Which of the following does not constitute spillage. Search for an answer or ask Weegy. Which of the following is NOT an appropriate way to protect against inadvertent spillage? Correct. Infographic - Text version Infographic [PDF - 594 KB] Report a problem or mistake on this page Date modified: 2020-12-14 Use the classified network for all work, including unclassified work. (Home computer) Which of the following is best practice for securing your home computer? Refer the reporter to your organizations public affairs office. You receive an inquiry from a reporter about potentially classified information on the internet. It is not corporate intellectual property unless created for or included in requirements related to a government contract. You must have your organizations permission to telework. Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? Which is an untrue statement about unclassified data? You are leaving the building where you work. Which of the following demonstrates proper protection of mobile devices? Never allow sensitive data on non-Government-issued mobile devices. Bob, a coworker, has been going through a divorce, has financial difficulties and is displaying hostile behavior. In setting up your personal social networking service account, what email address should you use? Asked 8/5/2020 6:29:36 PM. What should Sara do when publicly available Internet, such as hotel Wi-Fi? When your vacation is over, and you have returned home. All data transfers via the internet are not 100% secure and there might be some security vulnerabilities. Changes to various data systems that store and sometimes share sensitive information outside EPA. Use the government email system so you can encrypt the information and open the email on your government issued laptop. internet-quiz. Decline to let the person in and redirect her to security. 8. ?Access requires Top Secret clearance and indoctrination into SCI program.??? Which type of information includes personal, payroll, medical, and operational information? Prudence faxes CUI using an Unclassified cover sheet via a Secret fax machine. a. Of the following, which is NOT a method to protect sensitive information? What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? Only paper documents that are in open storage need to be marked. While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. (Spillage) What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? What Are Some Examples Of Malicious Code Cyber Awareness? (Malicious Code) What are some examples of malicious code? 1.1.1 Spillage. Which is an untrue statement about unclassified data? Which of the following makes Alexs personal information vulnerable to attacks by identity thieves? Classified DVD distribution should be controlled just like any other classified media. Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, CITI Ethics, Responsible Conduct, RCR, Law, HTH And IRB Answers, EVERFI Achieve Consumer Financial Education Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Google Analytics Individual Qualification Exam Answers, Everfi Module 4 Credit Scores Quiz Answers, Which Of The Following Is Not Considered A Potential Insider Threat Indicator. Correct. EPA anticipates beginning CUI practices (designating, marking, safeguarding, disseminating, destroying, and decontrolling) starting in FY2023. THIS IS THE BEST ANSWER . When traveling or working away from your main location, what steps should you take to protect your devices and data? CUI is not classified information. A program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. Contact the IRS using their publicly available, official contact information. *Sensitive Compartmented Information What should the owner of this printed SCI do differently? **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? not correct How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Which of the following is true of protecting classified data? Not correct. Do not access website links in e-mail messages. Which of the following may help to prevent inadvertent spillage? Use a single, complex password for your system and application logons. All to Friends Only. *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. -Its classification level may rise when aggregated. Note any identifying information and the websites URL. Attempting to access sensitive information without need-to-know. What should be done to protect against insider threats? What should you do? Do not access website links, buttons, or graphics in e-mail. Select the information on the data sheet that is personally identifiable information (PII). **Insider Threat What type of activity or behavior should be reported as a potential insider threat? How many potential insider threat indicators does this employee display? (GFE) When can you check personal e-mail on your Government-furnished equipment (GFE)? As a security best practice, what should you do before exiting? Directing you to a website that looks real. What should you do? NARA has the authority and responsibility to manage the CUI Program across the Federal government. How can you protect your organization on social networking sites? *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. *Spillage What should you do when you are working on an unclassified system and receive an email with a classified attachment? You receive an unexpected email from a friend: "I think you'll like this: (URL)" What action should you take? If authorized, what can be done on a work computer? How many potential insiders threat indicators does this employee display? Matt Monroe, a 20-year U. S. Air Force veteran and current operations manager at Omnistruct, explains the breakdown, "There are four classified information categories in the military based on the severity of damage that the information's release would cause. If you participate in or condone it at any time. Which of the following individuals can access classified data? Based on the description that follows, how many potential insider threat indicator(s) are displayed? When vacation is over, after you have returned home. *Malicious Code After visiting a website on your Government device, a popup appears on your screen. What is the danger of using public Wi-Fi connections? -Classified information that should be unclassified and is downgraded. The age of the driver may top the list of variables. -Ask them to verify their name and office number **Insider Threat What function do Insider Threat Programs aim to fulfill? Which of the following does NOT constitute spillage? UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. Sensitive information may be stored on any password-protected system. Executive Order 13556, Controlled Unclassified Information, requires the Executive Branch to establish an open and uniform program for managing [unclassified] information that requires safeguarding or dissemination controls pursuant to and consistent with laws, regulations, and Government-wide policies. The National Archives and Records Administration (NARA) was named the Executive Agent (EA) responsible for overseeing the CUI Program. This bag contains your government-issued laptop. CPCON 2 (High: Critical and Essential Functions) Which is NOT a method of protecting classified data? They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. They can be part of a distributed denial-of-service (DDoS) attack. Which of the following is not considered an example of data hiding? What action should you take? Which of the following is NOT a good way to protect your identity? which of the following is true about unclassified data. Since the URL does not start with https, do not provide you credit card information. Store it in a shielded sleeve to avoid chip cloning. **Travel What is a best practice while traveling with mobile computing devices? **Social Engineering Which of the following is a way to protect against social engineering? You know this project is classified. Security Classification Guides (SCGs).??? Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. what should you do? Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. After clicking on a link on a website, a box pops up and asks if you want to run an application. What is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? *Insider Threat Which of the following is a potential insider threat indicator? You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? Press release data. Learn more about Teams A coworker has asked if you want to download a programmer's game to play at work. **Website Use Which of the following statements is true of cookies? Immediately notify your security point of contact. Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? The potential for unauthorized viewing of work-related information displayed on your screen. **Social Networking Your cousin posted a link to an article with an incendiary headline on social media. Teams. What is considered ethical use of the Government email system? (Spillage) What should you do if a reporter asks you about potentially classified information on the web? There is no way to know where the link actually leads. -TRUE The use of webmail is -is only allowed if the organization permits it Using webmail may bypass built in security features. (social networking) When is the safest time to post details of your vacation activities on your social networking profile? Note the websites URL and report the situation to your security point of contact. How should you respond? A coworker uses a personal electronic device in a secure area where their use is prohibited. #2) Select the "Pre-Process" tab. Looking at your MOTHER, and screaming THERE SHE BLOWS! Which of the following best describes the sources that contribute to your online identity. When gases are sold they are usually compressed to high pressures. d. How do the size and shape of a human epithelial cell differ from those of the Elodea and onion cells that you examined earlier? Amendments to a variety of policy documents as well as others referencing Confidential Business Information (CBI) submissions or handling, Changes to paper and e-forms and instructions for their submission to EPA. Correct. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. What is best practice while traveling with mobile computing devices? **Mobile Devices Which of the following helps protect data on your personal mobile devices? Note the websites URL and report the situation to your security point of contact. Leaked classified or controlled information is still classified/controlled even if it has already been compromised. (Malicious Code) What is a common indicator of a phishing attempt? Which of the following is NOT a correct way to protect sensitive information? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Store it in a GSA approved vault or container. By Quizzma Team / Technology. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. A Coworker has asked if you want to download a programmers game to play at work. Thiswill enabletimely and consistent informationsharing andincreasetransparency throughout the Federal government and with non-Federal stakeholders. A type of phishing targeted at senior officials. A colleague often makes others uneasy with her persistent efforts to obtain information about classified project where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. **Travel Which of the following is true of traveling overseas with a mobile phone? Which of the following is NOT a DoD special requirement for tokens? A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. As long as the document is cleared for public release, you may share it outside of DoD. A colleague asks to leave a report containing protected health information (PHI) on his desk overnight so he can continue working on it the next day. e. Why do Elodea and onion cells have more consistent shapes than human epithelial cells? Let us have a look at your work and suggest how to improve it! Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Select the information on the data sheet that is protected health information (PHI). Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. That trust is bounded by the Oath of Office we took willingly. Badges must be visible and displayed above the waist at all times when in the facility. You receive a call on your work phone and youre asked to participate in a phone survey. An investment in knowledge pays the best interest.. **Identity management Which is NOT a sufficient way to protect your identity? In addition to offering an overview of cybersecurity best practices, the challenge also provides awareness of potential and common cyber threats. What should you do? Report the suspicious behavior in accordance with their organizations insider threat policy. Which of the following is a good practice to prevent spillage? Who is responsible for information/data security? Which of the following is true about telework? Malicious code can mask itself as a harmless e-mail attachment, downloadable file, or website. Unclassified documents do not need to be marked as a SCIF. Which of the following is NOT Government computer misuse? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? **Social Engineering Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Maybe. Alex demonstrates a lot of potential insider threat indicators. There are no choices provides which make it hard to pick the untrue statement about unclassified data. Which of the following is not considered a potential insider threat indicator? Telework is only authorized for unclassified and confidential information. asked in Internet by voice (265k points) internet. What should you do if someone forgets their access badge (physical access)? Setting weekly time for virus scan when you are not on the computer and it is powered off. What information posted publicly on your personal social networking profile represents a security risk? Which of the following is true about telework? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. How are Trojan horses, worms, and malicious scripts spread? A. Which of the following is true of Protected Health Information (PHI)? Request the users full name and phone number. Figure 1. Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? The EPA will phase out legacy markings and safeguarding practices as implementation proceeds. Which of the following is an example of removable media? **Removable Media in a SCIF What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? **Social Networking As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? Using NIPRNet tokens on systems of higher classification level. **Insider Threat What do insiders with authorized access to information or information systems pose? All https sites are legitimate and there is no risk to entering your personal info online. (Malicious Code) Which are examples of portable electronic devices (PEDs)? *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. 1.1.3 Insider Threat. Write your password down on a device that only you access. On September 14, 2016, NARA issued a final rule amending 32 CFR Part 2002 to establish a uniform policy for all Federal agencies and prescribe Government-wide program implementation standards, including designating, safeguarding, disseminating, marking, decontrolling, and disposing of CUI; self-inspection and oversight requirements; and other facets of the CUI Program. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Mobile devices and applications can track your location without your knowledge or consent. Correct. What should the owner of this printed SCI do differently? After you have returned home following the vacation. (social networking) Which of the following is a security best practice when using social networking sites? New answers. When can you check personal email on your government furnished equipment? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. Which of the following practices reduces the chance of becoming a target by adversaries seeking insider information? What should be your response? b. taking away a toy or treat As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. Information should be secured in a cabinet or container while not in use. What is the best course of action? Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. PII includes, but is not limited to, social security numbers, date and places of birth, mothers maiden names, biometric records, and PHI. When classified data is not in use, how can you protect it? The following table lists the number of drivers in the United States, the number of fatal accidents, and the number of total accidents in each age group in 2002. Which of the following is NOT a best practice to protect data on your mobile computing device? **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? *Spillage .What should you do if a reporter asks you about potentially classified information on the web? You receive an email at your official Government email address from an individual at the Office of Personnel Management (OPM). What type of social engineering targets senior officials? How do you respond? Found a mistake? Should you always label your removable media? Store classified data appropriately in a GSA-approved vault/container when not in use. If you participate in or condone it at any time. tell your colleague that it needs to be secured in a cabinet or container. Correct Which of the following is true of the Common Access Card (CAC)? A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. A coworker removes sensitive information without approval. Attempting to access sensitive information without need-to-know, Avoid talking about work outside of the workplace or with people without a need-to-know, Report the suspicious behavior in accordance with their organizations insider threat policy. When your vacation is over, after you have returned home. You receive an inquiry from a reporter about government information not cleared for public release. Which of the following is a potential insider threat indicator? **Classified Data When classified data is not in use, how can you protect it? correct. Briefly describe what you have learned. Lionel stops an individual in his secure area who is not wearing a badge. What should be your response? With WEKA users, you can access WEKA sample files. (Spillage) What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? "Unclassified" or a lack of security marking denotes non-sensitive information. Classified data: (Scene) Which of the following is true about telework? Social Security Number, date and place of birth, mothers maiden name. *Controlled Unclassified Information Which of the following is NOT an example of CUI? What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? Controlled Unclassified Information (CUI) is informationthat requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies, but is not classified under Executive Order 13526 "Classified National Security Informat What are examples of CUI? what should be your response be? Even within a secure facility, dont assume open storage is permitted. NARA has the authority and responsibility to manage the CUI Program across the Federal government. What should you do? -It never requires classification markings. Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. You should only accept cookies from reputable, trusted websites. What can be used to track Marias web browsing habits? Access requires a formal need-to-know determination issued by the Director of National Intelligence.? As a security best practice, what should you do before exiting? *Spillage You find information that you know to be classified on the Internet. NARAissuespolicy directives and publishesan annualreportto the President of the United Stateson the status of agency CUI Program implementation in accordance with Executive Order 13556, Controlled Unclassified Information. When unclassified data is aggregated, its classification level may rise. Immediately notify your security point of contact. Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. You may use your personal computer as long as it is in a secure area in your home b. (Spillage) What type of activity or behavior should be reported as a potential insider threat? What does Personally Identifiable information (PII) include? Preventing an authorized reader of an object from deleting that object B. (Mobile Devices) Which of the following statements is true? Which of the following is NOT one? Always take your CAC when you leave your workstation. correct. not correct. (Malicious Code) While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Exceptionally grave damage. Delete email from senders you do not know. *Malicious Code What are some examples of malicious code? When operationally necessary, owned by your organization, and approved by the appropriate authority. Updated 8/5/2020 8:06:16 PM. What should you do if someone asks to use your government issued mobile device (phone/laptop..etc)? What type of data must be handled and stored properly based on classification markings and handling caveats? What is the best response if you find classified government data on the internet? Validate all friend requests through another source before confirming them. Media containing Privacy Act information, PII, and PHI is not required to be labeled. Which of the following is NOT a home security best practice? A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. Which of the following is an example of Protected Health Information (PHI)? Information improperly moved from a higher protection level to a lower protection level. Your comments are due on Monday. When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. correct. Following instructions from verified personnel. Organizational Policy Not correct Connect to the Government Virtual Private Network (VPN).?? Which of the following is true of downloading apps? which of the following is true about unclassified Courses 442 View detail Preview site The email has an attachment whose name contains the word secret. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. (Malicious Code) Which email attachments are generally SAFE to open? Which of the following is NOT an example of Personally Identifiable Information (PII)? What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. Unclassified information is a threat to national security. How should you securely transport company information on a removable media? Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? Correct. Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical functions only? not correct The website requires a credit card for registration. correct. A type of phishing targeted at high-level personnel such as senior officials. Use only personal contact information when establishing your personal account. You are having lunch at a local restaurant outside the installation, and you find a cd labeled favorite song. 1.1.5 Controlled Unclassified Information. Of the following, which is NOT an intelligence community mandate for passwords? If you receive a phone call from a stranger asking for information about your invoice payment process, you should: Crucial information about a user or organization can be gained through. *Sensitive Information What is the best example of Personally Identifiable Information (PII)? correct. **Classified Data Which classification level is given to information that could reasonably be expected to cause serious damage to national security? Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. A measure of how much useful work each unit of input energy provides. Of the following, which is NOT a problem or concern of an Internet hoax? Retrieve classified documents promptly from printers. It never requires classification markings, is true about unclassified data. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Correct. Which of the following is true of telework? How do you think antihistamines might work? (Travel) Which of the following is a concern when using your Government-issued laptop in public? Which of the following is NOT true of traveling overseas with a mobile phone? They may be used to mask malicious intent. Click the card to flip Flashcards Learn Test Match Created by Jamie_Lancaster Terms in this set (24) Which of the following is a reportable insider threat activity? What action should you take? Cyber Awareness 2022. **Social Networking Which of the following information is a security risk when posted publicly on your social networking profile? At all times while in the facility. Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Which of the following is true about unclassified data? A passenger in the Land Rover Freelander that T-boned the hatchback said the BMW had been driven out of the unclassified road towards Shipton-under-Wychwood 'like a bat out of hell' - giving . **Home Computer Security What should you consider when using a wireless keyboard with your home computer?