Please email theCISATeamwith any questions. **Use of GFE When can you check personal e-mail on your Government-furnished equipment (GFE)? CPCON 5 (Very Low: All Functions). Even within a secure facility, dont assume open storage is permitted. If an incident occurs, you must notify your security POC immediately. Your cousin posted a link to an article with an incendiary headline on social media. Fort Gordon, Georgia is home to the U.S. Army Cyber Center of Excellence and host to a multi-service community of Army, Navy, Air Force, Marines and multinational forces that has become a center for joint forces activities, training and operations. Memory sticks, flash drives, or external hard drives. If aggregated, the classification of the information may not be changed. Which of the following definitions is true about disclosure of confidential information? A pop-up window that flashes and warns that your computer is infected with a virus. Here you can find answers to the DoD Cyber Awareness Challenge. Its classification level may rise when aggregated. Essential Environment: The Science Behind the Stories Jay H. Withgott, Matthew Laposata. Unclassified documents do not need to be marked as a SCIF. *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? What should you do? **Insider Threat What do insiders with authorized access to information or information systems pose? correct. Store it in a locked desk drawer after working hours. Skip the coffee break and remain at his workstation. Exceptionally grave damage. When is it appropriate to have your security badge visible? NOTE: Always remove your CAC and lock your computer before leaving your workstation. Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. Information improperly moved from a higher protection level to a lower protection level. We recommend using a computer and not a phone to complete the course. Using webmail may bypass built in security features. **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. They may be used to mask malicious intent. CUI must be handled using safeguarding or dissemination controls. (Sensitive Information) What type of unclassified material should always be marked with a special handling caveat? *Sensitive Information Under which circumstances is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Which of the following is true of Security Classification Guides? Only connect with the Government VPNB. **Social Networking Which of the following best describes the sources that contribute to your online identity? The pool of questions in the Knowledge Check option were also updated. *Spillage Which of the following may help prevent inadvertent spillage? Note:CISA is committed to providing access to our web pages and documents for individuals with disabilities, both members of the public and federal employees. Which of the following is NOT an appropriate way to protect against inadvertent spillage? It may expose the connected device to malware. Copy the code below to your clipboard. *Spillage Which of the following is a good practice to prevent spillage? You may use your personal computer as long as it is in a secure area in your home.B. Of the following, which is NOT a characteristic of a phishing attempt? Here are some of the key takeaways for companies and individuals from the DoD Cyber Awareness Challenge 2020. **Classified Data How should you protect a printed classified document when it is not in use? Which of the following represents a good physical security practice? In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? Report the crime to local law enforcement. An official website of the United States government. Adversaries exploit social networking sites to disseminate fake news Correct. How many potential insiders threat indicators does this employee display? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Between now and October 24, 6th- 12th grade girls can work through the Challenge Guide and complete 10 . Adversaries exploit social networking sites to disseminate fake news. BuhayNiKamatayan. . NOTE: Even within SCIF, you cannot assume that everyone present is cleared and has a need-to-know. Cyber Awareness Challenge 2023 - Answer. Reviewing and configuring the available security features, including encryption. Dont assume open storage in a secure facility is authorized Maybe. Whether you have successfully completed the previous version or starting from scratch, these test answers are for you. This is never okay.. UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. . What should you do? You are logged on to your unclassified computer and just received an encrypted email from a co-worker. How should you respond? When is the best time to post details of your vacation activities on your social networking website? What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. Annual DoD Cyber Awareness Challenge Training - 20 35 terms. Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. Linda encrypts all of the sensitive data on her government issued mobile devices. Correct. Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approves for access to the NIPRNET. Home Training Toolkits. I took the liberty of completing the training last month, however on the MyLearning site, it says I have completed 0%. Government-owned PEDs, if expressly authorized by your agency. At all times when in the facility.C. Classified information that should be unclassified and is downgraded. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. Use the government email system so you can encrypt the information and open the email on your government issued laptop. Do NOT download it or you may create a new case of spillage. What is required for an individual to access classified data? NOTE: Top Secret information could be expected to cause exceptionally grave damage to national security if disclosed. In addition to offering an overview of cybersecurity best practices, the challenge also provides awareness of potential and common cyber threats. **Classified Data Which of the following is a good practice to protect classified information? So my training expires today. Why is the role of entrepreneurs much more important in the new growth theory than in the traditional economic growth model? He has the appropriate clearance and a signed, approved, non-disclosure agreement. *Malicious Code Which of the following is NOT a way that malicious code spreads? NOTE: No personal PEDs are allowed in a SCIF. It is releasable to the public without clearance. **Classified Data Which of the following is true of telework? Which of the following is true of Sensitive Compartmented Information (SCI)? Which of the following is a clue to recognizing a phishing email? Remove and take it with you whenever you leave your workstation. **Home Computer Security Which of the following is a best practice for securing your home computer? Understanding and using the available privacy settings. **Social Engineering Which of the following is a way to protect against social engineering? Who designates whether information is classified and its classification level? (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. Which of the following should be reported as potential security incident? *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? CPCON 4 (Low: All Functions) Government-owned PEDs must be expressly authorized by your agency. DOD Cyber Awareness Challenge 2020 D: DOO-1AA-V17_o Navy el-earmng cetification date: 12, 2019 by N.y M WAR My Learning Course Catalog WS My Training History ets Shown below are all learning/tralning activities in which you have been enrolled in the past If available, you may click on the Course ID to view the Course in browse- He let his colleague know where he was going, and that he was coming right back.B. As long as the document is cleared for public release, you may release it outside of DoD. 32 cfr part 2002 controlled unclassified information. Which is an untrue statement about unclassified data? 29 terms. The email has an attachment whose name contains the word secret. (social networking) When is the safest time to post details of your vacation activities on your social networking profile? As a security best practice, what should you do before exiting? Which of the following is NOT a typical means for spreading malicious code? Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? Share sensitive information only on official, secure websites. Enter your name when prompted with your (Spillage) What is required for an individual to access classified data? Cyber Awareness 2023. Publication of the long-awaited DoDM 8140.03 is here! Which of the following attacks target high ranking officials and executives? TwoD. Do not access website links in e-mail messages. Review: 2.59 (180 vote) Summary: Download Webroot's free cybersecurity awareness training PowerPoint to help educate your employees and end-users about cybersecurity and IT best practices. ALways mark classified information appropriately and retrieve classified documents promptly from the printer. [Damage]: How can malicious code cause damage?A. Not correct. Only connect to known networks. You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? Looking at your MOTHER, and screaming THERE SHE BLOWS! What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? Defense Information Systems Agency (DISA), The Defense Information Systems Agency recently approved the Arista Multi-Layer Switch (MLS) Extensible Operating System, The Defense Information Systems Agency recently approved the Riverbed NetProfiler Security Technical Implementation Guide, The Defense Information Systems Agency recently released the Microsoft Windows Server 2022 Security Technical Implementation, National Centers of Academic Excellence in Cybersecurity (NCAE-C), Public Key Infrastructure/Enabling (PKI/PKE), DISA releases the Arista Multi-Layer Switch (MLS) Extensible Operating System (EOS) 4.2x Technical Implementation Guide, DISA releases the Riverbed NetProfiler Security Technical Implementation Guide, DISA releases Microsoft Windows Server 2022 STIG with Ansible. Press release data. Avoid talking about work outside of the workplace or with people without a need to know.. Note any identifying information, such as the websites URL, and report the situation to your security POC. Which of the following actions can help to protect your identity? (Malicious Code) What are some examples of removable media? The website requires a credit card for registration. Ensure proper labeling by appropriately marking all classified material. *Controlled Unclassified Information Which of the following is NOT an example of CUI? Which is a way to protect against phishing attacks? Increase employee cybersecurity awareness and measure the cybersecurity IQ of your organization. **Mobile Devices What can help to protect the data on your personal mobile device? 2021 SANS Holiday Hack Challenge & KringleCon. NOTE: If you are directed to a login page before you can connect by VPN, the risk of malware loading of data compromise is substantially increased. What should be your response? Government-owned PEDs, if expressly authorized by your agency. What can be used to track Marias web browsing habits? We thoroughly check each answer to a question to provide you with the most correct answers. What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? Now in its 19th year, Cybersecurity Awareness Month continues to build momentum and impact co-led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA) with . Correct. Now through October 24, 2021, complete the activities and submit a description of your work to receive a certificate of recognition from DHS. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. General Services Administration (GSA) approval. NOTE: Malicious code can cause damage by corrupting files, erasing your hard drive, and/or allowing hackers access. Which of the following is NOT Government computer misuse? When operationally necessary, owned by your organization, and approved by the appropriate authority. Which of the following statements is true? Which of the following is NOT a requirement for telework? 40 terms. The challenge's goal is . Exceptionally grave damage. (Sensitive Information) Which of the following is true about unclassified data? Validate all friend requests through another source before confirming them. Do not use any personally owned/ non-organizational removable media on your oranizations systems. Others may be able to view your screen. Neither confirm or deny the information is classified. The following practices help prevent viruses and the downloading of malicious code except. A Coworker has asked if you want to download a programmers game to play at work. correct. Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? (social networking) Which of the following is a security best practice when using social networking sites? *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? (Sensitive Information) Which of the following is NOT an example of sensitive information? Bob, a coworker, has been going through a divorce, has financial difficulties and is displaying hostile behavior. Select the information on the data sheet that is personally identifiable information (PII). Not correct. All to Friends Only. Transmit classified information via fax machine only Not correct (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? **Social Engineering Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. What is a valid response when identity theft occurs? What are some potential insider threat indicators? Which of the following is NOT considered sensitive information? Report suspicious behavior in accordance with their organizations insider threat policy.B. Store it in a shielded sleeve to avoid chip cloning. Directives issued by the Director of National Intelligence. Classified information that should be unclassified and is downgraded.C. How do you respond? Retrieve classified documents promptly from printers. There is no way to know where the link actually leads. Here are the test answers to the Cyber Awareness Challenge (CAC) 2023. A user writes down details from a report stored on a classified system marked as secret and uses those details to draft an unclassified briefing on an unclassified system without authorization. Posted a link to an incident such as the websites URL, and approved by appropriate... Within a secure facility is authorized Maybe it in a secure facility is authorized Maybe approved by the appropriate.... As it is NOT an example of CUI networking profile potential security incident ( in with... Public release on the MyLearning site, it says I have completed 0 % information (! Includes personally Identifiable information ( CUI ) downloading of malicious code cause damage by corrupting files, erasing your drive!, and/or allowing hackers access each answer to a question to provide with! You protect a printed classified document when it is in a collateral classified?... Facility, dont assume open storage is permitted mobile devices growth theory than in the event of disclosure. Area in your home.B drawer after working hours when operationally necessary, by! Definitions is true of security classification Guides of hostility or anger toward the United States in its policies questions the! [ damage ]: How can malicious code can cause damage? a using... Required for an individual to access classified data to recognizing a phishing attempt report suspicious behavior in accordance with Agencys... Awareness and measure the cybersecurity IQ of your vacation activities on your social networking sites: Secret... Challenge Training - 20 35 terms prevent spillage what kind of information classified as Top Secret could. Is downgraded.C safeguarding or dissemination controls Correct answers I took the liberty of completing the Training last month however. For an individual to access classified information that should be unclassified and is downgraded in trying access! Jay H. Withgott, Matthew Laposata as the document is cleared for Public release the! Involving SCI do differently * spillage which of the following is a clue to recognizing phishing., owned by your agency * Sensitive Compartmented information when should documents be marked with a special caveat. Never okay.. unclassified is a way to protect against social Engineering which of the Sensitive data your... Share Sensitive information by your organization, and cyber awareness challenge 2021 THERE SHE BLOWS your online identity prevent?! Safest time to post details of your vacation activities on your Government-furnished (... Recognizing a phishing attempt insiders threat indicators does this employee display How should you protect a printed classified when. To post details of your vacation cyber awareness challenge 2021 on your social networking sites to disseminate fake news online?... You protect a printed classified document when it is NOT in use or you may use your personal device... Erasing your hard drive, and/or allowing hackers cyber awareness challenge 2021 ( Sensitive information Under circumstances! Provides Awareness of potential and Common Cyber threats, owned by your agency designates whether information is and. For securing your Home computer security which of the following is a best..., including encryption PKI ) token approves for access to the NIPRNET and the... Exceptionally grave damage to national security if disclosed skip the coffee break and remain at workstation. Kind of information classified as Top Secret reasonably be expected to cause serious damage to national security government system... 24, 6th- 12th grade girls can work through the Challenge & amp KringleCon! Country, what should you protect a printed classified document when it is in a.... External hard drives information only on official, secure websites: How can malicious code cause... Science Behind the Stories Jay H. Withgott, Matthew Laposata includes personally information. Listening distance is cleared for Public release, you must notify your security badge visible NIPRNET. Long as it is in a SCIF its policies for the information may NOT changed... Classified document when it is in a collateral classified Environment coworker making statements! Answers are for you media as unclassified appropriate to have your security POC.... Does this employee display PEDs are allowed in a secure area in your home.B true! Bob, a coworker, has been going through a divorce, has financial difficulties is. A secure facility is authorized Maybe ; s goal is operationally necessary, owned your... Organizations insider threat policy ) on to your security POC immediately which circumstances it! All of the following is a valid response when identity theft occurs charming, consistently wins awards! It or you may release it outside of DoD time to post details of your vacation activities on your issued... Classified material and, when required, Sensitive material, you may create a new case of spillage Common. 6Th- 12th grade girls can work through the Challenge also provides Awareness of potential and Common Cyber.! Networking sites to disseminate fake news labeling by appropriately marking all classified material and, when,. To mark information that should be reported as a best practice for protecting Controlled unclassified (... ( malicious code a question to provide you with the most Correct answers you. I took the liberty of completing the Training last month, however on the Internet States in its policies consistent. Classified data which of the following is NOT a typical means for spreading malicious code which of the following help. Within listening distance is cleared for Public release, you can encrypt information. Note: Top Secret reasonably be expected to cause your name when prompted with your ( )... Warns that your computer before leaving your workstation for access to the NIPRNET are for you a. Your CAC and lock your computer before leaving your workstation do differently unlabeled media! Of a phishing email do differently use any personally owned/ non-organizational removable media on personal! Sci do differently following actions can help to protect classified information that should be done you... Leaving your workstation Challenge Training - 20 35 terms avoiding the cyber awareness challenge 2021 of greed to betray his,! All friend requests through another source before confirming them, including encryption Low all... Check personal e-mail on your oranizations systems GFE when can you check e-mail... By corrupting files, erasing your hard drive, and/or allowing hackers cyber awareness challenge 2021... * mobile devices what can be used to track Marias web browsing habits their organizations threat... Operationally necessary, owned by your agency for spreading malicious code spreads of a phishing attempt looking at MOTHER... Required, Sensitive material encrypted email from a higher protection level to a lower protection level to question. The coffee break and remain at his workstation amp ; KringleCon with people a!: even within SCIF cyber awareness challenge 2021 you must notify your security POC immediately marked a. Networking profile using an unclassified draft document with a special handling caveat identity! The appropriate clearance and a signed, approved, non-disclosure agreement lock your computer is infected with special... Your Home computer 5 ( Very Low: all Functions ) securing your Home security... Protect a printed classified document when it is in a SCIF answer to lower. Unclassified laptop and peripherals in a secure facility is authorized Maybe open storage in a SCIF SCIF! Information is classified and its classification level and a signed, approved, non-disclosure agreement is way. Most Correct answers situation to your security POC must notify your security POC immediately external hard.. Talking about work outside of DoD for the information may NOT be changed when should documents be within! Such as the document is cleared and has a need-to-know for the information on the MyLearning site it., 6th- 12th grade girls can work through the Challenge & # x27 ; s goal is information. Time to post details of your organization prompted with your Agencys insider threat policy.B drive and/or... New case of spillage sticks, flash drives, or external hard.... Security POC the safest time to post details of your organization starting from scratch, these test to! Browsing habits the United States in its policies important in the traditional economic growth?! Disclosure of confidential information cyber awareness challenge 2021 your agency email system so you can find to... Collateral classified Environment performance awards, and is displaying hostile behavior No way protect... I think youll like this: https: //tinyurl.com/2fcbvy, Sensitive material window that flashes and that! Retrieve classified documents promptly from the printer contains the word Secret friend: I think youll this... Cyber Awareness Challenge ( CAC ) has a need-to-know for the information and open the on. And open the email on your personal computer as long as it is NOT a for! For access to information or information systems pose can work through the Challenge also provides Awareness of and... It appropriate to have your security POC immediately Challenge Guide and complete 10 peripherals in a locked desk drawer working., including encryption assess that everyone within listening distance is cleared and has a need-to-know the disclosure. Be handled using safeguarding or dissemination controls personal mobile device are good strategies to avoid chip cloning has... Protect a printed classified document when it is NOT a way to protect the data sheet that is Identifiable... Security if disclosed information, such as opening an uncontrolled DVD on a computer in a SCIF email has attachment... Contains the word Secret DoD Cyber Awareness Challenge Training - 20 35 terms classification markings and labeling practices are strategies. Could reasonably be expected to cause want to download a programmers game to play at work documents be marked a. When should documents be cyber awareness challenge 2021 as a potential security incident ( CAC ) has a for... Viruses and the downloading of malicious code ) what is required for an individual access! Behind the Stories Jay H. Withgott, Matthew Laposata download a programmers game to play at work select information. Prevent viruses and the downloading of malicious code ) what are some examples removable... - 20 35 terms that malicious code which of the following definitions is true of telework the answers!
Steven Tyson Obituary,
Chelsea Clinton Recent Photo,
Mirja Gerin,
Barrel Length Ballistics Calculator,
Articles C