You are reviewing your employees annual self evaluation. Which scenario might indicate a reportable insider threat? **Classified Data Which of the following is true of telework? That trust is bounded by the Oath of Office we took willingly. Unknown data is categorized by the system; an analyst then reviews the results (social networking) When is the safest time to post details of your vacation activities on your social networking profile? Research the source to evaluate its credibility and reliability. Which designation marks information that does not have potential to damage national security? How can you protect yourself on social networking sites? You receive an email at your official Government email address from an individual at the Office of Personnel Management (OPM). Alexa May, director of accounts, received a bill for $648\$648$648, dated April 666, with sales terms 2/10,1/15,n/302/10, 1/15, n/302/10,1/15,n/30. Unclassified Information Student Guide . cyber-awareness. Retrieve classified documents promptly from printers. How should you respond? When your vacation is over, after you have returned home. Of the following, which is NOT an intelligence community mandate for passwords? 1.1.4 Social Networking. Correct. Leaked classified or controlled information is still classified/controlled even if it has already been compromised. Ask the individual to see an identification badge. Search -Its classification level may rise when aggregated. As part of the survey the caller asks for birth date and address. After you have returned home following the vacation. The questions are broken into the following sections: Controlled Unclassified Information (CUI) isinformation that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies,but is not classified underExecutive Order 13526 Classified National Security Informationorthe Atomic Energy Act, as amended. What should be your response? Which of the following is a good practice to prevent spillage. CPCON 1 (Very High: Critical Functions) What is required for an individual to access classified data? Which of the following is true about telework? Correct. It does not require markings or distribution controls. A medium secure password has at least 15 characters and one of the following. Which of the following is NOT a typical result from running malicious code? Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Which of the following is NOT a security best practice when saving cookies to a hard drive? (controlled unclassified information) Which of the following is NOT correct way to protect CUI? A type of phishing targeted at senior officials. What action should you take? You know this project is classified. What should you do if a reporter asks you about potentially classified information on the web? Why might "insiders" be able to cause damage to their organizations more easily than others? What is best practice while traveling with mobile computing devices? Which of the following is true of the Common Access Card (CAC)? They can become an attack vector to other devices on your home network. In which situation below are you permitted to use your PKI token? Remove security badge as you enter a restaurant or retail establishment. When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. (Wrong). TheNational Archives and Records Administration (NARA)servesas the Controlled Unclassified Information (CUI) Executive Agent (EA). Research the source of the article to evaluate its credibility and reliability. You must have your organizations permission to telework. Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. Always use DoD PKI tokens within their designated classification level. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. How can you protect yourself from social engineering? The EPAs Controlled Unclassified Information (CUI) Program issued its Interim CUI Policy in December 2020. Which method would be the BEST way to send this information? Which of the following is a potential insider threat indicator? Which of the following is NOT Government computer misuse? Unclassified is a security classification assigned to official information that does not warrant the assignment of Confidential, Secret, or Top Secret markings but which is not publicly-releasable without authorization. Based on the description that follows, how many potential insider threat indicator(s) are displayed? What action should you take? (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? A coworker has asked if you want to download a programmers game to play at work. correct. Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, CITI Ethics, Responsible Conduct, RCR, Law, HTH And IRB Answers, EVERFI Achieve Consumer Financial Education Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Google Analytics Individual Qualification Exam Answers, Everfi Module 4 Credit Scores Quiz Answers, Which Of The Following Is Not Considered A Potential Insider Threat Indicator. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. The EPA will phase out legacy markings and safeguarding practices as implementation proceeds. Physical security of mobile phones carried overseas is not a major issue. Press release data. A colleague enjoys playing video games online, regularly use social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited. What are some potential insider threat indicators? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. The email states your account has been compromised and you are invited to click on the link in order to reset your password. Try this test to determine if it's considered unclassified, classified or protected, and check out tips on what to do and what not to do when working with sensitive information. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. The website requires a credit card for registration. We thoroughly check each answer to a question to provide you with the most correct answers. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. Understanding and using the available privacy settings. Which of the following is NOT one? In addition to offering an overview of cybersecurity best practices, the challenge also provides awareness of potential and common cyber threats. When is the best time to post details of your vacation activities on your social networking website? See the discussed example before. What can be used to track Marias web browsing habits? Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? Which is an untrue statement about unclassified data? What should you do to protect yourself while on social networks? How can you avoid downloading malicious code? -It must be released to the public immediately. No. What action is recommended when somebody calls you to inquire about your work environment or specific account information? A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. -It must be released to the public immediately. When operationally necessary, owned by your organization, and approved by the appropriate authority. What should be your response? not correct What is a valid response when identity theft occurs? Do not use any personally owned/non-organizational removable media on your organizations systems. With WEKA users, you can access WEKA sample files. Which of the following is NOT a correct way to protect CUI? the following is true about unclassified data fy23 controlled unclassified information cui quizlet what is true of controlled unclassified information What. What is the danger of using public Wi-Fi connections? Which of the following is true of internet hoaxes? (Spillage) Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? Question 1: The business impact analysis (BIA) identifies the resources for which a business continuity plan (BCP) is necessary. Under what circumstances could unclassified information be considered a threat to national security? How many potential insider threat indicators does this employee display? Which of the following is true about unclassified data? **Removable Media in a SCIF What must users ensure when using removable media such as compact disk (CD)? Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? How do you respond? Like the number of people in a class, the number of fingers on your hands, or the number of children someone has. Which of the following is NOT an example of sensitive information? Which of the following may help to prevent spillage? The CUI Registry is the Government-wide online repository for Federal-level guidance regarding CUI policy and practice. (Malicious Code) What is a good practice to protect data on your home wireless systems? Directives issued by the Director of National Intelligence. Third, the neighbor ground points of an unclassified point are searched from multiple subspaces. Some examplesyou may be familiar with: TheFederalCUI Registry,shows authorized categoriesandassociated markings, as well as applicable safeguarding, dissemination, and decontrol procedures. Hostility or anger toward the United States and its policies. (Spillage) What type of activity or behavior should be reported as a potential insider threat? Which of the following is true of Unclassified Information? New interest in learning another language, Which of the following is a good practice to protect classified information. Set hasDigit to true if the 3-character passCode contains a digit, Critical, Essential, and Support Functions. cyber. Were mitochondria as abundant in human epithelial cells as in onion epidermal cells (procedure 4.6)? Even within a secure facility, dont assume open storage is permitted. Correct Which of the following is an example of malicious code? Teams. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. Classified information is defined in PL 96-456, the Classified Information Procedures Act: Which of the following is NOT a potential insider threat? Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Ask for information about the website, including the URL. Which of the following is true of Security Classification Guides? ! (A type of phishing targeted at senior officials) Which is still your FAT A$$ MOTHER! In which situation below are you permitted to use your PKI token? What information relates to the physical or mental health of an individual? Decline to let the person in and redirect her to security. Jozeal. **Social Networking Which of the following is a security best practice when using social networking sites? You must possess security clearance eligibility to telework. Federal agencies routinely generate, use, store, and share information that, while not meeting the threshold for classification as national security or atomic energy information, requires some level of protection from unauthorized access and release. Use a single, complex password for your system and application logons. correct. When expanded it provides a list of search options that will switch the search inputs to match the current selection. Which of the following is a good practice to avoid email viruses? Which of the following should be reported as a potential security incident? (Sensitive Information) What must the dissemination of information regarding intelligence sources, methods, or activities follow? You know that this project is classified. (Malicious Code) Which email attachments are generally SAFE to open? Which of the following may help to prevent inadvertent spillage? What should you do? classified-document. (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? Sensitive information may be stored on any password-protected system. Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? Darryl is managing a project that requires access to classified information. PII, PHI, and financial information is classified as what type of information? correct. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? Note the websites URL and report the situation to your security point of contact. (Malicious Code) Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? Which of the following is not considered an example of data hiding? View email in plain text and dont view email in Preview Pane. (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? Which of the following best describes good physical security? Store it in a locked desk drawer after working hours. cyber. Adversaries exploit social networking sites to disseminate fake news Correct. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. not correct. After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)? Which is an untrue statement about unclassified data? **Identity Management Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. A type of phishing targeted at high-level personnel such as senior officials. Which of the following is true of Unclassified information? **Identity management Which of the following is an example of a strong password? Use only personal contact information when establishing personal social networking accounts, never use Government contact information. You are logged on to your unclassified computer and just received an encrypted email from a co-worker. **Identity management Which of the following is NOT a best practice to preserve the authenticity of your identity? Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? The email provides a link to a personnel portal where you must enter your personal information as part of an effort to standardize recordkeeping. Connect to the Government Virtual Private Network (VPN). What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? *Spillage .What should you do if a reporter asks you about potentially classified information on the web? Classified data: (Scene) Which of the following is true about telework? Transmit classified information via fax machine only Not correct Only paper documents that are in open storage need to be marked. Log in for more information. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card. **Social Networking Which of the following best describes the sources that contribute to your online identity? What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? You many only transmit SCI via certified mail. A user writes down details from a report stored on a classified system marked as Secret and uses those details to draft an unclassified briefing on an unclassified system without authorization. Store it in a General Services Administration (GSA)-approved vault or container. How many potential insider threat indicators does this employee display? What action should you take? Contents hide. Alex demonstrates a lot of potential insider threat indicators. The Chinese Spy Balloon Showdown The discovery of a Chinese surveillance balloon floating over the United States has added to the rising tensions between the two superpowers. Of the following, which is NOT a security awareness tip? Immediately notify your security point of contact. **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? Government-owned PEDs, if expressly authorized by your agency. Which of the following is true about telework? Security Classification Guides (SCGs).??? Which of the following is NOT a home security best practice? Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. -It never requires classification markings. If possible, set your browser preferences to prompt you each time a website wants to store a cookie. -Its classification level may rise when aggregated. Hostility or anger toward the United States and its policies. Do not download it. **Insider Threat Which of the following is NOT considered a potential insider threat indicator? correct. CUI may be stored on any password-protected system. What amount is due if Alexa pays on or betwee n April 222222 and May 666? 1.To provide opportunities for individuals and businesses to open checking accounts __________, To write rules and guidelines for financial institutions under its supervision __________, To be the lender of last resort for financial institutions __________, To conduct the nations monetary policy with the goals of maintaining full employment and price stability __________, 5. Which of the following is a clue to recognizing a phishing email? -TRUE What action is recommended when somebody calls you to inquire about your work environment or specific account information? What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. **Travel What is a best practice while traveling with mobile computing devices? Directing you to a website that looks real. not correct difficult life circumstances such as substance abuse, divided loyalty or allegiance to the U.S., and extreme, persistent interpersonal difficulties. Label all files, removable media, and subject headers with appropriate classification markings. You should remove and take your CAC/PIV card whenever you leave your workstation. Personal information is inadvertently posted at a website. You are leaving the building where you work. (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. What should be your response? (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? **Social Networking As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? Sanitized information gathered from personnel records. Your health insurance explanation of benefits (EOB). **Insider Threat What function do Insider Threat Programs aim to fulfill? *Spillage A user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. **Insider Threat Which type of behavior should you report as a potential insider threat? Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. (Identity Management) What certificates are contained on the Common Access Card (CAC)? A colleague saves money for an overseas vacation every year, is a . *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Correct. Dont assume open storage in a secure facility is authorized Maybe. Search for an answer or ask Weegy. (Sensitive Information) What should you do if a commercial entity, such as a hotel reception desk, asks to make a photocopy of your Common Access Card (CAC) for proof of Federal Government employment? However, agency personnel and contractors should first consult their agency's CUI implementing policies and program management for guidance. true-statement. It contains certificates for identification, encryption, and digital signature. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. They can be part of a distributed denial-of-service (DDoS) attack. What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? This bag contains your government-issued laptop. Report the suspicious behavior in accordance with their organizations insider threat policy. On a NIPRNET system while using it for a PKI-required task. Phishing can be an email with a hyperlink as bait. For programmatic questions regarding Controlled Unclassified Information (CUI), including any challenges to CUI marked by EPA, pleasecontact EPA's CUI Program Office. Which of the following is NOT a type of malicious code? Use a common password for all your system and application logons. Note any identifying information, such as the website's URL, and report the situation to your security POC. "Unclassified" or a lack of security marking denotes non-sensitive information. *Insider Threat Which of the following is a potential insider threat indicator? What is the best response if you find classified government data on the internet? On September 14, 2016, NARA issued a final rule amending 32 CFR Part 2002 to establish a uniform policy for all Federal agencies and prescribe Government-wide program implementation standards, including designating, safeguarding, disseminating, marking, decontrolling, and disposing of CUI; self-inspection and oversight requirements; and other facets of the CUI Program. The CUIProgramisan unprecedented initiative to standardize practices across more than 100 separate departments and agencies, as well asstate, local,tribal and, private sector entities; academia; and industry. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Which of the following is true of using DoD Public key Infrastructure (PKI) token? (Home computer) Which of the following is best practice for securing your home computer? CPCON 5 (Very Low: All Functions). How many potential insiders threat indicators does this employee display. Original classification authority Correct. You check your bank statement and see several debits you did not authorize. When your vacation is over, and you have returned home. Many apps and smart devices collect and share your personal information and contribute to your online identity. All of these. Memory sticks, flash drives, or external hard drives. Under which circumstances may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? The popup asks if you want to run an application.