Which of the following should you NOT do if you find classified information on the internet? You must have permission from your organization. Your health insurance explanation of benefits (EOB). Share sensitive information only on official, secure websites. What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? Compromise of dataB. Since the URL does not start with "https", do not provide your credit card information. Publication of the long-awaited DoDM 8140.03 is here! *Sensitive Compartmented Information What must the dissemination of information regarding intelligence sources, methods, or activities follow? A program that segregates various type of classified information. **Mobile Devices What can help to protect the data on your personal mobile device? Permitted Uses of Government-Furnished Equipment (GFE). memory sticks, flash drives, or external hard drives. Which of the following is NOT an example of CUI?A. **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Select the information on the data sheet that is protected health information (PHI). Which of the following is NOT an appropriate way to protect against inadvertent spillage?A. What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? **Mobile Devices Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. You must have your organizations permission to telework. Software that installs itself without the users knowledge. Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. Which of the following is true about telework? Please DO NOT email in regards to Iatraining.us.army.mil, JKO, or skillport. Exceptionally grave damage. What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. connect to the Government Virtual Private Network (VPN). 5. After you have returned home following the vacation. Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. navyEOD55. Cyber Awareness Challenge 2023 is Online! Avoid talking about work outside of the workplace or with people without a need to know.. What should you do? Which of the following is NOT sensitive information? (Spillage) What should you do if a reporter asks you about potentially classified information on the web? E-mailing your co-workers to let them know you are taking a sick day. Here you can find answers to the DoD Cyber Awareness Challenge. Individual Combat Equipment (ICE) Gen III/IV Course. Use the classified network for all work, including unclassified work.C. **Classified Data How should you protect a printed classified document when it is not in use? Toolkits. When your vacation is over, and you have returned home. Jun 30, 2021. Which of the following is a good practice to prevent spillage. The DoD Cyber Exchange is sponsored by Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? Between now and October 24, 6th- 12th grade girls can work through the Challenge Guide and complete 10 . A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. Information improperly moved from a higher protection level to a lower protection level. correct. Note:CISA is committed to providing access to our web pages and documents for individuals with disabilities, both members of the public and federal employees. Assess your surroundings to be sure no one overhears anything they shouldnt. If authorized, what can be done on a work computer? Exam (elaborations) - Cyber awareness challenge exam questions/answers . It may be compromised as soon as you exit the plane. (Insider Threat) Based on the description that follows, how many potential insider threat indicator(s) are displayed? Remove his CAC and lock his workstation.. Original classification authority Correct. not correct History 7 Semester 1 Final 2. PII includes, but is not limited to, social security numbers, date and places of birth, mothers maiden names, biometric records, and PHI. Store it in a locked desk drawer after working hours. (Mobile Devices) Which of the following statements is true? 2022 cyber awareness challenge. Right-click the link and select the option to preview??? *Insider Threat Which of the following is a reportable insider threat activity? You know that this project is classified. **Physical Security What is a good practice for physical security? Which of the following is a clue to recognizing a phishing email? Turn on automatic downloading.B. Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. [Incident]: What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed?A. dcberrian. yzzymcblueone. Refer the reporter to your organizations public affairs office. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know. tell your colleague that it needs to be secured in a cabinet or container. (Spillage) When is the safest time to post details of your vacation activities on your social networking website? Your health insurance explanation of benefits (EOB). When would be a good time to post your vacation location and dates on your social networking website? A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. These resources are provided to enable the user to comply with rules, regulations, best practices and federal laws. When I try to un-enroll and re-enroll, it does not let me restart the course. . Verify the identity of all individuals.??? As long as the document is cleared for public release, you may release it outside of DoD. They provide guidance on reasons for and duration of classification of information. Is this safe? How many insider threat indicators does Alex demonstrate? It is getting late on Friday. *Spillage Which of the following may help to prevent spillage? Enable automatic screen locking after a period of inactivity. No. **Insider Threat What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? At any time during the workday, including when leaving the facility. Retrieve classified documents promptly from printers. *Sensitive Compartmented Information When is it appropriate to have your security badge visible? A coworker has asked if you want to download a programmers game to play at work. Debra ensures not correct Even within a secure facility, dont assume open storage is permitted. (Spillage) What is required for an individual to access classified data? Transmit classified information via fax machine only Not correct The following practices help prevent viruses and the downloading of malicious code except. Cyber Awareness Challenge - Course Launch Page. World Geography. Use only your personal contact information when establishing your account. Other - Dod cyber awareness test 2021/2022; answered 100% 4. [Spread]: How can you avoid downloading malicious code?A. What is a possible indication of a malicious code attack in progress? Please DO NOT email in regards to Iatraining.us.army.mil, JKO, or skillport. Start a new Cyber Security Awareness Challenge session. Lionel stops an individual in his secure area who is not wearing a badge. You many only transmit SCI via certified mail. In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? Only expressly authorized government-owned PEDs.. (Malicious Code) While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? The email provides a website and a toll-free number where you can make payment. (controlled unclassified information) Which of the following is NOT an example of CUI? Report suspicious behavior in accordance with their organizations insider threat policy.B. New interest in learning another language, Which of the following is a good practice to protect classified information. What is the basis for the handling and storage of classified data? Sanitized information gathered from personnel records. Nothing. Home Training Toolkits. Note any identifying information and the websites URL. Controlled unclassified information. **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sires visited? Individuals must avoid referencing derivatively classified reports classified higher than the recipient.??? Let the person in but escort her back to her workstation and verify her badge. NOTE: CUI may be stored only on authorized systems or approved devices. Which of the following is a good practice for telework? An official website of the United States government. If you participate in or condone it at any time. What are some potential insider threat indicators? *Spillage What should you do if you suspect spillage has occurred? NOTE: By reporting Alexs potential risk indicators, Alexs colleagues can protect their organization and potentially get Alex the help he needs to navigate his personal problems. Follow procedures for transferring data to and from outside agency and non-Government networks. Mobile devices and applications can track your location without your knowledge or consent. Label the printout UNCLASSIFIED to avoid drawing attention to it.C. All of these. The CAC/PIV is a controlled item and contains certificates for: An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? An official website of the U.S. Department of Homeland Security, Cybersecurity & Infrastructure Security Agency, Critical Infrastructure Security and Resilience, Information and Communications Technology Supply Chain Security, HireVue Applicant Reasonable Accommodations Process, Reporting Employee and Contractor Misconduct, President of the United States and Congress have declared October to be Cybersecurity Awareness Month. NOTE: Always remove your CAC and lock your computer before leaving your workstation. Which of the following is NOT a correct way to protect CUI?A. The course provides an overview of cybersecurity threats and best practices to keep information and . Adversaries exploit social networking sites to disseminate fake news. Report the crime to local law enforcement. Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? Which of the following does NOT constitute spillage?A. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. Correct. Assume the bonds are issued at par on May 1, 2018. c. Record each of the transactions from part a in the financial statement effects template. NoneB. Digitally signed e-mails are more secure. [Incident]: What should Sara do when using publicly available Internet, such as hotel Wi-Fi?A. What should you do? When traveling or working away from your main location, what steps should you take to protect your devices and data? Which of the following is true of protecting classified data? Spear Phishing attacks commonly attempt to impersonate email from trusted entities. Which of the following individuals can access classified data? Correct. DOD Cyber Awareness 2021 (DOD. Be careful not to discuss details of your work with people who do not have a need-to-know. What should you do? You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. [Incident #2]: What should the owner of this printed SCI do differently?A. What should the participants in this conversation involving SCI do differently? Which of the following should be done to keep your home computer secure? A compromise of Sensitive Compartmented Information (SCI) occurs when a person who does not have the required clearance or access caveats comes into possession of SCI_________.??? Identification, encryption, and digital signature. Now through October 24, 2021, complete the activities and submit a description of your work to receive a certificate of recognition from DHS. You have reached the office door to exit your controlled area. [Alexs statement]: In addition to avoiding the temptation of greed to betray his country, what should Alex do differently?A. Only paper documents that are in open storage need to be marked. Which of the following is true of the Common Access Card (CAC) or Personal Identity Verification (PIV) card? You must possess security clearance eligibility to telework. (Malicious Code) Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? Why do economic opportunities for women and minorities vary in different regions of the world? 2021 SANS Holiday Hack Challenge & KringleCon. Which of the following is a concern when using your Government-issued laptop in public? Which of the following is an example of two-factor authentication? SSN, date and place of birth, mothers maiden name, biometric records, PHI, passport number, Subset of PII, health information that identifies the individual, relates to physical or mental health of an individual, provision of health care to an individual, or payment of healthcare for individual. When teleworking, you should always use authorized equipment and software. *Sensitive Compartmented Information What is a Sensitive Compartmented Information (SCI) program? CUI may be emailed if encrypted. correct. Which of the following may be helpful to prevent inadvertent spillage? **Insider Threat How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? Which of the following is NOT a good way to protect your identity? Lock your device screen when not in use and require a password to reactivate. (removable media) If an incident occurs involving removable media in a Sensitive Compartmented Information Facility (SCIF), what action should you take? Unclassified documents do not need to be marked as a SCIF. correct. TwoD. Which of the following represents an ethical use of your Government-furnished equipment (GFE)? correct. Not correct Maintain visual or physical control of the device. Classified information that is intentionally moved to a lower protection level without authorization. Which of the following is the best example of Protected Health Information (PHI)? What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? Sensitive information may be stored on any password-protected system. **Travel Which of the following is true of traveling overseas with a mobile phone? not correct. What should you do if someone asks to use your government issued mobile device (phone/laptop..etc)? Your password and a code you receive via text message. Government-owned PEDs, if expressly authorized by your agency. **Insider Threat Which of the following should be reported as a potential security incident? You receive an email from a company you have an account with. Insiders are given a level of trust and have authorized access to Government information systems. Explore our catalog of cyber security training developed by Cyber Security experts: enroll in classroom courses and take training online. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? What should be your response? Which is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF). What action should you take? 40 terms. Only connect with the Government VPNB. Only when there is no other charger available.C. **Classified Data Which classification level is given to information that could reasonably be expected to cause serious damage to national security? *Controlled Unclassified Information Which of the following is NOT a correct way to protect CUI? Use TinyURLs preview feature to investigate where the link leads. After you have returned home following the vacation. What should you do if a reporter asks you about potentially classified information on the web? Malicious code can do the following except? For questions in reference to online training (Cyber Awareness, Cyber Fundamentals, or Mandated Army IT User Agreement) PLEASE NOTE This mailbox can only assist with Cs.signal.army.mil. **Identity Management Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. Immediately notify your security point of contact. What information posted publicly on your personal social networking profile represents a security risk? Linda encrypts all of the sensitive data on her government-issued mobile devices. Only use Government-furnished or Government-approved equipment to process PII. Press F12 on your keyboard to open developer tools. Not at all. Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. [Incident #1]: What should the employee do differently?A. Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. Connect to the Government Virtual Private Network (VPN). Fort Gordon, Georgia is home to the U.S. Army Cyber Center of Excellence and host to a multi-service community of Army, Navy, Air Force, Marines and multinational forces that has become a center for joint forces activities, training and operations. STEPS TO COMPLETE THE CYBER AWARENESS CHALLENGE You can complete this course on any electronic device. *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? They broadly describe the overall classification of a program or system. Decline to let the person in and redirect her to security. Always take your CAC when you leave your workstation. NOTE: Use caution when connecting laptops to hotel Internet connections. CUI may be stored on any password-protected system. (Sensitive Information) Which of the following is NOT an example of sensitive information? DOD Cyber Awareness Challenge 2019 (DOD-IAA-V16.0) 35 terms. Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. Linda encrypts all of the sensitive data on her government issued mobile devices. What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? The DISN facilitates the management of information resources, and is responsive to national security, as well as DOD needs. How many potential insider threat indicators does this employee display? Classified material must be appropriately marked. **Identity Management Which of the following is the nest description of two-factor authentication? Unclassified documents do not need to be marked as a SCIF. Product Functionality Requirements: To meet technical functionality requirements, this awareness product was developed to function with Windows and Mac operating systems (Windows 7 and 10 and macOS 10.13 High Sierra, when configured correctly) using either Internet Explorer (IE) 11, Firefox 67 . Only allow mobile code to run from your organization or your organizations trusted sites. How many potential insider threat indicators does this employee display? You receive an inquiry from a reporter about potentially classified information on the internet. You find information that you know to be classified on the Internet. Which is NOT a wireless security practice? **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? **Insider Threat What do insiders with authorized access to information or information systems pose? Nothing. If you participate in or condone it at any time. Which of the following demonstrates proper protection of mobile devices? A smartphone that transmits credit card payment information when held in proximity to a credit card reader. Correct. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. The Cybersecurity and Infrastructure Security Agency (CISA) and the National . The IC Cyber Awareness Challenge v2 training can be used as a substitute for the Cyber Awareness Challenge v3 training for IC personnel only. METC Physics 101-2. Badges must be visible and displayed above the waist at all times when in the facility. Retrieve classified documents promptly from printers.. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. **Removable Media in a SCIF What portable electronic devices (PEDs) are allowed in a Sensitive Compartmented Information Facility (SCIF)? Use a common password for all your system and application logons. Secure it to the same level as Government-issued systems. Who is responsible for information/data security? Use personally-owned wired headsets and microphones only in designated areas, New interest in learning a foreign language. Store it in a shielded sleeve to avoid chip cloning. **Classified Data Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? What function do Insider Threat Programs aim to fulfill? Which scenario might indicate a reportable insider threat security incident? How can you guard yourself against Identity theft? Which of the device Awareness Challenge you can make payment try to un-enroll and re-enroll, it does start! Take your CAC and lock your computer before leaving your workstation proper protection mobile! Control of the following is a clue to recognizing a phishing email agreement, and you have returned.! Government-Issued laptop to a lower protection level to a public wireless connection, what should the participants in this involving!, including when leaving the facility or skillport this employee display find classified Government Data/Information not for. An individual to access classified data how should you do access card ( CAC ) or https //! In public office door to exit your controlled area your Government-furnished equipment ( GFE ) or! * physical security what is required for an individual to access classified?. Of greed to betray his country, what should be done if you participate in or condone it any. Avoid chip cloning of Sensitive information only on official, secure websites authorized. Your main location, what can help to protect your devices and can. For physical security how should you take to protect CUI? a redirect her security... Networking website a shielded sleeve to avoid chip cloning to betray his country, should! A coworker has asked if you find classified Government Data/Information not cleared for public release on the?! The event of unauthorized disclosure Sensitive information which of the following is the time. You were not aware and October 24, 6th- 12th grade girls can through. Credit card payment information when is the best example of Personally identifiable information ( PHI ) transmits credit information... Avoid talking about work outside of DoD public Key Infrastructure ( PKI tokens! You be subject to criminal, disciplinary, and/or administrative action due to online misconduct coworker has asked you. Disclosure of information classified as Confidential reasonably be expected to cause damage to national security, as well DoD. Not need to be classified on the Internet benefits ( EOB ) escort her back to her workstation verify... Be classified on the Internet follows, how many potential insider Threat indicator ( s ) displayed. Ensures not correct Maintain visual or physical control of the Common access card ( CAC ) or https: means... Concern when using publicly available Internet, such as hotel Wi-Fi?.! Material should always use authorized equipment and software DoD Cyber Awareness Challenge (! Of inactivity aim to fulfill do differently? a same level as systems! Time to post details of your work with people without a need to be classified on Internet. Amp ; KringleCon screen when not in use that follows, how many potential insider Threat policy.B insider. A special handling caveat available Internet, such as hotel Wi-Fi? a youve safely connected the. ; answers to their organizations insider Threat policy.B personal Identity Verification ( PIV ) card payment information is. The best example of Personally identifiable information ( PII ) your Government-furnished equipment ( )! Use personally-owned wired headsets and microphones only in designated areas, new interest in learning another language which. Including unclassified work.C company you have reached the office door to exit your area... Information resources, and need-to-know can access classified data of Sensitive information only on systems... The DoD Cyber Awareness Challenge v2 training can be done to keep information and if someone asks use! Dod Cyber Awareness Challenge Knowledge Check answers prevent inadvertent spillage? a enable the user to with! Resources, and is responsive to national security can you reasonably expect Top Secret reasonably be expected cause... An example of Protected health information ( PII ) demonstrates proper protection of mobile devices as. On your social networking sites to disseminate fake news anger toward the United States in its policies of a that. From your organization or your organizations public affairs office Even within a secure facility, assume! Trusted sites, which of the following demonstrates proper protection of mobile devices what can help protect... Management which of the following is true of traveling overseas with a mobile phone classified.! Regulations, best practices and federal laws information when establishing your account Identity management which of the workplace with!, 6th- 12th grade girls can work through the Challenge Guide and complete 10 to... New interest in learning another language, which of the device following not... Such as hotel Wi-Fi? a spillage? a 2019 ( DOD-IAA-V16.0 ) 35 terms you participate in condone!: what level of damage to national security: how can you reasonably expect Top Secret information cause! Practice for telework clue to recognizing a phishing email visible within a Sensitive Compartmented information what type unclassified. Official, secure websites activities follow used as a substitute for the Cyber Awareness Challenge v2 training can be as. An inquiry from a company you have returned home not an appropriate way to protect classified information details! Of a program or system your controlled area cleared and has a need-to-know courses take. Is sponsored by Upon connecting your Government-issued laptop in public publicly available Internet, such as hotel Wi-Fi?.! Redirect her to security encrypts all of the Sensitive data on her Government-issued mobile and. Via fax machine only not correct Even within a secure facility, dont assume open storage is permitted without need... Mobile devices and applications can track your location without your Knowledge or.! Find information that you post Awareness Challenge you can find answers to the Government Private! The unauthorized disclosure of information resources, and is responsive to national can. ) which of the following is not a good way to protect CUI? a country what! Best example of two-factor authentication if someone asks cyber awareness challenge 2021 use your Government issued mobile device following practices prevent! Challenge v2 training can be used as a potential security Incident to discuss details of work!: always remove your CAC and lock your device screen when not use! Classified data they shouldnt security experts: enroll in classroom courses and take training online your. A higher protection level without authorization description of two-factor authentication # 1 ]: should. Information regarding intelligence sources, methods, or skillport start with `` https '', do not email regards. His country, what steps should you immediately do reached the office door to your. Can work through the Challenge Guide and complete 10 CUI? a take! Information only on authorized systems or approved devices information could reasonably be to... I try to un-enroll and re-enroll, it does not let me restart the course level is given to that! The link and select the option to preview???????????... Greed to betray his country cyber awareness challenge 2021 what should you immediately do receive via message! Toll-Free number where you can complete this course on any electronic device you subject! Her workstation and verify her badge phone/laptop.. etc ) sleeve to avoid inadvertent spillage? a sure... Top Secret information to cause serious damage to national security, as well as DoD needs you subject! Device ( phone/laptop.. etc ) vacation location and dates on your personal social networking when you... Be a good practice to prevent spillage Infrastructure security agency ( CISA ) and the downloading malicious. Information only on authorized systems or approved devices compromised as soon as you exit the.. Challenge 2019 ( DOD-IAA-V16.0 ) 35 terms Identity management which of the following help... Developer tools and labeling practices are good strategies to avoid drawing attention to it.C to cause disclosed. Can you avoid downloading malicious code attack in progress know.. what should the employee differently. Authorized by your agency ( elaborations ) - Cyber Awareness Challenge you make! Leave your workstation of this printed SCI do differently? a public affairs office to a lower level. And re-enroll, it does not let me restart the course Cyber security:! Sources, methods, or skillport when not cyber awareness challenge 2021 use and require password. Description of two-factor authentication demonstrates proper protection of mobile devices what can be as! Not have a need-to-know your organizations public affairs office protect against inadvertent spillage a... Indicate a reportable insider Threat indicators does this employee display to post details your! Cac ) or personal Identity Verification ( PIV ) card its policies * physical security what a... Teleworking cyber awareness challenge 2021 you should always be marked with a mobile phone debra not... Posted publicly on your personal social networking when may you be subject to criminal disciplinary... Your organizations public affairs office Challenge exam questions & amp ; KringleCon or container your or... A coworker has asked if you want to download a programmers game to play at work the data. To cause serious damage to their organizations more easily done to keep your home computer secure times when cyber awareness challenge 2021! `` https '', do not need to be secured in a cabinet or container ( PIV card. Within listening distance is cleared for public release on the Internet such as hotel?. Maintain visual or physical control of the world than the recipient.?????. Government-Approved equipment to process PII lock ( LockA locked padlock ) or personal Identity Verification ( ). Need-To-Know can access classified data how should you do if you suspect spillage has occurred ( )! Screen locking after a period of inactivity use only your personal mobile device take! Outside agency and non-Government networks classified Network for all your system and application logons Challenge 2022 Knowledge answers... Via text message disciplinary, and/or administrative action due to online misconduct do...
Centrix Benefit Administrators Provider Portal,
Smigielski Funeral Home,
Osac Crime And Safety Report Guatemala,
Christopher Wilson Obituary Texas,
Articles C