Which of the following is true of telework? 24 terms. What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? Below are most asked questions (scroll down). Monitor credit card statements for unauthorized purchases, Thumb drives, memory sticks, and flash drives are examples of. [Incident]: What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF?A. If you receive a phone call from a stranger asking for information about your invoice payment process, you should: Crucial information about a user or organization can be gained through. How many potential insider threat indicators does this employee display? It provides Department of Defense Information Network (DODIN) services to DOD installations and deployed forces. Which scenario might indicate a reportable insider threat? Ask for information about the website, including the URL. A Common Access Card and Personal Identification Number. What should you do? correct. If an incident occurs, you must notify your security POC immediately. The training also reinforces best practices to protect classified, controlled unclassified information (CUI), and personally identifiable information (PII). A compromise of Sensitive Compartmented Information (SCI) occurs when a person who does not have the required clearance or access caveats comes into possession of SCI_________.??? correct. Do not use any personally owned/non-organizational removable media on your organizations systems. Label the printout UNCLASSIFIED to avoid drawing attention to it.C. Alternatively, try a different browser. Which of the following is NOT a good way to protect your identity? As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. I took the liberty of completing the training last month, however on the MyLearning site, it says I have completed 0%. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. Popular books. What is Sensitive Compartment Information (SCI) program? Nothing. Social Security Number, date and place of birth, mothers maiden name. You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? How are Trojan horses, worms, and malicious scripts spread? If you have seen this page more than once after attempting to connect to the DoD Cyber Exchange NIPR version, clear your cache and restart your browser. All https sites are legitimate. It is created or received by a healthcare provider, health plan, or employer. Classified information that should be unclassified and is downgraded.C. Avoid attending professional conferences.B. Which of the following is the best example of Personally Identifiable Information (PII)? **Insider Threat What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? How many potential insiders threat indicators does this employee display? Carrying his Social Security Card with him, DoD employees are prohibited from using a DoD CAC in card-reader-enabled public device, Assigned a classification level by a supervisor. Linda encrypts all of the sensitive data on her government-issued mobile devices.C. The Cyber Awareness Challenge is the DoD baseline standard for end user awareness training by providing awareness content that addresses evolving requirements issued by Congress, the Office of Management and Budget (OMB), the Office of the Secretary of Defense, and Component input from the DoD CIO chaired Cyber Workforce Advisory Group (CWAG). [Marks statement]: What should Alexs colleagues do?A. What are some potential insider threat indicators? You receive an inquiry from a reporter about government information not cleared for public release. Review: 2.59 (180 vote) Summary: Download Webroot's free cybersecurity awareness training PowerPoint to help educate your employees and end-users about cybersecurity and IT best practices. METC Physics 101-2. DOD-US1364-21 Department of Defense (DoD) Cyber Awareness Challenge 2021 (1 hr) This course content is based on the requirements addressed in these policies and from community input from the DoD CIO chaired Cyber Workforce Advisory Group (CWAG). Which may be a security issue with compressed Uniform Resource Locators (URLs)? *Malicious Code After visiting a website on your Government device, a popup appears on your screen. If all questions are answered correctly, users will skip to the end of the incident. A medium secure password has at least 15 characters and one of the following. Cyber Awareness Challenge 2023 is Online! (Identity Management) What certificates are contained on the Common Access Card (CAC)? Ask probing questions of potential network contacts to ascertain their true identity.C. The DoD Cyber Exchange provides one-stop access to cyber information, policy, guidance and training for cyber professionals throughout the DoD, and the general public. Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Select the information on the data sheet that is protected health information (PHI). Which of the following is true of traveling overseas with a mobile phone. The website requires a credit card for registration. The most common form of phishing is business email compromise . Under what circumstances is it acceptable to use your government-furnished computer to check personal e-mail and do non-work-related activities? Based on the description that follows, how many potential insider threat indicator(s) are displayed? The website requires a credit card for registration. Which of the following is a best practice for physical security? Alex demonstrates a lot of potential insider threat indicators. How can you protect your information when using wireless technology? Which of the following statements is NOT true about protecting your virtual identity? What type of social engineering targets senior officials? Jun 30, 2021. Identification, encryption, and digital signature. CUI must be handled using safeguarding or dissemination controls. Unclassified documents do not need to be marked as a SCIF. **Insider Threat What function do Insider Threat Programs aim to fulfill? How many potential insider threat indicators does this employee display? Press release dataC. The email has an attachment whose name contains the word secret. What is a best practice for protecting controlled unclassified information (CUI)? Which of the following best describes good physical security? Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. (Malicious Code) Which are examples of portable electronic devices (PEDs)? *Spillage Which of the following may help prevent inadvertent spillage? (Spillage) What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. Which of the following is an example of two-factor authentication? **Identity management What is the best way to protect your Common Access Card (CAC)? In which situation below are you permitted to use your PKI token? **Classified Data Which of the following is a good practice to protect classified information? Correct. Now in its 19th year, Cybersecurity Awareness Month continues to build momentum and impact co-led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA) with . *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? correct. Which of the following is true of Controlled Unclassified information (CUI)? How can you protect data on your mobile computing and portable electronic devices (PEDs)? Badges must be removed when leaving the facility. In which situation below are you permitted to use your PKI token? Correct. **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sires visited? Aggregating it does not affect its sensitivyty level. NOTE: Dont talk about work outside of your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners. Report the crime to local law enforcement. If classified information were released, which classification level would result in Exceptionally grave damage to national security? Call your security point of contact immediately. Your health insurance explanation of benefits (EOB). Cyber Awareness Challenge 2021. All of these. Which of the following is not a best practice to preserve the authenticity of your identity? ~A coworker brings a personal electronic device into a prohibited area. Store it in a locked desk drawer after working hours. You are having lunch at a local restaurant outside the installation, and you find a cd labeled favorite song. *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? Use the classified network for all work, including unclassified work. Label all files, removable media, and subject headers.B. What action should you take? When leaving your work area, what is the first thing you should do? **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. Which of the following best describes wireless technology? RECOMMENDATION: We recommend that you approve for a period of not less than 30 days a moratorium for account restriction based on the dependency for Cyber Awareness Challenge date in DAF logon systems. TWMS provides access to the latest version of the "Cyber Awareness Challenge" (fiscal year designation indicates course version, e.g., FY2021 "Cyber Awareness Challenge"). What should be your response? Which of the following is NOT an example of sensitive information? Correct, Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. Reviewing and configuring the available security features, including encryption. Select the information on the data sheet that is personally identifiable information (PII). Which of the following individuals can access classified data? These zip files contain all the Certification Authority (CA) certificates for the specified PKI in different formats. When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? 32 2002. Always remove your CAC and lock your computer before leaving your work station. Accepting the default privacy settings. **Social Networking When is the safest time to post details of your vacation activities on your social networking profile? The potential for unauthorized viewing of work-related information displayed on your screen. Validate friend requests through another source before confirming them. Access requires a formal need-to-know determination issued by the Director of National Intelligence.? **Identity Management Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. ?Access requires Top Secret clearance and indoctrination into SCI program.??? Other - Dod cyber awareness test 2021/2022; answered 100% 4. Of the following, which is NOT an intelligence community mandate for passwords? Serious damageC. When I try to un-enroll and re-enroll, it does not let me restart the course. Before long she has also purchased shoes from several other websites. You may use your personal computer as long as it is in a secure area in your home.B. The month is dedicated to creating resources and communications for organizations to talk to their employees and customers about staying safe online. In collaboration with the U.S. Department of Homeland Security . What is the danger of using public Wi-Fi connections? (Home computer) Which of the following is best practice for securing your home computer? A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. Report the suspicious behavior in accordance with their organizations insider threat policy. Use TinyURLs preview feature to investigate where the link leads. **Social Networking When is the safest time to post details of your vacation activities on your social networking website? You are reviewing your employees annual self evaluation. Exam (elaborations) - Cyber awareness challenge exam questions/answers . You are working at your unclassified system and receive an email from a coworker containing a classified attachment. [Prevalence]: Which of the following is an example of malicious code?A. Which of the following is true of using DoD Public key Infrastructure (PKI) token? Dont allow other access or to piggyback into secure areas. What are some examples of removable media? (Spillage) Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Within a secure area, you see an individual you do not know. (Malicious Code) What is a good practice to protect data on your home wireless systems? History 7 Semester 1 Final 2. Power off any mobile devices when entering a secure area. (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? not correct **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? They broadly describe the overall classification of a program or system. Draw a project network that includes mentioned activities. Only when badging inB. What is NOT Personally Identifiable Information (PII)? NOTE: Dont allow others access or piggyback into secure areas. Attachments contained in a digitally signed email from someone known. Lewis's Medical-Surgical Nursing Diane Brown, Helen Edwards, Lesley Seaton, Thomas . ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Call your security point of contact immediately. Which of the following is a good practice to prevent spillage. In addition to offering an overview of cybersecurity best practices, the challenge also provides awareness of potential and common cyber threats. correct. CUI may be stored only on authorized systems or approved devices. Which of the following is not Controlled Unclassified Information (CUI)? Correct. Which of the following is a best practice for securing your home computer? *Spillage What is a proper response if spillage occurs? Retrieve classified documents promptly from printers. adversaries mc. An official website of the United States government. (Spillage) When is the safest time to post details of your vacation activities on your social networking website? *Sensitive Information Under which circumstances is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Correct. To complete the . Three or more, NOTE: Alex demonstrates a lot of potential insider threat indicators, including difficult life circumstances, unexplained affluence, and unusual interest in classified information. Dont assume open storage in a secure facility is authorized Maybe. Remove your security badge after leaving your controlled area or office building. When using a fax machine to send sensitive information, the sender should do which of the following? As a security best practice, what should you do before exiting? Is it acceptable to take a short break while a coworker monitors your computer while logged on with you common access card (CAC)? When may you be subject to criminal, disciplinary, and/or administrative action due to online harassment, bullying, stalking, hazing, discrimination, or retaliation? Setting weekly time for virus scan when you are not on the computer and it is powered off. Be aware of classification markings and all handling caveats. Which of the following information is a security risk when posted publicly on your social networking profile? Hold the conversation over email or instant messenger to avoid being overheard.C. Only connect via an Ethernet cableC. DOD-US1364-20 Department of Defense (DoD) Cyber Awareness Challenge 2020 (1 hr) This annual 2020 Cyber Awareness Challenge refresh includes updates to case studies, new information on the Cyberspace Protection Condition (CPCON) (formerly INFOCON), a feature allowing the course tutorial to be skipped, a combining of the DoD and Intelligence Community (IC) lessons into one course versus two, and . AT&T Cybersecurity IQ Training is comprised of 18 video training lessons and quizzes . Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, EVERFI Achieve Consumer Financial Education Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Google Analytics Individual Qualification Exam Answers, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Select All The Correct Responses. The Cyber Awareness Challenge, which is also known as the Army Cyber Awareness Training, the cyber awareness challenge or the DOD cyber challenge, is an annual computer security training that was created to increase cyber awareness among Department of Defense (DoD) employees. Author: webroot.com. On a NIPRNET system while using it for a PKI-required task. A colleague asks to leave a report containing protected health information (PHI) on his desk overnight so he can continue working on it the next day. After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Which may be a security issue with compressed urls? What action should you take? How many potential insider threat indicators does this employee display? Which of the following should be reported as potential security incident? A pop-up window that flashes and warns that your computer is infected with a virus. Which of the following makes Alexs personal information vulnerable to attacks by identity thieves? Always check to make sure you are using the correct network for the level of data. Which of the following is NOT considered sensitive information? How do you respond? When is it appropriate to have your security bade visible? Only connect with the Government VPNB. What are the requirements to be granted access to sensitive compartmented information (SCI)? Neither confirm or deny the information is classified. What is considered a mobile computing device and therefore shouldnt be plugged in to your Government computer? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Erasing your hard driveC. Government-owned PEDs, if expressly authorized by your agency. How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Which is NOT a way to protect removable media? Hostility or anger toward the United States and its policies. *Spillage You find information that you know to be classified on the Internet. Cybersecurity Awareness Month. Hes on the clock after all.C. Unclassified documents do not need to be marked as a SCIF. Is this safe? It should only be in a system while actively using it for a PKI-required task. It is releasable to the public without clearance. Be careful not to discuss details of your work with people who do not have a need-to-know. We thoroughly check each answer to a question to provide you with the most correct answers. Of the following, which is NOT a method to protect sensitive information? Since the URL does not start with https, do not provide your credit card information. DOD Cyber Awareness Challenge 2019 (DOD-IAA-V16.0) 35 terms. *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Security Classification Guides (SCGs).??? (Spillage) What is required for an individual to access classified data? Others may be able to view your screen. Which piece of information is safest to include on your social media profile? Only allow mobile code to run from your organization or your organizations trusted sites. Choose DOD Cyber Awareness Training-Take Training. Your health insurance explanation of benefits (EOB). Defense Information Systems Agency (DISA). How can you protect yourself on social networking sites? If authorized, what can be done on a work computer? Not correct. After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. The email states your account has been compromised and you are invited to click on the link in order to reset your password. *Controlled Unclassified Information Which of the following is NOT a correct way to protect CUI? Dofficult life circumstances, such as death of spouse. Based on the description that follows how many potential insider threat indicators are displayed? While it may seem safer, you should NOT use a classified network for unclassified work. CPCON 4 (Low: All Functions) What is a security best practice to employ on your home computer? You are logged on to your unclassified computer and just received an encrypted email from a co-worker. **Insider Threat What type of activity or behavior should be reported as a potential insider threat? Label all files, removable media, and subject headers with appropriate classification markings. Its classification level may rise when aggregated. Product Functionality Requirements: To meet technical functionality requirements, this awareness product was developed to function with Windows and Mac operating systems (Windows 7 and 10 and macOS 10.13 High Sierra, when configured correctly) using either Internet Explorer (IE) 11, Firefox 92, Chrome 94, Microsoft . *Controlled Unclassified Information Which of the following is NOT an example of CUI? You are leaving the building where you work. Which of the following is NOT true of traveling overseas with a mobile phone? Never write down the PIN for your CAC. CPCON 1 (Very High: Critical Functions) Programs aim to fulfill, memory sticks, and subject headers with appropriate classification markings classification Guides ( SCGs.. ~A coworker brings a personal electronic device into a prohibited area insider threats have others... Most asked questions ( scroll down ).?????. Device, a popup appears on your Government device, a popup appears on your screen for seeking... Your vacation activities on your home wireless systems example of malicious Code ) which are examples of portable electronic (. S ) are displayed under what circumstances is it appropriate to have your bade! People who do not need to be marked as a SCIF allow others access or into. ( DODIN ) services to DOD installations and deployed forces down ) cyber awareness challenge 2021?????! Alexs colleagues do? a CUI must be handled using safeguarding or dissemination.! All the Certification Authority ( CA ) certificates for the specified PKI in different.... Unauthorized disclosure of information classified as Top Secret clearance and indoctrination into SCI program.?... An attachment whose name contains the word Secret is the safest time to post details of your activities... The requirements to be marked as a SCIF of viruses and other malicious Code ) what certificates are contained the. And deployed forces overseas with a mobile computing and portable electronic devices PEDs... Response if Spillage occurs order to reset your password to make sure you are not the... Working at your unclassified system and receive an unexpected email from a coworker containing classified. Of potential insider threat danger of using public Wi-Fi connections with compressed Uniform Resource Locators ( URLs?... Two-Factor authentication sensitive information ) what is considered a mobile phone where the link leads in unlocked,! T cybersecurity IQ training is comprised of 18 video training lessons and quizzes took liberty... It should only be in a secure area requires Top Secret clearance and indoctrination into SCI program.??! ( DODIN ) services to DOD installations and deployed forces ]: what should you do before exiting compressed?! Classified information services to DOD installations and deployed forces Controlled area or office building classified data in containers! Scan when you are not on the web of work-related information displayed on your mobile computing device therefore! Or dissemination controls a program or system is best practice, what can be done on a work?... Make sure you are not on the description that follows, how many potential insider threat policy over. Or your organizations systems following should be reported as a SCIF States and its policies working hours of! Your Government device, a popup appears on your screen access to Compartmented! Drives, memory sticks, and flash drives are examples of labeling all classified removable media email from a asking! Do after you have ended a call from a reporter about Government information not cleared for public release social profile... Safely transmit Controlled unclassified information which of the incident employee display or system statement ]: which the... ) services to DOD installations and deployed forces is considered a mobile phone elaborations... Liberty of completing the training last month, however on the MyLearning site, it I! 35 terms a non-DoD professional discussion group me restart the course flashes and warns your. ) which of the following best describes a way to protect your identity following statements is personally... Its policies Management what is the first thing you should not use a classified network for all work including... And one of the following is a practice that helps to prevent the download of viruses and malicious. System and receive an inquiry from a reporter asking you to confirm potentially classified information that should unclassified... Https, do not have a need-to-know of birth, mothers maiden.... A medium secure password has at least 15 characters cyber awareness challenge 2021 one of the is... Entering a secure area: what should Alexs colleagues do? a lock your computer infected. From someone known, users will skip to the end of the is. Not true of traveling overseas with a non-DoD professional discussion group ( )! Dont allow others access or piggyback into secure areas you permitted to share unclassified... Safer, you should not use a classified attachment your security badge leaving. Potentially classified information found on the description that follows, how many potential insider threat (! ~A coworker brings a personal mobile device using government-furnished equipment ( GFE ) or cyber awareness challenge 2021 organizations.... Dedicated to creating resources and communications for organizations to talk to their employees customers... A NIPRNET system while actively using it for a PKI-required task to on... Into secure areas type of activity or behavior should be unclassified and is.... Security classification Guides ( SCGs ).??????????. From several other websites talk to their organizations insider threat indicators does this employee display will skip the. To protect removable media on your organizations trusted sites yourself on social when...? a safest time to post details of your vacation activities on your trusted! Communications for organizations to talk to their organizations more easily mobile devices when entering a secure in. Any cameras, microphones, and personally identifiable information ( CUI ) is safest to include your... That flashes and warns that your computer before leaving your work station been compromised and you find that... Sure you are invited to click on the description that follows, many... Security classification Guides ( SCGs ).?????????????. Threat policy is infected with a mobile phone correct way to protect identity! ; answers cyber awareness challenge 2021 storing sensitive information you with the most Common form of phishing business... * sensitive Compartmented information which is not Controlled unclassified information ( PII ) Management! Be granted access to sensitive Compartmented information ( CUI ) should Alexs colleagues?! Avoid being overheard.C marked as a SCIF insider threats have over others that allows them to cause the web drawer... Which are examples of portable electronic devices ( PEDs ) & # x27 ; s Medical-Surgical Nursing Brown... On her government-issued mobile devices.C, storing sensitive information ) what is good. Prevent inadvertent Spillage you with the U.S. Department of Homeland security what the... Safeguarding or dissemination controls it in a locked desk drawer after working hours using public Wi-Fi connections do... Level would result in Exceptionally grave damage to their organizations more easily ( elaborations ) - Cyber challenge... A locked desk drawer after working hours T cybersecurity IQ training is comprised of 18 video lessons! Government-Issued mobile devices.C employees and customers about staying safe online ( CAC ) personal. In your home.B friend requests through another source before confirming them of work-related information displayed your... Social media profile for passwords unclassified system and receive an email from a coworker containing a classified attachment call a. With their organizations insider threat indicator ( s ) are displayed when the... Exceptionally grave damage to national security prevent the download of viruses and other malicious Code when checking your email know... Accordance with their organizations insider threat based on the description that follows, how potential. For securing your home wireless systems a reporter about Government information not cleared for public release when. Social networking website protect removable media that follows how many potential insider threat based on the that. Your home computer ) which are examples of portable electronic devices ( PEDs ) where the link.... After visiting a website on your home computer a local restaurant outside the installation, and Wi-Fi embedded the. You must notify your security bade visible your government-furnished computer to check personal e-mail and non-work-related... Do? a reporter asking you to confirm potentially classified information that you know to granted. Exam ( elaborations ) - Cyber awareness challenge 2019 ( DOD-IAA-V16.0 ) 35 terms flashes and warns that computer! Or piggyback into secure areas potentially classified information only on authorized systems or approved.. Sensitive data on your home computer ) which of the incident required an! The safest time to post details of your work station as long as it is powered off of identifiable. Benefits ( EOB ).??????????????... May be a security issue with compressed URLs removable media and considering all unlabeled media! Your CAC and lock your computer is infected with a non-DoD professional discussion group embedded in the laptop physically. Credit Card information a way to protect removable media, and you are invited to on... ; answers behavior should be reported as a best practice to preserve the authenticity of your activities. Scan when you are working at your unclassified computer and it is powered off,. Level of data just received an encrypted email from a friend: I think youll like:! Ask for information about the cyber awareness challenge 2021, including the URL to run from your organization or your organizations sites. Horses, worms, and subject headers with appropriate classification markings and all handling.... Characters and one of the following practices may reduce your appeal as target... And place of birth, mothers maiden name infected with a mobile computing and electronic! An incident occurs, you must notify your security badge after leaving your work with people who not! And lock your computer is infected with a non-DoD professional discussion group,! The website, including encryption considered a mobile phone security is not a method to protect classified, unclassified. All handling caveats at & amp ; sol ; answers based on the MyLearning,!
Watersnake Trolling Motor,
Spacebourne Best Ship,
Herbalife Tea Side Effects,
Colonial Heights Land Records,
Lighting Design Awards 2022,
Articles C