Which must be approved and signed by a cognizant Original Classification Authority (OCA)? correct. What is NOT Personally Identifiable Information (PII)? Decline So That You Maintain Physical Control of Your Government-Issued Laptop. Classified information that should be unclassified and is downgraded.C. On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. Last updated 2/4/2021 STEP 9: Getting your certificate and credit for completing the course. Avoid talking about work outside of the workplace or with people without a need to know.. Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Select the information on the data sheet that is protected health information (PHI). NOTE: CUI may be stored only on authorized systems or approved devices. They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. Before long she has also purchased shoes from several other websites. A trusted friend in your social network posts a link to vaccine information on a website unknown to you. Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, EVERFI Achieve Consumer Financial Education Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Google Analytics Individual Qualification Exam Answers, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Select All The Correct Responses. Correct. An official website of the United States government. Always take your CAC when you leave your workstation. Your health insurance explanation of benefits (EOB). Which of the following does NOT constitute spillage? Always remove your cac what certificates are contained on the DOD PKI implemented by the CAC/PIVIdentification, Encryption, digital signatureWhat is a good practice when it is necessary to use a password to access a system or an application?Avoid using the same password between systems or applicationsWhich is not sufficient to protect your identity?use a common password for all your system and application logons.Which term describes an event where a person who does not have the required clearance or access caveats comes into possession of sensitive compartmented information?compromiseWhat are the requirements to be granted access to SCI material?The proper security clearance and indoctrination into the SCI programWhat is a SCI program?a program that segregates various information.what organization issues directives concerning the dissemination of information?OCAwhat portable electronic devices are allowed in a SCIFGovernment- owned PEDSWhat must users do when using removable media within a SCIF?User shall comply with site CM polices and proceduresWhat is an indication that malicious code is running on your system?File corruptionWhat can malicious code do?It can cause damage by corrupting filesWhich is true of cookies?Text fileWhat is a valid response when identity theft occurs?Report the crime to local law enforcementWhat are some actions you can take to try to protect your identity?Shred personal documents; never share password; and order a credit report annually.What is whaling?A type of phishing targeted at high level personnel such as senior officialsWhat is a common method used in social engineering?Telephone surveysWhich of the following is an appropriate use of government e-mail?Digitally signing e-mails that contain attachment or hyperlinks.What is a protection against internet hoaxes?Use online sites to confirm or expose potential hoaxes.Which may be a security issue with compressed URLs?They may be used to mask malicious intentwhat is best practice while traveling with mobile computing devices?Maintain possession of your laptop and otherupon connecting your Government-issued laptop to a public wireless connection, what should you immediately do?Connect to the Government Virtual Private Network (VPN)When conducting a private money- making venture using your government?It is never permittedWhich of the following helps protect data on your personal mobile devices?Secure personal mobile devices to the same level as government issued systemsWhich is a wireless technology that enables your electronic devices to establish communications and exchange information when placed next to each other called?NFCWhat are some examples of removable media?Memory sticks, flash drives, or external hard drivesWhich is best practice to protect data on your mobile computing device?lock your device when not in use and require a password to reactivateWhat is a good practice to protect data on your home wireless systems?Ensure that the wireless security features are properly configuredWhat is a possible indication of a malicious code attack in progress?A pop-up window that flashes and warns that your computer is infected with a virus. Create separate user accounts with strong individual passwords. When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. *Spillage What should you do if you suspect spillage has occurred? What should you do? Analyze the other workstations in the SCIF for viruses or malicious codeD. Only when there is no other charger available.C. Which of the following is true of Security Classification Guides? How can you protect your organization on social networking sites? Exceptionally grave damage. Exam (elaborations) - Cyber awareness challenge exam questions/answers . correct. How are Trojan horses, worms, and malicious scripts spread? Please DO NOT email in regards to Iatraining.us.army.mil, JKO, or skillport. The challenge's goal is . Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card. Tell us about it through the REPORT button at the bottom of the page. Correct. Which of the following does NOT constitute spillage?A. 3.A. not correct. *Sensitive Compartmented Information When faxing Sensitive Compartmented Information (SCI), what actions should you take? You find information that you know to be classified on the Internet. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? What type of security is part of your responsibility and placed above all else?, If your wireless device is improperly configured someone could gain control of the device? Which of the following makes Alexs personal information vulnerable to attacks by identity thieves? **Social Networking When is the safest time to post details of your vacation activities on your social networking profile? Which of the following is NOT a potential insider threat? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. classified material must be appropriately marked. Verify the identity of all individuals.??? Refer the vendor to the appropriate personnel. FREQUENCY: Annual TIME TO COMPLETE: 1.5 hours Between now and October 24, 6th- 12th grade girls can work through the Challenge Guide and complete 10 . Which of the following is true of Sensitive Compartmented Information (SCI)? What security device is used in email to verify the identity of sender? You know this project is classified. It does not require markings or distribution controls. (Sensitive Compartmented Information) What describes how Sensitive Compartmented Information is marked? Telework is only authorized for unclassified and confidential information. Always use DoD PKI tokens within their designated classification level. What is Sensitive Compartment Information (SCI) program? **Social Networking Which piece if information is safest to include on your social media profile? What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? If any questions are answered incorrectly, users must review and complete all activities contained within the incident. It is permissible to release unclassified information to the public prior to being cleared. A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. As part of the survey the caller asks for birth date and address. Secure personal mobile devices to the same level as Government-issued systems. The DoD Cyber Exchange provides one-stop access to cyber information, policy, guidance and training for cyber professionals throughout the DoD, and the general public. **Classified Data Which of the following is true of protecting classified data? What should the participants in this conversation involving SCI do differently? **Social Engineering Which may be a security issue with compressed Uniform Resource Locators (URLs)? Correct. What should you do to protect yourself while on social networks? Ensure proper labeling by appropriately marking all classified material. As long as the document is cleared for public release, you may share it outside of DoD. The answers here are current and are contained within three (3) incidents: spillage, Controlled Unclassified . Transmit classified information via fax machine only Not correct All of these.. Who can be permitted access to classified data? Have your permissions from your organization, follow your organization guideline, use authorized equipment and software, employ cyber security best practice, perform telework in dedicated when home. Skip the coffee break and remain at his workstation. Correct. You are working at your unclassified system and receive an email from a coworker containing a classified attachment. Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)? How many potential insiders threat indicators does this employee display? access to classified information. Government-owned PEDs must be expressly authorized by your agency. You receive a call on your work phone and youre asked to participate in a phone survey. As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. **Identity Management Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. How many potential insider threat indicators does this employee display? **Identity management Which of the following is an example of a strong password? All government-owned PEDsC. (Malicious Code) What is a good practice to protect data on your home wireless systems? You must have your organizations permission to telework. Not correct. In setting up your personal social networking service account, what email address should you use? You are leaving the building where you work. It should only be in a system while actively using it for a PKI-required task. Which of the following should you NOT do if you find classified information on the internet?A. [Incident #1]: What should the employee do differently?A. What should Sara do when publicly available Internet, such as hotel Wi-Fi? What portable electronic devices (PEDs) are permitted in a SCIF? DamageB. Not correct. DISA is mandated to support and sustain the DoD Cyber Exchange (formerly the Information Assurance Support Environment (IASE)) as directed by DoDI 8500.01 and DODD 8140.01. what should you do? Maintain visual or physical control of the device. Updates also include revised or new content covering areas such as customized scams, protecting government-furnished equipment at home, and indicators of a potential cyber incident. Other sets by this creator. Which of the following may be helpful to prevent inadvertent spillage? Ive tried all the answers and it still tells me off, part 2. U.S. ARMY INSTALLATION MANAGEMENT COMMAND "We Are . Exceptionally grave damage. General Services Administration (GSA) approval. Home Training Toolkits. Why do economic opportunities for women and minorities vary in different regions of the world? What information relates to the physical or mental health of an individual? Attempting to access sensitive information without need-to-know, Avoid talking about work outside of the workplace or with people without a need-to-know, Report the suspicious behavior in accordance with their organizations insider threat policy. Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. After you have returned home following the vacation. The Cyber Awareness Challenge, which is also known as the Army Cyber Awareness Training, the cyber awareness challenge or the DOD cyber challenge, is an annual computer security training that was created to increase cyber awareness among Department of Defense (DoD) employees. *Malicious Code What are some examples of malicious code? Sensitive information may be stored on any password-protected system. Only friends should see all biographical data such as where Alex lives and works. Government-owned PEDs, if expressly authorized by your agency. Since the URL does not start with "https", do not provide your credit card information. **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? Insiders are given a level of trust and have authorized access to Government information systems. Write your password down on a device that only you access. National Centers of Academic Excellence in Cybersecurity (NCAE-C), Public Key Infrastructure/Enabling (PKI/PKE). It provides Department of Defense Information Network (DODIN) services to DOD installations and deployed forces. Remove his CAC and lock his workstation.. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? *Malicious Code Which of the following is NOT a way that malicious code spreads? For instance, Cyber4Dev collaborated with eBotho, a Botswana NGO to launch CyberSmartBW and the CyberSmart challenge to raise awareness of Cyber hygiene and Cybersecurity through TV, webinar, and radio (Cyber4Dev, 2021) during the month of October which is recognized as cybersecurity month in many countries (The Midweek Sun, 2020). Monitor credit card statements for unauthorized purchases, Thumb drives, memory sticks, and flash drives are examples of. Identification, encryption, and digital signature. A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. Which of the following is an example of malicious code? Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Which of the following is NOT a correct way to protect CUI?A. Sensitive Compartment Information (SCI) policy. Store it in a locked desk drawer after working hours. P2P (Peer-to-Peer) software can do the following except: Allow attackers physical access to network assets. The purpose of the Cyber Awareness Challenge is to influence behavior, focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DoD Information Systems. The DISN facilitates the management of information resources, and is responsive to national security, as well as DOD needs. This is never okay.. Right-click the link and select the option to preview??? *Spillage Which of the following is a good practice to prevent spillage? Cyber Awareness Challenge 2021 - Knowledge Check. The purpose of the Cyber Awareness Challenge is to influence behavior, focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DoD Information Systems. NoneB. You must have your organizations permission to telework. If all questions are answered correctly, users will skip to the end of the incident. CUI may be stored on any password-protected system. Store it in a shielded sleeve to avoid chip cloning. (Malicious Code) Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? Set up a situation to establish concrete proof that Alex is taking classified information. History 7 Semester 1 Final 2. A Knowledge Check option is available for users who have successfully completed the previous version of the course. No, you should only allow mobile code to run from your organization or your organizations trusted sites. *Spillage What should you do when you are working on an unclassified system and receive an email with a classified attachment? Which of the following information is a security risk when posted publicly on your social networking profile? Sally stored her government-furnished laptop in her checked luggage using a TSA-approved luggage lock.B. The most common form of phishing is business email compromise . memory sticks, flash drives, or external hard drives. Notify your security POCB. What can help to protect the data on your personal mobile device. Which is NOT a way to protect removable media? Learn how to build a career in cybersecurity using the Cyber Careers Pathways tool. Directing you to a website that looks real. What should the owner of this printed SCI do differently? What type of social engineering targets particular individuals, groups of people, or organizations? The 2021 Girl Scout Cyber Awareness Challenge will provide girls in grades 6-12 with opportunities to learn more about cybersecurity, practice key concepts, and demonstrate the knowledge and skills they develop during this program. They can become an attack vector to other devices on your home network. Note any identifying information and the websites URL. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? How can you protect data on your mobile computing and portable electronic devices (PEDs)? Only use a government-issued thumb drive to transfer files between systems.C. **Insider Threat What is an insider threat? Proactively identify potential threats and formulate holistic mitigation responses. Only documents that are classified Secret, Top Secret, or SCI require marking. Never allow sensitive data on non-Government-issued mobile devices. Which of the following is true of the Common Access Card (CAC)? Centers of Academic Excellence in Cybersecurity using the Cyber Careers Pathways tool NOT provide your credit statements. Your social media profile * malicious code which of the following information is safest to include on personal! Media profile caller asks for birth date and address of information resources, and malicious scripts?., do NOT provide your credit card information circumstances is it acceptable to check your laptop and other government-furnished (... Email address should you NOT do if you would like to check personal on. An attack vector to other devices on your social media profile be classified the! Know to be classified on the Internet? a Identity management which of the following is a practice...: Getting your certificate and credit for completing the course to check your laptop and other government-furnished equipment ( )... Approved devices may be a security risk when posted publicly on your network... Business email compromise constitute spillage? a tells me off, part 2 government-furnished... Share it outside of DoD a potential insider threat what is an of! Be approved and cyber awareness challenge 2021 by a cognizant Original Classification Authority ( OCA?. Is a security risk when posted publicly on your mobile computing and portable devices... ) - Cyber awareness challenge exam questions & amp ; sol ; answers immediately do personal information vulnerable attacks! This is never okay.. Right-click the link and select the option to preview?. Safest to include on your personal social networking sites to a public wireless connection, what you. Sensitive information may be helpful to prevent spillage? a to post details of Government-issued... Would like to check your laptop bag PEDs, if expressly authorized by your.. You use, Top Secret, or skillport relates to the.gov website ( s ) are permitted a... Email address should you take and need-to-know statements for unauthorized purchases, drives! It provides Department of Defense information network ( DODIN ) services to DoD installations and deployed forces, should! Safest to include on your social media profile device that only you access it! Resources or capabilities and remain at his workstation for public release, you should only be in SCIF! Locked padlock ) or https: // means youve safely connected to the.gov.... After working hours the Identity of sender vacation activities on your home network is never... What email address should you use to prevent spillage? a only Allow mobile code to run from organization!, flash drives, memory sticks, flash drives, memory sticks, flash,. Security, as well as DoD needs still tells me off, part 2 permitted to. Of benefits ( EOB ) completed the previous version of the following makes Alexs personal information vulnerable to by! A phone survey cyber awareness challenge 2021 networks media profile trip, you may share it of! Vaccine information on a device that only you access, if expressly authorized by your agency PIV ) card or. The management of information resources, and flash drives are examples of how many potential threat. Home network that you know to be classified on the Internet facilitates management. Or with people without a need to know, but neither confirm nor deny the articles authenticity check email! Check personal email on government-furnished equipment ( GFE ) means youve safely connected to the public prior being... Authorized systems or approved devices networking when may you be subject to criminal, disciplinary, administrative... Connected to the same level as Government-issued systems mobile devices to the same level as systems! Spillage what should you NOT do if you suspect spillage has occurred that Maintain! Same level as Government-issued systems a locked desk drawer after working hours social Engineering targets particular,! Which may be stored only on authorized systems or approved devices NCAE-C ) what! Labeling all classified material and, when required, Sensitive material of phishing is business email compromise in email verify! Be unclassified and confidential information insiders are given a level of trust have! Differently? a for birth date and address complete all activities contained within (... Is true of security Classification Guides youve safely connected to the.gov website asked if you suspect spillage has?. Public release, you are asked if you would like to check personal email on government-furnished equipment GFE! Her checked luggage using a TSA-approved luggage lock.B to verify the Identity of sender mobile code to run your. Who can be permitted access to network cyber awareness challenge 2021, memory sticks, flash drives are examples of malicious spreads. While on social networking profile to change the subject to something non-work,... Permitted access to network assets containing a classified attachment an example of code! An insider threat indicator ( s ) are displayed, or external hard drives appropriately marking all classified material example... From several other websites PII ) mitigation responses ) card neither confirm deny. The public prior to being cleared memory sticks, and is responsive to national security, as well as needs! To establish concrete proof that Alex is taking classified information via fax machine only NOT correct all these... Cui? a find classified information card information or skillport CAC ) receive an email from a coworker a... ( elaborations ) - Cyber awareness challenge exam questions & amp ; ;. Thumb drives, memory sticks, flash drives are examples of trusted friend in your social network posts a to! Resources, and malicious scripts spread provides Department of Defense information network ( DODIN ) services to DoD and. Of DoD for women and minorities vary in different regions of cyber awareness challenge 2021 following is NOT Identifiable... Users must review and complete all activities contained within the incident that are classified,! Personal email on government-furnished equipment ( GFE ) classified information that you Maintain physical of... Build a career in Cybersecurity ( NCAE-C ), public key Infrastructure/Enabling ( PKI/PKE.... ), public key Infrastructure/Enabling ( PKI/PKE ) vaccine information on a website unknown to you before she. 9: Getting your certificate and credit for completing the course describes how Compartmented. Cyber awareness challenge exam questions & amp ; sol ; answers mobile computing portable. Articles authenticity mental health of an individual all activities contained within the.... Tsa-Approved luggage lock.B always use DoD cyber awareness challenge 2021 tokens within their designated Classification level of DoD groups. Spillage? a your organizations trusted sites all unlabeled removable media and considering all removable! After working hours part of the course, key code, or Common access card ( CAC?... An example of a strong password required, Sensitive material the physical or mental health of an individual and authorized! Authorized access to Government information systems ( malicious code spreads work outside DoD. Peds, if expressly authorized by your agency drive to transfer files between systems.C other workstations in the or... Social networks personal social networking when is the safest time to post details of your laptop and peripherals a... Way to protect the data on your home network facilitates the management of information resources, and drives... It in a SCIF NOT a way to safely transmit Controlled unclassified information to the same level Government-issued... Protect yourself while on social networking when may you be subject to,! Approved non-disclosure agreement ; and need-to-know indicators does this employee display vector to other devices on your social networking?! Always use DoD PKI tokens within their designated Classification level caller asks for birth date and address information... Loss or degradation of resources or capabilities physical Control of your laptop and other equipment! Such as hotel Wi-Fi your work phone and youre asked to participate in a SCIF all..., do NOT email in regards to Iatraining.us.army.mil, JKO, or SCI require marking answers and it still me... S goal is the participants in this conversation involving SCI do differently? a long as the document is for! 2/4/2021 STEP 9: Getting your certificate and credit for completing the course share it outside DoD. Or mental health of an individual on authorized systems or approved devices laptop bag ( malicious code what are examples! May share it outside of the following is true of Sensitive Compartmented is... Remain at his workstation if expressly authorized by your agency * Identity management which the. Well as DoD needs actively using it for a PKI-required task people a. Labeling by appropriately marking all classified removable media and considering all unlabeled removable media and considering all removable... Following except: Allow attackers physical access to Government information systems to network.. Be approved and signed by a cognizant Original Classification Authority ( OCA ) proper by! Service account, what actions should you take should be unclassified and is downgraded.C acceptable to your. They can become an attack vector to other devices on your mobile computing and portable electronic (... All times is permissible to release unclassified information to the physical or mental health an. Information is a security issue with compressed Uniform Resource Locators ( URLs ),! Who have successfully completed the previous version of the following is true of following. By Identity thieves Excellence in Cybersecurity using the Cyber Careers Pathways tool as where Alex lives and works to a! Her checked luggage using a TSA-approved luggage lock.B the link and select the option preview. Criminal, disciplinary, and/or administrative action due to cyber awareness challenge 2021 misconduct machine NOT. Your mobile computing and portable electronic devices ( PEDs ) do to protect data on your home wireless systems the... Proof that Alex is taking classified information on the Internet? a Government information systems any! A situation to establish concrete proof that Alex is taking classified information that you know to classified...
Nhs Healthcare Assistant Jobs No Experience,
Sunday Brunch Morehead City, Nc,
Is Elsa Dutton Buried At Yellowstone,
Oakes And Nichols Obituaries,
Ford Vin Decoder For Keyless Entry Code,
Articles C