which of the following is true about unclassified data which of the following is true about unclassified data

When unclassified data is aggregated, its classification level may rise. Set hasDigit to true if the 3-character passCode contains a digit, Critical, Essential, and Support Functions. All data transfers via the internet are not 100% secure and there might be some security vulnerabilities. **Removable Media in a SCIF What portable electronic devices (PEDs) are allowed in a Sensitive Compartmented Information Facility (SCIF)? Correct. **Classified Data Which of the following is a good practice to protect classified information? Personal information is inadvertently posted at a website. Which of the following should be reported as a potential security incident? Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. All https sites are legitimate. NARA has the authority and responsibility to manage the CUI Program across the Federal government. How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? They provide guidance on reasons for and duration of classification of information. Of the following, which is NOT a method to protect sensitive information? Teams. You receive an email at your official Government email address from an individual at the Office of Personnel Management (OPM). PII includes, but is not limited to, social security numbers, date and places of birth, mothers maiden names, biometric records, and PHI. How many potential insiders threat indicators does this employee display? Use TinyURL's preview feature to investigate where the link leads. *Spillage. Unknown data is categorized by the system; an analyst then reviews the results **Identity management Which of the following is an example of a strong password? The Registry is updated as agencies continue to submit governing authorities that authorize the protection and safeguarding of sensitive information. -Ask them to verify their name and office number Store it in a General Services Administration (GSA)-approved vault or container. A type of phishing targeted at senior officials. The popup asks if you want to run an application. What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? General Services Administration (GSA) approval. **Identity management Which of the following is an example of two-factor authentication? *Social Networking When vacation is over, after you have returned home. Figure 1. (GFE) When can you check personal e-mail on your Government-furnished equipment (GFE)? *Sensitive Information Under what circumstances could classified information be considered a threat to national security? -It never requires classification markings. EPAs CUI Program is responsible for issuing CUI policy, procedures, training, and guidance to program offices and regions, along with providing oversight and reporting on the Agencys progress on meeting NARAs CUI deadlines. (Correct) -It does not affect the safety of Government missions. You receive a call on your work phone and youre asked to participate in a phone survey. Her badge is not visible to you. Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. Have your permissions from your organization, follow your organization guideline, use authorized equipment and software, employ cyber security best practice, perform telework in dedicated when home. Matt Monroe, a 20-year U. S. Air Force veteran and current operations manager at Omnistruct, explains the breakdown, "There are four classified information categories in the military based on the severity of damage that the information's release would cause. What actions should you take prior to leaving the work environment and going to lunch? Malicious code can do the following except? (Spillage) What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? (removable media) If an incident occurs involving removable media in a Sensitive Compartmented Information Facility (SCIF), what action should you take? It is created or received by a healthcare provider, health plan, or employer. *Spillage Which of the following is a good practice to aid in preventing spillage? How many potential insider threat indicators does this employee display? Correct. In which situation below are you permitted to use your PKI token? You have reached the office door to exit your controlled area. CUI is an umbrella term that encompasses many different markings toidentifyinformationthat is not classified but which should be protected. 1.1.3 Insider Threat. Using NIPRNet tokens on systems of higher classification level. Only expressly authorized government-owned PEDs. Write your password down on a device that only you access. *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? However, agency personnel and contractors should first consult their agency's CUI implementing policies and program management for guidance. (Sensitive Information) What must the dissemination of information regarding intelligence sources, methods, or activities follow? Follow procedures for transferring data to and from outside agency and non-Government networks. What should you do? You are logged on to your unclassified computer and just received an encrypted email from a co-worker. Under which circumstances may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? You receive an inquiry from a reporter about potentially classified information on the internet. What are the requirements to be granted access to sensitive compartmented information (SCI)? Others may be able to view your screen. Accepting the default privacy settings. Click the card to flip Flashcards Learn Test Match Created by Jamie_Lancaster Terms in this set (24) CPCON 3 (Medium: Critical, Essential, and Support Functions) They can become an attack vector to other devices on your home network. Which of the following is NOT a type of malicious code? Question. UNCLASSIFIED - CLASSIFICATION MARKINGS FOR TRAINING PURPOSES ONLY Marking in the Electronic Environment Short Student Guide Center for Development of Security Excellence Page 4 UNCLASSIFIED - CLASSIFICATION MARKINGS FOR TRAINING PURPOSES ONLY IM and Chat Instant messages and chats are brief, text-based message exchanges and conversations. (social networking) When is the safest time to post details of your vacation activities on your social networking profile? It does not require markings or distribution controls. **Classified Data What is a good practice to protect classified information? Mobile devices and applications can track your location without your knowledge or consent. **Home Computer Security How can you protect your information when using wireless technology? (Sensitive Information) What guidance is available from marking Sensitive Information information (SCI)? **Social Engineering Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? You must have your organizations permission to telework. correct. Historically, each agency developed its own practices for sensitive unclassified information, resulting in a patchwork of systems across the Executive branch, in which similar information might be defined or labeled differently, or where dissimilar information might share a definition and/or label. You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? Since the URL does not start with https, do not provide your credit card information. Which of the following is NOT Government computer misuse? A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. Which of the following should you NOT do if you find classified information on the internet? 1 Cyber Awareness Challenge 2023 Answers. Correct. (Spillage) Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. Only allow mobile code to run from your organization or your organizations trusted sites. data. Remove your security badge after leaving your controlled area or office building. You must have your organization's permission to telework. b. taking away a toy or treat Store it in a locked desk drawer after working hours. Which of the following is NOT a potential insider threat? **Insider Threat A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)? What should you do? What action should you take? You are leaving the building where you work. CUI was established to standardize the way the Executive branch handles sensitive information that requires dissemination controls. (Travel) Which of the following is a concern when using your Government-issued laptop in public? They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. difficult life circumstances such as substance abuse, divided loyalty or allegiance to the U.S., and extreme, persistent interpersonal difficulties. Its classification level may rise when aggregated. **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? Added 8/5/2020 8:06:16 PM. Setting weekly time for virus scan when you are not on the computer and it is powered off. a. Which of the following is true of transmitting Sensitive Compartmented Information (SCI)? *Sensitive Information What is the best example of Personally Identifiable Information (PII)? Which of the following is NOT a correct way to protect CUI? Changes to various data systems that store and sometimes share sensitive information outside EPA. Is it okay to run it? What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? What should you do? Correct. While it may seem safer, you should NOT use a classified network for unclassified work. CPCON 1 (Very High: Critical Functions) What is a valid response when identity theft occurs? . They broadly describe the overall classification of a program or system. true-statement. When gases are sold they are usually compressed to high pressures. Federal agencies routinely generate, use, store, and share information that, while not classified, still requires some level of protection from unauthorized access and release. How should you protect a printed classified document when it is not in use? Report the crime to local law enforcement. The proper security clearance and indoctrination into the SCI program. What portable electronic devices (PEDs) are permitted in a SCIF? You receive an inquiry from a reporter about government information not cleared for public release. 1).Compared with CK, straw addition treatments (S and SG) significantly (P < 0.01) increased the emission rate and cumulative emission of CO 2 and the cumulative CO 2 . Of the following, which is NOT a security awareness tip? When would be a good time to post your vacation location and dates on your social networking website? What is NOT Personally Identifiable Information (PII)? **Social Networking Which of the following information is a security risk when posted publicly on your social networking profile? Here you can find answers to the DoD Cyber Awareness Challenge. Create separate user accounts with strong individual passwords. Prudence faxes CUI using an Unclassified cover sheet via a Secret fax machine. Which of the following is a clue to recognizing a phishing email? Which of the following is a best practice for handling cookies? What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? Store it in a shielded sleeve to avoid chip cloning. Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. A headset with a microphone through a Universal Serial Bus (USB) port. Executive Order 13556, Controlled Unclassified Information, requires the Executive Branch to establish an open and uniform program for managing [unclassified] information that requires safeguarding or dissemination controls pursuant to and consistent with laws, regulations, and Government-wide policies. The National Archives and Records Administration (NARA) was named the Executive Agent (EA) responsible for overseeing the CUI Program. Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. Government-owned PEDs when expressly authorized by your agency. What is a possible indication of a malicious code attack in progress? (Spillage) What should you do when you are working on an unclassified system and receive an email with a classified attachment? (1) A strategic plan documenting the overall conduct of a war. Even within a secure facility, dont assume open storage is permitted. Refer the reporter to your organizations public affairs office. Which of the following is true of Unclassified Information? A pop-up window that flashes and warns that your computer is infected with a virus. Under What Circumstances Could Unclassified? **Social Engineering What is TRUE of a phishing attack? **Insider Threat Which of the following should be reported as a potential security incident? Correct. Classified material must be appropriately marked. **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? What information most likely presents a security risk on your personal social networking profile? Digitally signed e-mails are more secure. Proactively identify potential threats and formulate holistic mitigation responses. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Follow the steps enlisted below to use WEKA for identifying real values and nominal attributes in the dataset. Briefly describe what you have learned. **Classified Data Which of the following must you do before using and unclassified laptop and peripherals in a collateral environment? UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? Which of the following is true of traveling overseas with a mobile phone. Which of the following is true about unclassified data? How can you protect yourself on social networking sites? In the following situations, determine if the duty describes would be one of the Fed is responsible or is not responsible to enforce. What is a best practice to protect data on your mobile computing device? Linda encrypts all of the sensitive data on her government issued mobile devices. You must have your organization's permission to telework. Debra ensures not correct **Insider Threat What function do Insider Threat Programs aim to fulfill? Log in for more information. Maintain visual or physical control of the device. Which of the following actions can help to protect your identity? What function do Insider Threat Programs aim to fulfill? Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. Correct. Back up your data: This will help you recover your data if it's lost or corrupted. Retrieve classified documents promptly from printers. How can you avoid downloading malicious code? (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. A colleague enjoys playing video games online, regularly use social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited. Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. What describes how Sensitive Compartmented Information is marked? *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. What type of security is part of your responsibility and placed above all else?, If your wireless device is improperly configured someone could gain control of the device? Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. What action should you take? John submits CUI to his organizations security office to transmit it on his behalf. The potential for unauthorized viewing of work-related information displayed on your screen. Which of the following demonstrates proper protection of mobile devices? **Travel Which of the following is true of traveling overseas with a mobile phone? What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. When is the best time to post details of your vacation activities on your social networking website? 5. **Physical Security At which Cyberspace Protection Condition (CPCON) is the priority focus on critical functions only? If aggregated, the classification of the information may not be changed. There is no way to know where the link actually leads. **Classified Data Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? Malicious code can include viruses, worms, and macros. A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. Which of the following is NOT considered a potential insider threat indicator? How do you respond? What should the participants in this conversation involving SCI do differently? What type of attack might this be? Before long she has also purchased shoes from several other websites. You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. 8. Always check to make sure you are using the correct network for the level of data. Search by Subject Or Level. When using a fax machine to send sensitive information, the sender should do which of the following? -It must be released to the public immediately. **Website Use Which of the following statements is true of cookies? Identification, encryption, and digital signature. **Classified Data Which of the following is true of protecting classified data? Adversaries exploit social networking sites to disseminate fake news. What can you do to protect yourself against phishing? Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? New interest in learning another language, Which of the following is a good practice to protect classified information. what should you do? What information should you avoid posting on social networking sites? Which is NOT a method of protecting classified data? Third, the neighbor ground points of an unclassified point are searched from multiple subspaces.