You must have your organization's permission to telework. What Are Some Examples Of Malicious Code Cyber Awareness? What is the best course of action? (Sensitive Information) What type of unclassified material should always be marked with a special handling caveat? Executive Order 13556, Controlled Unclassified Information, requires the Executive Branch to establish an open and uniform program for managing [unclassified] information that requires safeguarding or dissemination controls pursuant to and consistent with laws, regulations, and Government-wide policies. The National Archives and Records Administration (NARA) was named the Executive Agent (EA) responsible for overseeing the CUI Program. **Social Networking Which piece if information is safest to include on your social media profile? What should you do? Maybe correct. Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. An investment in knowledge pays the best interest.. Digitally signed e-mails are more secure. **Social Networking As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? Which of the following is true of traveling overseas with a mobile phone. (Mobile Devices) Which of the following statements is true? *Sensitive Information What is the best example of Personally Identifiable Information (PII)? Which of the following is an example of Protected Health Information (PHI)? Which of the following does not constitute spillage. -TRUE What action is recommended when somebody calls you to inquire about your work environment or specific account information? (Travel) Which of the following is a concern when using your Government-issued laptop in public? Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. Which of the following is NOT true concerning a computer labeled SECRET? Classified material must be appropriately marked. (Spillage) Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? Enable automatic screen locking after a period of inactivity. CUI is not classified information. You know this project is classified. As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. The EPA will phase out legacy markings and safeguarding practices as implementation proceeds. Never allow sensitive data on non-Government-issued mobile devices. 870 Summit Park Avenue Auburn Hills, MI 48057. CUI may be stored on any password-protected system. It does not require markings or distribution controls. Attachments contained in a digitally signed email from someone known. Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? Accepting the default privacy settings. Which of the following is NOT a best practice to protect data on your mobile computing device? *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Carrying his Social Security Card with him, DoD employees are prohibited from using a DoD CAC in card-reader-enabled public device, Assigned a classification level by a supervisor. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Which of the following is true of Controlled Unclassified information (CUI)? On a NIPRNET system while using it for a PKI-required task. Why might "insiders" be able to cause damage to their organizations more easily than others? A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. Which of the following is true about telework? Which of the following statements is NOT true about protecting your virtual identity? **Social Engineering How can you protect yourself from internet hoaxes? The following practices help prevent viruses and the downloading of malicious code except. -Its classification level may rise when aggregated. Spillage can be either inadvertent or intentional. Only paper documents that are in open storage need to be marked. Follow procedures for transferring data to and from outside agency and non-Government networks. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. the following is true about unclassified data fy23 controlled unclassified information cui quizlet what is true of controlled unclassified information What. Examples are: Patient names, Social Security numbers, Drivers license numbers, insurance details, and birth dates. Which of the following attacks target high ranking officials and executives? Which of the following is true of the Common Access Card (CAC) or Personal Identity Verification (PIV) card? *Spillage What should you do when you are working on an unclassified system and receive an email with a classified attachment? **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? Unusual interest in classified information. After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. When your vacation is over, and you have returned home. *Classified Data For example, when you buy propane for your barbecue, your tank is placed on a scale while it is filled under high pressure (Figure 7). Controlled Unclassified Information (CUI) is informationthat requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies, but is not classified under Executive Order 13526 "Classified National Security Informat What are examples of CUI? Which of the following is true about unclassified data? not correct. What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? You are reviewing your employees annual self evaluation. Attempting to access sensitive information without need-to-know. A Coworker has asked if you want to download a programmers game to play at work. What information should you avoid posting on social networking sites? **Mobile Devices What should you do when going through an airport security checkpoint with a Government-issued mobile device? Your cousin posted a link to an article with an incendiary headline on social media. Matt Monroe, a 20-year U. S. Air Force veteran and current operations manager at Omnistruct, explains the breakdown, "There are four classified information categories in the military based on the severity of damage that the information's release would cause. You receive an inquiry from a reporter about government information not cleared for public release. cyber-awareness. **Insider Threat What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? CUI includes, but is not limited to Controlled Technical Information (CTI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data and operational information. Q&A for work. Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. d. How do the size and shape of a human epithelial cell differ from those of the Elodea and onion cells that you examined earlier? As long as the document is cleared for public release, you may share it outside of DoD. When classified data is not in use, how can you protect it? When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. "Unclassified" or a lack of security marking denotes non-sensitive information. correct. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card. Confirm the individuals need-to-know and access. How many potential insider threat indicators does this employee display? Be aware of classification markings and all handling caveats. Which of the following is NOT true of traveling overseas with a mobile phone? Controlled Unclassified Information (CUI) is information that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations, and government-wide policies but is not classified under Executive Order 13526 or the Atomic Energy Act, as amended. **Social Engineering Which of the following is a way to protect against social engineering? How Do I Answer The CISSP Exam Questions? E-mailing your co-workers to let them know you are taking a sick day. What would you do if you receive a game application request on your government computer that includes permission to access your friends, profile information, cookies, and sites visited? You have reached the office door to exit your controlled area. internet-quiz. Information improperly moved from a higher protection level to a lower protection level. Read the latest news from the Controlled Unclassified Information (CUI) program. d. giving a spanking or a scolding. CUI is an umbrella term that encompasses many different markings toidentifyinformationthat is not classified but which should be protected. In setting up your personal social networking service account, what email address should you use? Which of the following is a good practice to avoid email viruses? Insiders are given a level of trust and have authorized access to Government information systems. Not correct Third, the neighbor ground points of an unclassified point are searched from multiple subspaces. **Insider Threat Which scenario might indicate a reportable insider threat? How can you protect yourself on social networking sites? Store classified data in a locked desk drawer when not in use Maybe Which of following is true of protecting classified data? Spear Phishing attacks commonly attempt to impersonate email from trusted entities. Which of the following is true of Unclassified Information? When vacation is over, after you have returned home. What type of attack might this be? **Classified Data Which of the following is a good practice to protect classified information? Dont allow other access or to piggyback into secure areas. What should you do? Which of the following is NOT a typical means for spreading malicious code? Lionel stops an individual in his secure area who is not wearing a badge. Note the websites URL and report the situation to your security point of contact. Which Of The Following Is Not A Correct Way To Protect CUI. Which of the following is NOT a social engineering tip? Public service, notably service in the United States Department of Defense or DoD, is a public trust. correct. Under what circumstances could unclassified information be considered a threat to national security? Which is NOT a wireless security practice? a. putting a child in time-out When unclassified data is aggregated, its classification level may rise. Unclassified documents do not need to be marked as a SCIF. Select the information on the data sheet that is personally identifiable information (PII). What is the basis for the handling and storage of classified data? What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? Ask the individual to see an identification badge. **Social Engineering What is TRUE of a phishing attack? **Insider Threat What is an insider threat? What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. Which may be a security issue with compressed Uniform Resource Locators (URLs)? Which of the following is a security best practice for protecting Personally Identifiable Information (PII)? Here you can find answers to the DoD Cyber Awareness Challenge. CUI may be stored only on authorized systems or approved devices. *Sensitive Compartmented Information Which must be approved and signed by a cognizant Original Classification Authority (OCA)? Others may be able to view your screen. Always check to make sure you are using the correct network for the level of data. Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? Correct. Which of the following is NOT one? (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? They can be part of a distributed denial-of-service (DDoS) attack. How many potential insider threat indicators does this employee display? Log in for more information. Tell us about it through the REPORT button at the bottom of the page. What should you do? (social networking) When is the safest time to post details of your vacation activities on your social networking profile? b. taking away a toy or treat Which of the following is NOT a security best practice when saving cookies to a hard drive? Leaked classified or controlled information is still classified/controlled even if it has already been compromised. What should you do? Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. New interest in learning another language? Call your security point of contact immediately. After you have returned home following the vacation. In the following situations, determine if the duty describes would be one of the Fed is responsible or is not responsible to enforce. Remove and take it with you whenever you leave your workstation. Ensure that the wireless security features are properly configured. What information most likely presents a security risk on your personal social networking profile? How many indicators does this employee display? *Spillage You find information that you know to be classified on the Internet. How many potential insiders threat indicators does this employee display? Which of the following is not considered an example of data hiding? *Spillage Which of the following is a good practice to prevent spillage? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. What is required for an individual to access classified data? When operationally necessary, owned by your organization, and approved by the appropriate authority. When unclassified data is aggregated, its classification level may rise. Only paper documents that are in open storage need to be marked. When leaving your work area, what is the first thing you should do? Setting weekly time for virus scan when you are not on the computer and it is powered off. **Mobile Devices Which of the following helps protect data on your personal mobile devices? Which of the following is NOT considered sensitive information? Social Security Number, date and place of birth, mothers maiden name. (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? **Home Computer Security Which of the following is a best practice for securing your home computer? When using a public device with a card reader, only use your DoD CAC to access unclassified information, is only allowed if the organization permits it. Search for an answer or ask Weegy. Classified Information can only be accessed by individuals with. Classified information that should be unclassified and is downgraded. Linda encrypts all of the sensitive data on her government-issued mobile devices. Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)? 1).Compared with CK, straw addition treatments (S and SG) significantly (P < 0.01) increased the emission rate and cumulative emission of CO 2 and the cumulative CO 2 . Which of the following is not Controlled Unclassified Information (CUI)? Use the government email system so you can encrypt the information and open the email on your government issued laptop. correct. If you participate in or condone it at any time. THIS IS THE BEST ANSWER . (Identity Management) What certificates are contained on the Common Access Card (CAC)? The attributes of identified ground seeds are modified to ground points. Understanding and using the available privacy settings. (Malicious Code) What are some examples of malicious code? correct. (Spillage) What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? Which of the following is a good practice to prevent spillage. Spillage because classified data was moved to a lower classification level system without authorization. **Insider Threat Which of the following is NOT considered a potential insider threat indicator? What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Research the source of the article to evaluate its credibility and reliability. **Insider Threat What type of activity or behavior should be reported as a potential insider threat? All data transfers via the internet are not 100% secure and there might be some security vulnerabilities. Don't talk about work outside your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners. The age of the driver may top the list of variables. **Insider Threat What do insiders with authorized access to information or information systems pose? A compromise of Sensitive Compartmented Information (SCI) occurs when a person who does not have the required clearance or access caveats comes into possession of SCI_________.??? How do you respond? Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. Never write down the PIN for your CAC. A. 1.1 Standard Challenge Answers. Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. Law Enforcement Sensitive (LES),and others. (Malicious Code) What are some examples of removable media? DOD Cyber Awareness 2021 (DOD-IAA-V18.0) Know, RT202: Ch. Since the URL does not start with https, do not provide your credit card information. On September 14, 2016, NARA issued a final rule amending 32 CFR Part 2002 to establish a uniform policy for all Federal agencies and prescribe Government-wide program implementation standards, including designating, safeguarding, disseminating, marking, decontrolling, and disposing of CUI; self-inspection and oversight requirements; and other facets of the CUI Program. Mobile devices and applications can track your location without your knowledge or consent. (removable media) If an incident occurs involving removable media in a Sensitive Compartmented Information Facility (SCIF), what action should you take? Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? What is a proper response if spillage occurs? -It must be released to the public immediately. Who can be permitted access to classified data? Security Classification Guides (SCGs).??? A colleague removes sensitive information without seeking authorization in order to perform authorized telework. c. What similarities and differences are there between plant and animal cells? Immediately notify your security point of contact. Proactively identify potential threats and formulate holistic mitigation responses. You can't have 1.9 children in a family (despite what the census might say ). What describes how Sensitive Compartmented Information is marked? Use TinyURL's preview feature to investigate where the link leads. What should you do to protect yourself while on social networks? Which of the following should be reported as a potential security incident? Who is responsible for information/data security? When using your government-issued laptop in public environments, with which of the following should you be concerned? Which of the following should be done to keep your home computer secure? (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? Delete email from senders you do not know. When would be a good time to post your vacation location and dates on your social networking website? Not correct Dofficult life circumstances, such as death of spouse. What are the requirements to be granted access to sensitive compartmented information (SCI)? **Identity management Which of the following is NOT a best practice to preserve the authenticity of your identity? What actions should you take prior to leaving the work environment and going to lunch? (Mobile Devices) When can you use removable media on a Government system? What should you do? (Malicious Code) Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. Proactively identify potential threats and formulate holistic mitigation responses. What actions should you take with a compressed Uniform Resource Locator (URL) on a website known to you? Follow instructions given only by verified personnel. (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? At all times while in the facility. true-statement. a. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Since the URL does not start with https, do not provide you credit card information. **Home Computer Security How can you protect your information when using wireless technology? correct. Spillage because classified data was moved to a lower classification level system without authorization. Government-owned PEDs, if expressly authorized by your agency. The date of full implementation of the CUI Program will be announced by the EPAs CUI Senior Agency Official (CUI SAO) and updated here on EPAs public web page. You know this project is classified. Which of the following is true about telework? You receive an unexpected email from a friend: "I think you'll like this: (URL)" What action should you take? Which is an untrue statement about unclassified data? NARAissuespolicy directives and publishesan annualreportto the President of the United Stateson the status of agency CUI Program implementation in accordance with Executive Order 13556, Controlled Unclassified Information. Which of the following is a good practice to prevent spillage? Which of the following is NOT considered a potential insider threat indicator? *Sensitive Compartmented Information What is a Sensitive Compartmented Information (SCI) program? *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. A man you do not know is trying to look at your Government-issued phone and has asked to use it. -Its classification level may rise when aggregated. Refer the reporter to your organizations public affairs office. You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? Phishing can be an email with a hyperlink as bait. A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. ! (A type of phishing targeted at senior officials) Which is still your FAT A$$ MOTHER! Which of the following may help to prevent inadvertent spillage? Always take your CAC when you leave your workstation. What is the best response if you find classified government data on the internet? Media containing Privacy Act information, PII, and PHI is not required to be labeled. Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical functions only? Create separate user accounts with strong individual passwords. Within a secure area, you see an individual you do not know. A coworker removes sensitive information without approval. You must have your organizations permission to telework. CPCON 3 (Medium: Critical, Essential, and Support Functions) NARA has the authority and responsibility to manage the CUI Program across the Federal government. Jozeal. Linda encrypts all of the sensitive data on her government-issued mobile devices. What security device is used in email to verify the identity of sender? Ans: True Question 2: The Government Information Security Reform Act (Security Reform Act) of 2000 focuses on management View the full answer CUI was established to standardize the way the Executive branch handles sensitive information that requires dissemination controls. Classified information is defined in PL 96-456, the Classified Information Procedures Act: Correct. How can you protect your information when using wireless technology? Updated 8/5/2020 8:06:16 PM. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. **Website Use How should you respond to the theft of your identity? Which of the following is a best practice to protect information about you and your organization on social networking sites and applications?