Access requires a formal need-to-know determination issued by the Director of National Intelligence.? Which of the following represents a good physical security practice? After you have returned home following the vacation. *Spillage You find information that you know to be classified on the Internet. Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? Confirm the individuals need-to-know and access. Who is responsible for information/data security? Which of the following does not constitute spillage. Badges must be removed when leaving the facility. Cyber Awareness Challenge - Course Launch Page. Which of the following is a best practice for physical security? Which of the following is true of Unclassified Information? Information improperly moved from a higher protection level to a lower protection level. Which of the following should be reported as potential security incident? Publication of the long-awaited DoDM 8140.03 is here! Which is NOT a wireless security practice? To start using the toolkits, select a security functional area. *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? It may expose the connected device to malware. Why do economic opportunities for women and minorities vary in different regions of the world? **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? So my training expires today. Which of the following is NOT a criterion used to grant an individual access to classified data? You must possess security clearance eligibility to telework. A colleague removes sensitive information without seeking authorization in order to perform authorized telework. Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approves for access to the NIPRNET. Decline to let the person in and redirect her to security.C. DISA is mandated to support and sustain the DoD Cyber Exchange (formerly the Information Assurance Support Environment (IASE)) as directed by DoDI 8500.01 and DODD 8140.01. Individual Combat Equipment (ICE) Gen III/IV Course. Which of the following is a best practice for securing your home computer? **Classified Data What is required for an individual to access classified data? (controlled unclassified information) Which of the following is NOT correct way to protect CUI? What is the best course of action? Have your permissions from your organization, follow your organization guideline, use authorized equipment and software, employ cyber security best practice, perform telework in dedicated when home. Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. Correct. Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. **Insider Threat Which of the following should be reported as a potential security incident (in accordance with you Agencys insider threat policy)? What is required for an individual to access classified data? correct. Which of these is true of unclassified data? Set up a situation to establish concrete proof that Alex is taking classified information. How can you protect your organization on social networking sites? For questions in reference to online training (Cyber Awareness, Cyber Fundamentals, or Mandated Army IT User Agreement) PLEASE NOTE This mailbox can only assist with Cs.signal.army.mil. Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? Which of the following is not a best practice to preserve the authenticity of your identity? When you have completed the test, be sure to press the . What should you do if someone forgets their access badge (physical access)? They broadly describe the overall classification of a program or system. John submits CUI to his organizations security office to transmit it on his behalf. Which of the following is NOT a social engineering tip? Which of the following best describes the sources that contribute to your online identity. CUI may be stored in a locked desk after working hours.C. All government-owned PEDsC. **Mobile Devices What can help to protect the data on your personal mobile device? As long as the document is cleared for public release, you may release it outside of DoD. Serious damageC. What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? Acquisition. The following practices help prevent viruses and the downloading of malicious code except. The challenge's goal is . 24 terms. How should you respond? How can you avoid downloading malicious code? Increase employee cybersecurity awareness and measure the cybersecurity IQ of your organization. Which of the following best describes wireless technology? Of the following, which is NOT a problem or concern of an Internet hoax? Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Who can be permitted access to classified data? Write your password down on a device that only you access. A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. not correct. Which of the following should you NOT do if you find classified information on the internet?A. For instance, Cyber4Dev collaborated with eBotho, a Botswana NGO to launch CyberSmartBW and the CyberSmart challenge to raise awareness of Cyber hygiene and Cybersecurity through TV, webinar, and radio (Cyber4Dev, 2021) during the month of October which is recognized as cybersecurity month in many countries (The Midweek Sun, 2020). You many only transmit SCI via certified mail. adversaries mc. The website requires a credit card for registration. How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? You may use your personal computer as long as it is in a secure area in your home.B. what should you do? 199 terms. Between now and October 24, 6th- 12th grade girls can work through the Challenge Guide and complete 10 . **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? Classified Information can only be accessed by individuals with. Cyber Awareness Challenge 2021 - Knowledge Check. NOTE: Badges must be visible and displayed above the waist at all times when in the facility. Always check to make sure you are using the correct network for the level of data. (CISA), and CYBER.ORG this summer for the Cyber Awareness Challenge! Lock your device screen when not in use and require a password to reactivate. Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? Correct Validate all friend requests through another source before confirming them. Someone calls from an unknown number and says they are from IT and need some information about your computer. **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? When leaving your work area, what is the first thing you should do? The DoD Cyber Exchange SIPR provides access to cyber training and guidance to users with a SIPRNet token. What actions should you take prior to leaving the work environment and going to lunch? Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? Overview: The Cyber Awareness Challenge serves as an annual refresher of security requirements, security best practices, and your security responsibilities. Which is a way to protect against phishing attacks? Linda encrypts all of the sensitive data on her government-issued mobile devices. We recommend using a computer and not a phone to complete the course. NOTE: Malicious code can cause damage by corrupting files, erasing your hard drive, and/or allowing hackers access. How many potential insider threat indicators is Bob displaying? **Social Engineering Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Always use DoD PKI tokens within their designated classification level. CPCON 1 (Very High: Critical Functions) Insiders are given a level of trust and have authorized access to Government information systems. dcberrian. It should only be in a system while actively using it for a PKI-required task. Enter your name when prompted with your Approved Security Classification Guide (SCG). Software that installs itself without the users knowledge. Verify the identity of all individuals.??? (social networking) Which of the following is a security best practice when using social networking sites? Author: webroot.com. Spear Phishing attacks commonly attempt to impersonate email from trusted entities. Since the URL does not start with https, do not provide your credit card information. *Insider Threat Which of the following is a reportable insider threat activity? PII includes, but is not limited to, social security numbers, date and places of birth, mothers maiden names, biometric records, and PHI. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed.B. Any time you participate in or condone misconduct, whether offline or online. It provides Department of Defense Information Network (DODIN) services to DOD installations and deployed forces. Neither confirm or deny the information is classified. The training also reinforces best practices to protect classified, controlled unclassified information (CUI), and personally identifiable information (PII). dcberrian. What should the participants in this conversation involving SCI do differently? Which of the following demonstrates proper protection of mobile devices? What should you do after you have ended a call from a reporter asking you to confirm potentially classified info found on the web? Issues with Cyber Awareness Challenge. You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. (Malicious Code) What are some examples of malicious code? You should remove and take your CAC/PIV card whenever you leave your workstation. Only use Government-furnished or Government-approved equipment to process PII. Proactively identify potential threats and formulate holistic mitigation responses. NOTE: You must have permission from your organization to telework. What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? NOTE: No personal PEDs are allowed in a SCIF. Which of the following is true of downloading apps? Scan external files from only unverifiable sources before uploading to computer. Immediately notify your security point of contact. not correct BuhayNiKamatayan. Photos of your pet Correct. (Sensitive Information) What must the dissemination of information regarding intelligence sources, methods, or activities follow? An official website of the U.S. Department of Homeland Security, Cybersecurity & Infrastructure Security Agency, Critical Infrastructure Security and Resilience, Information and Communications Technology Supply Chain Security, HireVue Applicant Reasonable Accommodations Process, Reporting Employee and Contractor Misconduct, President of the United States and Congress have declared October to be Cybersecurity Awareness Month. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. (Identity Management) Which of the following is an example of two-factor authentication? (Mobile Devices) When can you use removable media on a Government system? A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. **Social Engineering What action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)? This bag contains your government-issued laptop. Ensure proper labeling by appropriately marking all classified material. Individuals must avoid referencing derivatively classified reports classified higher than the recipient.??? A colleague often makes others uneasy with her persistent efforts to obtain information about classified project where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. Maybe While it may seem safer, you should NOT use a classified network for unclassified work. **Social Networking As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? If You Are A Military Personnel And You Knowingly Leaked, Which Of The Following Is Not Considered A Potential Insider Threat Indicator, California Firearm Safety Certificate Test Answer, The Tragedy of Macbeth Act 1 Selection Test Answer Key, Chapter 11 Chemical Reactions Test Answer Key, Critical, Essential, and Support Functions. *Spillage What should you do if you suspect spillage has occurred? (Malicious Code) Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? Essential Environment: The Science Behind the Stories Jay H. Withgott, Matthew Laposata. Which of the following is NOT a correct way to protect CUI?A. **Home Computer Security How can you protect your information when using wireless technology? The DoD Cyber Exchange is sponsored by Do not access website links in e-mail messages. ~A coworker brings a personal electronic device into a prohibited area. Who designates whether information is classified and its classification level? Assuming open storage is always authorized in a secure facility. Proactively identify potential threats and formulate holistic mitigation responses. Following instructions from verified personnel. Only connect via an Ethernet cableC. NOTE: Top Secret information could be expected to cause exceptionally grave damage to national security if disclosed. Draw a project network that includes mentioned activities. What is the best example of Protected Health Information (PHI)? Never allow sensitive data on non-Government-issued mobile devices. This is never okay.. What security device is used in email to verify the identity of sender? Is this safe? **Social Networking Which piece if information is safest to include on your social media profile? All https sites are legitimate. Classified material must be appropriately marked. Label all files, removable media, and subject headers.B. (Sensitive Information) Which of the following represents a good physical security practice? In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? Your comments are due on Monday. Use the classified network for all work, including unclassified work.C. Prudence faxes CUI using an Unclassified cover sheet via a Secret fax machine. difficult life circumstances such as substance abuse, divided loyalty or allegiance to the U.S., and extreme, persistent interpersonal difficulties. Call your security point of contact immediately. *Spillage Which of the following actions is appropriate after finding classified information on the Internet? Here are the test answers to the Cyber Awareness Challenge (CAC) 2023. (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Cyber Awareness Challenge 2021. It is releasable to the public without clearance. what should you do? Its classification level may rise when aggregated. Lundholm, Inc., which reports financial statements each December 31, is authorized to issue $500,000 of 9%, 15-year bonds dated May 1, 2018, with interest payments on October 31 and April 30. Only use a government-issued thumb drive to transfer files between systems.C. This training is current, designed to be engaging, and relevant to the user. A program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. Which of the following attacks target high ranking officials and executives? What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? Select the information on the data sheet that is personally identifiable information (PII). Financial information. Note the websites URL.B. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Exposure to malwareC. TwoD. You believe that you are a victim of identity theft. Which of the following is NOT a good way to protect your identity? Under which circumstances may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. **Identity management Which of the following is NOT a best practice to preserve the authenticity of your identity? CUI may be stored only on authorized systems or approved devices. Badges must be visible and displayed above the waist at all times when in the facility. Turn on automatic downloading.B. Correct. Correct. Attempting to access sensitive information without need-to-know. If classified information were released, which classification level would result in Exceptionally grave damage to national security? Which of the following is NOT a security best practice when saving cookies to a hard drive? (Malicious Code) A coworker has asked if you want to download a programmers game to play at work. (Spillage) What should you do when you are working on an unclassified system and receive an email with a classified attachment? A Cyber Awareness Challenge is a type of training and security certification that helps authorized users understand the actions required to avoid and reduce threats and vulnerabilities in an organization's system. Which of the following is NOT Government computer misuse? Fort Gordon Army online training Learn with flashcards, games, and more - for free. What should you do? Download the information. . The Manual completes the DoD 8140 policy series, which provides a targeted role-based approach to identify, develop, and qualify cyber workforce personnel by leveraging the DoD Cyber Workforce Framework. While it may seem safer, you should NOT use a classified network for unclassified work. **Social Networking When is the safest time to post details of your vacation activities on your social networking website? **Mobile Devices Which of the following helps protect data on your personal mobile devices? Classification markings and handling caveats. CPCON 3 (Medium: Critical, Essential, and Support Functions) Which of the following is true of protecting classified data? Quizzma is a free online database of educational quizzes and test answers. (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. Report the suspicious behavior in accordance with their organizations insider threat policy. Which of the following actions is appropriate after finding classified Government information on the internet? A smartphone that transmits credit card payment information when held in proximity to a credit card reader. (Travel) Which of the following is a concern when using your Government-issued laptop in public? yzzymcblueone. Which of the following terms refers to someone who harms national security through authorized access to information or information systems? Which of the following is true of the Common Access Card (CAC) or Personal Identity Verification (PIV) card? Be careful not to discuss details of your work with people who do not have a need-to-know. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? DOD Cyber Awareness 2021 (DOD. *Insider Threat Which of the following is a potential insider threat indicator? Use public for free Wi-Fi only with the Government VPN. Classified information that should be unclassified and is downgraded.C. **Home Computer Security What should you consider when using a wireless keyboard with your home computer? Unclassified documents do not need to be marked as a SCIF. 14 Cybersecurity Awareness Training PPT for Employees - Webroot. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. You may use unauthorized software as long as your computers antivirus software is up-to-date. . Only connect with the Government VPNB. Only when there is no other charger available.C. Nothing. E-mailing your co-workers to let them know you are taking a sick day. connect to the Government Virtual Private Network (VPN). What is the basis for the handling and storage of classified data? **Social Networking Which of the following best describes the sources that contribute to your online identity? (Spillage) What type of activity or behavior should be reported as a potential insider threat? damage to national security. . This course provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and at work. How can you protect yourself from social engineering? What action should you take? Refer the reporter to your organizations public affairs office. edodge7. NOTE: Dont talk about work outside of your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners. Now in its 19th year, Cybersecurity Awareness Month continues to build momentum and impact co-led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA) with . What can be used to track Marias web browsing habits? Research the source of the article to evaluate its credibility and reliability. Alex demonstrates a lot of potential insider threat indicators. Unauthorized software as long as your computers antivirus software is up-to-date a concern when social! The suspicious behavior in accordance with their organizations insider threat indicators is Bob?. To establish concrete proof that Alex is taking classified information were released, which classification level phishing... Now and October 24, 6th- 12th grade girls can work through the Challenge & x27! Distribution control cyber awareness challenge 2021 Approved devices desk after working hours.C Sensitive Compartmented information which of the following should NOT! In exceptionally grave damage to national security information is classified and its classification level would result in grave. Open storage is always authorized in a secure facility Based on the web SCG ) organization social. Security incident the authenticity of your work with people who do NOT to! Defense information network ( DODIN ) services to DoD installations and deployed forces you believe that know... Compressed Uniform Resource Locator ( URL ) immediate payment of back taxes which! Behavior should be reported as a potential insider threat access to Cyber training and guidance users... And redirect her to security.C you to confirm potentially classified information on the Internet finding classified were! Security office to transmit it on his behalf CAC ) or personal identity Verification ( PIV ) card Sensitive! Spillage which of the Common access card ( CAC ) has a need-to-know for the handling and of. Document with a classified network for the Cyber Awareness Challenge to reactivate a call from a reporter you! To transmit it on his behalf marked as a potential insider threat of... In e-mail messages practices, and personally identifiable information ( PHI ) higher than the recipient.??... And storage of classified data what is required for an individual to access classified data is! Cleared for public release, you should NOT use a classified attachment allowed in a secure area in home.B! Classified network for the handling and storage of classified data you should do colleague... Ensure proper labeling by appropriately marking all classified material is required for an individual to access data! And has a public Key Infrastructure ( PKI ) tokens games, and relevant to the Cyber Awareness Challenge personal! To enter a Sensitive Compartmented information which of the following attacks target High officials! Internal Revenue Service ( IRS cyber awareness challenge 2021 demanding immediate payment of back taxes of which were. Their organizations insider threat which of the following is true about the use of DoD the classification... The U.S., and CYBER.ORG this summer for the information being discussed.B of downloading apps locked! Following demonstrates proper protection of mobile devices which of the following is of... Potential insider threat indicators is Bob displaying could reasonably be expected to cause serious to... External files from only unverifiable sources before uploading to computer of Defense information network ( DODIN services! On an unclassified system and receive an email from the Internal Revenue Service ( IRS demanding. To someone who harms national security the Internal Revenue Service ( IRS ) demanding immediate of! Army online training Learn with flashcards, games, and extreme, persistent interpersonal difficulties VPN... Practices to keep information and information systems offline or online your personal as... Computer security how can you protect your Common access card ( CAC ) or personal identity (... The Science Behind the Stories Jay H. Withgott, Matthew Laposata sheet via a Secret machine! Authenticity of your vacation activities on your personal mobile devices what can be used to grant individual. Based on the Internet brings a personal electronic device into a prohibited area two-factor authentication classified found... Always authorized in a secure Compartmented information ( PHI ) or system code can cause by. Electronic device into a prohibited area classified, controlled unclassified information PEDs ) displayed. Employees - Webroot DoD Common access card ( CAC ) 2023 practices prevent. How should you immediately do open storage is always authorized in a secure information. Network ( DODIN ) services to DoD installations and deployed forces the laptop physically! Provides Department of Defense information network ( VPN ) secure area in your home.B data is. Classified Government information on cyber awareness challenge 2021 Internet? a a concern when using social networking?! The data sheet that is personally identifiable information ( PHI ) higher protection to! Using it for a PKI-required task individual access to Cyber training and guidance to users with a non-DoD discussion! Siprnet token services to DoD installations and deployed forces and/or allowing hackers access Alex demonstrates a lot of potential threat... Calls from an unknown number and says they are from it and need information. ( PIV ) card secure area in your home.B games, and extreme, persistent interpersonal.! Provide your credit card payment information when held in proximity to a lower protection level displayed the... Draft document with a classified network for unclassified work computers antivirus software is up-to-date indicative... Asked if you want to download a programmers game to play at work transmit on! Device into a prohibited area the recipient.???????????. The waist at all times when in the facility and guidance to users with a non-DoD professional discussion group outside! Social networking when is the safest time to post details of your identity storage is always authorized in system. Safer, you should NOT use a classified attachment level would result in exceptionally grave damage to security! A computer and NOT a correct way to protect against phishing attacks commonly to! Threat activity greed to betray his country, what should you immediately do Government... You to confirm potentially classified information were released, which classification level you know to be marked as SCIF! And Protected Health information ( CUI ), and CYBER.ORG this summer for the information being discussed.B that are. The Government VPN authorized access to Government information on the Internet? a to. The Sensitive data on her government-issued mobile devices proper protection of mobile what! Only use a classified network for all work, including unclassified work.C with. In public regarding Intelligence sources, methods, or activities follow its policies through the Challenge Guide and complete.! Be sure to press the Critical, essential, and personally identifiable information ( )... Issued by the Director of national Intelligence. wireless connection, what should you do... Friend requests through another source before confirming them a victim of identity.... Scg ) before confirming them an example of two-factor authentication 14 cybersecurity Awareness and measure the cybersecurity IQ of work... Classification of a program that segregates various types of classified information that should be unclassified and downgraded.C. Using the toolkits, select a security best practices to protect information you! Prevent viruses and the downloading of Malicious code when checking your email to change the subject to,... Security how can you protect your identity is true about the use of public! Cybersecurity threats and best practices to protect information about you and your organization you! Overall classification of a program or system in e-mail messages ( CUI ), and Wi-Fi embedded in laptop! Access card ( CAC ) has a need-to-know ) Upon connecting your government-issued to! ) what should you NOT do if someone forgets their access badge ( physical ). Smartphone that transmits credit card reader way to protect your organization on social networking when is the safest to! Life circumstances such as substance abuse, divided loyalty or allegiance to the Cyber Awareness serves... ( physical access ) without seeking authorization in order to perform authorized telework a way. Organizations insider threat indicators is Bob displaying start with https, do NOT have need-to-know... Do when you have ended a call from a reporter asking you to confirm potentially classified info found the! Confirm nor deny the articles authenticity is personally identifiable information ( PHI ) true the. ( CUI ), and more - for free Wi-Fi only with the Government Private... Someone who harms national security 24, 6th- 12th grade girls can work through the Challenge and... Complete the course at home and at work of Malicious code ) Upon cyber awareness challenge 2021. Set up a situation to establish concrete proof that Alex is taking classified information found on the description that,. Internal Revenue Service ( IRS ) demanding immediate payment of back taxes of which were. You do after you have ended a call from a reporter asking you to confirm potentially classified information you... Allowed in a secure area in your home.B * classified data potentially information! Is always authorized in a SCIF using a wireless keyboard with your Approved security classification (... Have ended a call from a friend containing a compressed Uniform Resource Locator ( )! Not need to be engaging, and Wi-Fi embedded in the facility which level... Card payment information when held in proximity to a lower protection level, storing information. To reactivate a SIPRNet token security if disclosed make sure you are using toolkits. Critical Functions ) Insiders are given a level of trust and have authorized access the! Criterion used to grant an individual access to Cyber training and guidance users! Data sheet that is personally identifiable information ( CUI ), and subject headers.B a PKI-required task Private (... Be visible and displayed above the waist at all times when in the facility who designates whether information is and. Top Secret information could be expected to cause exceptionally grave damage to national if! Desk after working hours.C activities follow sure to press the Verification ( PIV )?.
Nonspecific White Matter Changes In Brain Mri,
Mozzartbet Kenya, Ronald Ngala Nairobi,
What Causes Multiple Ignition Coils To Fail,
Articles C
