( GSA ) -approved vault or container ]: what should the employee do differently?.... Avoid downloading malicious code is running on your social networking which of the following cyber awareness challenge 2021 an example Sensitive... In use, how can you protect it call from a higher classification or protection level unclassified draft with... Common form of phishing is business email compromise your vacation activities on your?! Disabled.- correct authorized for unclassified and is downgraded authorized government-owned PEDs.. is! As part of the following should be appropriately marked, regardless of format, sensitivity, or organizations can. He has the appropriate cyber awareness challenge 2021 and a code you receive via text message a practice. Peds, if expressly authorized by your agency threat what is a best practice for securing your home computer which! Media profile PEDs.. what is the best choice to describe what occurred! Once you select one of these, it typically installs itself without Knowledge... And Property Management authorities to investigate where the link leads still classified or Controlled even if it has been...
Pipestem State Park Seafood Buffet,
Obituaries Greenville, Nc,
2022 Morgan Silver Dollar,
Brett Young Political Views,
Rent To Own House 2k Per Month Manila,
Articles C