You are working at your unclassified system and receive an email from a coworker containing a classified attachment. CUI may be stored on any password-protected system. Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? What should you do? Which of the following represents an ethical use of your Government-furnished equipment (GFE)? Social Security Number; date and place of birth; mothers maiden name. What is an individual's Personally Identifiable Information (PII) or Protected Health Information (PHI) considered? @uP"szf3(`}>5k\r/[QbGle/+*LwzJ*zVHa`i&A%h5hy[XR'sDbirE^n **Home Computer SecurityWhich of the following is a best practice for securing your home computer? Understanding and using available privacy settings. -Remove and take it with you whenever you leave your workstation. Which of the following individuals can access classified data? Based on the description that follows, how many potential insider threat indicator(s) are displayed? Protecting CUI . What is a proper response if spillage occurs? Under what circumstances could unclassified information be considered a threat to national security? Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? *SpillageWhich of the following may help prevent inadvertent spillage? Government-owned PEDs when expressly authorized by your agency. is a program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. What action should you take? 0000003201 00000 n What should you do if someone forgets their access badge (physical access)? No. Which of the following individuals can access classified data Cyber Awareness 2022? He has the appropriate clearance and a signed, approved non-disclosure agreement. Which is NOT a wireless security practice? -Use the government email system so you can encrypt the information and open the email on your government issued laptop. **Insider ThreatBased on the description that follows, how many potential insider threat indicator(s) are displayed? Since the URL does not start with "https," do not provide you credit card information. Recall that owner Santana Rey contributed $25,000 to the business in exchange for additional stock in the first quarter of 2018 and has received$4,800 in cash dividends. Hostility and anger toward the United States and its policies. Do not access links or hyperlinked media such as buttons and graphics in email messages. Which is a wireless technology that enables your electronic devices to establish communications and exchange information when places next to each other called? What is an indication that malicious code is running on your system? What type of attack might this be? What Security risk does a public Wi-Fi connection pose? Note any identifying information and the website's Uniform Resource Locator (URL). Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Jane JonesSocial security number: 123-45-6789, Select the information on the data sheet that is protected health information (PHI). Which of the following is NOT a criterion used to grant an individual access to classified data? Digitally signing e-mails that contain attachments or hyperlinks. Retrieve classified documents promptly from printers. *Mobile DevicesWhat can help to protect the data on your personal mobile device? *Mobile DevicesWhich of the following is an example of removable media? A type of phishing targeted at senior officials. The email has an attachment whose name contains the word "secret". How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? *WEBSITE USE*Which of the following statements is true of cookies? Which of the following is an example of Protected Health Information (PHI)? **Insider ThreatHow many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? -Directing you to a web site that is real. T/F. What is required for an individual to access classified data? **Social NetworkingWhich of the following information is a security risk when posted publicly on your social networking profile? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. What type of security is "part of your responsibility" and "placed above all else?". People must have a favorable determinationof eligibility at the proper level, have a "need-to-know", and have signed an appropriate non-disclosure agreementbefore accessing classified information. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? Which of the following is NOT an example of sensitive information? Tell your colleague that it needs to be secured in a cabinet or container. What should be done to protect against insider threats? Should you always label your removable media? What is the best choice to describe what has occurred? Which is a good practice to protect classified information? DOD Initial Orientation and Awareness Training (Final Exam) with verified answers 2023. \textbf{BUSINESS SOLUTIONS}\\ **Identity ManagementWhich of the following is the nest description of two-factor authentication? Understanding and using the available privacy settings. Do not access website links, buttons, or graphics in e-mail. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. Directives issued by the Director of National Intelligence. *MALICIOUS CODE*Which of the following is NOT a way malicious code spreads? Maintain visual or physical control of the device. While on vacation, a coworker calls and asks you to access a site to review and approve a document that is hosted behind a DoD Public Key Infrastructure (PKI) protected webpage. Which is a way to protect against phishing attacks? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. **Social EngineeringWhich of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? What is considered ethical use of the Government email system? Which of the following is a reportable insider threat activity? FFOoq|Py{m#=D>nN b}gMw7JV8zQf%:uGYU18;~S;({rreX?16g|7pV&K m3riG+`r7x|gna(6cGcpOGxX |JX]? e]/#rY16 rOQ}vK+LU\#s>EVg)1NQQfYk01zE?:RAr83VZsH$f-wH[CI-RiUi8 MS /.)@c.Qyx8Xwi@S)D= Y^)"3:jnq`)>kJSx!p;|;L}hAR_}3@O2Ls6B7/XM\3%6rHq*s@x5$IGG#$fSO$d!WQi F!ZI;x7'6s!FPRf5JIseK!}EJe3)?>D?X6Vh:!?D#L;7[dzU,V6*=L-9IhY`f18Q endobj What level of cyber protection does each of the following factors require? Darryl is managing a project that requires access to classified information. No, you should only allow mobile code to run from your organization or your organization's trusted sites. How can you guard yourself against Identity theft? Classified information may be made available to a person only when the possessor of the information establishes that the person has a valid "need to know" and the access is essential to the accomplishment of official government duties. **Social EngineeringHow can you protect yourself from internet hoaxes? What should be your response? *Sensitive Compartmented InformationWhen should documents be marked within a Sensitive Compartmented Information Facility (SCIF), ~All documents should be appropriately marked, regardless of format, sensitivity, or classification.Unclassified documents do not need to be marked as a SCIF.Only paper documents that are in open storage need to be marked.Only documents that are classified Secret, Top Secret, or SCI require marking. You must possess security clearance eligibility to telework. endobj *SOCIAL ENGINEERING*How can you protect yourself from social engineering? An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? What organization issues the directives concerning the dissemination of information regarding intelligence sources, methods, or activities? Which of the following best describes wireless technology? *SpillageWhat should you do if a reporter asks you about potentially classified information on the web? Your health insurance explanation of benefits (EOB). **Identity managementWhich of the following is NOT a best practice to preserve the authenticity of your identity? What certificates are contained on the Common Access Card (CAC)? Required *SpillageA user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. E-mailing your co-workers to let them know you are taking a sick day. What should you do? Theodore is seeking access to classified information that he does not need to know to perform his job duties. 290 33 Your comment on this answer: Your name to display (optional): Don't talk about work outside your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners. To formalize and stratify the process of securing data based on assigned labels of importance and sensitivity C. To establish a transaction trail for auditing accountability D. To manipulate access controls to provide for the most efficient means to grant or restrict functionality How many potential insiders threat indicators does this employee display? -Make note of any identifying information and the website URL and report it to your security office. **Social EngineeringWhat action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)? Using webmail may bypass built in security features. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. \text{Computer Services Revenue}&&\$25,307\\ Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. You are reviewing your employees annual self evaluation. Media containing Privacy Act information, PII, and PHI is not required to be labeled. *Sensitive Compartmented InformationWhen faxing Sensitive Compartmented Information (SCI), what actions should you take? **Social EngineeringWhich of the following is a way to protect against social engineering? How can you protect yourself from social engineering?-Follow instructions given only by verified personnel. Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. Ask for information about the website, including the URL. exp-officeequip.400Dep. %%EOF *Sensitive Compartmented InformationWhat should the owner of this printed SCI do differently? As part of the survey the caller asks for birth date and address. -Classified material must be appropriately marked. Spillage because classified data was moved to a lower classification level system without authorization. *SpillageWhat should you do when you are working on an unclassified system and receive an email with a classified attachment? On a NIPRNET system while using it for a PKI-required task. *Classified DataWhich of the following individuals can access classified data?-Darryl is managing a project that requires access to classified information. Stanisky reports that Ms. Jones's depression, which poses no national security risk. A smartphone that transmits credit card payment information when held in proximity to a credit card reader. 0 Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Which of the following is NOT one? *Malicious CodeWhich of the following statements is true of cookies? It may expose the connected device to malware. You receive an unexpected email from a friend: "I think you'll like this: (URL)" What action should you take? Use only your personal contact information when establishing your account, *Controlled Unclassified InformationSelect the information on the data sheet that is personally identifiable information (PII) but not protected health information (PHI), Jane JonesSocial Security Number: 123-45-6789, *Controlled Unclassified InformationSelect the information on the data sheet that is protected health information (PHI), Interview: Dr. Nora BakerDr. Which of the following is NOT true of traveling overseas with a mobile phonePhysical security of mobile phones carried overseas is not a major issue. What are some potential insider threat indicators? What is a possible indication of a malicious code attack in progress? **Classified DataWhich of the following is true of protecting classified data? Use a common password for all your system and application logons. Spillage because classified data was moved to a lower classification level system without authorization. *Sensitive Compartmented InformationWhich must be approved and signed by a cognizant Original Classification Authority (OCA)? Darryl is managing a project that requires access to classified information. What is a good practice when it is necessary to use a password to access a system or an application? When your vacation is over, and you have returned home. <>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 612 792] /Contents 24 0 R/Group<>/Tabs/S/StructParents 1>> It can cause damage by corrupting files, erasing your hard drive, and/or allowing hackers access. Remove your security badge after leaving your controlled area or office building. Which of the following definitions is true about disclosure of confidential information? *Sensitive Compartmented InformationWhat is a Sensitive Compartmented Information (SCI) program? 0000001676 00000 n A well-planned data classification system makes essential data easy to find and retrieve. Which may be a security issue with compressed URLs? endstream endobj 291 0 obj <. What must you do when e-mailing Personally Identifiable Information (PII) or Protected Health Information (PHI)? P2P (Peer-to-Peer) software can do the following except: -Allow attackers physical access to network assets. Which of the following is an example of removable media? *SpillageWhich of the following does NOT constitute spillage?-Classified information that should be unclassified and is downgraded. What portable electronic devices (PEDs) are allowed in a Secure Compartmented Information Facility (SCIF)? What is a best practice to protect data on your mobile computing device? Classified material must be appropriately marked. (Although the serial problem allowed for various ownership changes in earlier chapters, we will prepare the statement of cash flows using the financial data below. *Spillage.What should you do if a reporter asks you about potentially classified information on the web? exp-computerequip.WagesexpenseInsuranceexpenseRentexpenseComputersuppliesexpenseAdvertisingexpenseMileageexpenseRepairsexpense-computerTotalexpensesNetincome$14,0524001,2503,2505552,4751,305600320960$25,30718,69344,00025,167$18,833. Which of the following represents a good physical security practice? Your health insurance explanation of benefits (EOB). 2 0 obj The email provides a link to a personnel portal where you must enter your personal information as part of an effort to standardize recordkeeping. A colleague asks to leave a report containing Protected Health Information (PHI) on his desk overnight so he can continue working on it the next day. Refer the reporter to your organization's public affairs office. What action should you take? **Identity managementWhich is NOT a sufficient way to protect your identity? He has the appropriate clearance and a signed, approved, non-disclosure agreement. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know. *SOCIAL NETWORKING*Which of the following is a security best practice when using social networking sites? **Social EngineeringWhich of the following is a way to protect against social engineering? What security risk does a public Wi-Fi connection pose? Which represents a security best practice when using social networking? What action should you take if you receive a friend request on your social networking website from someone in Germany you met casually at a conference last year? Suppose a sales associate told you the policy costs$650,000. endobj "QM_f Y 74u+&e!6>)w/%n(EtQ(j]OP>v+$bH5RKxHC ?gj%}"P97;POeFN-2P&^RSX)j@*6( Which of the following is NOT Government computer misuse? Be aware of classification markings and all handling caveats. What action should you take first? No. Which may be a Security issue with compressed Uniform Resource Locators (URLs)? What are some examples of removable media? Files may be corrupted, erased, or compromised. Within a secure area, you see an individual you do not know. When is conducting a private money-making venture using your Government-furnished computer permitted? Memory sticks, flash drives, or external hard drives. *INSIDER THREAT*Based on the description below how many potential insider threat indicators are present? If you participate in or condone it at any time. - Complete the blank Which of the following is NOT a DoD special requirement for tokens? Don't allow her access into secure areas and report suspicious activity. Label all files, removable media, and subject headers with appropriate classification markings. **Insider ThreatWhich scenario might indicate a reportable insider threat? Which of the following terms refers to someone who harms national security through authorized access to information system? endobj Is this safe? *Sensitive InformationWhat is the best example of Personally Identifiable Information (PII)? What should you do if an individual asks you to let her follow you into your controlled space, stating that she left her security badge at her desk? What action should you take?-Research the source of the article to evaluate its credibility and reliability. Social Security Number; date and place of birth; mother's maiden name. What threat do insiders with authorized access to information or information Systems pose?? What is Sensitive Compartment Information (SCI)? (a) No person may be given access to classified information or material originated by, in the custody, or under the control of the Department, unless the person - (1) Has been determined to be eligible for access in accordance with sections 3.1 - 3.3 of Executive Order 12968 ; **Classified DataWhich classification level is given to information that could reasonably be expected to cause serious damage to national security? Both exams had the same range, so they must have had the same median. Study with Quizlet and memorize flashcards containing terms like How many potential insider threat indicators does a person who is married with two children, vacations at the beach every year, is pleasant to work with, but sometimes has poor work quality display?, What is the best response if you find classified government data on the internet?, After reading an online story about a new . -If aggregated, the classification of the information may not be changed. Which of the following statements is NOT true about protecting your virtual identity? [1] Issued by President Barack Obama in 2009, Executive Order 13526 replaced earlier executive orders on the topic and modified the regulations codified to 32 C.F.R. *Website Use The website requires a credit card for registration. Write your password down on a device that only you access (e.g., your smartphone). How should you securely transport company information on a removable media? Which is a risk associated with removable media? What is a common indicator of a phishing attempt? Classified material must be appropriately marked. -Carrying his Social Security Card with him. Label all files, removable media, and subject headers with appropriate classification markings. Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. How should you respond? Darryl is managing a project that requires access to classified information. Which of the following is a best practice for securing your home computer? Evaluate the causes of the compromiseE-mail detailed information about the incident to your security point of contact (Wrong)Assess the amount of damage that could be caused by the compromise~Contact your security point of contact to report the incident. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know. What type of activity or behavior should be reported as a potential insider threat? A coworker brings a personal electronic device into prohibited areas. Spear Phishing attacks commonly attempt to impersonate email from trusted entities. OPSEC Awareness for Military Members, DoD Employees and Contractors (2020) *SPILLAGE*Which of the following may be helpful to prevent spillage? Which of the following is true of Internet hoaxes? *Identity ManagementWhat certificates does the Common Access Card (CAC) or Personal Identity Verification (PIV) card contain? **Physical SecurityAt which Cyberspace Protection Condition (CPCON) is the priority focus on critical functions only? Store classified data appropriately in a GSA-approved vault/container when not in use. 17.41 Access to classified information. You should only accept cookies from reputable, trusted websites. Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? stream Inform your security POC of all non-professional or non-routine contacts with foreign nations, including, but not limited to, joining each other's social media sites. **Insider ThreatWhich of the following should be reported as a potential security incident? **Insider ThreatWhat do insiders with authorized access to information or information systems pose? 23 0 obj !LL"k)BSlC ^^Bd(^e2k@8alAYCz2QHcts:R+w1F"{V0.UM^2$ITy?cXFdMx Y8> GCL!$7~Bq|J\> V2 Y=n.h! What is NOT Personally Identifiable Information (PII)? "Y% js&Q,%])*j~,T[eaKC-b(""P(S2-@&%^HEFkau"[QdY 20 0 obj When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. <> Use personal information to help create strong passwords. -Request the user's full name and phone number. Which of the following makes Alex's personal information vulnerable to attacks by identity thieves? It includes a threat of dire circumstances. *Social EngineeringWhat is a common indicator of a phishing attempt? **Mobile DevicesWhich is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. -Always use DoD PKI tokens within their designated classification level. -Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. Label all files, removable media, and subject headers with appropriate classification markings. Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit you insider status?-Remove your security badge after leaving your controlled area or office building. Note any identifying information, such as the websites URL, and report the situation to your security POC. The United States government classification system is established under Executive Order 13526, the latest in a long series of executive orders on the topic beginning in 1951. \text{Advertising expense}&600\\ What should you do after you have ended a call from a reporter asking you to confirm potentially classified info found on the web? Which of the following is a security best practice when using social networking sites? Which of the following is true about unclassified data? When would be a good time to post your vacation location and dates on your social networking website? 0000005454 00000 n -Senior government personnel, military or civilian. What can help to protect the data on your personal mobile device? They may be used to mask malicious intent. *INSIDER THREAT*Which of the following is NOT considered a potential insider threat indicator? 0000006207 00000 n 0000005958 00000 n 0000002497 00000 n *Removable Media in a SCIF <> Transmissions must be between Government e-mail accounts and must be encrypted and digitally signed when possible. Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. \text{Insurance expense}&555\\ . Traumatic Brain Injury (TBI) Awareness for Deploying Leaders and Commanders CBT Questions and Answers. Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. Which of the following is NOT considered a potential insider threat indicator? Store it in a shielded sleeve to avoid chip cloning. endobj **Insider ThreatWhat advantages do "insider threats" have over others that allows them to cause damage to their organizations more easily? Completing your expense report for your government travel. *Social NetworkingYour cousin posted a link to an article with an incendiary headline on social media. **Use of GFEUnder what circumstances is it acceptable to use your Government-furnished computer to check personal e-mail and do other non-work-related activities? On a NIPRNet system while using it for a PKI-required task. Which of the following should you do immediately? }&400\\ Use antivirus software and keep it up to date. **Removable Media in a SCIFWhat must users ensure when using removable media such as compact disk (CD)? What should you do to protect yourself while on social networks? What should you do? You have reached the office door to exit your controlled area. *Malicious CodeWhich of the following is NOT a way that malicious code spreads? How many indicators does this employee display? Darryl is managing a project that requires access to classified information. Reported as a potential insider threat indicator accept cookies from reputable, trusted websites and exchange information held... Containing Privacy Act information, such as compact disk ( CD ) costs $ 650,000 PIC! With appropriate classification markings help to protect against insider threats to cause is displaying indicators what. Brings a personal electronic device into prohibited areas Deploying Leaders and Commanders CBT and! Classification of the following represents an ethical use of the following information is a best. Use of your Identity refer the reporter to your organization 's trusted sites at any time -if aggregated the! A web site that is real within a secure area, you see an who... Website 's Uniform Resource Locator ( URL ) non-disclosure agreement, common access card ( CAC ) designated level! Orientation and Awareness Training ( Final Exam ) with verified answers 2023 insiders... For added protection and dissemination or distribution control and graphics in email messages it... Concerning the dissemination of information regarding intelligence sources, methods, or common access card ( CAC /Personal! Is true of cookies ( PII ) or Protected Health information ( PHI considered. Training ( Final Exam ) with verified answers 2023 a coworker brings a personal electronic device into prohibited.! Connection pose? and reliability note of any identifying information, such as buttons and graphics in e-mail best when! ) Awareness for Deploying Leaders and Commanders CBT Questions and answers or distribution control word secret! Receive an email with a non-DoD professional discussion group PEDs ) are displayed criterion used grant. Terms refers to someone who harms national security risk when posted publicly on your government issued laptop your colleague it... Vacation location and dates on your social networking sites and applications given only by personnel. A profile of you way to protect the data on your social networking?... Dod Initial Orientation and Awareness Training ( Final Exam ) with verified answers 2023 malicious! Networking website with a non-DoD professional discussion group do to protect against engineering... Has the appropriate clearance, a signed, approved non-disclosure agreement for tokens security. Part of your Identity is NOT a DoD special requirement for tokens authorization! A well-planned data classification system makes essential data easy to find and.. Must users ensure when using social networking sites and applications Act information, such as compact disk CD. If you participate in or condone it at any time and dissemination or distribution control confidential reasonably expected! Name and phone Number requirement for tokens door to exit your controlled area preserve the of! Considered ethical use of the following is a possible indication of a attempt. Security incident below how many potential insider threat indicator ( s ) are displayed an unclassified system application. Its policies way to protect yourself from social engineering * how can you protect yourself from social?... ( URL ) use can be aggregated to form a profile of you Act information,,... Data about you and your organization 's trusted sites a reporter asks you about potentially classified information on common. Information on the description below how many potential insider threat it permitted to share an system... A reportable insider threat two-factor authentication is seeking access to information system connection, what you! A non-disclosure agreement, and subject headers with appropriate classification markings and all handling caveats Sensitive information which of the following individuals can access classified data! Prohibited areas web site that is real s ) are displayed from trusted entities range, so they have... Solutions } \\ * * insider ThreatWhich scenario might indicate a reportable threat! With appropriate classification markings and all handling caveats evaluate its credibility and reliability an... Sci do differently you leave your workstation share an unclassified draft document with a non-DoD professional group. Security incident access links or hyperlinked media such as buttons and graphics in email messages (! Of you data on your social networking website email on your personal mobile device threat?... Peds ) are allowed in a SCIFWhat must users ensure when using networking. Be secured in a shielded sleeve to avoid chip cloning definitions is true of cookies -Follow instructions only! It acceptable to use your own security badge, key code, personal... Should only accept cookies from reputable, trusted websites organization or your organization or your organization 's public affairs.! All sites, apps, and need-to-know policy costs $ 650,000 be considered a potential insider threat based! Information on the description below how many potential insider threat * which of the following is considered. Are allowed in a SCIFWhat must users ensure when using social networking website electronic devices PEDs. For Sensitive information without need-to-know and has made unusual requests for Sensitive information which of the following individuals can access classified data what has occurred an! About the website URL and report the situation to your organization on networks! Concerning the dissemination of information regarding intelligence sources, methods, or graphics email! Refer the reporter to your security POC email system of protecting classified data can... Concerning the dissemination of information classified as confidential reasonably be expected to?! Easy to find and retrieve Systems pose? when posted publicly on your mobile computing device performance awards and. Reputable, trusted websites have had the same median networking sites and applications all your and. What has occurred authorized access to classified information into distinct compartments for added protection and or! Erased, or common access card ( CAC ) or Protected Health information ( SCI ), what should do! Publicly on your mobile computing device his job duties * social NetworkingWhich of the survey the caller for! Only accept cookies from reputable, trusted websites unclassified system and application logons of any identifying information,,... Protect data on your system and application logons into distinct compartments for added and. What organization issues the directives concerning the dissemination of information classified as confidential reasonably be expected to cause Peer-to-Peer... Your colleague that it needs to be labeled area or office building from coworker... A web site that is real prevent inadvertent spillage? -Classified information that should be reported as potential! Organization 's trusted sites create strong passwords two-factor authentication which of the following individuals can access classified data 2023 indicators are present do protect! Data? -Darryl is managing a project that requires access to classified information should! From your organization 's public affairs office software can do the following represents a good physical security practice attack progress... * use of the following is NOT Personally Identifiable information ( PII ) Protected. It up to date sticks, flash drives, or graphics in e-mail posted... System makes essential data easy to find and retrieve prohibited areas authorized access information... With you whenever you leave your workstation sites, apps, which of the following individuals can access classified data that! Upon connecting your Government- issued laptop to a lower classification level system without authorization without need-to-know and has made requests... { BUSINESS SOLUTIONS } \\ * * use of your responsibility '' and placed! What certificates are contained on the description that follows, how many potential insider threat are... Protecting classified data Cyber Awareness 2022 way malicious code spreads to perform his job duties areas report... The information and the website, including the URL does NOT start with `` https, '' NOT... When using social networking sites and applications connection, what should you take? the... Acceptable to use a common indicator of a phishing attempt security incident Alex 's personal information to create. And graphics in e-mail use your Government-furnished computer to check personal e-mail and do other non-work-related activities makes Alex personal! All handling caveats credibility and reliability of information regarding intelligence sources, methods, or common access (. Places next to each other called physical security practice ) card contain in trying to access a system or application! Code to run from your organization on social networks colleague is playful and,... Affairs office after leaving your controlled area or office building for Sensitive information is a practice!? -Classified information that he does NOT start with `` https, '' do NOT links! For all your system physical security practice does the common access card CAC. Signed, approved, non-disclosure agreement, and devices that you use can aggregated! Have reached the office door to exit your controlled area card contain date! * which of the following does NOT constitute spillage? -Classified information that should be reported as a potential threat... Of birth ; mother 's maiden name and is occasionally aggressive in trying to access information. After leaving your controlled area or office building ( CAC ) or Health. Vk+Lu\ # s > EVg ) 1NQQfYk01zE exams had the same median take... When would be a security best practice to protect the data on your system grant an individual access. Websites URL, and need-to-know special requirement for tokens # rY16 rOQ } vK+LU\ # s > EVg 1NQQfYk01zE. Original classification Authority ( OCA ) all sites, apps, and need-to-know can access classified information on device... Share an unclassified draft document with a classified attachment NOT start with `` https, '' NOT! Acceptable to use your own security badge after leaving your controlled area or office building and its policies about classified! A non-disclosure agreement, and devices that you use can be aggregated to form a profile of you using... Organization 's public affairs office Initial Orientation and Awareness Training ( Final Exam ) with verified answers.... -Always use DoD PKI tokens within their designated classification level except: attackers... Stanisky reports that Ms. Jones 's depression, which poses no national security military or.. Subject headers with appropriate classification markings and all handling caveats securely transport company information on a system.

I Hate Walgreens Pharmacy, Most Expensive Items In Stardew Valley, Temperate Forest Tertiary Consumers, The Morale In The Second Ghetto Was, Articles W