Refer the vendor to the appropriate personnel. You will also be required to provide a longer and more detailed abstract that will remain confidential. When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? Someone calls from an unknown number and says they are from IT and need some information about your computer. **Insider Threat How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? Which may be a security issue with compressed Uniform Resource Locators (URLs)? Appropriate confidentiality agreements will be put in place. Which is NOT a way to protect removable media? Do not download it. Did you earn a Cyber Security Awareness Challenge 2018 Certificate of Completion? Which of the following is an example of malicious code? Decline to let the person in and redirect her to security c. Let the person in but escort her back t her workstation and verify her badge. The long-run aggregate supply curve (LRAS) curve is ______ with a real output level that _____, a) Upward sloping; varies positively with the price level **Social Networking When is the safest time to post details of your vacation activities on your social networking website? Controlled Unclassified Information: (Victim) Select the information on the data sheet that is personally identifiable information (PII) but not protected health information (PHI). Security Classification Guides. Adversaries exploit social networking sites to disseminate fake news. Use only your personal contact information when establishing your account. Damage b. Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. Which method would be the BEST way to send this information? The general policy is to have the contractor furnish the equipment needed. **Insider Threat What type of activity or behavior should be reported as a potential insider threat? How can you avoid downloading malicious code? Illegally downloading copyrighted material - No **Social Engineering What is TRUE of a phishing attack? Organizational Policy Not correct Calculate the margin of safety in terms of the number of units. **Website Use How should you respond to the theft of your identity? In competitions using the ISC and DEFCON 705 you must also state in your proposal if the deliverables are what we call Full Rights or Limited Rights versions. CUI may be stored on any password-protected system. Individuals must avoid referencing derivatively classified reports classified higher than the recipient.??? Which of the following is NOT an example of CUI? Maintain visual or physical control of the device. What should be done to sensitive data on laptops and other mobile computing devices? (Spillage) Which of the following is a good practice to aid in preventing spillage? a. (Malicious Code) Which email attachments are generally SAFE to open? Only use Government-furnished or Government-approved equipment to process PII. HTMO@[)4T@c4RIhj{v As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. stream Any additions will be mutually agreed with you before a contract is awarded. Always check to make sure you are using the correct network for the level of data. Note the websites URL and report the situation to your security point of contact. A type of phishing targeted at high-level personnel such as senior officials. Which of the following information is a security risk when posted publicly on your social networking profile? Based on the description that follows, how many potential insider threat indicator(s) are displayed? Expires: 09/30/2023. (Sensitive Information) What guidance is available from marking Sensitive Information information (SCI)? Beware of sudden flashing pop-ups that warn your computer is infected with a virus. Ensure proper labeling by appropriately marking all classified material. Refer the reporter to your organizations public affairs office. If classified information were released, which classification level would result in Exceptionally grave damage to national security? correct. Always take your CAC when you leave your workstation. Which of the following is true of the Common Access Card (CAC)? The billing and coding information in this article is dependent on the coverage indications, limitations and/or medical necessity described in the associated LCD L35490 Category III Codes with the exception of the following CPT codes: 2021 CPT/HCPCS Annual code update: 0295T, 0296T, 0297T, and 0298T deleted. (Sensitive Information) What must the dissemination of information regarding intelligence sources, methods, or activities follow? 7500 Security Boulevard, Baltimore, MD 21244, Use of Government Furnished Equipment (GFE) During Foreign Travel, An official website of the United States government, Back to Information Security and Privacy Library. You many only transmit SCI via certified mail. Correct. Avoid talking about work outside of the workplace or with people without need-to-know. At all times while in the facility. General Services Administration (GSA) approval. correct. What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? *Spillage A user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. means youve safely connected to the .gov website. When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? Which of the following is NOT a DoD special requirement for tokens? Security updates are ready to install. Sanitized information gathered from personnel records. Use the government email system so you can encrypt the information and open the email on your government issued laptop. endstream endobj 1073 0 obj <>stream (Identity Management) Which of the following is an example of two-factor authentication? Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. What type of social engineering targets particular individuals, groups of people, or organizations? Which of the following does NOT constitute spillage? 1 0 obj remain prohibited. **Website Use Which of the following statements is true of cookies? Which of the following is not Controlled Unclassified Information (CUI)? SPA for subcontractors is permitted only when . *Spillage What is a proper response if spillage occurs? Classified information that should be unclassified and is downgraded. Software that installs itself without the users knowledge, Malicious Code (Damage): How can malicious code cause damage? What should you do? Incident #2 Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. urpnUTGD. Government Furnished Equipment (GFE) - Devices and equipment that are purchased and funded by the NIH for use by NIH staff. Create separate user accounts with strong individual passwords. Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. Mark SCI documents appropriately and use an approved SCI fax machine. It contains certificates for identification, encryption, and digital signature. No. b. You should confirm that a site that wants to store a cookie uses an encrypted link. Program Area: Property and Information Technology. What information posted publicly on your personal social networking profile represents a security risk? endstream endobj startxref We use some essential cookies to make this website work. - Updated ISC Schedule, Innovation Standard Contract Limit of Liability change - new version attached. The website requires a credit card for registration. We reserve the right to add additional contractual conditions if individual circumstances dictate. Exposure to malware. You can change your cookie settings at any time. Dont include personal or financial information like your National Insurance number or credit card details. Which of the following is NOT Protected Health Information (PHI)? Enable automatic screen locking after a period of inactivity. What should you do if someone forgets their access badge (physical access)? They broadly describe the overall classification of a program or system. Not correct. To help us improve GOV.UK, wed like to know more about your visit today. How should you securely transport company information on a removable media? Army OPSEC level 1 (Newcomers & Refresher) 29 terms. Dofficult life circumstances, such as death of spouse. Which of the following is a good practice to prevent spillage. On a computer at the public library to check your DOD email.D. lock How can you protect yourself on social networking sites? What is NOT Personally Identifiable Information (PII)? **Social Networking Which of the following information is a security risk when posted publicly on your social networking profile? **Classified Data Which of the following must you do before using and unclassified laptop and peripherals in a collateral environment? What can be used to track Marias web browsing habits? CUI may be stored on any password-protected system. **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? When using mobile computing devices, including laptops and cell phones, in public: Be careful of information visible on your mobile computing device; consider screen protection Maintain possession of laptop and other government-furnished equipment (GFE) at all times and be extra vigilant in protecting it Protect your mobile computing device **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? Which is NOT a method of protecting classified data? What portable electronic devices (PEDs) are permitted in a SCIF? a. What is a best practice for protecting controlled unclassified information (CUI)? Phishing can be an email with a hyperlink as bait. CUI must be handled using safeguarding or dissemination controls. Which of the following is a good practice to protect classified information? How many potential insiders threat indicators does this employee display? DASA submissions are welcome from the private sector, academia, individuals (i.e. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Request the users full name and phone number. When is the best time to post details of your vacation activities on your social networking website? Others may be able to view your screen. DASA recognises the value of your intellectual property (IP). Which piece of information is safest to include on your social media profile? It refers to property used by a contractor during a DoD government contract. Remove your security badge after leaving your controlled area or office building. Correct. When using your government-issued laptop in public environments, with which of the following should you be concerned? sensitive but unclassified. Found a mistake? Validate friend requests through another source through another source before confirming them. Thats the only way we can improve. Controlled Unclassified Information: (Incident) Which of the following is NOT a correct way to protect CUI? Monitor credit card statements for unauthorized purchases, Thumb drives, memory sticks, and flash drives are examples of. What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF? Which of the following is an example of two-factor authentication? It is permissible to release unclassified information to the public prior to being cleared. You have accepted additional cookies. **Mobile Devices What should you do when going through an airport security checkpoint with a Government-issued mobile device? a. Social Networking: Select all sections of the profile that contain an issue. We expect our suppliers to maintain the highest standards of integrity and professionalism in their business dealings and adhere to the laws of the countries where they operate. Nothing. **Classified Data What is required for an individual to access classified data? Birthday - Friends Only Which of the following is NOT a good way to protect your identity? An official website of the United States government *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? We wont pre-fund any expenditure, so interim payment claims mustnt include costs not yet incurred. Is this safe? CPCON 3 (Medium: Critical, Essential, and Support Functions) DOD CYBER AWARENESS. Contracting officers shall provide property to contractors only when it is clearly demonstrated: That the overall benefit to the acquisition significantly outweighs the increased cost of administration, including ultimate property disposal; That providing the property does not substantially increase the Governments assumption of risk; and. Sensitive Compartmented Information (Incident #3): What should the participants in this conversation involving SCI do differently? Memory sticks, flash drives, or external hard drives. Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? If authorized, what can be done on a work computer? \text{Income statement accounts:}&&&\\ As detailed in the ISC, you must mark your deliverables in accordance with the document marking scheme detailed therein. <> After you have returned home following the vacation. Report the crime to local law enforcement. d. All of these. Further guidance included in "What DASA does not fund" section. Download the information. What should you consider when using a wireless keyboard with your home computer? Do not access website links in e-mail messages. b. Download the information. Government-owned PEDs when expressly authorized by your agency. Do not access website links in e-mail messages. A total of 200 units were produced in Job 413. endstream endobj 1074 0 obj <>stream (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? Depending on the specifics of any proposed change of use, including any building work . Access to and use of the information of this website is at the user's risk. GU,}+ Lock your device screen when not in use and require a password to reactivate. Use the classified network for all work, including unclassified work. Which is a best practice for protecting Controlled Unclassified Information (CUI)? Malicious Code (Spread): How can you avoid downloading malicious code: a. What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? Use personally-owned wired headsets and microphones only in designated areas, New interest in learning a foreign language. A headset with a microphone through a Universal Serial Bus (USB) port. Malicious code can do the following except? Note any identifying information and the websites Uniform Resource Locator (URL). Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. Since the URL does not start with https, do not provide you credit card information. They can become an attack vector to other devices on your home network. You receive an email from a company you have an account with. endstream endobj 1069 0 obj <>/Metadata 18 0 R/Pages 1066 0 R/StructTreeRoot 22 0 R/Type/Catalog/ViewerPreferences 1083 0 R>> endobj 1070 0 obj <>/MediaBox[0 0 842.04 595.32]/Parent 1066 0 R/Resources<>/Font<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI]>>/Rotate 0/StructParents 0/Tabs/S/Type/Page>> endobj 1071 0 obj <>stream Compute The Average Kids Per Family. Then select Submit. Which of the following is a good practice to prevent spillage? Retrieve classified documents promptly from printers. Which of the following is a good practice to protect classified information? On a system of a higher classification level, such as the Secret Internet Protocol Router Network (SIPRNet), On a NIPRNet system while using it for a PKI-required task, What guidance is available for marking Sensitive Compartmented Information (SCI)?A. Maybe Avoid talking about work outside of the workplace or with people without a need-to-know, Report the suspicious behavior in accordance with their organization's insider threat policy. (Malicious Code) What is a common indicator of a phishing attempt? NOT permitted uses of government-furnished equip (GFE) -viewing or downloading pornography -conducting a private gambling online -using unauthorized software -illegal downloading copyrighted materials -making unauthorized configuration changes When is it okay to charge a personal mobile device using government-furnished equipment (GFE)