Ctrl+F (Cmd+F) will help you a lot when searching through such a large set of questions. You must have your organizations permission to telework. Proprietary dataB. Classified information that is intentionally moved to a lower protection level without authorization. Exceptionally grave damage. Sanitized information gathered from personnel records. The purpose of the Cyber Awareness Challenge is to influence behavior, focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DoD Information Systems. NOTE: To avoid downloading malicious code, you should avoid accessing website links, buttons, or graphics in email messages or popups. Which of the following is true of telework? Everything's an Argument with 2016 MLA Update University Andrea A Lunsford, University John J Ruszkiewicz. Store it in a General Services Administration (GSA)-approved vault or container. Which of the following actions is appropriate after finding classified Government information on the internet? The CAC/PIV is a controlled item and contains certificates for: An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? Correct. You are having lunch at a local restaurant outside the installation, and you find a cd labeled favorite song. The DoD Cyber Exchange Public provides limited access to publicly releasable cyber training and guidance to all Internet users. What information should you avoid posting on social networking sites? So my training expires today. *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? As part of the survey the caller asks for birth date and address. An official website of the U.S. Department of Homeland Security, Cybersecurity & Infrastructure Security Agency, Critical Infrastructure Security and Resilience, Information and Communications Technology Supply Chain Security, HireVue Applicant Reasonable Accommodations Process, Reporting Employee and Contractor Misconduct, President of the United States and Congress have declared October to be Cybersecurity Awareness Month. Lock your device screen when not in use and require a password to reactivate. (Spillage) What is required for an individual to access classified data? **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? What should you do? Which of the following is NOT a home security best practice? **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. Which of the following is true of Protected Health Information (PHI)? There are many travel tips for mobile computing. Which of the following is NOT a DoD special requirement for tokens? Only connect to known networks. Use personally-owned wired headsets and microphones only in designated areas, New interest in learning a foreign language. (Malicious Code) What are some examples of removable media? **Insider Threat What do insiders with authorized access to information or information systems pose? [Incident #1]: When is it appropriate to have your security badge visible?A. **Removable Media in a SCIF What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? Which of the following is NOT a type of malicious code? Nothing. When using your government-issued laptop in public environments, with which of the following should you be concerned? (Home computer) Which of the following is best practice for securing your home computer? Under what circumstances is it acceptable to use your government-furnished computer to check personal e-mail and do non-work-related activities? STEPS TO COMPLETE THE CYBER AWARENESS CHALLENGE You can complete this course on any electronic device. Continue Existing Session. Carrying his Social Security Card with him, DoD employees are prohibited from using a DoD CAC in card-reader-enabled public device, Assigned a classification level by a supervisor. He let his colleague know where he was going, and that he was coming right back.B. If You Are A Military Personnel And You Knowingly Leaked, Which Of The Following Is Not Considered A Potential Insider Threat Indicator, California Firearm Safety Certificate Test Answer, The Tragedy of Macbeth Act 1 Selection Test Answer Key, Chapter 11 Chemical Reactions Test Answer Key, Critical, Essential, and Support Functions. Which of the following is a potential insider threat indicator? Hold the conversation over email or instant messenger to avoid being overheard.C. Refer the reporter to your organizations public affairs office. Exceptionally grave damage to national security. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? **Home Computer Security Which of the following is a best practice for securing your home computer? Turn on automatic downloading.B. Original classification authority Correct. Correct. What is the best course of action? NoneB. Which of the following is true of Unclassified Information? Use the appropriate token for each system. **Insider Threat Which type of behavior should you report as a potential insider threat? Issues with Cyber Awareness Challenge. Of the following, which is NOT a characteristic of a phishing attempt? Erasing your hard driveC. What should the owner of this printed SCI do differently? View email in plain text and dont view email in Preview Pane. Top Secret information could be expected to cause exceptionally grave damage to national security of disclosed. When leaving your work area, what is the first thing you should do? Exam (elaborations) - Cyber awareness challenge exam questions/answers . Follow procedures for transferring data to and from outside agency and non-Government networks. (Spillage) What should you do when you are working on an unclassified system and receive an email with a classified attachment? You may use unauthorized software as long as your computers antivirus software is up-to-date. The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organization's system. correct. **Insider Threat How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? Social Security Number; date and place of birth; mothers maiden name. What is the danger of using public Wi-Fi connections? Analyze the other workstations in the SCIF for viruses or malicious codeD. When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? Secure .gov websites use HTTPS Never allow sensitive data on non-Government-issued mobile devices. Which may be a security issue with compressed urls? Other - Dod cyber awareness test 2021/2022; answered 100% 4. Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. Which is NOT a wireless security practice? Only when badging inB. The month is dedicated to creating resources and communications for organizations to talk to their employees and customers about staying safe online. What are some potential insider threat indicators? Her badge is not visible to you. World Geography. What information posted publicly on your personal social networking profile represents a security risk? Which of the following is a good practice to prevent spillage? What function do Insider Threat Programs aim to fulfill? Exposure to malwareC. The challenges goal is simple: To change user behavior to reduce the risks and vulnerabilities DoD Information Systems face. Which of the following is a good practice to prevent spillage. What should you do? Which of the following is a clue to recognizing a phishing email? A pop-up window that flashes and warns that your computer is infected with a virus. Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. NOTE: Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. After you have returned home following the vacation. All of these. The Cyber Awareness Challenge is the DoD . Mark SCI documents appropriately and use an approved SCI fax machine. A coworker uses a personal electronic device in a secure area where their use is prohibited. **Classified Data What is a good practice to protect classified information? Nothing. You find information that you know to be classified on the Internet. These zip files contain all the Certification Authority (CA) certificates for the specified PKI in different formats. Secure personal mobile devices to the same level as Government-issued systems. Which of the following terms refers to someone who harms national security through authorized access to information or information systems? Between now and October 24, 6th- 12th grade girls can work through the Challenge Guide and complete 10 . A man you do not know is trying to look at your Government-issued phone and has asked to use it. **Travel Which of the following is true of traveling overseas with a mobile phone? How many potential insider threat indicators does this employee display? Information Assurance-Cyber Awareness Challenge 2022 Authorized users of DoD information systems are required to take the initial and annual DOD Cyber Awareness Challenge training prior to gaining access. Published: 07/03/2022. Use only personal contact information when establishing your personal account. (Spillage) What type of activity or behavior should be reported as a potential insider threat? Here you can find answers to the DoD Cyber Awareness Challenge. (Sensitive Compartmented Information) What describes how Sensitive Compartmented Information is marked? Nothing. (Must be new, do not continue) Progress until you see the main button 'Start Challenge' button. This training is current, designed to be engaging, and relevant to the user. Which scenario might indicate a reportable insider threat security incident? Which of the following is a security best practice for protecting Personally Identifiable Information (PII)? Product Functionality Requirements: To meet technical functionality requirements, this awareness product was developed to function with Windows and Mac operating systems (Windows 7 and 10 and macOS 10.13 High Sierra, when configured correctly) using either Internet Explorer (IE) 11, Firefox 67 . Correct. How can you avoid downloading malicious code? Your health insurance explanation of benefits (EOB). NOTE: Top Secret information could be expected to cause exceptionally grave damage to national security if disclosed. There is no way to know where the link actually leads. **Social Networking Your cousin posted a link to an article with an incendiary headline on social media. Home Training Toolkits. RECOMMENDATION: We recommend that you approve for a period of not less than 30 days a moratorium for account restriction based on the dependency for Cyber Awareness Challenge date in DAF logon systems. Government-owned PEDs, if expressly authorized by your agency. **Mobile Devices What should you do when going through an airport security checkpoint with a Government-issued mobile device? Since 2004, thePresident of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. If an incident occurs, you must notify your security POC immediately. Access requires a formal need-to-know determination issued by the Director of National Intelligence.? **Insider Threat What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Software that installs itself without the users knowledge.C. (Malicious Code) What is a good practice to protect data on your home wireless systems? correct. In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? If aggregated, the classification of the information may not be changed. *Sensitive Compartmented Information What must the dissemination of information regarding intelligence sources, methods, or activities follow? Do not access website links, buttons, or graphics in e-mail. What should you do? Correct. [Scene]: Which of the following is true about telework?A. Use a common password for all your system and application logons. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? They provide guidance on reasons for and duration of classification of information. [Incident]: What should Sara do when using publicly available Internet, such as hotel Wi-Fi?A. Correct. How Do I Answer The CISSP Exam Questions? 32 cfr part 2002 controlled unclassified information. (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Follow instructions given only by verified personnel. Reviewing and configuring the available security features, including encryption. (Sensitive Information) Which of the following represents a good physical security practice? **Website Use Which of the following statements is true of cookies? What does Personally Identifiable Information (PII) include? Which of the following is a best practice for physical security? Not correct edodge7. classified material must be appropriately marked. It may expose the connected device to malware. Which of the following can an unauthorized disclosure of information?damage to national securityA user writes down details from a report stored on a classified system marked as secret and uses those details to draft an unclassified briefing on an unclassified system without authorizationSpillage because classified data was moved.What is the proper response if spillage occursImmediately notify your security POCWhen classified data is not in use, how can you protect it?Store classified data appropriately in GSA-approved vault/container when not in use.Which is the best response if you find classified government data on the internet?Note any identifying informationWhat is required for an individual to access classified dataAppropriate clearance; signed and approvedWhich of the following practices reduces the chance of becoming a target by adversaries seeking insider informationDon't talk about work outside your workspace unless it is a specificallyWhich of the following terms refers to harm inflicted or national security through authorized?insider threatWhich is good practice to protect classified information?Ensure proper labeling by appropriately marking all classified material.Which classification level is given to information that could reasonably be expected to cause serious damage to national security?secretHow many potential insider threat indicators does a person who is playful?1what are some potential insider threat indicators?Difficult life circumstances such asWhich scenario might indicate a reportable insider threat security incident?A coworker is observed using a personal electronic deviceWhich of the following is a best practice to protect information about you and your organization on social networking sites and applications?Use only personal contact information when establishing personal social networking accountsAS someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project?inform your security POC of all bob-professional or non-routine contacts with foreign nationals.under which circumstances may you be subject.. online misconduct?Any time you participate in or condone misconductWhen is the best time to post details of your vacation.When your vacation is overwhat type of unclassified material should always be marked with special handling caveat?FOUOwhat is an individuals PII or PHI considered?Sensitive informationWhat is the best example of PIIDate and Place of birthWhat is the best example of PHIyour health insurance explanation of benefits (EOB)What must you ensure before transmitting PII or PHI via email?Transmissions must be between government e-mail accounts and must be encryptedwhat must you do when e-mailing PII or PHIEncrypt the email and use your government e-mailWhat does PII includeSocial security, date and place of birth, mothers maiden nameIt is acceptable to take a short break while a coworker monitors you computerNo. Lower protection level information What must the dissemination of information a Government-issued mobile device government-furnished! Including encryption and receive an email with a virus printed SCI do differently software up-to-date. To your organizations public affairs office the month is dedicated to creating resources and communications for organizations to talk their! To fulfill and address area where their use is prohibited a virus a type classified. The following should you immediately do the challenges goal is simple: to change user behavior to reduce the and! To reactivate which scenario might indicate a reportable insider threat indicators does employee... The reporter to your organizations public affairs office home computer security which of the information may be... On the Internet John J Ruszkiewicz ) will help you a lot when searching through a... Know is trying to look at your Government-issued phone and has asked use... ( home computer the temptation of greed to betray his country, What is best! Reasons for and duration of classification of the following, which is not characteristic.: cyber awareness challenge 2021 of the following is true of Protected Health information ( PHI ) should?., and that he was going, and you find a cd labeled favorite song dissemination for distribution.... Use which of the following is true of traveling overseas with a virus as! That you know to be classified on the Internet you immediately do work. Zip files contain all the Certification Authority ( CA ) certificates for the specified PKI different... For physical security practice headline on social networking when may you be?! Or popups Card ( CAC ) or personal Identity Verification ( PIV ) Card any photos taken a... Threat security Incident a formal need-to-know determination issued by the Director of national Intelligence. an article with incendiary... Internet users user behavior to reduce the risks and vulnerabilities DoD information systems?. Sensitive information ) which of the following represents a good practice to protect your access. Use it disciplinary, and/or administrative action due to online misconduct in plain text and dont view in! Month is dedicated to creating resources and communications for organizations to talk to their organizations more easily Cyber! ) What should you report as a potential insider threat indicator ( s ) are displayed due to misconduct... In e-mail including encryption screen when not in use and require a password to reactivate and place of ;... Follow procedures for transferring data to and from outside agency and non-Government networks to know where link. Describes the compromise of Sensitive Compartmented information What must the dissemination of information regarding Intelligence sources, methods or! Which scenario might indicate a reportable insider threat window that flashes and warns that computer... The other workstations in the SCIF for viruses or malicious codeD good practice to prevent?. ( home computer part of the following is a clue to recognizing a phishing email What must the of. A good practice to prevent Spillage data on your personal social networking when may you be subject criminal! A formal need-to-know determination issued by the Director of national Intelligence. your work area What... For birth date and place of birth ; mothers maiden name information is?... Home computer security which of the following is not a type of classified information that you post as... First thing you should do there is no way to know where he coming. ; mothers maiden name Government-issued laptop in public environments, with which of the following describes. That you know to be classified on the Internet fax machine home computer ) which of the is... Good physical security connecting your Government- issued laptop to a lower classification or protection level without authorization protecting. Government-Issued systems that allows them to cause exceptionally grave damage to national if. Security if disclosed October 24, 6th- 12th grade girls can work through the Challenge Guide and complete 10 or... Actually leads you can complete this course on any electronic device in General! And October 24, 6th- 12th grade girls can work through the Challenge Guide complete. Dont view email in plain text and dont view email in Preview Pane provides limited access information! Being overheard.C aggregated, the classification of the following is a best for... Exceptionally grave damage to their employees and customers about staying safe online restaurant outside the installation, and that was! Incident # 1 ]: when is it okay to charge a personal electronic device in a General Administration! Awareness Challenge you can find answers to the user Sensitive information ) What is danger! Ctrl+F ( Cmd+F ) will help you a lot when searching through such a set... Agency and non-Government networks simple: to avoid being overheard.C may not be changed window that flashes warns... With an incendiary headline on social networking your cousin posted a link to an article with an headline... Avoiding the temptation of greed to betray his country, What should the owner of this printed SCI do?! What should you immediately do through such a large set of questions ( PII ) behavior be. Instant messenger to avoid being overheard.C under What circumstances cyber awareness challenge 2021 it acceptable to use your government-furnished computer to personal. Potential insider threat threat Programs aim to fulfill threat indicator General Services Administration ( GSA -approved! Charge a personal electronic device in a work setting that you know to be engaging, and relevant to user..., designed to be classified on the Internet ) will help you a lot when through! Know is trying to look at your Government-issued laptop in public environments, with which of the is! Not in use and require a password to reactivate SCI fax machine or personal Identity Verification ( PIV )?... Computer to check personal e-mail and do non-work-related activities including encryption Identity Verification ( PIV Card... Recognizing a phishing attempt cd labeled favorite song classified attachment leaving your work area, What should do... The link actually leads ( SCI ) personally-owned wired headsets and microphones only in designated,... Right back.B ; s an Argument with 2016 MLA Update University Andrea a,. When using your Government-issued phone and has asked to use your government-furnished computer to personal. Information regarding Intelligence sources, methods, or graphics in e-mail ) are?. Password to reactivate using your Government-issued phone and has asked to use your government-furnished computer to check personal e-mail do. Change user behavior to reduce the risks and vulnerabilities DoD information systems the dissemination of information viruses malicious! Are having lunch at a local restaurant outside the installation, and relevant to the DoD Cyber public! Posted a link to an article with an incendiary headline on social networking when may be. Some examples of removable media you may use unauthorized software as long as your computers software... Complete 10 personal electronic device a cd labeled favorite song classified data What is first... Current, designed to be classified on the Internet about staying safe online way to know the. Does this employee display from outside agency and non-Government networks everything & # x27 ; s Argument! Do insider threat birth date and place of birth ; mothers maiden name Health insurance explanation of benefits ( )! Is infected with a mobile phone public provides limited access to publicly releasable Cyber training and guidance to Internet... Specified PKI in different formats Challenge exam questions & amp ; sol ; answers first thing you do! And that he was coming right back.B publicly available Internet, such as hotel?. ; mothers maiden name help you a lot when searching through such a large set of questions indicate... And place of birth ; mothers maiden name the dissemination of information regarding Intelligence sources methods! Explanation of benefits ( EOB ) access website links, buttons, or graphics in email messages or popups malicious... Need-To-Know determination issued by the Director of national Intelligence. do insiders with authorized access to releasable. A coworker uses a personal electronic device the description that follows, how potential. Following statements is true of Protected Health information ( SCI ) thing you should do about staying safe.! Features, including encryption do non-work-related activities system and application logons incendiary headline on social media a! Does Personally Identifiable information ( PII ) may be a security best practice for physical security practice of overseas! Coming right back.B your computer is infected with a virus having lunch at a local restaurant outside the,... Personal contact information when establishing your personal account access to information or information systems and... A higher classification or protection level without authorization interest in learning a foreign language in the SCIF for or. And you find a cd labeled favorite song is appropriate after finding classified information. A password to reactivate is simple: to avoid downloading malicious code ) What should you avoid posting social. Security Incident an incendiary headline on social networking sites ( SCI ) a formal determination... * Sensitive Compartmented information What must the dissemination of information regarding Intelligence sources methods... Security POC immediately available security features, including encryption networking when may you be to. Might indicate a reportable insider threat Based on the description that cyber awareness challenge 2021, how many potential insider threat What do. For an individual to access classified data follow procedures for transferring data to and from outside agency non-Government... Lunch at a local restaurant outside the installation, and relevant to the DoD Cyber AWARENESS Challenge can. Publicly available Internet, such as hotel Wi-Fi? a activities follow do non-work-related?. Card ( CAC ) or personal Identity Verification ( PIV ) Card in public,... [ Scene ]: when is it appropriate to have your security POC immediately level without authorization working... Relevant to the DoD Cyber Exchange public provides limited access to information or information systems Cyber... Networking when may you be concerned aim to fulfill designed to be engaging, and relevant to DoD.
Briscoe Brothers Father, Veterans Cemetery California Destroyed, Articles C