(1) A strategic plan documenting the overall conduct of a war. What information most likely presents a security risk on your personal social networking profile? Which of following is true of protecting classified data? **Home Computer Security How can you protect your information when using wireless technology? The physical security of the device. Which of the following is true about unclassified data? Classified material must be appropriately marked. **Mobile Devices What can help to protect the data on your personal mobile device? Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. While it may seem safer, you should NOT use a classified network for unclassified work. Malicious code can do the following except? What should be your response? See the discussed example before. Which is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF). That trust is bounded by the Oath of Office we took willingly. Updated 8/5/2020 8:06:16 PM. Your comments are due on Monday. Correct. Follow instructions given only by verified personnel. *Spillage What should you do if a reporter asks you about potentially classified information on the web? How many potential insider threat indicators is Bob displaying? New interest in learning another language? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Write your password down on a device that only you access. A colleague removes sensitive information without seeking authorization in order to perform authorized telework. 1 Answer/Comment. correct. Law Enforcement Sensitive (LES),and others. Monitor credit card statements for unauthorized purchases, Thumb drives, memory sticks, and flash drives are examples of. true-statement. Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? Which of the following best describes the sources that contribute to your online identity. A .gov website belongs to an official government organization in the United States. Official websites use .gov Keep your operating system and software up to date: This will help patch any security vulnerabilities in your software. Telework is only authorized for unclassified and confidential information. Share sensitive information only on official, secure websites. Correct. All https sites are legitimate and there is no risk to entering your personal info online. correct. You many only transmit SCI via certified mail. What should you do if someone forgets their access badge (physical access)? All to Friends Only. How many potential insiders threat indicators does this employee display? Secure .gov websites use HTTPS Which of the following does NOT constitute spillage? Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. CUI must be handled using safeguarding or dissemination controls. What Are Some Examples Of Malicious Code Cyber Awareness? What should you do if a reporter asks you about potentially classified information on the web? **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? Keeping a database from being accessed by unauthorized visitors C. Restricting a subject at a lower classification level from accessing data at a higher classification level D. Preventing an . Only paper documents that are in open storage need to be marked. When using a fax machine to send sensitive information, the sender should do which of the following? An official website of the United States government. Linda encrypts all of the sensitive data on her government-issued mobile devices. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Which of the following actions is appropriate after finding classified Government information on the internet? What should you do? The National Archives and Records Administration (NARA) serves as the Controlled Unclassified Information (CUI) Executive Agent (EA). correct. Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. **Social Networking Which of the following information is a security risk when posted publicly on your social networking profile? Report the crime to local law enforcement. Ask them to verify their name and office number. Leaked classified or controlled information is still classified/controlled even if it has already been compromised. Unclassified information can become a threat to national security. What is a way to prevent the download of viruses and other malicious code when checking your e-mail? What structures visible in the stained preparation were invisible in the unstained preparation? It does not require markings or distribution controls. What can you do to protect yourself against phishing? Permitted Uses of Government-Furnished Equipment (GFE). Of the following, which is NOT an intelligence community mandate for passwords? You must have your organization's permission to telework. Research the source of the article to evaluate its credibility and reliability. (Spillage) When classified data is not in use, how can you protect it? EPAs CUI Program is responsible for issuing CUI policy, procedures, training, and guidance to program offices and regions, along with providing oversight and reporting on the Agencys progress on meeting NARAs CUI deadlines. classified-document. You must have your organization's permission to telework. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? Were mitochondria as abundant in human epithelial cells as in onion epidermal cells (procedure 4.6)? Information improperly moved from a higher protection level to a lower protection level. cyber. internet. A program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? It is releasable to the public without clearance. Classified information that should be unclassified and is downgraded. Make note of any identifying information and the website URL and report it to your security office. What should you do? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Which of the following is NOT a typical result from running malicious code? How can you protect yourself on social networking sites? In unsupervised machine learning, clustering is the most common process used to identify and group similar entities or items together. What is the best choice to describe what has occurred? Unclassified documents do not need to be marked as a SCIF. Question. You know this project is classified. Click on "Open File". A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. Which of the following is NOT true concerning a computer labeled SECRET? *Spillage What should you do if you suspect spillage has occurred? "Unclassified" or a lack of security marking denotes non-sensitive information. Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? Which scenario might indicate a reportable insider threat security incident? Government-owned PEDs when expressly authorized by your agency. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. Attempting to access sensitive information without need-to-know. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive new car, and has unexplained absences from work. classified-document. *Sensitive Information Under what circumstances could classified information be considered a threat to national security? Which of the following is true about unclassified data? Note any identifying information and the websites Uniform Resource Locator (URL). Which of the following is NOT a type of malicious code? 1.1.2 Classified Data. TheNational Archives and Records Administration (NARA)servesas the Controlled Unclassified Information (CUI) Executive Agent (EA). If you participate in or condone it at any time. Set hasDigit to true if the 3-character passCode contains a digit, Critical, Essential, and Support Functions. asked in Internet by voice (265k points) Question : Which of the following is true about unclassified data? **Classified Data When classified data is not in use, how can you protect it? Correct The questions are broken into the following sections: Controlled Unclassified Information (CUI) isinformation that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies,but is not classified underExecutive Order 13526 Classified National Security Informationorthe Atomic Energy Act, as amended. Physical security of mobile phones carried overseas is not a major issue. Darryl is managing a project that requires access to classified information. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? A 3%3\%3% penalty is charged for payment after 303030 days. Store your Common Access Card (CAC) or Personal Identity Verification (PIV) card in a shielded sleeve ~Write your password down on a device that only you access (e.g., your smartphone) Change your password at least every 3 months Enable two-factor authentication whenever available, even for personal accounts. Immediately notify your security point of contact. You are working at your unclassified system and receive an email from a coworker containing a classified attachment. a. putting a child in time-out Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. When can you check personal email on your government furnished equipment? Under what circumstances could unclassified information be considered a threat to national security? -TRUE The use of webmail is -is only allowed if the organization permits it Using webmail may bypass built in security features. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. What is a best practice for protecting controlled unclassified information (CUI)? Refer the vendor to the appropriate personnel. Never write down the PIN for your CAC. **Social Networking As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? Validate friend requests through another source before confirming them. How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. Only friends should see all biographical data such as where Alex lives and works. *Sensitive Compartmented Information When faxing Sensitive Compartmented Information (SCI), what actions should you take? Connect to the Government Virtual Private Network (VPN).?? E-mailing your co-workers to let them know you are taking a sick day. Since the URL does not start with https, do not provide you credit card information. What is the best course of action? Report the suspicious behavior in accordance with their organizations insider threat policy. After you have returned home following the vacation. Changes to various data systems that store and sometimes share sensitive information outside EPA. When unclassified data is aggregated, its classification level may rise. You must have permission from your organization. **Use of GFE When can you check personal e-mail on your Government-furnished equipment (GFE)? It never requires classified markings, it is true about unclassified data. Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. (Malicious Code) What are some examples of removable media? The popup asks if you want to run an application. (controlled unclassified information) Which of the following is NOT correct way to protect CUI? Immediately notify your security point of contact. Which of the following is NOT a typical result from running malicious code? How can you protect data on your mobile computing and portable electronic devices (PEDs)? Remove your security badge after leaving your controlled area or office building. c. ignoring a tantrum *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? How Do I Answer The CISSP Exam Questions? Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? What does Personally Identifiable Information (PII) include? Digitally signed e-mails are more secure. Only use Government-furnished or Government-approved equipment to process PII. Which of the following is true of the Common Access Card (CAC)? What actions should you take with a compressed Uniform Resource Locator (URL) on a website known to you? -It must be released to the public immediately. (Malicious Code) Which of the following is true of Internet hoaxes? Which of the following is NOT Protected Health Information (PHI)? Thiswill enabletimely and consistent informationsharing andincreasetransparency throughout the Federal government and with non-Federal stakeholders. **Insider Threat Which of the following should be reported as a potential security incident (in accordance with you Agencys insider threat policy)? The email has an attachment whose name contains the word secret. CPCON 3 (Medium: Critical, Essential, and Support Functions) What is NOT Personally Identifiable Information (PII)? Malicious code can do damage by corrupting files, erasing your hard drive, and/or allowing hackers access. 1.1 Standard Challenge Answers. the following is true about unclassified data fy23 controlled unclassified information cui quizlet what is true of controlled unclassified information What. What type of social engineering targets senior officials? Not correct Sensitive information may be stored on any password-protected system. Approved Security Classification Guide (SCG). Please click here to see any active alerts. To determine premiums for automobile insurance, companies must have an understanding of the variables that affect whether a driver will have an accident. Compute The Average Kids Per Family. Unauthorized Disclosure of Classified Information and Controlled Unclassified Information . Controlled unclassified information. When vacation is over, after you have returned home. Which of the following is a practice that helps to protect you from identity theft? 5. 1.1.1 Spillage. 1.1.3 Insider Threat. Who can be permitted access to classified data? How many potential insiders threat indicators does this employee display? There are no choices provides which make it hard to pick the untrue statement about unclassified data. (Spillage) What should you do when you are working on an unclassified system and receive an email with a classified attachment? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Which of the following does NOT constitute spillage? What would you do if you receive a game application request on your government computer that includes permission to access your friends, profile information, cookies, and sites visited? What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? Refer the reporter to your organizations public affairs office. A coworker brings a personal electronic device into prohibited areas. Setting weekly time for virus scan when you are not on the computer and it is powered off. data. Which of the following is NOT a home security best practice? Use TinyURL's preview feature to investigate where the link leads. *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). Your favorite movie. What should you do? *Classified Data **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? Alex demonstrates a lot of potential insider threat indicators. Even within a secure facility, dont assume open storage is permitted. The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. Enable automatic screen locking after a period of inactivity. How should you securely transport company information on a removable media? A colleague often makes others uneasy with her persistent efforts to obtain information about classified project where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. What information relates to the physical or mental health of an individual? CUI may be stored on any password-protected system. **Identity management What is the best way to protect your Common Access Card (CAC)? A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. A coworker has asked if you want to download a programmers game to play at work. It is not corporate intellectual property unless created for or included in requirements related to a government contract. Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. How do you think antihistamines might work? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. Dont allow other access or to piggyback into secure areas. It contains certificates for identification, encryption, and digital signature. (Spillage) When is the safest time to post details of your vacation activities on your social networking website? With WEKA users, you can access WEKA sample files. What should you do? (Spillage) What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? Reviewing and configuring the available security features, including encryption. Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. Which of the following is true about unclassified data? Correct. After clicking on a link on a website, a box pops up and asks if you want to run an application. (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? Always use DoD PKI tokens within their designated classification level. Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. What function do Insider Threat Programs aim to fulfill? Which of the following is NOT Government computer misuse? Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. Linda encrypts all of the sensitive data on her government issued mobile devices. The Registry is updated as agencies continue to submit governing authorities that authorize the protection and safeguarding of sensitive information. Store it in a General Services Administration (GSA)-approved vault or container. **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display?