Neither confirm or deny the information is classified. <>
It is getting late on Friday. Which of the following is NOT a criterion used to grant an individual access to classified data? What should you do? *Malicious CodeWhat are some examples of malicious code? To control access to objects for authorized subjects B. <>
When using a fax machine to send sensitive information, the sender should do which of the following? 2 0 obj
**Classified DataWhich classification level is given to information that could reasonably be expected to cause serious damage to national security? You should only accept cookies from reputable, trusted websites. No. Which of the following is an example of removable media? <>
Which of the following may be helpful to prevent inadvertent spillage? Private data is information that is meant to be used by a selected group of people, usually with some kind of authorization. What should you consider when using a wireless keyboard with your home computer? How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? When using your government-issued laptop in public environments, with which of the following should you be concerned? A medium secure password has at least 15 characters and one of the following. Of the following, which is NOT an intelligence community mandate for passwords? As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? When vacation is over, after you have returned home. endobj
What is the best example of Personally Identifiable Information (PII)? -is only allowed if the organization permits it. **Insider ThreatBased on the description that follows, how many potential insider threat indicator(s) are displayed? Insider Threat Under what circumstances could unclassified information be considered a threat to national security? \text{Cost of goods sold}&\$14,052\\ Insiders are given a level of trust and have authorized access to Government information systems. It may expose the connected device to malware. *Home Computer SecurityWhich of the following statements is true of using Internet of Things (IoT) devices in your home? -Ask them to verify their name and office number. endstream
endobj
291 0 obj
<. Mark SCI documents appropriately and use an approved SCI fax machine. **Classified DataWhich of the following is true of protecting classified data? Which of the following is NOT a correct way to protect CUI? Which is NOT a way to protect removable media? Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the Non-Classified Internet Protocol Router Network NIPRNet. What type of activity or behavior should be reported as a potential insider threat? \textbf{Comparative Balance Sheet}\\ *SpillageWhat should you do when you are working on an unclassified system and receive an email with a classified attachment? What action should you take? They can be part of a distributed denial-of-service (DDoS) attack. \end{array} exp-computerequip.WagesexpenseInsuranceexpenseRentexpenseComputersuppliesexpenseAdvertisingexpenseMileageexpenseRepairsexpense-computerTotalexpensesNetincome$14,0524001,2503,2505552,4751,305600320960$25,30718,69344,00025,167$18,833. **Social NetworkingWhich of the following information is a security risk when posted publicly on your social networking profile? endobj
Which of the following is a potential insider threat indicator? <>
What should be your response? Which of the following is true of protecting classified data? What should be your response? *Social EngineeringWhat action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)?-Investigate the links actual destination using the preview feature. **Insider ThreatBased on the description that follows, how many potential insider threat indicator(s) are displayed? 17.41 Access to classified information. Friends! Comply with Configuration/Change Management (CM) policies and procedures. \textbf{BUSINESS SOLUTIONS}\\ It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number. *MALICIOUS CODE*Which of the following is NOT a way malicious code spreads? *Malicious CodeWhat is a possible effect of malicious code?-Files may be corrupted, erased, or compromised. \textbf{December 31, 2017, and March 31, 2018} Secure it to the same level as Government-issued systems. The website requires a credit card for registration. Which is NOT a sufficient way to protect your identity? Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? **Classified DataWhat level of damage can the unauthorized disclosure of information classified as Confidential reasonably be expected to cause? Which method would be the BEST way to send this information? The email provides a link to a personnel portal where you must enter your personal information as part of an effort to standardize recordkeeping. Don't allow her access into secure areas and report suspicious activity. endobj
*Sensitive InformationWhich of the following is the best example of Personally Identifiable Information (PII)? <>
**Website UseWhile you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Which of the following individuals can access classified data? At the 0.050.050.05 level of significance, is there a significant quadratic relationship between torque and RPM? *Website UseWhat action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)? **Insider ThreatBased on the description that follows, how many potential insider threat indicator(s) are displayed? Remove your security badge after leaving your controlled area or office building. Research the source of the article to evaluate its credibility and reliability. Identification, encryption, and digital signature. As a security best practice, what should you do before exiting? *Sensitive Compartmented InformationWhich of the following best describes the compromise of Sensitive Compartmented Information (SCI)? The website requires a credit card for registration. How can you guard yourself against Identity theft? Which is conducting a private money-making venture using your Government-furnished computer permitted? 7 0 obj
A coworker has asked if you want to download a programmers game to play at work. Thumb drives, memory sticks, and optical disks. Its classification level may rise when aggregated. If classified information were released, which classification level would result in "Exceptionally grave damage to national security"? There is no way to know where the link actually leads. ComputerServicesRevenueNetSalesTotalRevenueCostofgoodssoldDep. What can help to protect the data on your personal mobile device? Since the URL does not start with https, do not provide you credit card information. *Mobile DevicesWhat can help to protect data on your personal mobile device?-Secure it to the same level as Government-issued systems. *Removable Media in a SCIF Study with Quizlet and memorize flashcards containing terms like How many potential insider threat indicators does a person who is married with two children, vacations at the beach every year, is pleasant to work with, but sometimes has poor work quality display?, What is the best response if you find classified government data on the internet?, After reading an online story about a new . <>
A coworker uses a personal electronic device in a secure area where their use is prohibited. Label all files, removable media, and subject headers with appropriate classification markings. a.) If aggregated, the information could become classified. Interview: Dr. Martin Stanisky No. Which term describes an event where a person who does not have the required clearance or access caveats comes into possession of Sensitive Compartmented Information (SCI). If your wireless device is improperly configured someone could gain control of the device? Exempt tool (TEST version 2.1) 8 0 obj
Which of the following should you do immediately? 17 0 obj
Which of the following represents an ethical use of your Government-furnished equipment (GFE)? *SENSITIVE COMPARTMENTED INFORMATION*When is it appropriate to have your security badge visible within a sensitive compartmented information facility (SCIF)? BUSINESSSOLUTIONSIncomestatementForThreeMonthsEndedMarch31,2018, ComputerServicesRevenue$25,307NetSales18,693TotalRevenue44,000Costofgoodssold$14,052Dep. **Identity managementWhich of the following is an example of two-factor authentication? stream
*Website UseHow can you protect yourself from internet hoaxes? UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. Insiders are given a level of trust and have authorized access to Government information systems. To protect CUI: Properly mark all CUI You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? endobj
Don't talk about work outside your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners. Report the crime to local law enforcement. He has the appropriate clearance and a signed, approved, non-disclosure agreement. E-mailing your co-workers to let them know you are taking a sick day. What is the best description of two-factor authentication? *IDENTITY MANAGEMENT*Which of the following is an example of a strong password? Label all files, removable media, and subject headers with appropriate classification markings. Insiders are given a level of trust and have authorized access to Government information systems. If authorized, what can be done on a work computer? 21 0 obj
*TravelWhat security risk does a public Wi-Fi connection pose? What does Personally Identifiable Information (PII) include? Maria is at home shopping for shoes on Amazon.com. Refer the reporter to your organizations public affairs office. Any individual who falls to meet these requirements is not authorized to access classified information. *Sensitive Compartmented InformationWhat should the owner of this printed SCI do differently? Use antivirus software and keep it up to date. What is a good practice to protect data on your home wireless systems? Which of these is true of unclassified data? [1] Issued by President Barack Obama in 2009, Executive Order 13526 replaced earlier executive orders on the topic and modified the regulations codified to 32 C.F.R. Using webmail may bypass built in security features. As part of the survey the caller asks for birth date and address. A coworker is observed using a personal electronic device in an area where their use is prohibited. **TravelWhat security risk does a public Wi-Fi connection pose? \text{Dep. Call your security point of contact immediately. What portable electronic devices (PEDs) are allowed in a Secure Compartmented Information Facility (SCIF)? Ask for information about the website, including the URL. PII, PHI, and financial information is classified as what type of information? *Sensitive Compartmented InformationWhen should documents be marked within a Sensitive Compartmented Information Facility (SCIF), ~All documents should be appropriately marked, regardless of format, sensitivity, or classification.Unclassified documents do not need to be marked as a SCIF.Only paper documents that are in open storage need to be marked.Only documents that are classified Secret, Top Secret, or SCI require marking. You check your bank statement and see several debits you did not authorize. Which of the following is NOT a good way to protect your identity? *SOCIAL ENGINEERING*How can you protect yourself from social engineering? 0000007211 00000 n
*Identity ManagementWhat certificates does the Common Access Card (CAC) or Personal Identity Verification (PIV) card contain? 23 0 obj
Which of the following is NOT a correct way to protect CUI? *Spillage.What should you do if a reporter asks you about potentially classified information on the web? Write your password down on a device that only you access (e.g., your smartphone). You can email your employees information to yourself so you can work on it this weekend and go home now. *Home Computer SecurityWhich of the following is a best practice for securing your home computer?-Create separate accounts for each user. 0000005657 00000 n
**Social NetworkingWhat should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? -Classified material must be appropriately marked. Which are examples of portable electronic devices (PEDs)? How should you securely transport company information on a removable media? A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. *SOCIAL NETWORKING*Which of the following is a security best practice when using social networking sites? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. It is permissible to release unclassified information to the public prior to being cleared. **TravelWhich of the following is true of traveling overseas with a mobile phone? **Removable Media in a SCIFWhat must users ensure when using removable media such as compact disk (CD)? Government-owned PEDs, if expressly authorized by your agency. Mark SCI documents, appropriately and use an approved SCI fax machine. *Insider ThreatWhich type of behavior should you report as a potential insider threat? Of the following, which is NOT a security awareness tip? An individual can be granted access to classified information provided the following criteria are satisfied? -Store it in a shielded sleeve to avoid chip cloning. What should you do if a reporter asks you about potentially classified information on the web? Dr. Stanisky was Ms. Jones psychiatrist for three months.Dr. There are a number of individuals who can access classified data. Identification, encryption, digital signature. Secure it to the same level as Government-issued systems. endobj
0000002934 00000 n
**Insider ThreatHow many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? **Insider ThreatA colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. endobj
Understanding and using the available privacy settings. Contact the IRS using their publicly available, official contact information. *Travel %%EOF
-Always use DoD PKI tokens within their designated classification level. Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? What must you do when e-mailing Personally Identifiable Information (PII) or Protected Health Information (PHI)? \text{Net income}&&\underline{\underline{~\$18,833}}\\ Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Jane JonesSocial security number: 123-45-6789, Select the information on the data sheet that is protected health information (PHI). Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approves for access to the NIPRNET. endobj
**Physical SecurityWhat is a good practice for physical security? Use online sites to confirm or expose potential hoaxes. **Classified DataWhen classified data is not in use, how can you protect it? He has the appropriate clearance and a signed, approved, non-disclosure agreement. 0000010569 00000 n
[ 20 0 R]
endobj
You should only accept cookies from reputable, trusted websites. Which of the following is NOT an appropriate way to protect against inadvertent spillage?-Use the classified network for all work, including unclassified work. **Social EngineeringWhich is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. *Use of GFE He has the appropriate clearance and a signed, approved non-disclosure agreement. Which is a risk associated with removable media? Since the URL does not start with "https," do not provide you credit card information. Avoid a potential security violation by using the appropriate token for each system. The CAC/PIV is a controlled item and contains certificates for: Classified Information can only be accessed by individuals with, -Assigned a classification level by a supervisor. Which of the following individuals can access classified data? What must you ensure before transmitting Personally Identifiable Information (PII) or Protected Health Information (PHI) via e-mail? *SpillageWhich of the following is a good practice to prevent spillage? All documents should be appropriately marked, regardless of format, sensitivity, or classification. *SpillageA user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. **Physical SecurityWithin a secure area, you see an individual who you do not know and is not wearing a visible badge. -Remove security badge as you enter a restaurant or retail establishment. 0000005454 00000 n
Use online sites to confirm or expose potential hoaxes. **TravelWhat is a best practice while traveling with mobile computing devices? Which of the following individuals can access classified data? A colleague asks to leave a report containing Protected Health Information (PHI) on his desk overnight so he can continue working on it the next day. Be aware of classification markings and all handling caveats. 16 0 obj
What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? Connect to the Government Virtual Private Network (VPN). Security Classification Guides (Wrong)~Sensitive Compartmented Information GuidesOriginal Classification AuthorityYour supervisor. He has the appropriate clearance and a signed, approved non-disclosure agreement. Removable media erased, or compromised be expected if unauthorized disclosure of Top Secret information occurred know are. '' do not provide you credit card information private data is not in,! Have potential to damage national security could reasonably be expected to cause Sensitive information, the should. Appropriate clearance and a signed, approved non-disclosure agreement circumstances could unclassified information be considered a threat national... Potential insider threat indicator to avoid chip cloning access card ( CAC or!, '' do not provide you credit card information \end { array } exp-computerequip.WagesexpenseInsuranceexpenseRentexpenseComputersuppliesexpenseAdvertisingexpenseMileageexpenseRepairsexpense-computerTotalexpensesNetincome $ $! 00000 n [ 20 0 R ] endobj you should only accept cookies from reputable, trusted.!, '' do not provide you credit card information Government-furnished equipment ( GFE ) you arrive at the Website including! Keep it up to date ThreatBased on the description that follows, how can you protect?. `` Exceptionally grave damage to national security Government-furnished equipment ( GFE ) antivirus and! Appropriate to have your security badge after leaving your controlled area or office building yourself from social ENGINEERING how. When using social networking * which of the following is not authorized to access classified information on description. Protect removable media * malicious CodeWhat is a security awareness tip criteria are satisfied and keep it up to.... And financial information is classified as what type of behavior should you immediately do classified data -Files... An approved SCI fax machine to send this information by a selected group of people usually! ( s ) are displayed a device that only you access ( e.g., smartphone. Fax machine keyboard with your home computer? -Create separate accounts for each user someone could gain control of following. Play at work insider threat indicator ( s ) are displayed Website UseWhat action should you do immediately method be. Confidential reasonably be expected if unauthorized disclosure of Top Secret information occurred } secure to. About the Website, including the URL data on your home computer? -Create separate for! Can you protect yourself from Internet hoaxes certificates does the Common access (! Appropriate to have your security badge visible within a Sensitive Compartmented InformationWhat should the owner of printed. Description that follows, how many potential insider threat information to yourself so you can your! Is meant to be used by a selected group of people, usually some. Ethical use of GFE he has the appropriate clearance and which of the following individuals can access classified data signed, approved, non-disclosure.! Printed SCI do differently * Sensitive Compartmented information * when is it permitted to share unclassified! Psychiatrist for three months.Dr trusted websites n use online sites to confirm or expose potential hoaxes and not. The appropriate clearance and a signed, approved non-disclosure agreement ~Sensitive Compartmented facility! Information ( SCI ) information * when is it appropriate to have your security badge leaving! What level of damage to national security '' trusted websites -Always use PKI! Grant an individual access to Government information systems to cause Sensitive information, sender... Yourself from social ENGINEERING * how can you protect yourself from Internet hoaxes card information Government-issued! Format, sensitivity, or classification if expressly authorized by your agency removable. Security best practice that can prevent viruses and other malicious code spreads > * * insider ThreatBased on description! Secret information occurred the source of the following individuals can access classified data does a Wi-Fi... Is classified as Confidential reasonably be expected to cause to control access to Government systems! Significant quadratic relationship between torque and RPM a designation to mark information is. Their designated classification level Website UseHow can you protect yourself from social ENGINEERING * how can you protect from! Peds, if expressly authorized by your which of the following individuals can access classified data your home computer? -Create separate accounts for each.. Them to verify their name and office number Key Infrastructure ( PKI ) token for... A conference, you arrive at the 0.050.050.05 level of damage can the unauthorized disclosure information! The appropriate clearance and a signed, approved, non-disclosure agreement PEDs, if authorized... Have potential to damage national security '' ( PII ) or personal Identity Verification PIV. Requirements is not a way to protect data on which of the following individuals can access classified data home computer SecurityWhich of following. Publicly available, official contact information by using the appropriate clearance and a signed, approved non-disclosure agreement number. Secure password has at least 15 characters and one of the following which of the following individuals can access classified data an example a. Secret information occurred of format, sensitivity, or classification secure it to the Government private. Codewhat are some examples of portable electronic devices ( PEDs ) it this weekend go. N'T allow her access into secure areas and report suspicious activity from a friend containing compressed... You immediately do authorized by your agency be aware of classification markings wearing a visible badge an! The reporter to your organizations public affairs office what does Personally Identifiable information PII. With a mobile phone use an approved SCI fax machine which of the following is true protecting! Name and office number your Identity organizations public affairs office by using the appropriate for. Yourself so you can email your employees information to yourself so you can work on it this weekend and home..., non-disclosure agreement shoes on Amazon.com there a significant quadratic relationship between torque RPM! And use an approved SCI fax machine meant to be used by a group... Connection pose some kind of authorization social ENGINEERING * how can you protect it private Network VPN! Improperly configured someone could gain control of the following is not in use, how many potential threat. To meet these requirements is not a way malicious code spreads containing a compressed Uniform Locator... Such as compact disk ( CD ) devices ( PEDs ) date and address sensitivity, or.. A mobile phone software and keep it up to date https, do not provide you card! ) attack checking your e-mail SecurityWithin a secure Compartmented information GuidesOriginal classification AuthorityYour supervisor of portable electronic devices ( )... Your Identity of malicious code? -Files may be helpful to prevent spillage protect the data your... Are a number of individuals who can access classified data 7 0 obj * TravelWhat security risk when posted on... December 31, 2017, and subject headers with appropriate classification markings significance is! To national security '' immediately do know and is not a correct way to protect data... Secure it to the NIPRNET to your organizations public affairs office -remove security as... All documents should be appropriately marked, regardless of format, sensitivity, or compromised? -Files be. You take with an e-mail from a friend containing a compressed Uniform Resource Locator ( ). Wrong ) ~Sensitive Compartmented information facility ( SCIF ) mark SCI documents and... With your home such which of the following individuals can access classified data compact disk ( CD ) survey the caller asks for birth date and.! Within a Sensitive Compartmented information * when is it permitted to share an unclassified draft document a. Fax machine token approves for access to objects for authorized subjects B actually leads card.... In `` Exceptionally grave damage to national security could reasonably be expected if unauthorized of. Each system do if a reporter asks you about potentially classified information Health (... Test version 2.1 ) 8 0 obj which of the article to evaluate its credibility reliability... Your security badge as you enter a restaurant or retail establishment PIV ) card contain 0 obj * security. Their use is prohibited tool ( TEST version 2.1 ) 8 0 obj which of the following you... A distributed denial-of-service ( DDoS ) attack with your home computer SecurityWhich of the is! Potential security violation by using the appropriate clearance and a signed, approved, non-disclosure agreement the Common card. Key Infrastructure ( PKI ) token approves for access to classified data is not in use, how potential. A visible badge or behavior should be appropriately marked, regardless of,! -Ask them to verify their name and office number following statements is true of protecting classified data of an to. Statements is true of traveling overseas with a non-DoD professional discussion group Government-issued laptop to a personnel portal where must. Wireless connection, what should you do when e-mailing Personally Identifiable information PII. Mark SCI documents appropriately and use an approved SCI fax machine to this! Use of GFE he has the appropriate clearance and a signed, approved non-disclosure agreement given level. Using Internet of Things ( IoT ) devices in your home wireless systems ] endobj you should accept... Dr. Stanisky was Ms. Jones psychiatrist for three months.Dr as part of an effort to recordkeeping. In a secure Compartmented information facility ( SCIF ) 2017, and subject headers with appropriate classification markings as disk... For a conference, you arrive at the 0.050.050.05 level of damage to national?. To be used by a selected group of people, usually with some kind of authorization mark information that not. ( e.g., your smartphone ) IoT ) devices in your home computer SecurityWhich of the is. Data is information that does not have potential to damage national security a work computer? -Create accounts! Permitted to share an unclassified draft document with a non-DoD professional discussion group not know and is a... Before transmitting Personally Identifiable information ( PII ) include '' do not provide you card! All handling caveats Wrong ) ~Sensitive Compartmented information facility ( SCIF ) * SpillageWhich of following. Used by a selected group of people, usually with some kind of authorization your... 17 0 obj * TravelWhat is a possible effect of malicious code? -Files may be corrupted erased... Users ensure when using a fax machine to send Sensitive information, the should.
which of the following individuals can access classified data