Unclassified information is a threat to national security. Figure 1. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. data. When teleworking, you should always use authorized and software. After you have returned home following the vacation. Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. Her badge is not visible to you. What should be your response? On a NIPRNET system while using it for a PKI-required task. Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. **Travel What is a best practice while traveling with mobile computing devices? Malicious code can mask itself as a harmless e-mail attachment, downloadable file, or website. Which of the following is true about unclassified data? **Removable Media in a SCIF What portable electronic devices (PEDs) are allowed in a Sensitive Compartmented Information Facility (SCIF)? What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? Cyber Awareness 2022. **Home Computer Security Which of the following is a best practice for securing your home computer? Store it in a shielded sleeve to avoid chip cloning. Connect to the Government Virtual Private Network (VPN).?? EPA anticipates beginning CUI practices (designating, marking, safeguarding, disseminating, destroying, and decontrolling) starting in FY2023. *Sensitive Compartmented Information When is it appropriate to have your security badge visible? When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Select the information on the data sheet that is protected health information (PHI). Updated 8/5/2020 8:06:16 PM. They may be used to mask malicious intent. Store it in a shielded sleeve to avoid chip cloning. Which of the following is true of traveling overseas with a mobile phone. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. Validate all friend requests through another source before confirming them. **Social Networking Which of the following best describes the sources that contribute to your online identity? correct. When unclassified data is aggregated, its classification level may rise. How many indicators does this employee display? John submits CUI to his organizations security office to transmit it on his behalf. Which of the following may help to prevent spillage? You know this project is classified. You know this project is classified. Maybe How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Rating. Working With Sensitive Information - Canada.ca Following instructions from verified personnel. Which of the following statements is true? (Correct)-It does not affect the safety of Government missions.-It never requires classification markings. Call your security point of contact immediately. What is a valid response when identity theft occurs? Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)? #2) Select the "Pre-Process" tab. Only paper documents that are in open storage need to be marked. What type of social engineering targets particular individuals, groups of people, or organizations? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Memory sticks, flash drives, or external hard drives. Maintain visual or physical control of the device. correct. What actions should you take prior to leaving the work environment and going to lunch? CUI may be stored only on authorized systems or approved devices. Retrieve classified documents promptly from printers. Security Classification Guides (SCGs).??? Using webmail may bypass built in security features. **Classified Data Which classification level is given to information that could reasonably be expected to cause serious damage to national security? What Should You Do When Working On An Unclassified System And Receive Under which circumstances may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card. (Correct) -It does not affect the safety of Government missions. If you participate in or condone it at any time. (Malicious Code) Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? Software that installs itself without the users knowledge. Digitally signed e-mails are more secure. What should you do? Which of the following is a security best practice for protecting Personally Identifiable Information (PII)? What would you do if you receive a game application request on your government computer that includes permission to access your friends, profile information, cookies, and sites visited? Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. What describes how Sensitive Compartmented Information is marked? All to Friends Only. It never requires classification markings, is true about unclassified data. (Malicious Code) A coworker has asked if you want to download a programmers game to play at work. Debra ensures not correct Definition 1 / 24 -It must be released to the public immediately. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. *Spillage Which of the following may help to prevent spillage? **Insider Threat Which scenario might indicate a reportable insider threat? A Coworker has asked if you want to download a programmers game to play at work. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. In which situation below are you permitted to use your PKI token? DOD Cyber Awareness 2021 (DOD-IAA-V18.0) Know, RT202: Ch. Unsupervised machine learning: Dealing with unknown data (Identity Management) What certificates are contained on the Common Access Card (CAC)? How many potential insiders threat indicators does this employee display? What is a security best practice to employ on your home computer? *Sensitive Compartmented Information What is Sensitive Compartmented Information (SCI)? How can you protect your information when using wireless technology? How can you protect your information when using wireless technology? Search for an answer or ask Weegy. Sensitive information may be stored on any password-protected system. (Spillage) When classified data is not in use, how can you protect it? **Social Networking Which of the following information is a security risk when posted publicly on your social networking profile? Which of the following information is a security risk when posted publicly on your social networking profile? **Classified Data What is required for an individual to access classified data? Taking classified documents from your workspace. What should you do after you have ended a call from a reporter asking you to confirm potentially classified info found on the web? -TRUE The use of webmail is -is only allowed if the organization permits it Using webmail may bypass built in security features. Which is NOT a method of protecting classified data? **Travel Which of the following is true of traveling overseas with a mobile phone? you don't need to do anything special to protect this information You must have your organization's permission to telework c. You may use unauthorized software as long as your computer's antivirus software is up to date. A trusted friend in your social network posts a link to vaccine information on a website unknown to you. Federal agencies routinely generate, use, store, and share information that, while not meeting the threshold for classification as national security or atomic energy information, requires some level of protection from unauthorized access and release. The Registry is updated as agencies continue to submit governing authorities that authorize the protection and safeguarding of sensitive information. It should only be in a system while actively using it for a PKI-required task. **Classified Data Which of the following is a good practice to protect classified information? Protection may be required for privacy, law enforcement, contractual protections, or other reasons. Store classified data appropriately in a GSA-approved vault/container. **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. Refer the reporter to your organizations public affairs office. A coworker is observed using a personal electronic device in an area where their use is prohibited. Setting weekly time for virus scan when you are not on the computer and it is powered off. Remove your security badge after leaving your controlled area or office building. Any time you participate in or condone misconduct, whether offline or online. Executive Order 13556, Controlled Unclassified Information, requires the Executive Branch to establish an open and uniform program for managing [unclassified] information that requires safeguarding or dissemination controls pursuant to and consistent with laws, regulations, and Government-wide policies. The National Archives and Records Administration (NARA) was named the Executive Agent (EA) responsible for overseeing the CUI Program. A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. *Spillage Which of the following may help prevent inadvertent spillage? Use only personal contact information when establishing personal social networking accounts, never use Government contact information. correct. 1.1 Standard Challenge Answers. Information should be secured in a cabinet or container while not in use. What is NOT Personally Identifiable Information (PII)? What action is recommended when somebody calls you to inquire about your work environment or specific account information? Which of the following is not considered a potential insider threat indicator? CUI may be stored on any password-protected system. **Identity management Which of the following is NOT a best practice to preserve the authenticity of your identity? Reviewing and configuring the available security features, including encryption. Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? Access requires a formal need-to-know determination issued by the Director of National Intelligence.? Which of the following actions is appropriate after finding classified Government information on the internet? How can you protect yourself from social engineering? Not correct. What should you do? Store classified data in a locked desk drawer when not in use Maybe (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? How do you respond? Which of the following should you do immediately? Do not access links or hyperlinked media such as buttons and graphics in email messages. TheNational Archives and Records Administration (NARA)servesas the Controlled Unclassified Information (CUI) Executive Agent (EA). What structures visible in the stained preparation were invisible in the unstained preparation? Log in for more information. What is an individual's Personally Identifiable Information (PII) or Protected Health Information (PHI) considered? How many potential insider threat indicators is Bob displaying? A Which of the following is an example of Protected Health Information (PHI)? Unclassified documents do not need to be marked as a SCIF. Click the card to flip Flashcards Learn Test Match Created by Jamie_Lancaster Terms in this set (24) Exceptionally grave damage to national security. Which of the following is NOT an example of CUI? What is the best response if you find classified government data on the internet? -TRUE What action is recommended when somebody calls you to inquire about your work environment or specific account information? A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complain about the credit card bills that his wife runs up. CPCON 3 (Medium: Critical, Essential, and Support Functions) Which of the following is a security best practice when using social networking sites? (Sensitive Information) Which of the following is NOT an example of sensitive information? Connect and share knowledge within a single location that is structured and easy to search. They broadly describe the overall classification of a program or system. How should you respond? Which of the following is an example of removable media? New interest in learning another language, Which of the following is a good practice to protect classified information. You must have your organization's permission to telework. **Mobile Devices Which of the following helps protect data on your personal mobile devices? We recommend Norton Security or McAfee Total Protection. Hostility or anger toward the United States and its policies. It is getting late on Friday. Correct, Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. 1 Answer/Comment. Which of the following is an example of two-factor authentication? What can help to protect the data on your personal mobile device. Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? What should be your response? What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? Let us have a look at your work and suggest how to improve it! Personal information is inadvertently posted at a website. At EPA, the CUI Program is housed in the Libraries and Accessibility Division (LAD) within the Office of Mission Supports (OMS), Office of Enterprise Information Programs (OEIP). Use the classified network for all work, including unclassified work. They can be part of a distributed denial-of-service (DDoS) attack. Decline to let the person in and redirect her to security. **Website Use While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Ensure proper labeling by appropriately marking all classified material. Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. Alex demonstrates a lot of potential insider threat indicators. Unclassified documents do not need to be marked as a SCIF. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. What is a proper response if spillage occurs? Make note of any identifying information and the website URL and report it to your security office. **Classified Data Which of the following must you do before using and unclassified laptop and peripherals in a collateral environment? Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? **Classified Data How should you protect a printed classified document when it is not in use? Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Call your security point of contact immediately. You must have your organization's permission to telework. Controlled Unclassified Information (CUI) is information that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations, and government-wide policies but is not classified under Executive Order 13526 or the Atomic Energy Act, as amended. (1) A strategic plan documenting the overall conduct of a war. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive new car, and has unexplained absences from work. **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? Download the information. What should you do? Store it in a General Services Administration (GSA)-approved vault or container. Controlled Unclassified Information (CUI) - National Archives correct. Search for an answer or ask Weegy. Who is responsible for information/data security? How many potential insider threat indicators does this employee display? Which of the following is true of Protected Health Information (PHI)? In unsupervised machine learning, clustering is the most common process used to identify and group similar entities or items together. What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? All of these. Physical security of mobile phones carried overseas is not a major issue. Classification markings and handling caveats. Enable automatic screen locking after a period of inactivity. How should you respond? What certificates are contained on the Common Access Card (CAC)? not correct. What is required for an individual to access classified data? Looking at your MOTHER, and screaming THERE SHE BLOWS! Use a common password for all your system and application logons. Sanitized information gathered from personnel records. Everything you need to know aboutControlled UnclassifiedInformation(CUI). Teams. Sensitive information. *Malicious Code After visiting a website on your Government device, a popup appears on your screen. Assuming open storage is always authorized in a secure facility. Organizational Policy Not correct What type of attack might this be? Remove and take it with you whenever you leave your workstation. Of the following, which is NOT a method to protect sensitive information? Seeker - Vacancy - Detail Overview Immediately notify your security point of contact. Use the classified network for all work, including unclassified work. correct. Darryl is managing a project that requires access to classified information. Information improperly moved from a higher protection level to a lower protection level. Accepting the default privacy settings. Which of the following is true of sharing information in a Sensitive Compartmented Information Facility (SCIF)? Do not access website links in e-mail messages. Effects of different carbon substrates on PAHs fractions and microbial #1) Open WEKA and select "Explorer" under 'Applications'. Cyber Awareness Challenge Complete Questions and Answers You are leaving the building where you work. Which is NOT a wireless security practice? correct. DoD Unclassified data: Must be cleared before being released to the public May require applci aton i of Controled l Uncasl sed Iifi nformaton i (CU)I access and distribution controls Must be clearly marked as Unclassified or CUI if included in a classified document or classified storage area Lionel stops an individual in his secure area who is not wearing a badge. Jozeal. which of the following is true about unclassified data - Weegy Which designation marks information that does not have potential to damage national security? (removable media) If an incident occurs involving removable media in a Sensitive Compartmented Information Facility (SCIF), what action should you take? For programmatic questions regarding Controlled Unclassified Information (CUI), including any challenges to CUI marked by EPA, pleasecontact EPA's CUI Program Office. When using a fax machine to send sensitive information, the sender should do which of the following? what should you do? the following is true about unclassified data fy23 controlled unclassified information cui quizlet what is true of controlled unclassified information What. which of the following is true about unclassified data. Which of the following should be reported as a potential security incident? Not correct *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? **Physical Security What is a good practice for physical security? Which of the following is true about unclassified data? I may decide not to consent to these terms, but, if I do not consent to all of these terms, then I agree not to proceed with creating an account or moving forward with filling out the application, and I understand that I will not be . What action should you take? What action should you take? A coworker has asked if you want to download a programmers game to play at work. To transmit large payments through Fedwire __________, To regulate and supervise the stock market to provide stability and security to individual investors. **Insider Threat What do insiders with authorized access to information or information systems pose? Refer the reporter to your organizations public affairs office. JavaScript appears to be disabled on this computer. Cyber Awareness 2020 Knowledge Check Flashcards | Quizlet Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Unauthorized Disclosure of Classified Information and Controlled Unclassified Information . The CUI Registry is the Government-wide online repository for Federal-level guidance regarding CUI policy and practice. Since the URL does not start with https, do not provide your credit card information. How can you protect data on your mobile computing and portable electronic devices (PEDs)? (Spillage) What type of activity or behavior should be reported as a potential insider threat? What information posted publicly on your personal social networking profile represents a security risk? Directives issued by the Director of National Intelligence. Leaked classified or controlled information is still classified/controlled even if it has already been compromised. Unusual interest in classified information. As part of the survey the caller asks for birth date and address. The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. After clicking on a link on a website, a box pops up and asks if you want to run an application. Which of the following is not Controlled Unclassified Information (CUI)? Which of these is true of unclassified data? a. putting a child in time-out Always use DoD PKI tokens within their designated classification level. The potential for unauthorized viewing of work-related information displayed on your screen. In which situation below are you permitted to use your PKI token? How can you avoid downloading malicious code? Before long she has also purchased shoes from several other websites. Note any identifying information and the websites URL. See the discussed example before. -Classified information that should be unclassified and is downgraded. What action should you take first? What action should you take? An investment in knowledge pays the best interest.. THIS IS THE BEST ANSWER . **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? __________, To supervise bank holding companies and state member banks __________, To make loans to businesses who want to expand their operations __________, To operate the check-clearing system for the nation __________, to provide financial services to the federal government and serve as the bankers bank for commercial banks and other depositary institutions __________, To serve as the fiscal agent of the U.S. government __________, To place printed paper currency and newly minted coins into circulation __________. Question 1: The business impact analysis (BIA) identifies the resources for which a business continuity plan (BCP) is necessary. which of the following is true about unclassified data.