Which of the following is true of telework? What is a way to prevent the download of viruses and other malicious code when checking your e-mail? (Sensitive Information) Which of the following is NOT an example of sensitive information? Here are the test answers to the Cyber Awareness Challenge (CAC) 2023. Prudence faxes CUI using an Unclassified cover sheet via a Secret fax machine. February 8, 2022. The most common form of phishing is business email compromise . DOD Cyber Awareness Challenge 2019 (DOD-IAA-V16.0) 35 terms. Media containing Privacy Act information, PII, and PHI is not required to be labeled. Individual Combat Equipment (ICE) Gen III/IV Course. Debra ensures not correct Controlled unclassified information. Malicious code can do the following except? [Spread]: How can you avoid downloading malicious code?A. Which of the following is NOT a type of malicious code? Nothing. correct. Product Functionality Requirements: To meet technical functionality requirements, this awareness product was developed to function with Windows and Mac operating systems (Windows 7 and 10 and macOS 10.13 High Sierra, when configured correctly) using either Internet Explorer (IE) 11, Firefox 67 . What type of security is part of your responsibility and placed above all else?, If your wireless device is improperly configured someone could gain control of the device? **Website Use While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. correct. A system reminder to install security updates.B. CUI may be emailed if encrypted. Which of the following is NOT Government computer misuse? Only documents that are classified Secret, Top Secret, or SCI require marking. Which of the following is an example of Protected Health Information (PHI)? What should the owner of this printed SCI do differently? All government-owned PEDsC. Is this safe? *Sensitive Information Which of the following is an example of Protected Health Information (PHI)? (Sensitive Information) What type of unclassified material should always be marked with a special handling caveat? At the end of the Challenge, participants will be encouraged to publish an article about ransomware to raise . Your favorite movie. Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? (social networking) When is the safest time to post details of your vacation activities on your social networking profile? Nothing. af cyber awareness challenge. How many potential insider threat indicators does this employee display? NOTE: Remember that leaked classified or controlled information is still classified or controlled even if it has already been compromised. When would be a good time to post your vacation location and dates on your social networking website? Maybe Which of the following represents an ethical use of your Government-furnished equipment (GFE)? *Sensitive Information What is the best example of Personally Identifiable Information (PII)? Which of the following is NOT a typical means for spreading malicious code? While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Which scenario might indicate a reportable insider threat security incident? What information should you avoid posting on social networking sites? Use the classified network for all work, including unclassified work. *Spillage What should you do if a reporter asks you about potentially classified information on the web? (Spillage) Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? Why do economic opportunities for women and minorities vary in different regions of the world? Sally stored her government-furnished laptop in her checked luggage using a TSA-approved luggage lock.B. It is releasable to the public without clearance. correct. Copy the code below to your clipboard. Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? What should be your response? (social networking) Which of the following is a security best practice when using social networking sites? Lundholm, Inc., which reports financial statements each December 31, is authorized to issue $500,000 of 9%, 15-year bonds dated May 1, 2018, with interest payments on October 31 and April 30. (Sensitive Information) Which of the following represents a good physical security practice? CPCON 3 (Medium: Critical, Essential, and Support Functions) What action should you take? Sensitive Compartment Information (SCI) policy. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. Which of the following is an example of removable media? **Physical Security What is a good practice for physical security? We thoroughly check each answer to a question to provide you with the most correct answers. A pop-up window that flashes and warns that your computer is infected with a virus. You are leaving the building where you work. Phishing can be an email with a hyperlink as bait. Classified material must be appropriately marked. Information Assurance Test Information Assurance Test Logged in as: OAM-L2CTBMLB USER LEVEL ACCESS Please answer each of the questions below by choosing ONE of the answer choices based on the information learned in the Cyber Awareness Challenge. *Spillage Which of the following actions is appropriate after finding classified information on the Internet? (Malicious Code) What are some examples of removable media? You believe that you are a victim of identity theft. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Malicious code can do damage by corrupting files, erasing your hard drive, and/or allowing hackers access. While it may seem safer, you should NOT use a classified network for unclassified work. Which of the following is true of Controlled Unclassified information (CUI)? You check your bank statement and see several debits you did not authorize. Which is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF). Correct Adversaries exploit social networking sites to disseminate fake news Correct. There are many travel tips for mobile computing. How can you protect data on your mobile computing and portable electronic devices (PEDs)? What are some potential insider threat indicators? The following practices help prevent viruses and the downloading of malicious code except. *Sensitive Compartmented Information When is it appropriate to have your security badge visible? *Sensitive Compartmented Information When faxing Sensitive Compartmented Information (SCI), what actions should you take? When may you be subject to criminal, disciplinary, and/or administrative action due to online harassment, bullying, stalking, hazing, discrimination, or retaliation? What should be your response? correct. Government-owned PEDs, if expressly authorized by your agency. correct. Store your Common Access Card (CAC) or Personal Identity Verification (PIV) card in a shielded sleeve ~Write your password down on a device that only you access (e.g., your smartphone) Change your password at least every 3 months Enable two-factor authentication whenever available, even for personal accounts. Allowing hackers accessD. Correct. correct. (Malicious Code) Which of the following is NOT a way that malicious code spreads? **Classified Data Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? Examples are: Patient names, Social Security numbers, Drivers license numbers, insurance details, and birth dates. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Select the information on the data sheet that is personally identifiable information (PII). As long as the document is cleared for public release, you may share it outside of DoD. When vacation is over, after you have returned home. Your health insurance explanation of benefits (EOB). Keep an eye on his behavior to see if it escalates.C. Which of the following is NOT a typical result from running malicious code? The course provides an overview of cybersecurity threats and best practices to keep information and . If all questions are answered correctly, users will skip to the end of the incident. A man you do not know is trying to look at your Government-issued phone and has asked to use it. Understanding and using the available privacy settings. Which of the following is an example of a strong password? Retrieve classified documents promptly from printers.. What should you do? Store it in a locked desk drawer after working hours. What should you do? You are reviewing your employees annual self evaluation. They can be part of a distributed denial-of-service (DDoS) attack. DoD Cyber Awareness Challenge Training . Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. Proactively identify potential threats and formulate holistic mitigation responses. Looking for https in the URL. usarmy.gordon.cyber-coe.mbx.iad-inbox@army.mil Please allow 24-48 hours for a response. When you have completed the test, be sure to press the . Dont assume open storage in a secure facility is authorized Maybe. What should you do? (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Note any identifying information and the websites URL. **Insider Threat What function do Insider Threat Programs aim to fulfill? Lewis's Medical-Surgical Nursing Diane Brown, Helen Edwards, Lesley Seaton, Thomas . Mark SCI documents appropriately and use an approved SCI fax machine. After you have returned home following the vacation. Which of the following is true about telework? How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? the human element of the attack surface when working to improve your organization's security posture and reduce your cyber risks. Research the source of the article to evaluate its credibility and reliability. CUI may be stored on any password-protected system. They may be used to mask malicious intent. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? A compromise of Sensitive Compartmented Information (SCI) occurs when a person who does not have the required clearance or access caveats comes into possession of SCI_________.??? What should you consider when using a wireless keyboard with your home computer? [Incident #2]: What should the owner of this printed SCI do differently?A. Verified questions. Which of the following is NOT an appropriate way to protect against inadvertent spillage? **Home Computer Security How can you protect your information when using wireless technology? You should only accept cookies from reputable, trusted websites. What does Personally Identifiable Information (PII) include? If authorized, what can be done on a work computer? [Ellens statement]: How many insider threat indicators does Alex demonstrate?A. BuhayNiKamatayan. Top Secret information could be expected to cause exceptionally grave damage to national security of disclosed. Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens? (Spillage) What should you do if a reporter asks you about potentially classified information on the web? Cyber Awareness Challenge 2021. Other - Dod cyber awareness test 2021/2022; answered 100% 4. It provides Department of Defense Information Network (DODIN) services to DOD installations and deployed forces. How does Congress attempt to control the national debt? Which of the following is NOT a good way to protect your identity? Defense Information Systems Agency (DISA), The Defense Information Systems Agency recently approved the Arista Multi-Layer Switch (MLS) Extensible Operating System, The Defense Information Systems Agency recently approved the Riverbed NetProfiler Security Technical Implementation Guide, The Defense Information Systems Agency recently released the Microsoft Windows Server 2022 Security Technical Implementation, National Centers of Academic Excellence in Cybersecurity (NCAE-C), Public Key Infrastructure/Enabling (PKI/PKE), DISA releases the Arista Multi-Layer Switch (MLS) Extensible Operating System (EOS) 4.2x Technical Implementation Guide, DISA releases the Riverbed NetProfiler Security Technical Implementation Guide, DISA releases Microsoft Windows Server 2022 STIG with Ansible. The email provides a website and a toll-free number where you can make payment. ALways mark classified information appropriately and retrieve classified documents promptly from the printer. You know this project is classified. Which of the following is NOT a criterion used to grant an individual access to classified data? Which of the following may help to prevent spillage? View email in plain text and dont view email in Preview Pane. usarmy.gordon.cyber-coe.mbx.iad-inbox@army.mil Please allow 24-48 hours for a response. Telework is only authorized for unclassified and confidential information. PII, PHI, and financial information is classified as what type of information? Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? Store it in a GSA approved vault or container. Classified information that should be unclassified and is downgraded.C. **Physical Security At which Cyberspace Protection Condition (CPCON) is the priority focus on critical functions only? E-mailing your co-workers to let them know you are taking a sick day. What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? Do not access links or hyperlinked media such as buttons and graphics in email messages. What is considered ethical use of the Government email system? Only connect with the Government VPNB. Which of the following is NOT a typical means for spreading malicious code? Retrieve classified documents promptly from printers. not correct A colleague enjoys playing video games online, regularly use social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited. You receive an inquiry from a reporter about government information not cleared for public release. *Classified Data What should Sara do when publicly available Internet, such as hotel Wi-Fi? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Immediately notify your security point of contact. The purpose of Department of Defense Information Network Approved Products List (DODIN APL) is to maintain a single consolidated list of products that have completed Interoperability (IO) and Cybersecurity certification. Which of the following is a practice that helps to protect you from identity theft? Which of the following is NOT considered sensitive information? When operationally necessary, owned by your organization, and approved by the appropriate authority. Memory sticks, flash drives, or external hard drives. Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? Which of these is true of unclassified data? What should you do? You may use unauthorized software as long as your computers antivirus software is up-to-date. (Malicious Code) Which of the following is true of Internet hoaxes? Use the classified network for all work, including unclassified work. Software that installs itself without the users knowledge. **Social Networking When is the safest time to post details of your vacation activities on your social networking profile? You must have permission from your organization. What actions should you take prior to leaving the work environment and going to lunch? Use a common password for all your system and application logons. (Travel) Which of the following is a concern when using your Government-issued laptop in public? **Social Networking Which of the following information is a security risk when posted publicly on your social networking profile? **Social Engineering What action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)? **Identity Management Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. Annual DoD Cyber Awareness Challenge Training - 20 35 terms. Never write down the PIN for your CAC. The email states your account has been compromised and you are invited to click on the link in order to reset your password. After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. Brianaochoa92. You should remove and take your CAC/PIV card whenever you leave your workstation. Malicious code can mask itself as a harmless e-mail attachment, downloadable file, or website. 24 terms. Correct. NOTE: Even within SCIF, you cannot assume that everyone present is cleared and has a need-to-know. Never write down the PIN for your CAC. Correct. Download the information. The month is dedicated to creating resources and communications for organizations to talk to their employees and customers about staying safe online. (Malicious Code) Which are examples of portable electronic devices (PEDs)? 32 part. navyEOD55. Remove his CAC and lock his workstation.. (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. difficult life circumstances such as substance abuse, divided loyalty or allegiance to the U.S., and extreme, persistent interpersonal difficulties. Badges must be visible and displayed above the waist at all times when in the facility. The DoD Cyber Exchange provides one-stop access to cyber information, policy, guidance and training for cyber professionals throughout the DoD, and the general public. Which of the following is true of sharing information in a Sensitive Compartmented Information Facility (SCIF)? **Insider Threat Which type of behavior should you report as a potential insider threat? memory sticks, flash drives, or external hard drives. Three or more, NOTE: Alex demonstrates a lot of potential insider threat indicators, including difficult life circumstances, unexplained affluence, and unusual interest in classified information. Thats the only way we can improve. **Removable Media in a SCIF What must users ensure when using removable media such as compact disk (CD)? What should be your response? (CISA), and CYBER.ORG this summer for the Cyber Awareness Challenge! **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? In which situation below are you permitted to use your PKI token? Exposure to malwareC. Which is an untrue statement about unclassified data? A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. *Spillage .What should you do if a reporter asks you about potentially classified information on the web? **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? Position your monitor so that it is not facing others or easily observed by others when in use Correct. Cyber Awareness Challenge 2021. [Incident #1]: What should the employee do differently?A. Quizzma is a free online database of educational quizzes and test answers. Who can be permitted access to classified data? Which of the following is NOT an example of sensitive information? When teleworking, you should always use authorized and software. Should you always label your removable media? When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. Which of the following is the best example of Personally Identifiable Information (PII)? The popup asks if you want to run an application. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed.B. Have your permissions from your organization, follow your organization guideline, use authorized equipment and software, employ cyber security best practice, perform telework in dedicated when home. [Incident #3]: What should the participants in this conversation involving SCI do differently?A. If you participate in or condone it at any time. Exam (elaborations) - Cyber awareness challenge exam questions/answers . What does Personally Identifiable information (PII) include? Which of the following is NOT a correct way to protect CUI?A. Spear Phishing attacks commonly attempt to impersonate email from trusted entities. Share sensitive information only on official, secure websites. Refer the reporter to your organizations public affairs office. Do not download it. air force cyber awareness challenge Spillage can be either inadvertent or intentional. Erasing your hard driveC. Secure personal mobile devices to the same level as Government-issued systems. Which of the following attacks target high ranking officials and executives? *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Found a mistake? *Spillage What should you do when you are working on an unclassified system and receive an email with a classified attachment? The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. A program that segregates various type of classified information. Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. Ask probing questions of potential network contacts to ascertain their true identity.C.

Dramione Possessive Draco Fanfiction, Fundamental Theorem Of Calculus Part 2 Calculator, Private Boat Slips For Rent Naples, Fl, Dumerils Boa Morph, Ghost Recon Breakpoint How To Change Laser Color, Articles C