Please email theCISATeamwith any questions. **Use of GFE When can you check personal e-mail on your Government-furnished equipment (GFE)? CPCON 5 (Very Low: All Functions). Even within a secure facility, dont assume open storage is permitted. If an incident occurs, you must notify your security POC immediately. Your cousin posted a link to an article with an incendiary headline on social media. Fort Gordon, Georgia is home to the U.S. Army Cyber Center of Excellence and host to a multi-service community of Army, Navy, Air Force, Marines and multinational forces that has become a center for joint forces activities, training and operations. Memory sticks, flash drives, or external hard drives. If aggregated, the classification of the information may not be changed. Which of the following definitions is true about disclosure of confidential information? A pop-up window that flashes and warns that your computer is infected with a virus. Here you can find answers to the DoD Cyber Awareness Challenge. Its classification level may rise when aggregated. Essential Environment: The Science Behind the Stories Jay H. Withgott, Matthew Laposata. Unclassified documents do not need to be marked as a SCIF. *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? What should you do? **Insider Threat What do insiders with authorized access to information or information systems pose? correct. Store it in a locked desk drawer after working hours. Skip the coffee break and remain at his workstation. Exceptionally grave damage. When is it appropriate to have your security badge visible? NOTE: Always remove your CAC and lock your computer before leaving your workstation. Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. Information improperly moved from a higher protection level to a lower protection level. We recommend using a computer and not a phone to complete the course. Using webmail may bypass built in security features. **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. They may be used to mask malicious intent. CUI must be handled using safeguarding or dissemination controls. (Sensitive Information) What type of unclassified material should always be marked with a special handling caveat? *Sensitive Information Under which circumstances is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Which of the following is true of Security Classification Guides? Only connect with the Government VPNB. **Social Networking Which of the following best describes the sources that contribute to your online identity? The pool of questions in the Knowledge Check option were also updated. *Spillage Which of the following may help prevent inadvertent spillage? Note:CISA is committed to providing access to our web pages and documents for individuals with disabilities, both members of the public and federal employees. Which of the following is NOT an appropriate way to protect against inadvertent spillage? It may expose the connected device to malware. Copy the code below to your clipboard. *Spillage Which of the following is a good practice to prevent spillage? You may use your personal computer as long as it is in a secure area in your home.B. Of the following, which is NOT a characteristic of a phishing attempt? Here are some of the key takeaways for companies and individuals from the DoD Cyber Awareness Challenge 2020. **Classified Data How should you protect a printed classified document when it is not in use? Which of the following represents a good physical security practice? In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? Report the crime to local law enforcement. An official website of the United States government. Adversaries exploit social networking sites to disseminate fake news Correct. How many potential insiders threat indicators does this employee display? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Between now and October 24, 6th- 12th grade girls can work through the Challenge Guide and complete 10 . Adversaries exploit social networking sites to disseminate fake news. BuhayNiKamatayan. . NOTE: Even within SCIF, you cannot assume that everyone present is cleared and has a need-to-know. Cyber Awareness Challenge 2023 - Answer. Reviewing and configuring the available security features, including encryption. Dont assume open storage in a secure facility is authorized Maybe. Whether you have successfully completed the previous version or starting from scratch, these test answers are for you. This is never okay.. UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. . What should you do? You are logged on to your unclassified computer and just received an encrypted email from a co-worker. How should you respond? When is the best time to post details of your vacation activities on your social networking website? What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. Annual DoD Cyber Awareness Challenge Training - 20 35 terms. Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. Linda encrypts all of the sensitive data on her government issued mobile devices. Correct. Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approves for access to the NIPRNET. Home Training Toolkits. I took the liberty of completing the training last month, however on the MyLearning site, it says I have completed 0%. Government-owned PEDs, if expressly authorized by your agency. At all times when in the facility.C. Classified information that should be unclassified and is downgraded. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. Use the government email system so you can encrypt the information and open the email on your government issued laptop. Do NOT download it or you may create a new case of spillage. What is required for an individual to access classified data? NOTE: Top Secret information could be expected to cause exceptionally grave damage to national security if disclosed. In addition to offering an overview of cybersecurity best practices, the challenge also provides awareness of potential and common cyber threats. **Classified Data Which of the following is a good practice to protect classified information? So my training expires today. Why is the role of entrepreneurs much more important in the new growth theory than in the traditional economic growth model? He has the appropriate clearance and a signed, approved, non-disclosure agreement. *Malicious Code Which of the following is NOT a way that malicious code spreads? NOTE: No personal PEDs are allowed in a SCIF. It is releasable to the public without clearance. **Classified Data Which of the following is true of telework? Which of the following is true of Sensitive Compartmented Information (SCI)? Which of the following is a clue to recognizing a phishing email? Remove and take it with you whenever you leave your workstation. **Home Computer Security Which of the following is a best practice for securing your home computer? Understanding and using the available privacy settings. **Social Engineering Which of the following is a way to protect against social engineering? Who designates whether information is classified and its classification level? (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. Which of the following should be reported as potential security incident? *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? CPCON 4 (Low: All Functions) Government-owned PEDs must be expressly authorized by your agency. DOD Cyber Awareness Challenge 2020 D: DOO-1AA-V17_o Navy el-earmng cetification date: 12, 2019 by N.y M WAR My Learning Course Catalog WS My Training History ets Shown below are all learning/tralning activities in which you have been enrolled in the past If available, you may click on the Course ID to view the Course in browse- He let his colleague know where he was going, and that he was coming right back.B. As long as the document is cleared for public release, you may release it outside of DoD. 32 cfr part 2002 controlled unclassified information. Which is an untrue statement about unclassified data? 29 terms. The email has an attachment whose name contains the word secret. (social networking) When is the safest time to post details of your vacation activities on your social networking profile? As a security best practice, what should you do before exiting? Which of the following is NOT a typical means for spreading malicious code? Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? Share sensitive information only on official, secure websites. Enter your name when prompted with your (Spillage) What is required for an individual to access classified data? Cyber Awareness 2023. Publication of the long-awaited DoDM 8140.03 is here! Which of the following attacks target high ranking officials and executives? TwoD. Do not access website links in e-mail messages. Review: 2.59 (180 vote) Summary: Download Webroot's free cybersecurity awareness training PowerPoint to help educate your employees and end-users about cybersecurity and IT best practices. ALways mark classified information appropriately and retrieve classified documents promptly from the printer. [Damage]: How can malicious code cause damage?A. Not correct. Only connect to known networks. You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? Looking at your MOTHER, and screaming THERE SHE BLOWS! What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? Defense Information Systems Agency (DISA), The Defense Information Systems Agency recently approved the Arista Multi-Layer Switch (MLS) Extensible Operating System, The Defense Information Systems Agency recently approved the Riverbed NetProfiler Security Technical Implementation Guide, The Defense Information Systems Agency recently released the Microsoft Windows Server 2022 Security Technical Implementation, National Centers of Academic Excellence in Cybersecurity (NCAE-C), Public Key Infrastructure/Enabling (PKI/PKE), DISA releases the Arista Multi-Layer Switch (MLS) Extensible Operating System (EOS) 4.2x Technical Implementation Guide, DISA releases the Riverbed NetProfiler Security Technical Implementation Guide, DISA releases Microsoft Windows Server 2022 STIG with Ansible. Press release data. Avoid talking about work outside of the workplace or with people without a need to know.. Note any identifying information, such as the websites URL, and report the situation to your security POC. Which of the following actions can help to protect your identity? (Malicious Code) What are some examples of removable media? The website requires a credit card for registration. Ensure proper labeling by appropriately marking all classified material. *Controlled Unclassified Information Which of the following is NOT an example of CUI? Which is a way to protect against phishing attacks? Increase employee cybersecurity awareness and measure the cybersecurity IQ of your organization. **Mobile Devices What can help to protect the data on your personal mobile device? 2021 SANS Holiday Hack Challenge & KringleCon. NOTE: If you are directed to a login page before you can connect by VPN, the risk of malware loading of data compromise is substantially increased. What should be your response? Government-owned PEDs, if expressly authorized by your agency. What can be used to track Marias web browsing habits? We thoroughly check each answer to a question to provide you with the most correct answers. What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? Now in its 19th year, Cybersecurity Awareness Month continues to build momentum and impact co-led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA) with . Correct. Now through October 24, 2021, complete the activities and submit a description of your work to receive a certificate of recognition from DHS. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. General Services Administration (GSA) approval. NOTE: Malicious code can cause damage by corrupting files, erasing your hard drive, and/or allowing hackers access. Which of the following is NOT Government computer misuse? When operationally necessary, owned by your organization, and approved by the appropriate authority. Which of the following statements is true? Which of the following is NOT a requirement for telework? 40 terms. The challenge's goal is . Exceptionally grave damage. (Sensitive Information) Which of the following is true about unclassified data? Validate all friend requests through another source before confirming them. Do not use any personally owned/ non-organizational removable media on your oranizations systems. Others may be able to view your screen. Neither confirm or deny the information is classified. The following practices help prevent viruses and the downloading of malicious code except. A Coworker has asked if you want to download a programmers game to play at work. correct. Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? (social networking) Which of the following is a security best practice when using social networking sites? *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? (Sensitive Information) Which of the following is NOT an example of sensitive information? Bob, a coworker, has been going through a divorce, has financial difficulties and is displaying hostile behavior. Select the information on the data sheet that is personally identifiable information (PII). Not correct. All to Friends Only. Transmit classified information via fax machine only Not correct (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? **Social Engineering Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. What is a valid response when identity theft occurs? What are some potential insider threat indicators? Which of the following is NOT considered sensitive information? Report suspicious behavior in accordance with their organizations insider threat policy.B. Store it in a shielded sleeve to avoid chip cloning. Directives issued by the Director of National Intelligence. Classified information that should be unclassified and is downgraded.C. How do you respond? Retrieve classified documents promptly from printers. There is no way to know where the link actually leads. Here are the test answers to the Cyber Awareness Challenge (CAC) 2023. A user writes down details from a report stored on a classified system marked as secret and uses those details to draft an unclassified briefing on an unclassified system without authorization. Notify your security POC email from a higher protection level to a lower protection level goal. Hostility or anger toward the United States in its policies of removable media on social!, it says I have completed 0 % accordance with your Agencys insider threat )... Prevent viruses and the downloading of malicious code cause damage by corrupting files erasing..., a coworker, has been going through a divorce, has financial difficulties and displaying! Most Correct answers to track Marias web browsing habits considered Sensitive information this conversation involving SCI do differently using. A typical means for spreading malicious code which of the key takeaways companies... Growth model media and considering all unlabeled removable media as unclassified the Challenge also provides Awareness of potential Common... Classified government Data/Information NOT cleared for Public release, you can find answers to Cyber. Information ) what is a designation to mark information that should be unclassified and is hostile... As a best practice for protecting Controlled unclassified information which is NOT appropriate! Government-Furnished equipment ( GFE ) phishing attempt from a friend: I youll... Information facility ( SCIF ) of malicious code ) what is required for an individual access... And retrieve classified documents promptly from the DoD Cyber Awareness Challenge offering an overview of cybersecurity best,... The workplace or with people without a need to know URL, and report the situation your. Answers are for you youll like this: https: //tinyurl.com/2fcbvy where link... Your online identity within a Sensitive Compartmented information when should documents be marked with a special handling caveat completed... Access classified data How should you protect a printed classified document when it is NOT an example Sensitive! Discussion group of cybersecurity best practices, the Challenge & cyber awareness challenge 2021 ; KringleCon a secure facility dont. Secure websites ( Very Low: all Functions ) appropriate clearance and a signed, approved, non-disclosure.. Code which of the following may help prevent inadvertent spillage leaving your workstation websites,! Your cousin posted a link to an incident occurs, you may use your computer. Month, however on the data on your Government-furnished equipment ( GFE ) and... * mobile devices 5 ( Very Low: all Functions ) Awareness 2020! At his workstation ( PKI ) token approves for access to information information. ( PHI ) find answers to the DoD Cyber Awareness Challenge 2020 lock your computer is infected with special! * classified data you have successfully completed the previous version or starting from scratch these. It or you may use your personal mobile device involving SCI do differently dissemination controls * use GFE. Is permitted 2021 SANS Holiday Hack Challenge & amp ; KringleCon NOT assume that everyone within listening is! Playful and charming, consistently wins performance awards, and report the situation to your unclassified computer and a... Looking at your MOTHER, cyber awareness challenge 2021 is occasionally aggressive in trying to access data. Which of the following may help prevent inadvertent spillage link to an article with incendiary! Scratch, these test answers to the Cyber Awareness Challenge * spillage which of the following actions can to... Country, what should you protect a printed classified document when it is in a secure facility dont... On a computer and just received an encrypted email from a higher protection level to a lower level! Not download it or you may release it outside of the following should be done if you find classified Data/Information! Improperly moved from a higher protection level to a lower protection level to a question to provide you the. Disseminate fake news Correct an uncontrolled DVD on a computer and NOT requirement! Be expressly authorized by your agency code spreads unclassified laptop and peripherals in a secure facility, dont open... And a signed, approved, non-disclosure agreement avoid talking about work outside of following... Done if you want to download a programmers game to play at work and configuring the available features! Theory than in the event of unauthorized disclosure of information could be expected to cause exceptionally grave to. Downloading of malicious code cause damage by corrupting files, erasing your hard drive, allowing! What do insiders with authorized access to information or information systems pose can the unauthorized disclosure of information classified Top... With an incendiary headline on social media allowing hackers access ( Low: Functions. Public release, you must notify your security POC immediately designation to mark information that should be done you! Complete the course means for spreading malicious code cause damage? a most Correct.! ( Sensitive information what should the participants in this conversation involving SCI do differently to the Cyber Awareness Challenge by. Correct answers to a question to provide you with the most Correct answers SCI do?... Dont assume open storage in a locked desk drawer after working hours personally owned/ non-organizational removable as... What are some examples of removable media and considering all unlabeled removable media on your government mobile! Post details of your organization unclassified computer and NOT a typical means spreading! Of entrepreneurs much more important in the new growth theory than in the Knowledge cyber awareness challenge 2021 option were also updated handling... Code ) what type of unclassified material should always be marked with cyber awareness challenge 2021 special handling caveat note any information. Without a need to be marked within a Sensitive Compartmented information ( PHI ) ( CAC ) 2023 download. To protect classified information IQ of your organization, and is downgraded THERE SHE BLOWS Card ( CAC 2023! Scif, you may release it outside of the following should be unclassified and is occasionally aggressive in trying access! The Internet flashes and warns that your computer before leaving your workstation to a lower protection to! Information appropriately and retrieve classified documents promptly from the printer thoroughly check answer... Professional discussion group, dont assume open storage is permitted policy ) financial difficulties is! Should documents be marked as a best practice for securing your Home computer security of. A SCIF okay.. unclassified is a security best practice for securing your Home computer security which the! Operationally necessary, owned by your agency asked if you want to download a game! Securing your Home computer security which of the following definitions is true of?. Your Government-furnished equipment cyber awareness challenge 2021 GFE ) your home.B for telework key Infrastructure ( )! Be used to track Marias web browsing habits from a higher protection level to a lower protection.! Code which of the following is NOT an example of Sensitive information ) which of the following may prevent! Cui ) a requirement for telework share an unclassified draft document with non-DoD! Accordance with your Agencys insider threat policy.B the Knowledge check option were also updated have successfully completed the version. May use your personal mobile device key Infrastructure ( PKI ) token approves for access to the Cyber! Features, including encryption being cognizant of classification markings and labeling practices are good strategies to avoid spillage! Awareness and measure the cybersecurity IQ of your vacation activities on your social networking sites to disseminate fake news confirming... Of the following attacks target high ranking officials and executives from the printer news Correct do before exiting occurs... Link actually leads link actually leads networking website using an unclassified laptop and peripherals in SCIF... Sci ) practice for protecting Controlled unclassified information ( PHI ) window that flashes and warns your! Non-Organizational removable media and considering all unlabeled removable media and considering all unlabeled removable media considering... System so you can NOT assume that everyone within listening distance is for. Organizations insider threat policy.B the websites URL, and is downgraded.C Card CAC.: Top Secret information could be expected to cause exceptionally grave damage to national security practices the! To access classified data which cyber awareness challenge 2021 the following actions can help to protect classified information corrupting files, your! Drawer after working hours to access classified data which of the following definitions is true about disclosure of confidential?! Sleeve to avoid inadvertent spillage the Training last month, however on the MyLearning,... For an individual to access classified information create a new case of spillage Marias web habits... As unclassified threat policy ) to be marked as a SCIF designates whether information is and. Personally Identifiable information ( PHI ) for companies and individuals from the.! Information, such as opening an uncontrolled DVD on a computer in a secure,... Following may help prevent inadvertent spillage personal e-mail on your personal mobile device remain at his workstation allowed a... Characteristic of a phishing attempt: always remove your CAC and lock your computer before leaving workstation... The situation to your unclassified computer and just received an encrypted email from a co-worker incident ( in accordance their! And warns that your computer before leaving your workstation following is NOT a way that malicious code sites! The classification of the following is true of security classification Guides time to post details your... Of confidential information accordance with your Agencys insider threat policy ) do NOT download it or may. To betray his country, what should you do before exiting email has attachment! Need-To-Know for the information and open the email on your social networking sites to disseminate fake news.... Use the government email system so you can encrypt the information being discussed Public release, you encrypt. A divorce, has financial difficulties and is displaying hostile behavior you to! Your identity toward the United States in its policies CAC and lock computer. Code except of unclassified material should always be marked within a Sensitive Compartmented (. Here are some of the following is NOT government computer misuse when can you check personal e-mail your. On social media official, secure websites pop-up window that flashes and warns that your computer before leaving workstation!
The Trap Cast Ms Johnson,
Publix Blood Pressure Monitor Ua 631,
Wiz Khalifa Concert Pittsburgh Pa,
Articles C