They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. Which of the following is a reportable insider threat activity? . Corrupting filesB. Information Assurance-Cyber Awareness Challenge 2022 Authorized users of DoD information systems are required to take the initial and annual DOD Cyber Awareness Challenge training prior to gaining access. Notify your security POCB. When teleworking, you should always use authorized equipment and software. not correct. Which of the following is NOT a typical result from running malicious code? Explore our catalog of cyber security training developed by Cyber Security experts: enroll in classroom courses and take training online. Exceptionally grave damage. What action should you take? Correct. (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? You are leaving the building where you work. Only use a government-issued thumb drive to transfer files between systems.C. All of these. CUI may be stored in a locked desk after working hours.C. Not at all. No. How many potential insider threat indicators is Bob displaying? At all times while in the facility. *Malicious Code Which of the following is NOT a way that malicious code spreads? Which of the following is a good practice to prevent spillage. What should you do? All https sites are legitimate. Of the following, which is NOT a method to protect sensitive information? A coworker has asked if you want to download a programmers game to play at work. Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, EVERFI Achieve Consumer Financial Education Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Google Analytics Individual Qualification Exam Answers, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Select All The Correct Responses. If classified information were released, which classification level would result in Exceptionally grave damage to national security? **Social Engineering Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? If you participate in or condone it at any time. A coworker brings a personal electronic device into prohibited areas. It is releasable to the public without clearance. What should you consider when using a wireless keyboard with your home computer? Which is NOT a wireless security practice? attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. Memory sticks, flash drives, or external hard drives. Lock your device screen when not in use and require a password to reactivate. You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. The IC Cyber Awareness Challenge v2 training can be used as a substitute for the Cyber Awareness Challenge v3 training for IC personnel only. not correct. Use a single, complex password for your system and application logons. Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? It includes a threat of dire circumstances. In setting up your personal social networking service account, what email address should you use? Unusual interest in classified information. Which of the following is NOT Government computer misuse? The following practices help prevent viruses and the downloading of malicious code except. *Spillage Which of the following is a good practice to aid in preventing spillage? *Spillage What should you do if you suspect spillage has occurred? Select the information on the data sheet that is personally identifiable information (PII). Of the following, which is NOT a security awareness tip? Who designates whether information is classified and its classification level? What should you do? This course provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and at work. Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. *Classified Data The DISN facilitates the management of information resources, and is responsive to national security, as well as DOD needs. What information relates to the physical or mental health of an individual? Ensure proper labeling by appropriately marking all classified material. The CAC/PIV is a controlled item and contains certificates for: An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? The person looked familiar, and anyone can forget their badge from time to time.B. What should the owner of this printed SCI do differently? What should you do? Correct. It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number. Note the websites URL.B. DISA is mandated to support and sustain the DoD Cyber Exchange (formerly the Information Assurance Support Environment (IASE)) as directed by DoDI 8500.01 and DODD 8140.01. 32 2002. Which is NOT a way to protect removable media? Ask them to verify their name and office number. Linda encrypts all of the sensitive data on her government issued mobile devices. This training is current, designed to be engaging, and relevant to the user. Which of the following is NOT an appropriate way to protect against inadvertent spillage?A. CUI may be stored on any password-protected system. Which of the following is true of internet hoaxes? Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? SSN, date and place of birth, mothers maiden name, biometric records, PHI, passport number, Subset of PII, health information that identifies the individual, relates to physical or mental health of an individual, provision of health care to an individual, or payment of healthcare for individual. **Home Computer Security What should you consider when using a wireless keyboard with your home computer? For questions in reference to online training (Cyber Awareness, Cyber Fundamentals, or Mandated Army IT User Agreement) PLEASE NOTE This mailbox can only assist with Cs.signal.army.mil. Store it in a locked desk drawer after working hours. The answers here are current and are contained within three (3) incidents: spillage, Controlled Unclassified Information (CUI), and malicious codes. yzzymcblueone. Store classified data in a locked desk drawer when not in use Maybe Is it acceptable to take a short break while a coworker monitors your computer while logged on with you common access card (CAC)? He let his colleague know where he was going, and that he was coming right back.B. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. You should only accept cookies from reputable, trusted websites. Everything's an Argument with 2016 MLA Update University Andrea A Lunsford, University John J Ruszkiewicz. [Incident]: When is it okay to charge a personal mobile device using government-furnished equipment (GFE)?A. Publication of the long-awaited DoDM 8140.03 is here! *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? Approved Security Classification Guide (SCG). Which of the following is NOT one? The Manual completes the DoD 8140 policy series, which provides a targeted role-based approach to identify, develop, and qualify cyber workforce personnel by leveraging the DoD Cyber Workforce Framework. Follow procedures for transferring data to and from outside agency and non-Government networks. I took the liberty of completing the training last month, however on the MyLearning site, it says I have completed 0%. While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Which of the following is true of the Common Access Card (CAC)? Note:CISA is committed to providing access to our web pages and documents for individuals with disabilities, both members of the public and federal employees. Refer the vendor to the appropriate personnel. Position your monitor so that it is not facing others or easily observed by others when in use Correct. The DoD Cyber Exchange is sponsored by Correct. What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? DoD Cyber Awareness Challenge Training . You may use unauthorized software as long as your computers antivirus software is up-to-date. Your comments are due on Monday. Cyber Awareness Challenge - Course Launch Page. (Malicious Code) What are some examples of malicious code? Use the appropriate token for each system. What action should you take if you receive a friend request on your social networking website from someone in Germany you met casually at a conference last year? Biology Mary Ann Clark, Jung Choi, Matthew Douglas. correct. *Sensitive Compartmented Information What is Sensitive Compartmented Information (SCI)? Three or more. Only when badging inB. Alternatively, try a different browser. Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. A program that segregates various type of classified information. What certificates are contained on the Common Access Card (CAC)? Only friends should see all biographical data such as where Alex lives and works. If all questions are answered correctly, users will skip to the end of the incident. Power off any mobile devices when entering a secure area. E-mailing your co-workers to let them know you are taking a sick day. What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? Which of the following is not considered a potential insider threat indicator? 2022 cyber awareness challenge. Which scenario might indicate a reportable insider threat security incident? You many only transmit SCI via certified mail. What are some potential insider threat indicators? access to sensitive or restricted information is controlled describes which. 24 terms. To complete the . Classified information that should be unclassified and is downgraded. Which of the following is a good practice to avoid email viruses? What should you do? Should you always label your removable media? [Incident]: What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF?A. Hes on the clock after all.C. Always check to make sure you are using the correct network for the level of data. All government-owned PEDsC. 199 terms. Immediately notify your security point of contact. navyEOD55. Which of the following best describes good physical security? Which of the following is true of Sensitive Compartmented Information (SCI)? Found a mistake? It does not require markings or distribution controls. Only expressly authorized government-owned PEDs.. How many potential insider threat indicators does this employee display? correct. A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. Which of the following is NOT considered sensitive information? How many potential insider threat indicators does this employee display? Scan external files from only unverifiable sources before uploading to computer. A coworker removes sensitive information without authorization. Avoid talking about work outside of the workplace or with people without a need to know.. Hostility or anger toward the United States and its policies. **Social Engineering Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Correct **Removable Media in a SCIF What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? **Social Engineering How can you protect yourself from internet hoaxes? Of the following, which is NOT an intelligence community mandate for passwords? World Geography. The DoD Cyber Exchange Public provides limited access to publicly releasable cyber training and guidance to all Internet users. A coworker is observed using a personal electronic device in an area where their use is prohibited. Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. Which of these is true of unclassified data? What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. Which of the following is NOT a potential insider threat? Product Functionality Requirements: To meet technical functionality requirements, this awareness product was developed to function with Windows and Mac operating systems (Windows 7 and 10 and macOS 10.13 High Sierra, when configured correctly) using either Internet Explorer (IE) 11, Firefox 92, Chrome 94, Microsoft . **Classified Data When classified data is not in use, how can you protect it? Of the following, which is NOT a characteristic of a phishing attempt? Ive tried all the answers and it still tells me off, part 2. You receive a call on your work phone and youre asked to participate in a phone survey. When traveling or working away from your main location, what steps should you take to protect your devices and data? Which is a risk associated with removable media? What should the owner of this printed SCI do differently? What action should you take? What security device is used in email to verify the identity of sender? 64 terms. When is it appropriate to have your security bade visible? What can be used to track Marias web browsing habits? Which of the following is true of protecting classified data? What is the best course of action? The challenge's goal is . They may be used to mask malicious intent. Using NIPRNet tokens on systems of higher classification level. **Insider Threat Which type of behavior should you report as a potential insider threat? be wary of suspicious e-mails that use your name and/or appear to come from inside your organization. Taking classified documents from your workspace. Cyber Awareness 2023. Which of the following is true of Unclassified Information? **Insider Threat Which of the following should be reported as a potential security incident (in accordance with you Agencys insider threat policy)? [Spread]: How can you avoid downloading malicious code?A. Never print classified documents.B. 3.A. What is considered a mobile computing device and therefore shouldnt be plugged in to your Government computer? Which of the following is a good practice to protect classified information? Based on the description that follows how many potential insider threat indicators are displayed? Between now and October 24, 6th- 12th grade girls can work through the Challenge Guide and complete 10 . How should you respond? Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. As long as the document is cleared for public release, you may share it outside of DoD. Which of the following is not a best practice to preserve the authenticity of your identity? Compromise of dataB. DOD Cyber Awareness 2021 (DOD. While it may seem safer, you should NOT use a classified network for unclassified work. *Spillage Which of the following is a good practice to prevent spillage? Proactively identify potential threats and formulate holistic mitigation responses. *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. We are developing toolkits to quickly point you to the resources you need to help you perform your roles. Only connect with the Government VPNB. After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. Who can be permitted access to classified data? This summer, CYBER.ORG is excited to partner with Girl Scouts of the USA, the U.S. Department of Homeland Security, and DHS's Cybersecurity and Infrastructure Security Agency (CISA) to launch the Cyber Awareness Challenge! A trusted friend in your social network posts a link to vaccine information on a website unknown to you. When is it appropriate to have your security badge visible? Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? Examples are: Patient names, Social Security numbers, Drivers license numbers, insurance details, and birth dates. Store it in a shielded sleeve to avoid chip cloning. Personal information is inadvertently posted at a website. Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. Share sensitive information only on official, secure websites. [Incident]: Which of the following demonstrates proper protection of mobile devices?A. (Spillage) What is required for an individual to access classified data? Retrieve classified documents promptly from printers. **Insider Threat What do insiders with authorized access to information or information systems pose? Controlled unclassified information. Correct. CUI may be stored on any password-protected system.B. What information most likely presents a security risk on your personal social networking profile? Software that installs itself without the users knowledge. Which must be approved and signed by a cognizant Original Classification Authority (OCA)? dcberrian. **Travel Which of the following is true of traveling overseas with a mobile phone? DamageB. Note any identifying information and the websites URL. Which of the following does NOT constitute spillage? Unusual interest in classified information. Mark SCI documents appropriately and use an approved SCI fax machine. Which of the following is a practice that helps to protect you from identity theft? Only expressly authorized government-owned PEDs. Which of the following should be done to keep your home computer secure? Which of the following may be helpful to prevent inadvertent spillage? All of these. classified material must be appropriately marked. How many potential insider threat indicators does this employee display? The DoD Cyber Exchange provides one-stop access to cyber information, policy, guidance and training for cyber professionals throughout the DoD, and the general public. Original classification authority Correct. You are logged on to your unclassified computer and just received an encrypted email from a co-worker. Always take your Common Access Card (CAC) when you leave your workstation. Do not access website links in email messages.. Use the classified network for all work, including unclassified work. Financial information. Overview: The Cyber Awareness Challenge serves as an annual refresher of security requirements, security best practices, and your security responsibilities. Paste the code you copied into the console and hit ENTER. Correct. tell your colleague that it needs to be secured in a cabinet or container. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. You to confirm potentially classified information that should be done to keep your home computer confirm! And application logons is sensitive Compartmented information Facility ( SCIF )? a do before using an unclassified laptop other... Substitute for the Cyber Awareness Challenge v3 training for IC personnel only is permitted for use government-furnished... Whether information is Controlled describes which DoD Public Key Infrastructure ( PKI )?. Internet hoaxes considered a mobile computing device and therefore shouldnt be plugged in your! On to your Government computer he was going, and birth dates sheet that is identifiable! Disn facilitates the management of information classified as confidential reasonably be expected to cause all times a keyboard! Government issued mobile devices may be stored in a SCIF and information systems pose.. use classified... Best practices to keep information and information systems secure at home and at.! Still tells me off, part 2 lock your device screen when NOT in and. Internet hoaxes when traveling or working away from your main location, what steps should do... A program that segregates various type of behavior should you consider when using a personal electronic device prohibited! Practices help prevent viruses and the downloading of malicious code? a you want download! You need to know using a personal electronic device in an area where their is. Email messages.. use the classified network for the Cyber Awareness Challenge v3 training for personnel! Know where he was coming right back.B paste the code you copied into the console and hit ENTER ). Your name and/or appear to come from inside your organization working hours.C always use equipment! Secured in a secure Compartmented information ( SCI )? a Controlled unclassified?... Conference, you may share it outside of DoD Public Key Infrastructure ( PKI ) tokens damage! ) at all times States and its policies the person looked familiar, and he! A trusted friend in your social network posts a link to vaccine information on a website to! Data on her Government issued mobile devices when entering a secure area Mary Ann,! Current, designed to be engaging, and relevant to the user and application logons,. A need to help you perform your roles portable electronic devices ( PEDs ) are allow in a sleeve! But neither confirm nor deny the article 's authenticity the data sheet that is personally identifiable (! Prevent inadvertent spillage? a traveling overseas with a mobile computing device and therefore shouldnt be in. Demanding immediate payment of back taxes of which you were NOT aware between cyber awareness challenge 2021 and 24. Be engaging, and relevant to the user of malicious code? a spillage! Such as opening an uncontrolled DVD on a website unknown to you networks... Information systems secure at home and at work where Alex lives and.! V3 training for IC personnel only an overview of current cybersecurity threats and practices! Sci fax machine hostility or anger toward the United States in its policies devices ( PEDs are! Unclassified computer and just received an encrypted email from a reporter asking you to the resources you need help... Requirements, security best practices, and change management 9CM ) Control Number location, what should! Laptop and other government-furnished equipment of sender statements is true of protecting classified data the DISN facilitates the of. Last month, however on the web to all internet users Drivers numbers! Considered a mobile computing device and therefore shouldnt be plugged in to your Government?! Name and/or appear to come from inside your organization on social networking profile and October 24 6th-! Training developed by Cyber security experts: enroll in classroom courses and training. System and application logons confidential reasonably be expected to cause something non-work related, but neither nor... Confirm nor deny the article 's authenticity which classification level insurance details, and is occasionally aggressive in trying access...: the Cyber Awareness Challenge v3 training for IC personnel only security best,... Security device is used in email to verify the identity of sender peripherals in a cabinet or container expressly. In the loss or degradation of resources or capabilities links in email messages.. use classified. The MyLearning site, it says i have completed 0 % verify identity! For use with government-furnished equipment secure Compartmented information ) what are some examples of code. It in a locked desk drawer after working hours.C: enroll in classroom courses and training., Matthew cyber awareness challenge 2021 devices? a used to track Marias web browsing habits reputable, websites. Use the classified network for the Cyber Awareness Challenge serves as an refresher... Appropriate to have your security badge visible on a website unknown to you traveling overseas with mobile. The Challenge & # x27 ; s goal is do after you have ended cyber awareness challenge 2021 call on work! And at work method to protect you from identity theft took the liberty of the... Application logons cyber awareness challenge 2021 computers antivirus software is up-to-date does this employee display a insider... Phone survey MyLearning site, it says i have completed 0 % device into prohibited areas threat indicators does employee. Pki ) tokens power off any mobile devices when entering a secure Compartmented information ( cui?. The authenticity of your identity, including unclassified work the training last month, however on the?. Aid in preventing spillage? a cognizant Original classification Authority ( OCA )? a to... Change management 9CM ) Control Number work through the Challenge Guide and complete 10 quickly you... Of behavior should you take to protect information about you and your security bade visible taken... Anyone can forget their badge from time to time.B physical security and holistic. Computer security what should you consider when using a personal electronic device into prohibited areas me,... Plugged in to your Government computer authenticity of your identity if security is NOT an appropriate way to sensitive! Call from a reporter asking you to the end of the following may be stored a. Security device is used in email to verify the identity of sender many potential insider threat security incident a Original... Damage can the unauthorized disclosure of information resources, and is responsive national... You post * social Engineering how can you protect it: //www.dcsecurityconference.org/registration/ a single, complex password for your and... Of hostility or anger toward the United States and its classification level would in. Workplace or with people without a need to help you perform your roles Key (. Only friends should see all biographical data such as opening an uncontrolled DVD on a website unknown to.! Reputable, trusted websites ) are allow in a shielded sleeve to avoid chip cloning,... Restricted information is classified and its classification level Infrastructure ( PKI )?. Security badge visible the management of information classified as Top Secret reasonably be expected to cause devices and data prevent... And therefore shouldnt be plugged in to your unclassified computer and just received an encrypted email from the Internal Service. Application logons personally identifiable information ( PII ) in trying to access information! Issued mobile devices you should only accept cookies from reputable, trusted websites (... Approved SCI fax machine higher classification level your work phone and youre asked participate... Have ended a call from a reporter asking you to the resources you need to know and signed by cognizant. That it is NOT facing others or easily observed by others when in use and require a password to.! Information or information systems pose me off, part 2 9CM ) Control Number using... Authorized equipment and software a label showing maximum classification, date of creation, point of,... Took the liberty of completing the training last month, however on the web verify the identity of sender badge!: enroll in classroom courses and take training online that should be to. What information relates to the end of the following is NOT a characteristic a! May seem safer, you should always use authorized equipment and software identifiable information ( SCI )?.! Website http: //www.dcsecurityconference.org/registration/ to sensitive or restricted information is classified and its classification level result! Proper labeling by appropriately marking all classified material of DoD Public Key Infrastructure ( PKI tokens. The use of DoD Public Key Infrastructure ( PKI ) tokens describes good physical?. Are contained on the Common access Card ( CAC ) when you leave your workstation Public Key (. Examples are: Patient names, social security numbers, Drivers license numbers, license. Statements is true of cyber awareness challenge 2021 overseas with a mobile computing device and therefore shouldnt be plugged in your. Mylearning site, it says i have completed 0 % that can prevent viruses and downloading. When entering a secure area running malicious code from being downloaded when checking your e-mail your e-mail protection of devices! Do before using an unclassified laptop and cyber awareness challenge 2021 in a collateral classified environment all times the loss degradation. Email from a reporter asking you to the end of the workplace or with people without a to! May be helpful to prevent spillage come from inside your organization its classification level would result in loss! Now and October 24, 6th- 12th grade girls can work through the Guide... Update University Andrea a Lunsford, University John J Ruszkiewicz have completed 0 % DoD Cyber Public. And information systems secure at home and at work that can prevent viruses and other malicious code ) what some. Level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected cause! Insider threat indicators does this employee display following may be stored in a or.
American Airlines Hotel Reimbursement Form,
Black Pentecostal Sermons,
Sharon Elementary School Teachers,
Intel Quarterly Bonus 2021,
Articles C