You should only accept cookies from reputable, trusted websites. Correct. Position your monitor so that it is not facing others or easily observed by others when in use Correct. Use personally-owned wired headsets and microphones only in designated areas, New interest in learning a foreign language. **Social Engineering Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? CPCON 1 (Very High: Critical Functions) The National Archives and Records Administration (NARA) serves as the Controlled Unclassified Information (CUI) Executive Agent (EA). Only documents that are classified Secret, Top Secret, or SCI require marking. A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. It never requires classified markings, it is true about unclassified data. **Insider Threat Which scenario might indicate a reportable insider threat? **Social Engineering Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Should you always label your removable media? You are leaving the building where you work. You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. An investment in knowledge pays the best interest.. Correct. Do not download it. (Sensitive Information) Which of the following is NOT an example of sensitive information? laptops, fitness bands, tablets, smartphones, electric readers, and Bluetooth devices. UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. Which of the following demonstrates proper protection of mobile devices? What should you do? There are no choices provides which make it hard to pick the untrue statement about unclassified data. If you receive a phone call from a stranger asking for information about your invoice payment process, you should: Crucial information about a user or organization can be gained through. Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? (removable media) If an incident occurs involving removable media in a Sensitive Compartmented Information Facility (SCIF), what action should you take? Your comments are due on Monday. Looking at your MOTHER, and screaming THERE SHE BLOWS! **Removable Media in a SCIF What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? Linda encrypts all of the sensitive data on her government issued mobile devices. (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? General Services Administration (GSA) approval. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. What information should you avoid posting on social networking sites? Right-click the link and select the option to preview??? Your password and a code you receive via text message. Connect to the Government Virtual Private Network (VPN).?? Digitally signed e-mails are more secure. Store classified data appropriately in a GSA-approved vault/container when not in use. Use a common password for all your system and application logons. Use the classified network for all work, including unclassified work. (Malicious Code) Which email attachments are generally SAFE to open? **Social Networking Which of the following is a security best practice when using social networking sites? Which of the following is true about unclassified data? Have your permissions from your organization, follow your organization guideline, use authorized equipment and software, employ cyber security best practice, perform telework in dedicated when home. Unclassified is a security classification assigned to official information that does not warrant the assignment of Confidential, Secret, or Top Secret markings but which is not publicly-releasable without authorization. Which of the following may be helpful to prevent inadvertent spillage? Media containing Privacy Act information, PII, and PHI is not required to be labeled. **Identity management Which of the following is NOT a best practice to preserve the authenticity of your identity? Search by Subject Or Level. Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? Search the Registry: Categories, Markings and Controls: Category list CUI markings Which of the following should be done to keep your home computer secure? Of the following, which is NOT a problem or concern of an Internet hoax? Back up your data: This will help you recover your data if it's lost or corrupted. Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Someone calls from an unknown number and says they are from IT and need some information about your computer. What type of data must be handled and stored properly based on classification markings and handling caveats? Teams. true-statement. Classified data: (Scene) Which of the following is true about telework? What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? Looking for https in the URL. What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? Remove your security badge after leaving your controlled area or office building. A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. *Spillage What should you do if a reporter asks you about potentially classified information on the web? cyber. You check your bank statement and see several debits you did not authorize. Insiders are given a level of trust and have authorized access to Government information systems. d. How do the size and shape of a human epithelial cell differ from those of the Elodea and onion cells that you examined earlier? How Do I Answer The CISSP Exam Questions? What should be your response? Tell us about it through the REPORT button at the bottom of the page. -It must be released to the public immediately. Correct, Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. correct. How can you protect yourself from social engineering? Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. Directives issued by the Director of National Intelligence. Federal agencies routinely generate, use, store, and share information that, while not meeting the threshold for classification as national security or atomic energy information, requires some level of protection from unauthorized access and release. *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card. Which scenario might indicate a reportable insider threat security incident? (Spillage) What should you do if a reporter asks you about potentially classified information on the web? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. Question. Correct. Which of the following should you NOT do if you find classified information on the internet? Which of the following is NOT one? Approved Security Classification Guide (SCG). Use the government email system so you can encrypt the information and open the email on your government issued laptop. **Insider Threat Which of the following should be reported as a potential security incident (in accordance with you Agencys insider threat policy)? **Insider Threat Which of the following is NOT considered a potential insider threat indicator? A coworker is observed using a personal electronic device in an area where their use is prohibited. John submits CUI to his organizations security office to transmit it on his behalf. You receive a call on your work phone and youre asked to participate in a phone survey. What should be done to sensitive data on laptops and other mobile computing devices? a. putting a child in time-out **Website Use While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. They broadly describe the overall classification of a program or system. Within a secure area, you see an individual you do not know. Which is NOT a way to protect removable media? Others may be able to view your screen. Which of the following is NOT a typical means for spreading malicious code? Follow procedures for transferring data to and from outside agency and non-Government networks. How many potential insider threat indicators does this employee display? Why might "insiders" be able to cause damage to their organizations more easily than others? There is no way to know where the link actually leads. View email in plain text and dont view email in Preview Pane. Write your password down on a device that only you access. When unclassified data is aggregated, its classification level may rise. Attempting to access sensitive information without need-to-know. Under what circumstances could unclassified information be considered a threat to national security? (controlled unclassified information) Which of the following is NOT an example of CUI? (social networking) Which of the following is a security best practice when using social networking sites? Preventing an authorized reader of an object from deleting that object B. correct. correct. Which designation marks information that does not have potential to damage national security? Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. Memory sticks, flash drives, or external hard drives. (Malicious Code) While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Which of the following is true about unclassified data? Here you can find answers to the DoD Cyber Awareness Challenge. What is considered a mobile computing device and therefore shouldnt be plugged in to your Government computer? Second, unclassified points are regarded as ground seeds if the distances between the points and the detected planes are less than a buffer difference threshold. Always check to make sure you are using the correct network for the level of data. Which of the following individuals can access classified data? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Not correct. What should you do? Aggregating it does not affect its sensitivyty level. **Identity management What is the best way to protect your Common Access Card (CAC)? On a NIPRNET system while using it for a PKI-required task. Power off any mobile devices when entering a secure area. Is it okay to run it? true-statement. The email states your account has been compromised and you are invited to click on the link in order to reset your password. On September 14, 2016, NARA issued a final rule amending 32 CFR Part 2002 to establish a uniform policy for all Federal agencies and prescribe Government-wide program implementation standards, including designating, safeguarding, disseminating, marking, decontrolling, and disposing of CUI; self-inspection and oversight requirements; and other facets of the CUI Program. Note any identifying information, such as the websites URL, and report the situation to your security POC. Do not use any personally owned/non-organizational removable media on your organizations systems. The EPAs Controlled Unclassified Information (CUI) Program issued its Interim CUI Policy in December 2020. Correct. 4. Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. What type of attack might this be? Call your security point of contact immediately. We recommend Norton Security or McAfee Total Protection. Amendments to a variety of policy documents as well as others referencing Confidential Business Information (CBI) submissions or handling, Changes to paper and e-forms and instructions for their submission to EPA. How should you respond? Report the crime to local law enforcement. This task is performed with the aim of finding similarities in data points and grouping similar data points together. This button displays the currently selected search type. what should you do? Since the URL does not start with https, do not provide you credit card information. You find information that you know to be classified on the Internet.