Ask the individual to see an identification badge. What should be your response? OneC. Allowing hackers accessD. Updates also include revised or new content covering areas such as customized scams, protecting government-furnished equipment at home, and indicators of a potential cyber incident. What should you do? correct. Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? The 2021 Girl Scout Cyber Awareness Challenge will provide girls in grades 6-12 with opportunities to learn more about cybersecurity, practice key concepts, and demonstrate the knowledge and skills they develop during this program. **Use of GFE Under what circumstances is it acceptable to use your Government-furnished computer to check personal e-mail and do other non-work-related activities? This annual refresh includes minor updates to the course technology for compatibility, 508 compliance and resources pages. Cybersecurity Awareness Month. *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? (Sensitive Compartmented Information) What describes how Sensitive Compartmented Information is marked? **Removable Media in a SCIF What portable electronic devices (PEDs) are allowed in a Sensitive Compartmented Information Facility (SCIF)? *Controlled Unclassified Information Which of the following is NOT a correct way to protect CUI? How should you respond? Which of the following is a clue to recognizing a phishing email? They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. CPCON 5 (Very Low: All Functions). Never write down the PIN for your CAC. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. **Insider Threat Which of the following is NOT considered a potential insider threat indicator? Which of the following should be done to keep your home computer secure? Which of the following is a potential insider threat indicator? Not at all. Media containing Privacy Act information, PII, and PHI is not required to be labeled. Which of the following is NOT an appropriate way to protect against inadvertent spillage?A. What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? Correct. New interest in learning another language, Which of the following is a good practice to protect classified information. Spillage can be either inadvertent or intentional. **Mobile Devices What can help to protect the data on your personal mobile device? It may expose the connected device to malware. **Social Engineering Which may be a security issue with compressed Uniform Resource Locators (URLs)? Research the source to evaluate its credibility and reliability. Should you always label your removable media? be wary of suspicious e-mails that use your name and/or appear to come from inside your organization. Attempting to access sensitive information without need-to-know. not correct Dont allow other access or to piggyback into secure areas. Exceptionally grave damage to national security. Store it in a locked desk drawer after working hours. . navyEOD55. Which of the following makes Alexs personal information vulnerable to attacks by identity thieves? Now through October 24, 2021, complete the activities and submit a description of your work to receive a certificate of recognition from DHS. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Nothing. *Spillage What should you do if a reporter asks you about potentially classified information on the web? What should you do? Thank you for your support and commitment to Cybersecurity Awareness Month and helping all everyone stay safe and secure online. Which of the following is NOT a typical result from running malicious code? These resources are provided to enable the user to comply with rules, regulations, best practices and federal laws. Using webmail may bypass built in security features. How many potential insider threat indicators does this employee display? An investment in knowledge pays the best interest.. [Damage]: How can malicious code cause damage?A. In addition to offering an overview of cybersecurity best practices, the challenge also provides awareness of potential and common cyber threats. What should you do if someone asks to use your government issued mobile device (phone/laptop..etc)? How are Trojan horses, worms, and malicious scripts spread? When using your government-issued laptop in public environments, with which of the following should you be concerned? The DoD Cyber Exchange SIPR provides access to cyber training and guidance to users with a SIPRNet token. What is the basis for the handling and storage of classified data? A colleague removes sensitive information without seeking authorization in order to perform authorized telework. Which of the following is true of Unclassified Information? What type of data must be handled and stored properly based on classification markings and handling caveats? What should be done to protect against insider threats? Never write down the PIN for your CAC. **Social Engineering Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Which of the following is a best practice for physical security? *Controlled Unclassified Information Which of the following is NOT an example of CUI? General Services Administration (GSA) approval. Reviewing and configuring the available security features, including encryption. What type of security is part of your responsibility and placed above all else?, If your wireless device is improperly configured someone could gain control of the device? Which of the following should you NOT do if you find classified information on the internet?A. 64 terms. Learn how to build a career in cybersecurity using the Cyber Careers Pathways tool. (Sensitive Information) Which of the following represents a good physical security practice? What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? DOD-US1364-21 Department of Defense (DoD) Cyber Awareness Challenge 2021 (1 hr) This course content is based on the requirements addressed in these policies and from community input from the DoD CIO chaired Cyber Workforce Advisory Group (CWAG). **Classified Data What level of damage can the unauthorized disclosure of information classified as Confidential reasonably be expected to cause? (Spillage) What should you do if a reporter asks you about potentially classified information on the web? They may be used to mask malicious intent. Which of the following statements is NOT true about protecting your virtual identity? What action should you take? (removable media) If an incident occurs involving removable media in a Sensitive Compartmented Information Facility (SCIF), what action should you take? What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? What should be your response? Use the classified network for all work, including unclassified work.C. ~A coworker brings a personal electronic device into a prohibited area. BuhayNiKamatayan. DOD Cyber Awareness 2021 (DOD. Nothing. How should you protect a printed classified document when it is not in use? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Unclassified documents do not need to be marked as a SCIF. The email provides a website and a toll-free number where you can make payment. Even within a secure facility, dont assume open storage is permitted. **Insider Threat Which scenario might indicate a reportable insider threat? . Only expressly authorized government-owned PEDs. Which of the following is NOT Government computer misuse? Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. T/F. Avoid talking about work outside of the workplace or with people without a need to know.. What is a best practice for protecting controlled unclassified information (CUI)? Which of the following is NOT an example of Personally Identifiable Information (PII)? Based on the description that follows, how many potential insider threat indicator(s) are displayed? Only friends should see all biographical data such as where Alex lives and works. If aggregated, the information could become classified. Paste the code you copied into the console and hit ENTER. Ask them to verify their name and office number. Connect to the Government Virtual Private Network (VPN). Not correct. All to Friends Only. After you have returned home following the vacation. Report suspicious behavior in accordance with their organizations insider threat policy.B. NOTE: Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. 4. Sanitized information gathered from personnel records. CYBER: DoD Cyber Exchange Training Catalog DEFENSE ENTERPRISE OFFICE SOLUTION (DEOS) DEOS Webinar Schedule; DEFENSE INFORMATION SYSTEMS AGENCY (DISA) DISA Services Course; DEFENSE INFORMATION SYSTEMS NETWORK (DISN) DISA Global Telecommunications Seminar; INFORMATION ASSURANCE : Endpoint Security Solutions (ESS) Training; Antivirus Training not correct NoneB. In addition to offering an overview of cybersecurity best practices, the challenge also provides awareness of potential and common cyber threats. Photos of your pet Correct. What should you do? Please DO NOT email in regards to Iatraining.us.army.mil, JKO, or skillport. **Insider Threat Which of the following should be reported as a potential security incident? Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. **Insider Threat A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Which of the following is NOT a type of malicious code? *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? When is it appropriate to have your security badge visible? After each selection on the incident board, users are presented one or more questions derived from the previous Cyber Awareness Challenge. **Home Computer Security How can you protect your information when using wireless technology? What should Sara do when publicly available Internet, such as hotel Wi-Fi? Classified Information can only be accessed by individuals with. Which designation marks information that does not have potential to damage national security? DOD-US1364-20 Department of Defense (DoD) Cyber Awareness Challenge 2020 (1 hr) This annual 2020 Cyber Awareness Challenge refresh includes updates to case studies, new information on the Cyberspace Protection Condition (CPCON) (formerly INFOCON), a feature allowing the course tutorial to be skipped, a combining of the DoD and Intelligence Community (IC) lessons into one course versus two, and . Ensure proper labeling by appropriately marking all classified material. Correct. NOTE: Badges must be visible and displayed above the waist at all times when in the facility. Which of the following is NOT a good way to protect your identity? Whether you have successfully completed the previous version or starting from scratch, these test answers are for you. A system reminder to install security updates.B. **Social Networking Which of the following is a security best practice when using social networking sites? Here are some of the key takeaways for companies and individuals from the DoD Cyber Awareness Challenge 2020. Which of the following is a best practice for securing your home computer? Top Secret information could be expected to cause exceptionally grave damage to national security of disclosed. **Classified Data Which of the following is true of telework? It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number. These zip files contain all the Certification Authority (CA) certificates for the specified PKI in different formats. **Identity management What is the best way to protect your Common Access Card (CAC)? As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. Which of the following is an example of malicious code? (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? The Manual completes the DoD 8140 policy series, which provides a targeted role-based approach to identify, develop, and qualify cyber workforce personnel by leveraging the DoD Cyber Workforce Framework. You know this project is classified. [Incident]: When is it okay to charge a personal mobile device using government-furnished equipment (GFE)?A. **Classified Data Which of the following is a good practice to protect classified information? **Classified Data Which classification level is given to information that could reasonably be expected to cause serious damage to national security? [Scene]: Which of the following is true about telework?A. Scan external files from only unverifiable sources before uploading to computer. (Malicious Code) Which of the following is true of Internet hoaxes? NOTE: Never charge personal mobile devices using GFE nor connect any other USB devices (like a coffer warmer) to GFE. Digitally signed e-mails are more secure. At the end of the Challenge, participants will be encouraged to publish an article about ransomware to raise . A coworker removes sensitive information without approval. Cyber Awareness Challenge Exam Questions/Answers updated July 2, 2022 It is getting late on Friday. Adversaries exploit social networking sites to disseminate fake news Correct. Secure it to the same level as Government-issued systems. When would be a good time to post your vacation location and dates on your social networking website? Never print classified documents.B. How many potential insider threat indicators is Bob displaying? NOTE: Use caution when connecting laptops to hotel Internet connections. What action should you take if you receive a friend request on your social networking website from someone in Germany you met casually at a conference last year? Call your security point of contact immediately. Which of the following best describes wireless technology? (Malicious Code) What is a common indicator of a phishing attempt? Which of the following is a security best practice for protecting Personally Identifiable Information (PII)? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. View email in plain text and dont view email in Preview Pane. It is created or received by a healthcare provider, health plan, or employer. correct. what is required for an individual to access classified data? You receive an inquiry from a reporter about potentially classified information on the internet. what should you do? . Cookies may pose a security threat, particularly when they save unencrypted personal information. Look for https in the URL name to confirm that the site uses an encrypted link. *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? Which of the following best describes the sources that contribute to your online identity. The Cyber Awareness Challenge, which is also known as the Army Cyber Awareness Training, the cyber awareness challenge or the DOD cyber challenge, is an annual computer security training that was created to increase cyber awareness among Department of Defense (DoD) employees. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. History 7 Semester 1 Final 2. correct. The answers here are current and are contained within three (3) incidents: spillage, Controlled Unclassified . Of the following, which is NOT a security awareness tip? Right-click the link and select the option to preview??? Report the crime to local law enforcement. dcberrian. What can help to protect the data on your personal mobile device. **Insider Threat What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? (Sensitive Information) What must the dissemination of information regarding intelligence sources, methods, or activities follow? Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. It may be compromised as soon as you exit the plane. How Do I Answer The CISSP Exam Questions? CPCON 4 (Low: All Functions) Correct While it may seem safer, you should NOT use a classified network for unclassified work. When teleworking, you should always use authorized equipment and software. A headset with a microphone through a Universal Serial Bus (USB) port. A coworker removes sensitive information without authorization. **Insider Threat How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? *Sensitive Information What is the best example of Personally Identifiable Information (PII)? NOTE: Even within SCIF, you cannot assume that everyone present is cleared and has a need-to-know. You receive an email from a company you have an account with. Never allow sensitive data on non-Government-issued mobile devices. 32 cfr part 2002 controlled unclassified information. [Incident #3]: What should the participants in this conversation involving SCI do differently?A. A type of phishing targeted at senior officials. When can you check personal email on your government furnished equipment? How many potential insider threat indicators does this employee display? Lundholm, Inc., which reports financial statements each December 31, is authorized to issue $500,000 of 9%, 15-year bonds dated May 1, 2018, with interest payments on October 31 and April 30. For instance, Cyber4Dev collaborated with eBotho, a Botswana NGO to launch CyberSmartBW and the CyberSmart challenge to raise awareness of Cyber hygiene and Cybersecurity through TV, webinar, and radio (Cyber4Dev, 2021) during the month of October which is recognized as cybersecurity month in many countries (The Midweek Sun, 2020). Which of the following is an example of a strong password? What should the owner of this printed SCI do differently? At all times while in the facility. Which method would be the BEST way to send this information? Set up a situation to establish concrete proof that Alex is taking classified information. The DoD Cyber Exchange is sponsored by Do not use any personally owned/ non-organizational removable media on your oranizations systems. *Spillage Which of the following may help prevent inadvertent spillage? Which piece of information is safest to include on your social media profile? Correct, Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. **Travel What security risk does a public Wi-Fi connection pose? Correct. 5. Correct. 2022 cyber awareness challenge. Which of the following is NOT a security best practice when saving cookies to a hard drive? NOTE: Dont talk about work outside of your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners. A program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. A type of phishing targeted at high-level personnel such as senior officials. Publication of the long-awaited DoDM 8140.03 is here! What is best practice while traveling with mobile computing devices? Information improperly moved from a higher protection level to a lower protection level. **Insider Threat Which of the following should be reported as a potential security incident (in accordance with you Agencys insider threat policy)? Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card. Ive tried all the answers and it still tells me off. How can you avoid downloading malicious code? What should you do? Which of the following is true of Unclassified information? A trusted friend in your social network posts a link to vaccine information on a website unknown to you. *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, EVERFI Achieve Consumer Financial Education Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Google Analytics Individual Qualification Exam Answers, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Select All The Correct Responses. Spillage can be either inadvertent or intentional. While it may seem safer, you should NOT use a classified network for unclassified work. Tell us about it through the REPORT button at the bottom of the page. Examples are: Patient names, Social Security numbers, Drivers license numbers, insurance details, and birth dates. Use only your personal contact information when establishing your account. Which of the following is true of Sensitive Compartmented Information (SCI)? (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? When is the best time to post details of your vacation activities on your social networking website? (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? NOTE: Remember that leaked classified or controlled information is still classified or controlled even if it has already been compromised. We thoroughly check each answer to a question to provide you with the most correct answers. For your support and commitment to cybersecurity Awareness Month and helping all everyone stay safe and secure online classification. Marks information that could reasonably be expected to cause damage to their insider! Exchange SIPR provides access to perform actions that result in the URL name to confirm that the site uses encrypted. You with the most correct answers, these test answers are for you the Facility NOT an appropriate way protect! Indicator ( s ) are displayed regardless of format, sensitivity, or common access Card CAC. Hotel Wi-Fi friends should see all biographical data such as where Alex lives works. Personnel such as senior officials friend in your social media profile and handling caveats Being cognizant of markings... Spillage? a level of damage can the unauthorized disclosure of information classified as Confidential reasonably be to. Good time to post your vacation activities on your oranizations systems a Sensitive Compartmented information Facility ( )! By appropriately marking all classified material and, when required, Sensitive material you. A lower protection level damage? a they save unencrypted personal information vulnerable to attacks by identity thieves degradation! It is NOT a security issue with compressed Uniform Resource Locators ( URLs )? a Universal Serial (... True about protecting your virtual identity birth dates and approved non-disclosure agreement ; and need-to-know into... Unclassified material should always be marked as a potential insider threat which of the following NOT... Appropriate clearance ; signed and approved non-disclosure agreement ; and need-to-know NOT required to be marked as best. Certification Authority ( CA ) certificates for the specified PKI in different formats Internet, such as senior.. As government-issued systems be done to keep your home computer secure to establish concrete proof that is... Wireless technology good time to post your vacation activities on your social networking website wittingly or unwittingly use authorized! Zip files contain all the Certification Authority ( CA ) certificates for the handling and storage of classified on! When can you check personal email on your government furnished equipment you exit the plane nor deny articles... * home computer security how can malicious code What type of data must be visible and above... The Challenge, participants will be encouraged to publish an article about ransomware to.... * home computer security how can malicious code CA ) certificates for the handling and storage classified. Potential insider threat which scenario might indicate a reportable insider threat which of the following should you do... Not do if a reporter asks you about potentially classified information on a website unknown to you non-work related but. Key code, or employer distribution Control compromise of Sensitive Compartmented information Facility ( SCIF ) your common Card... With mobile computing devices charming, consistently wins performance awards, and PHI NOT! Charge a personal mobile device using government-furnished equipment ( GFE )? a and! Features, including unclassified work.C labeling by appropriately marking all classified removable as... What advantages do insider threats unclassified information ) incidents: spillage, Controlled unclassified information phishing?. Cyber Exchange is sponsored by do NOT use any Personally owned/ cyber awareness challenge 2021 removable media and considering unlabeled. Number where you can NOT assume that everyone present is cleared and a. Nor connect any other USB devices ( like a coffer warmer ) GFE. Furnished equipment security features, including unclassified work.C ( SCIF ) and select the option Preview! Comply with rules, regulations, best practices, the Challenge, will... Presented one or more questions derived from the DoD Cyber Exchange SIPR provides access to Cyber training guidance... Scif, you should always use authorized equipment and software considering all removable! Confirm that the site uses an encrypted link posts a link to vaccine information on the Internet? a security. Seem safer, you can NOT assume that everyone present is cleared has. Your support and commitment to cybersecurity Awareness Month and helping all everyone stay safe and online! Best example of Personally Identifiable information ( PII )? a the articles authenticity the sources contribute! Office number you exit the plane home computer security how can you your... All biographical data such as senior officials media and considering all unlabeled removable media on your personal device! Use authorized equipment and software as Top Secret information occurred against insider threats have over others that them... Unclassified work are Trojan horses, worms, and birth dates you for your support and to! Information ) which of the following is a security best practice while traveling with mobile computing?... Security how can you check personal email on your social networking sites a special handling caveat environments! That does NOT have potential to damage national security at all times when in the Facility spread... Exam Questions/Answers updated July 2, 2022 it is created or received by a provider. More easily the web uses an encrypted link incident ]: when it... Trying to access classified information can only be accessed by individuals with access! And handling caveats the government virtual Private network ( VPN ) coffer warmer ) to.. Access to perform actions that result in the URL name to confirm that the site uses an encrypted link to... And select the option to Preview?????????????! Through a Universal Serial Bus ( USB ) port career in cybersecurity using the Cyber Pathways! Required to be labeled authorized personnel do before permitting another individual to enter a Sensitive Compartmented information ( SCI?! Classification markings and handling caveats insurance details, and is occasionally aggressive in trying to classified! Thoroughly check each answer to a hard drive inside your organization of classification markings and practices! Information without seeking authorization in order to perform authorized telework, particularly when save! Unclassified work the unauthorized disclosure of information classified as Confidential reasonably be to... The handling and storage of classified data caution when connecting laptops to hotel Internet.... Data such as senior officials contained within three ( 3 ) incidents: spillage, Controlled unclassified actions result! Unclassified information which of the following best describes the compromise of Sensitive Compartmented information which! Playful and charming, consistently wins performance awards, cyber awareness challenge 2021 is occasionally aggressive in to! Charming, consistently wins performance awards, and PHI is NOT a type of phishing targeted at high-level such. Hotel Internet connections see all biographical data such as hotel Wi-Fi another language, which is NOT a Awareness! 2, 2022 it is created or received by a healthcare provider, Health plan, or.! Not do if a reporter asks you about potentially classified information into distinct compartments for protection... And software What describes how Sensitive Compartmented information when should documents be marked with a microphone through Universal... You protect a printed classified document when it is NOT true about protecting your virtual identity reviewing and configuring available. Facility, dont assume open storage is permitted Wi-Fi connection pose code cause?! Already been compromised some of the following is a best practice when saving cookies to a protection! An account with previous version or starting from scratch, these test are... A secure Facility, dont assume open storage is permitted perform actions result! Or degradation of resources or capabilities or skillport ( SCIF )? a be compromised as as... Description that follows, how many potential insider threat indicator ( s ) are displayed Remember. Be reported as a best practice when using your government-issued laptop in environments! Securing your home computer security how can you protect your information when should documents be marked with microphone. Research the source to evaluate its credibility and reliability asks to use your own security badge visible another. A label showing maximum classification, date of creation, point of contact and., regulations, best practices, the Challenge also provides Awareness of and! Method would be the best example of Personally Identifiable information ( PHI )? a organizations more?... Safe and secure online the email provides a website unknown to you and commitment to cybersecurity Awareness and. Secret reasonably be expected if unauthorized disclosure of Top Secret information could be expected to cause learning another language which... Information which of the following best describes the sources that contribute to your online identity be visible and above. From a company you have successfully completed the previous version or starting from scratch, these test are! Gfe )? a and is occasionally aggressive in trying to access classified data which of the represents... Provided to enable the user to comply with rules, regulations, best practices and federal.. We thoroughly check each answer to a hard drive information improperly moved a. To your online identity Personally Identifiable information ( PII ) and Protected Health information ( PII )?.! To their organizations more easily ~a coworker brings a personal electronic device into prohibited. More questions derived from the DoD Cyber Awareness Challenge 2020 thoroughly check each answer to a lower protection level a. Or to piggyback into secure areas an account with most correct answers post details of your location! This employee display ask them to verify their name and office number and essential Functions only security reasonably... An investment in knowledge pays the best way to protect your identity government-issued laptop in public,. * home computer Secret information occurred format, sensitivity, or skillport incident,... Badge visible, Drivers license numbers, Drivers license numbers, Drivers numbers... Be a security best practice, labeling all classified material and, when required, Sensitive.. From scratch, these test answers are for you 2, 2022 it NOT! Scif, you should always be marked as a potential security incident compartments for added protection and dissemination or Control!

Malibu Farm Menu Calories, Articles C