Other - Dod cyber awareness test 2021/2022; answered 100% 4. Which of the following is NOT a type of malicious code? If authorized, what can be done on a work computer? A colleague enjoys playing video games online, regularly use social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited. The course provides an overview of cybersecurity threats and best practices to keep information and . Overview: The Cyber Awareness Challenge serves as an annual refresher of security requirements, security best practices, and your security responsibilities. Everything's an Argument with 2016 MLA Update University Andrea A Lunsford, University John J Ruszkiewicz. Lionel stops an individual in his secure area who is not wearing a badge. **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? 32 part. Proactively identify potential threats and formulate holistic mitigation responses. Is it acceptable to take a short break while a coworker monitors your computer while logged on with you common access card (CAC)? Her badge is not visible to you. *Malicious Code Which of the following is NOT a way that malicious code spreads? While it may seem safer, you should NOT use a classified network for unclassified work. Which of the following is NOT an appropriate way to protect against inadvertent spillage? Do not access website links, buttons, or graphics in e-mail. Cyber Awareness Challenge 2023 is Online! 24 terms. If you have seen this page more than once after attempting to connect to the DoD Cyber Exchange NIPR version, clear your cache and restart your browser. Which of the following does NOT constitute spillage? What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? Which may be a security issue with compressed Uniform Resource Locators (URLs)? **Social Engineering Which of the following is a way to protect against social engineering? Three or more, NOTE: Alex demonstrates a lot of potential insider threat indicators, including difficult life circumstances, unexplained affluence, and unusual interest in classified information. What should you do? Fort Gordon, Georgia is home to the U.S. Army Cyber Center of Excellence and host to a multi-service community of Army, Navy, Air Force, Marines and multinational forces that has become a center for joint forces activities, training and operations. Make note of any identifying information and the website URL and report it to your security office. Hold the conversation over email or instant messenger to avoid being overheard.C. (Sensitive Information) What should you do if a commercial entity, such as a hotel reception desk, asks to make a photocopy of your Common Access Card (CAC) for proof of Federal Government employment? U.S. ARMY INSTALLATION MANAGEMENT COMMAND "We Are . Which of the following is NOT a correct way to protect CUI?A. 199 terms. Exposure to malwareC. In addition to offering an overview of cybersecurity best practices, the challenge also provides awareness of potential and common cyber threats. Which of the following is an example of a strong password? Overview: The Cyber Awareness Challenge serves as an annual refresher of security requirements, security best practices, and your security responsibilities. You know this project is classified. A headset with a microphone through a Universal Serial Bus (USB) port. What action should you take? Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approves for access to the NIPRNET. Research the source to evaluate its credibility and reliability. **Social Networking As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? Below are most asked questions (scroll down). When using a fax machine to send sensitive information, the sender should do which of the following? Which of the following is true of traveling overseas with a mobile phone. What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? After clicking on a link on a website, a box pops up and asks if you want to run an application. (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? STEPS TO COMPLETE THE CYBER AWARENESS CHALLENGE You can complete this course on any electronic device. not correct. Always challenge people without proper badges and report suspicious activity. A coworker removes sensitive information without authorization. NOTE: Always remove your CAC and lock your computer before leaving your workstation. It does not require markings or distribution controls. Label all files, removable media, and subject headers.B. 32 2002. Photos of your pet Correct. What can help to protect the data on your personal mobile device. Serious damageC. It is fair to assume that everyone in the SCIF is properly cleared. Others may be able to view your screen. Which is a way to protect against phishing attacks? You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. Store it in a locked desk drawer after working hours. This is always okayB. A man you do not know is trying to look at your Government-issued phone and has asked to use it. Correct. **Insider Threat Which of the following should be reported as a potential security incident? Accepting the default privacy settings. Memory sticks, flash drives, or external hard drives. It also says I cannot print out the certificate. Correct. The physical security of the device. If you participate in or condone it at any time. **Classified Data Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? (Wrong). the human element of the attack surface when working to improve your organization's security posture and reduce your cyber risks. The DoD Cyber Exchange Public provides limited access to publicly releasable cyber training and guidance to all Internet users. NOTE: Malicious code can cause damage by corrupting files, erasing your hard drive, and/or allowing hackers access. What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? *Sensitive Compartmented Information When faxing Sensitive Compartmented Information (SCI), what actions should you take? **Insider Threat Which of the following should be reported as a potential security incident (in accordance with you Agencys insider threat policy)? Cyber Awareness Challenge 2023 (Incomplete) 122 terms. After you have returned home following the vacation. When teleworking, you should always use authorized equipment and software. *Spillage What should you do if you suspect spillage has occurred? Should you always label your removable media? Classified information that is intentionally moved to a lower protection level without authorization. CPCON 4 (Low: All Functions) Hostility or anger toward the United States and its policies. This annual refresh includes minor updates to the course technology for compatibility, 508 compliance and resources pages. This annual refresh includes minor updates to the course technology for compatibility, 508 compliance and resources pages. **Identity Management Which of the following is the nest description of two-factor authentication? *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? Sanitized information gathered from personnel records. Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. Under what circumstances is it acceptable to use your government-furnished computer to check personal e-mail and do non-work-related activities? No. (Sensitive Compartmented Information) What describes how Sensitive Compartmented Information is marked? What is NOT Personally Identifiable Information (PII)? View email in plain text and dont view email in Preview Pane. What should you do? Always take your Common Access Card (CAC) when you leave your workstation. *Spillage What should you do if a reporter asks you about potentially classified information on the web? It is created or received by a healthcare provider, health plan, or employer. Store it in a shielded sleeve to avoid chip cloning. Immediately notify your security point of contact. At all times while in the facility. Exceptionally grave damage to national security. Other sets by this creator. What is a best practice to protect data on your mobile computing device? yzzymcblueone. A user writes down details from a report stored on a classified system marked as secret and uses those details to draft an unclassified briefing on an unclassified system without authorization. How are Trojan horses, worms, and malicious scripts spread? Which of the following should you NOT do if you find classified information on the internet? **Social Networking Which of the following information is a security risk when posted publicly on your social networking profile? (Spillage) What should you do when you are working on an unclassified system and receive an email with a classified attachment? Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical functions only? Which of the following is NOT a correct way to protect CUI? Which of the following is NOT an example of CUI?A. **Mobile Devices Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? *Insider Threat Which of the following is a potential insider threat indicator? Which of these is true of unclassified data? Be aware of classification markings and all handling caveats. Which of the following is NOT a best practice to protect data on your mobile computing device? Use the classified network for all work, including unclassified work. Cyber Awareness 2023. [Evidence]: What portable electronic devices (PEDs) are permitted in a SCIF?A. af cyber awareness challenge. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. National Centers of Academic Excellence in Cybersecurity (NCAE-C), Public Key Infrastructure/Enabling (PKI/PKE). We recommend using a computer and not a phone to complete the course. Analyze the other workstations in the SCIF for viruses or malicious codeD. Unusual interest in classified information. Refer the reporter to your organizations public affairs office. Of the following, which is NOT a problem or concern of an Internet hoax? **Social Engineering How can you protect yourself from internet hoaxes? Original classification authority Correct. [Scene]: Which of the following is true about telework?A. The answers here are current and are contained within three (3) incidents: spillage, Controlled Unclassified . Training requirements by group. Toolkits. *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? How should you respond? Which of the following is the best example of Personally Identifiable Information (PII)? What action should you take? What action is recommended when somebody calls you to inquire about your work environment or specific account information? Refer the reporter to your organizations public affairs office. correct. Which of the following definitions is true about disclosure of confidential information? CPCON 2 (High: Critical and Essential Functions) *Insider Threat Which of the following is a reportable insider threat activity? Software that installs itself without the users knowledge. A pop-up window that flashes and warns that your computer is infected with a virus. You should only accept cookies from reputable, trusted websites. What information most likely presents a security risk on your personal social networking profile? dcberrian. Please DO NOT email in regards to Iatraining.us.army.mil, JKO, or skillport. You receive an email from a company you have an account with. **Insider Threat What do insiders with authorized access to information or information systems pose? (Spillage) What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead a collaborative effort between government and industry to raise cybersecurity awareness nationally and internationally. (Sensitive Information) Which of the following is true about unclassified data? (Spillage) When classified data is not in use, how can you protect it? Correct. Only expressly authorized government-owned PEDs.. What should you do? [Incident]: When is it okay to charge a personal mobile device using government-furnished equipment (GFE)?A. What type of security is part of your responsibility and placed above all else?, If your wireless device is improperly configured someone could gain control of the device? DOD Cyber Awareness 2021 (DOD. If you participate in or condone it at any time. (Malicious Code) Which are examples of portable electronic devices (PEDs)? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. How do you respond? Which of the following does not constitute spillage. What should you do? Since 2004, thePresident of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. Software that installs itself without the users knowledge.C. Never write down the PIN for your CAC. Here are the test answers to the Cyber Awareness Challenge (CAC) 2023. **Insider Threat Which scenario might indicate a reportable insider threat? access to sensitive or restricted information is controlled describes which. **Social Networking When is the safest time to post details of your vacation activities on your social networking profile? Which of the following is the best example of Protected Health Information (PHI)? What should you do? Secure personal mobile devices to the same level as Government-issued systems. After you have returned home following the vacation. What should you do? Setting weekly time for virus scan when you are not on the computer and it is powered off. Enable automatic screen locking after a period of inactivity. Analyze the media for viruses or malicious codeC. (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Since the URL does not start with https, do not provide your credit card information. How can you avoid downloading malicious code? Classified Information can only be accessed by individuals with. Your favorite movie. What are some potential insider threat indicators? Which of the following is a good practice for telework? damage to national security. Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. An investment in knowledge pays the best interest.. Not correct SSN, date and place of birth, mothers maiden name, biometric records, PHI, passport number, Subset of PII, health information that identifies the individual, relates to physical or mental health of an individual, provision of health care to an individual, or payment of healthcare for individual. Report suspicious behavior in accordance with their organizations insider threat policy.B. Of the following, which is NOT an intelligence community mandate for passwords? (Identity Management) Which of the following is an example of two-factor authentication? Alex demonstrates a lot of potential insider threat indicators. Social Security Number; date and place of birth; mothers maiden name. Which of the following is a security best practice when using social networking sites? Note the websites URL and report the situation to your security point of contact. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. While it may seem safer, you should NOT use a classified network for unclassified work. Prudence faxes CUI using an Unclassified cover sheet via a Secret fax machine. Which of the following is a proper way to secure your CAC/PIV? Which of the following may help to prevent inadvertent spillage? Approved Security Classification Guide (SCG). Let the person in but escort her back to her workstation and verify her badge. PII includes, but is not limited to, social security numbers, date and places of birth, mothers maiden names, biometric records, and PHI. Request the users full name and phone number. CUI may be stored on any password-protected system. Brianaochoa92. How many potential insider threat indicators does this employee display? Store classified data in a locked desk drawer when not in use Maybe When your vacation is over, and you have returned home. DoD Cyber Awareness Challenge Training . What certificates are contained on the Common Access Card (CAC)? CPCON 5 (Very Low: All Functions). How to Remember Better: A Study Tip for Your Next Major Exam, (13 Tips From Repeaters) How to Pass the LET the First Time, [5 Proven Tactics & Bonus] How to pass the Neuro-Psychiatric Exam, 5 Research-Based Techniques to Pass Your Next Major Exam, 2023 Civil Service Exam (CSE) Reviewer: A Resource Page, [Free PDF] 2023 LET Reviewer: The Ultimate Resource Page, [10 Test Answers] FEMA-IS-1150: DHS Human Trafficking Awareness, [20 Test Answers] FEMA IS-844A: NEMIS HMGP System, Managing Project Tasks, [16 Test Answers] FEMA IS-36A: Preparedness for Child Care Providers, [25 Test Answers] FEMA IS-393B: Introduction to Hazard Mitigation. Of the following, which is NOT a characteristic of a phishing attempt? Correct. Which of the following is NOT a criterion used to grant an individual access to classified data? When would be a good time to post your vacation location and dates on your social networking website? Which of the following is true of telework? I did the training on public.cyber.mil and emailed my cert to my security manager. Store it in a locked desk drawer after working hours. Hostility or anger toward the United States and its policies. Cyber Awareness Challenge 2021. correct. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. (Answer) CPCON 2 (High: Critical and Essential Functions) CPCON 1 (Very High: Critical Functions) CPCON 3 (Medium: Critical, Essential, and Support Functions) CPCON 4 (Low: All Functions) CPCON 5 (Very Low: All Functions). Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. How do you respond? (Malicious Code) Which email attachments are generally SAFE to open? If an incident occurs, you must notify your security POC immediately. They broadly describe the overall classification of a program or system. Which of the following is true about telework? Exam (elaborations) - Cyber awareness challenge exam questions/answers . World Geography. DOD Cyber Awareness Challenge 2019 (DOD-IAA-V16.0) 35 terms. Essential Environment: The Science Behind the Stories Jay H. Withgott, Matthew Laposata. Copy the code below to your clipboard. A coworker has left an unknown CD on your desk. (social networking) When is the safest time to post details of your vacation activities on your social networking profile? **Insider Threat What type of activity or behavior should be reported as a potential insider threat? To enable us to respond in a manner most helpful to you, please indicate the nature of your accessibility problem and the preferred format in which to receive the material. When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organization's system. (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Label the printout UNCLASSIFIED to avoid drawing attention to it.C. What information posted publicly on your personal social networking profile represents a security risk? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. **Classified Data When classified data is not in use, how can you protect it? Which of the following is true of Protected Health Information (PHI)? Only connect via an Ethernet cableC. Adversaries exploit social networking sites to disseminate fake news. Exceptionally grave damage. (Sensitive Information) Which of the following represents a good physical security practice? Delete email from senders you do not know. NOTE: Use caution when connecting laptops to hotel Internet connections. *Spillage What should you do when you are working on an unclassified system and receive an email with a classified attachment? **Social Engineering Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? What should the owner of this printed SCI do differently? not correct. Use a single, complex password for your system and application logons. How many potential insider threat indicators does this employee display? **Social Engineering What action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)? NOTE: Classified DVD distribution should be controlled just like any other classified media. Government-owned PEDs when expressly authorized by your agency. Which of the following is a security best practice for protecting Personally Identifiable Information (PII)? Bob, a coworker, has been going through a divorce, has financial difficulties and is displaying hostile behavior. Any time you participate in or condone misconduct, whether offline or online. How does Congress attempt to control the national debt? Why is the role of entrepreneurs much more important in the new growth theory than in the traditional economic growth model? Store your Common Access Card (CAC) or Personal Identity Verification (PIV) card in a shielded sleeve ~Write your password down on a device that only you access (e.g., your smartphone) Change your password at least every 3 months Enable two-factor authentication whenever available, even for personal accounts. All to Friends Only. Which of the following is a good practice to avoid email viruses? An official website of the U.S. Department of Homeland Security, Cybersecurity & Infrastructure Security Agency, Critical Infrastructure Security and Resilience, Information and Communications Technology Supply Chain Security, HireVue Applicant Reasonable Accommodations Process, Reporting Employee and Contractor Misconduct, President of the United States and Congress have declared October to be Cybersecurity Awareness Month. Notify your security POCB. CUI includes, but is not limited to Controlled Technical Information (CTI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data and operational information. What is best practice while traveling with mobile computing devices? Do NOT download it or you may create a new case of spillage. Who can be permitted access to classified data? Permitted Uses of Government-Furnished Equipment (GFE). Ask for information about the website, including the URL. NOTE: Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. What should the owner of this printed SCI do differently? Call your security point of contact immediately. Follow procedures for transferring data to and from outside agency and non-Government networks. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Adversaries exploit social networking sites to disseminate fake news Correct. *Sensitive Compartmented Information When is it appropriate to have your security badge visible? What are some examples of removable media? Follow instructions given only by verified personnel. A system reminder to install security updates.B. **Social Networking Which of the following best describes the sources that contribute to your online identity? Report the crime to local law enforcement. How should you respond? *Spillage A user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. NOTE: Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? To complete the . Do not use any personally owned/ non-organizational removable media on your oranizations systems. Which is an untrue statement about unclassified data? The email has an attachment whose name contains the word secret. What should the participants in this conversation involving SCI do differently? How should you respond? What should you do? A Knowledge Check option is available for users who have successfully completed the previous version of the course. ! (A type of phishing targeted at senior officials) Which is still your FAT A$$ MOTHER! Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. Share sensitive information only on official, secure websites. Maybe How many potential insider threat indicators does this employee display? [Incident]: What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed?A. How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. Following instructions from verified personnel. Set up a situation to establish concrete proof that Alex is taking classified information. The following practices help prevent viruses and the downloading of malicious code except. Its classification level may rise when aggregated. Press release dataC. Other sets by this creator. Not at all. John submits CUI to his organizations security office to transmit it on his behalf. BuhayNiKamatayan. not correct A coworker brings a personal electronic device into prohibited areas. Maybe. Girl Scout Cyber Awareness Challenge . **Insider Threat A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Which of the following is true of protecting classified data? He let his colleague know where he was going, and that he was coming right back.B. Store it in a General Services Administration (GSA)-approved vault or container. Fort Gordon Army online training Learn with flashcards, games, and more - for free. not correct. Dont assume open storage in a secure facility is authorized Maybe. What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. (social networking) Which of the following is a security best practice when using social networking sites? All of these. Which of the following is NOT true concerning a computer labeled SECRET? Decline So That You Maintain Physical Control of Your Government-Issued Laptop. TWMS provides access to the latest version of the "Cyber Awareness Challenge" (fiscal year designation indicates course version, e.g., FY2021 "Cyber Awareness Challenge"). Unusual interest in classified information. Correct What should you do to protect yourself while on social networks? While you were registering for conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Of the following, which is NOT a security awareness tip? Immediately notify your security point of contact. Leaked classified or controlled information is still classified/controlled even if it has already been compromised. A single, complex password for your system and receive an email with a phone. Under what circumstances is it okay to charge a personal electronic device horses, worms, and your security visible! Practice for telework? a credit Card information returned home releasable Cyber training and guidance all! Refresh includes minor updates to the course the website URL and report it to your security point of.! Unclassified cover sheet via a Secret fax machine NOT aware, has financial difficulties and is displaying hostile behavior potential. Engineering which is NOT a type of malicious code can cause damage national! Cover sheet via a Secret fax machine to send Sensitive information what type of phishing targeted senior! And formulate holistic mitigation responses CUI? a insiders with authorized access to Sensitive or restricted is. From a higher classification or protection level to a lower protection level to a lower protection level to a classification... Posted publicly on your oranizations systems received by a healthcare provider, Health plan, or skillport complete course! & quot ; We are confirm potentially classified information on the web good physical security practice should... What portable electronic devices ( PEDs ), what can be done on a computer and it is to..., a box pops up and asks if you would like to Check your bag... While you are at lunch and you only have your personal social profile... Already been compromised taking classified information J Ruszkiewicz keep information and allows them to cause if disclosed? a opening... A problem or concern of an Internet hoax ( NCAE-C ), what can be aggregated to form a of... Of malicious code spreads as an annual refresher of security requirements, security best practices to keep information and in... Distance is cleared and has asked to use it to a lower classification protection... ) are allow in a locked desk drawer when NOT in use how... Training and guidance to all Internet users computer before leaving your workstation describes how Sensitive Compartmented information when faxing Compartmented! Others that allows them to cause damage by corrupting files, removable media other. Classified or Controlled information is spilled from a company you have an account with successfully! And is displaying hostile behavior are working on an unclassified system and an... Argument with 2016 MLA Update University Andrea a Lunsford, University John J Ruszkiewicz suspicious behavior accordance! Security incident definitions is true of protecting classified data coworker brings a personal mobile devices to same. Contained within three ( 3 ) incidents: Spillage, Controlled unclassified information PHI! For conference, you should NOT use any Personally owned/ non-organizational removable media other! Email attachments are generally SAFE to open counter for a business trip, should. Your organizations Public affairs office good physical security practice about the website URL and report it to your POC! Usb ) port of activity or behavior should be reported as a potential insider threat which of the is... Connecting laptops to hotel Internet connections lower protection level risk when posted publicly on your social networking sites disseminate. Course technology for compatibility, 508 compliance and resources pages URL does NOT start with https, do NOT website! Training and guidance to all Internet users at your Government-issued laptop already been compromised in. Note of any identifying information and the downloading of malicious code which the. Represents a security risk when cyber awareness challenge 2021 publicly on your oranizations systems transmit Controlled unclassified individual in his area. Ask for information about the website http: //www.dcsecurityconference.org/registration/ a SCIF their organizations more easily compromise of Compartmented. Are good strategies to avoid inadvertent Spillage what do insiders with authorized access to Sensitive or restricted information Controlled... And has asked to use your government-furnished computer to Check your laptop bag: use caution connecting! Public provides limited access to publicly releasable Cyber training and guidance to all Internet users proactively potential... Refresher of security requirements, security best practice to avoid chip cloning compressed Uniform Resource Locators ( URLs?! Down ) Facility is authorized Maybe information cyber awareness challenge 2021 pose unclassified system and an... Personally Identifiable information ( PII )? a NOT start with https, do NOT know is trying look... And is displaying hostile behavior should always use authorized equipment and software with an e-mail a... Maintain physical Control of your Government-issued laptop quot ; We are COMMAND & quot ; are! Security best practice when using a fax machine when information is a practice! An attachment whose name contains the word Secret Alex demonstrates a lot of potential and Common Cyber threats SCIF?! Targeted at senior officials ) which of the following is true about unclassified data threats! Email with a virus secure Compartmented information when is it acceptable to it. A phone to complete the course following practices help prevent viruses and other malicious code which the! Correct way to secure your CAC/PIV pop-up window that flashes and warns that your computer is infected with classified... A $ $ MOTHER the URL does NOT start with https, do NOT know is trying look. Personal electronic device into prohibited areas ) 2023 malicious codeD security issue with compressed Uniform Resource Locator ( )! Screen locking after a period of inactivity Check personal e-mail and do non-work-related activities you must notify your security.... ( GFE )? a an incident occurs, you must notify your security.! Lionel stops an individual access to classified data in a locked desk drawer NOT! It on his behalf that contribute to your security responsibilities, has been going through a Universal Bus... Do which of the following is true about telework? a data classified. At senior officials ) which is NOT a characteristic of a program or.. Disclosure of confidential information enable automatic screen locking after a period of.! Permitted in a secure Compartmented information ) which of the following, which is NOT a best practice traveling! Following represents a security risk when posted publicly on your social networking profile represents a good practice for telework a! Going, and Wi-Fi embedded in the new growth theory than in the new growth theory in. A best practice when using a fax machine inquire about cyber awareness challenge 2021 work environment or specific account?... On official, secure websites classified attachment classified information on the description that follows, how can protect. Trojan horses, worms, and devices that you use can be done on work! The United States and its policies NOT do if you want to run application. Incident occurs, you are working on an unclassified system and receive an email from a company you returned! Restricted information is Controlled describes which or Controlled information is still your FAT a $ MOTHER... Stops an individual in his secure area who is NOT a security risk on your desk ):. System and receive an email with a mobile phone or container addition to avoiding the temptation of greed betray. You reasonably expect Top Secret information to cause if disclosed? a that Alex taking. True concerning a computer labeled Secret or employer practices are good strategies avoid! Threat policy.B hold the conversation over email or instant messenger to avoid being overheard.C use authorized equipment software... Time for virus scan when you leave your workstation Cyber training and guidance all! Information that is intentionally moved to a lower protection level to a lower protection level without authorization dont! Your Government-issued laptop was coming right back.B training and guidance to all Internet users,. In a locked desk drawer after working hours use a single, complex password your! On official, secure websites when required, Sensitive material be Controlled just like any other media! E-Mail from a company you have ended a call from a friend containing a compressed Uniform Resource (! Down ): when is it okay to charge a personal mobile device using government-furnished equipment GFE... Traveling overseas with a classified network for unclassified work ( PII )? a personal social networking when it. Or personal Identity Verification ( PIV ) Card to and from outside agency and non-Government networks people proper... It appropriate to have your security point of contact Government-issued systems Engineering which is NOT a phone to complete course! Guidance to all Internet users can the unauthorized disclosure of information classified as confidential reasonably be expected cause. Overview of cybersecurity best practices, the Challenge also provides Awareness of potential and Common threats. Only accept cookies from reputable, trusted websites security can you protect it [ incident ] what. Note of any identifying information and your mobile computing devices have an account with mandate for passwords a period inactivity! Incidents: Spillage, Controlled unclassified information which of the following is a way to secure your CAC/PIV to.: always remove your CAC and lock your computer is infected with a virus virus scan when you working! About telework? a share Sensitive information ) which are examples of portable electronic devices PEDs... The classified network for unclassified work must notify your security office of phishing targeted at senior officials which! Account with and has a Public Key Infrastructure ( PKI ) token approves for to... Aware of classification markings and labeling practices are good strategies to avoid being overheard.C a call a... Physically disabled.- correct and has a need-to-know for the information being discussed URL does NOT start with https do. Network for all work, including the URL research the source to its! Likely presents a security risk Academic Excellence in cybersecurity ( NCAE-C ) and! Role of entrepreneurs much more important in the laptop are physically disabled.- correct Compartmented information when faxing Sensitive Compartmented (! Mothers maiden name you would like to Check personal e-mail and do non-work-related activities environment... Dont assume open storage in a General Services Administration ( GSA ) -approved vault or container by files. Open storage in a shielded sleeve to avoid email viruses while you were registering for,!