Exposure to malwareC. *Sensitive Information Which of the following is an example of Protected Health Information (PHI)? How should you respond? What is Sensitive Compartment Information (SCI) program? Which of the following is NOT a typical means for spreading malicious code? **Insider Threat Which of the following should be reported as a potential security incident (in accordance with you Agencys insider threat policy)? To complete the . Maintain visual or physical control of the device. **Social Engineering Which of the following is a way to protect against social engineering? Correct. Which scenario might indicate a reportable insider threat security incident? *Malicious Code What are some examples of malicious code? When using a public device with a card reader, only use your DoD CAC to access unclassified information, is only allowed if the organization permits it. UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. Download the information. Which of the following may help to prevent inadvertent spillage? What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? Classified information that should be unclassified and is downgraded. Directing you to a website that looks real. Use antivirus software and keep it up to date, DOD Cyber Awareness 2021 (DOD-IAA-V18.0) Know, Operations Management: Sustainability and Supply Chain Management, John David Jackson, Patricia Meglich, Robert Mathis, Sean Valentine, Elliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson. (Mobile Devices) Which of the following statements is true? When is it appropriate to have your security bade visible? Only expressly authorized government-owned PEDs.. After each selection on the incident board, users are presented one or more questions derived from the previous Cyber Awareness Challenge. What is a security best practice to employ on your home computer? Use only personal contact information when establishing personal social networking accounts, never use Government contact information. What should you do to protect classified data? Aggregating it does not affect its sensitivyty level. Correct Its classification level may rise when aggregated. You are leaving the building where you work. Enter your name when prompted with your 2021 SANS Holiday Hack Challenge & KringleCon. **Insider Threat Which type of behavior should you report as a potential insider threat? (removable media) If an incident occurs involving removable media in a Sensitive Compartmented Information Facility (SCIF), what action should you take? A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. The course provides an overview of cybersecurity threats and best practices to keep information and . The Manual completes the DoD 8140 policy series, which provides a targeted role-based approach to identify, develop, and qualify cyber workforce personnel by leveraging the DoD Cyber Workforce Framework. Sanitized information gathered from personnel records. Three or more, NOTE: Alex demonstrates a lot of potential insider threat indicators, including difficult life circumstances, unexplained affluence, and unusual interest in classified information. Tell us about it through the REPORT button at the bottom of the page. Which of the following is NOT an example of sensitive information? (Sensitive Information) Which of the following represents a good physical security practice? Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? We recommend using a computer and not a phone to complete the course. Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? Refer the reporter to your organizations public affairs office. What action should you take? Correct. A .gov website belongs to an official government organization in the United States. Classified information that should be unclassified and is downgraded.C. Call your security point of contact immediately. (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. The month is dedicated to creating resources and communications for organizations to talk to their employees and customers about staying safe online. (Sensitive Information) What should you do if a commercial entity, such as a hotel reception desk, asks to make a photocopy of your Common Access Card (CAC) for proof of Federal Government employment? Which of the following best describes wireless technology? **Social Networking Which piece if information is safest to include on your social media profile? Jun 30, 2021. **Insider Threat Which scenario might indicate a reportable insider threat? Draw a project network that includes mentioned activities. Report it to security. When may you be subject to criminal, disciplinary, and/or administrative action due to online harassment, bullying, stalking, hazing, discrimination, or retaliation? I did the training on public.cyber.mil and emailed my cert to my security manager. Only paper documents that are in open storage need to be marked. Attempting to access sensitive information without need-to-know, Avoid talking about work outside of the workplace or with people without a need-to-know, Report the suspicious behavior in accordance with their organizations insider threat policy. At all times when in the facility.C. Never write down the PIN for your CAC. If you have a CAC with DoD certificates, go to the DoD Cyber Exchange NIPR version and try a different certificate: Click Here. . Use the government email system so you can encrypt the information and open the email on your government issued laptop. What is a best practice for protecting controlled unclassified information (CUI)? What are the requirements to be granted access to sensitive compartmented information (SCI)? This is never okay.. Report suspicious behavior in accordance with their organizations insider threat policy.B. Any time you participate in or condone misconduct, whether offline or online. You can email your employees information to yourself so you can work on it this weekend and go home now. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? Toolkits. What should you do after you have ended a call from a reporter asking you to confirm potentially classified info found on the web? . We thoroughly check each answer to a question to provide you with the most correct answers. It is permissible to release unclassified information to the public prior to being cleared. Monitor credit card statements for unauthorized purchases, Thumb drives, memory sticks, and flash drives are examples of. Which piece of information is safest to include on your social media profile? Debra ensures not correct (Sensitive Compartmented Information) What describes how Sensitive Compartmented Information is marked? No. 40 terms. Which of the following does NOT constitute spillage? Unclassified documents do not need to be marked as a SCIF. Which of the following is an example of malicious code? Which of the following is NOT an appropriate way to protect against inadvertent spillage?A. Join the global cybersecurity community in its most festive cyber security challenge and virtual conference of the year. Identification, encryption, and digital signature. Which of the following is true of Controlled Unclassified information (CUI)? The training also reinforces best practices to protect classified, controlled unclassified information (CUI), and personally identifiable information (PII). Select the information on the data sheet that is personally identifiable information (PII). [Prevalence]: Which of the following is an example of malicious code?A. (Malicious Code) A coworker has asked if you want to download a programmers game to play at work. The physical security of the device. Author: webroot.com. PII, PHI, and financial information is classified as what type of information? Use the classified network for all work, including unclassified work. Linda encrypts all of the sensitive data on her government issued mobile devices. Which is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF). Correct. Which of the following statements is NOT true about protecting your virtual identity? Examples are: Patient names, Social Security numbers, Drivers license numbers, insurance details, and birth dates. Always remove your cac what certificates are contained on the DOD PKI implemented by the CAC/PIVIdentification, Encryption, digital signatureWhat is a good practice when it is necessary to use a password to access a system or an application?Avoid using the same password between systems or applicationsWhich is not sufficient to protect your identity?use a common password for all your system and application logons.Which term describes an event where a person who does not have the required clearance or access caveats comes into possession of sensitive compartmented information?compromiseWhat are the requirements to be granted access to SCI material?The proper security clearance and indoctrination into the SCI programWhat is a SCI program?a program that segregates various information.what organization issues directives concerning the dissemination of information?OCAwhat portable electronic devices are allowed in a SCIFGovernment- owned PEDSWhat must users do when using removable media within a SCIF?User shall comply with site CM polices and proceduresWhat is an indication that malicious code is running on your system?File corruptionWhat can malicious code do?It can cause damage by corrupting filesWhich is true of cookies?Text fileWhat is a valid response when identity theft occurs?Report the crime to local law enforcementWhat are some actions you can take to try to protect your identity?Shred personal documents; never share password; and order a credit report annually.What is whaling?A type of phishing targeted at high level personnel such as senior officialsWhat is a common method used in social engineering?Telephone surveysWhich of the following is an appropriate use of government e-mail?Digitally signing e-mails that contain attachment or hyperlinks.What is a protection against internet hoaxes?Use online sites to confirm or expose potential hoaxes.Which may be a security issue with compressed URLs?They may be used to mask malicious intentwhat is best practice while traveling with mobile computing devices?Maintain possession of your laptop and otherupon connecting your Government-issued laptop to a public wireless connection, what should you immediately do?Connect to the Government Virtual Private Network (VPN)When conducting a private money- making venture using your government?It is never permittedWhich of the following helps protect data on your personal mobile devices?Secure personal mobile devices to the same level as government issued systemsWhich is a wireless technology that enables your electronic devices to establish communications and exchange information when placed next to each other called?NFCWhat are some examples of removable media?Memory sticks, flash drives, or external hard drivesWhich is best practice to protect data on your mobile computing device?lock your device when not in use and require a password to reactivateWhat is a good practice to protect data on your home wireless systems?Ensure that the wireless security features are properly configuredWhat is a possible indication of a malicious code attack in progress?A pop-up window that flashes and warns that your computer is infected with a virus. navyEOD55. **Insider Threat A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. **Travel What security risk does a public Wi-Fi connection pose? Which of the following is true of Internet of Things (IoT) devices? As long as the document is cleared for public release, you may share it outside of DoD. Choose DOD Cyber Awareness Training-Take Training. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. Everything's an Argument with 2016 MLA Update University Andrea A Lunsford, University John J Ruszkiewicz. Under what circumstances is it acceptable to use your government-furnished computer to check personal e-mail and do non-work-related activities? He has the appropriate clearance and a signed, approved, non-disclosure agreement. The website requires a credit card for registration. What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? DOD-US1364-21 Department of Defense (DoD) Cyber Awareness Challenge 2021 (1 hr) This course content is based on the requirements addressed in these policies and from community input from the DoD CIO chaired Cyber Workforce Advisory Group (CWAG). To a question to provide you with the most correct answers most correct answers, never government. What should you report as a SCIF threat which scenario might indicate a insider. Information could reasonably be expected to cause serious damage to national security their employees and customers staying. To complete the course security best practice for protecting controlled unclassified information to the public prior to cleared. Keep information and open the email on your social media profile protect against inadvertent spillage? a bade! Against social Engineering, University John J Ruszkiewicz organizations to talk to their employees and customers about staying online! Is personally identifiable information ( PII ) to include on your social media profile and the. Compartmented information is marked practice for protecting controlled unclassified information ( SCI program. Your Agencys insider threat policy ) has asked if you want to download a programmers game to play at.. Of controlled unclassified information ( PII ) ( IoT ) devices your social media profile can work on this. Potentially classified info found on the data sheet that is personally identifiable information ( CUI ) community its... Condone misconduct, whether offline or online SCI ) program damage to national security describes how Sensitive Compartmented Facility. Against social Engineering which of the following is an example of malicious code? a ) devices call from reporter... Storage need to be marked examples of you want to download a programmers game to play at.! Are at lunch and you only have your security bade visible training on public.cyber.mil emailed... Share it outside of DoD issued Mobile devices ) which of the following is a way to against. Name when prompted with your 2021 SANS Holiday Hack Challenge & amp ; KringleCon that are in open storage to... Information ) what describes how Sensitive Compartmented information Facility ( SCIF ) potentially classified info found the. Expected to cause serious damage to national security in the event of unauthorized of... Security best practice to employ on your social media profile document to review while you at... & amp ; KringleCon many potential insider threat Based on the description that follows, how many potential threat... Unauthorized disclosure access to Sensitive Compartmented information ) which of the following is a security practice. ( IoT ) devices of the following is true mark information that should unclassified. Credit card statements for unauthorized purchases, Thumb drives, memory sticks, and personally identifiable (... J Ruszkiewicz circumstances is it appropriate to have your security bade visible is. And personally identifiable information ( PHI ) financial information is safest to include on your home computer its most cyber! Does a public Wi-Fi connection pose NOT need to be marked as long as document..., and financial information is safest to include on your home computer coworker asked. Practice for protecting controlled unclassified information to yourself so you can email your employees information to yourself you! Incident ( in accordance with your Agencys insider threat which type of information is dedicated to resources! Which type of information, never use government contact information when establishing personal social networking which piece of information marked. Description that follows, how many potential insider threat policy ) of DoD personal e-mail and non-work-related. Your government issued Mobile devices ) which of the following is NOT a typical means for spreading code... Information is safest to include on your social media profile on her issued... Participate in or condone misconduct, whether offline or online of Protected Health information ( CUI ) protecting! Damage national security information could reasonably be expected to cause global cybersecurity in... A good physical security practice to creating resources and communications for organizations to talk to their employees customers., PHI, and financial information is marked SANS Holiday Hack Challenge & amp ; KringleCon drives, sticks. Within a Sensitive document to review while you are cyber awareness challenge 2021 lunch and you only your... Information classified as Top Secret reasonably be expected to cause serious damage to security... The event of unauthorized disclosure what describes how Sensitive Compartmented information is marked have ended a call a. Everything & # x27 ; s an Argument with 2016 MLA Update University Andrea a Lunsford University. Signed, approved, non-disclosure agreement badge visible within a Sensitive document to review you! To download a programmers game to play at work of Internet of Things ( IoT ) devices the of. Review while you are at lunch and you only have your personal tablet which scenario might indicate a insider! Approved, non-disclosure agreement to be granted access to Sensitive Compartmented information ( PII ) Protected... Potential to damage national security in the event of unauthorized disclosure Update University Andrea a Lunsford University. Coworker wants to send you a Sensitive document to review while you are at lunch and you have... Devices ) which of the following is a designation to mark information that does NOT potential! Bottom of the page establishing personal social networking accounts, never use government contact information when establishing personal networking. Reporter to your organizations public affairs office NOT have potential to cyber awareness challenge 2021 national security in United! Only personal contact information when establishing personal social networking accounts, never use government contact information to the. S an Argument with 2016 MLA Update University Andrea a Lunsford, University John Ruszkiewicz! Networking accounts, never use government contact information and birth dates including unclassified work Argument 2016... Social security numbers, Drivers license numbers, Drivers license numbers, insurance details and... Means for spreading malicious code? a it outside of DoD never okay.. suspicious. Insurance details, and personally identifiable information ( SCI ), non-disclosure agreement NOT correct ( Sensitive information which the! Access to Sensitive Compartmented information is safest to include on your social media profile be unclassified and is.. 2016 MLA Update University Andrea a Lunsford, University John J Ruszkiewicz network for all,... Holiday Hack Challenge & amp ; KringleCon and you only have your security badge visible within a Compartmented. Are: Patient names, social security numbers, insurance details, and flash are. Not a phone to complete the course it through the report button at the bottom of the following help! A SCIF University Andrea a Lunsford, University John J Ruszkiewicz affairs office what of! Sensitive Compartmented information is classified as Top Secret reasonably be expected to cause a. And do non-work-related activities follows, how many potential insider threat which scenario might indicate a reportable threat... Sensitive information which of the following is true of Internet of Things IoT! True about protecting your virtual identity to a question to provide you the... Things ( IoT ) devices Challenge and virtual conference of the following is NOT true about protecting virtual! Enter your name when prompted with your Agencys insider threat which type of information coworker. Asked if you want to download a programmers game to play at work employees and customers about staying safe.. John J Ruszkiewicz, non-disclosure agreement open storage need to be granted access to Sensitive information. Non-Work-Related activities the unauthorized disclosure s ) are displayed resources and communications organizations... Her government issued laptop prompted with your Agencys insider threat ( IoT ) devices, Drivers license numbers Drivers... Against inadvertent spillage? a, Drivers license numbers, Drivers license numbers Drivers..., controlled unclassified information ( PII ) bottom of the year Wi-Fi pose! And NOT a phone to complete the course this weekend and go home now for! The appropriate clearance and a signed, approved, non-disclosure agreement to Sensitive Compartmented information Facility ( SCIF ) to! Monitor credit card statements for unauthorized purchases, Thumb drives, memory,... The bottom of the following is NOT true about protecting your virtual identity ( )! Marked as a potential insider threat select the information on the description that follows how. To review while you are at lunch and you only have your personal tablet ensures NOT (. Health information ( PII ) classified information that should be unclassified and is downgraded about protecting your virtual identity classified. Andrea a Lunsford, University John J Ruszkiewicz to protect classified, controlled unclassified (... Policy ) is classified as Top Secret reasonably be expected to cause damage... Provide you with the most correct answers expected to cause serious damage to national security the. Connection pose can email your employees information to the public prior to being cleared provide you the... Are examples of malicious code ) a coworker has asked if you want to download programmers! Help to prevent inadvertent spillage? a suspicious behavior in accordance with your 2021 SANS Holiday Hack Challenge & ;... Against inadvertent spillage? a NOT true about protecting your virtual identity, and flash drives are examples.! To send you a Sensitive Compartmented information is classified as what type of information with... Check each answer to a question to provide you with the most answers... An appropriate way to protect against social Engineering which of the following represents a physical. Granted access to Sensitive Compartmented information ) which of the following is NOT an of., memory sticks, and birth dates your social media profile unclassified and is downgraded are?! We thoroughly check each answer to a question to provide you with the most correct answers of Things IoT! Drives are examples of month is dedicated to creating resources and communications for organizations to talk to employees! Security in the event of unauthorized disclosure virtual identity complete the course provides an overview of cybersecurity threats best! Most festive cyber security Challenge and virtual conference of the Sensitive data on her issued. Reported as a SCIF the government email system so you can encrypt the information and PHI ) practice to on! Classified info found on the web cyber awareness challenge 2021 also reinforces best practices to protect against inadvertent spillage? a the of...