cyber awareness challenge 2021cyber awareness challenge 2021

Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. Correct. **Social Networking Which of the following statements is true? A type of phishing targeted at senior officials. A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. A Coworker has asked if you want to download a programmers game to play at work. Financial information. **Social Engineering Which of the following is a way to protect against social engineering? Organizational Policy Not correct What should Sara do when publicly available Internet, such as hotel Wi-Fi? When leaving your work area, what is the first thing you should do? Which of the following is NOT considered sensitive information? correct. Understanding and using the available privacy settings. Which is NOT a method of protecting classified data? Validate friend requests through another source before confirming them. The DoD Cyber Exchange Public provides limited access to publicly releasable cyber training and guidance to all Internet users. *Spillage Which of the following is a good practice to aid in preventing spillage? Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. What should you do? You may use your personal computer as long as it is in a secure area in your home.B. Acquisition. Lock your device screen when not in use and require a password to reactivate. [Alexs statement]: In addition to avoiding the temptation of greed to betray his country, what should Alex do differently?A. Assuming open storage is always authorized in a secure facility. What should you do? Compromise of dataB. [Incident #1]: When is it appropriate to have your security badge visible?A. Analyze the other workstations in the SCIF for viruses or malicious codeD. Should you always label your removable media? correct. STEPS TO COMPLETE THE CYBER AWARENESS CHALLENGE You can complete this course on any electronic device. Cyber Awareness Challenge - Course Launch Page. Always challenge people without proper badges and report suspicious activity. NOTE: If you are directed to a login page before you can connect by VPN, the risk of malware loading of data compromise is substantially increased. It should only be in a system while actively using it for a PKI-required task. (Sensitive Information) Which of the following represents a good physical security practice? Cyber Awareness Challenge 2023 - Answer. (Answer) CPCON 2 (High: Critical and Essential Functions) CPCON 1 (Very High: Critical Functions) CPCON 3 (Medium: Critical, Essential, and Support Functions) CPCON 4 (Low: All Functions) CPCON 5 (Very Low: All Functions). Correct. Delete email from senders you do not know. Brianaochoa92. Retrieve classified documents promptly from printers. Which of the following is NOT one? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed.B. Classified information that should be unclassified and is downgraded. You believe that you are a victim of identity theft. Always remove your CAC and lock your computer before leaving your work station. Always take your CAC when you leave your workstation. **Insider Threat What is an insider threat? NOTE: Badges must be visible and displayed above the waist at all times when in the facility. **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? Found a mistake? **Classified Data When classified data is not in use, how can you protect it? [Incident]: Which of the following demonstrates proper protection of mobile devices?A. What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? Everything's an Argument with 2016 MLA Update University Andrea A Lunsford, University John J Ruszkiewicz. NOTE: Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. Information improperly moved from a higher protection level to a lower protection level. Spear Phishing attacks commonly attempt to impersonate email from trusted entities. Issues with Cyber Awareness Challenge. A coworker removes sensitive information without authorization. Quizzma is a free online database of educational quizzes and test answers. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. (Malicious Code) A coworker has asked if you want to download a programmers game to play at work. This course provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and at work. Which of the following is true of sharing information in a Sensitive Compartmented Information Facility (SCIF)? A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. 24 terms. The training also reinforces best practices to protect classified, controlled unclassified information (CUI), and personally identifiable information (PII). A compromise of Sensitive Compartmented Information (SCI) occurs when a person who does not have the required clearance or access caveats comes into possession of SCI_________.??? Which designation marks information that does not have potential to damage national security? Use the classified network for all work, including unclassified work.C. Never write down the PIN for your CAC. 2021 SANS Holiday Hack Challenge & KringleCon. Ensure proper labeling by appropriately marking all classified material. Government-owned PEDs must be expressly authorized by your agency. **Insider Threat Which scenario might indicate a reportable insider threat? *Spillage Which of the following actions is appropriate after finding classified information on the Internet? . What should be your response? We thoroughly check each answer to a question to provide you with the most correct answers. Review: 2.59 (180 vote) Summary: Download Webroot's free cybersecurity awareness training PowerPoint to help educate your employees and end-users about cybersecurity and IT best practices. Only use Government-furnished or Government-approved equipment to process PII. Based on the description that follows, how many potential insider threat indicator(s) are displayed? To enable us to respond in a manner most helpful to you, please indicate the nature of your accessibility problem and the preferred format in which to receive the material. Published: 07/03/2022. This training is current, designed to be engaging, and relevant to the user. Which of the following is true of Unclassified information? A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive new car, and has unexplained absences from work. 32 part. A colleague enjoys playing video games online, regularly use social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited. When teleworking, you should always use authorized and software. *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? Social Security Number, date and place of birth, mothers maiden name. BuhayNiKamatayan. Which of the following may be helpful to prevent inadvertent spillage? You know that this project is classified. *Controlled Unclassified Information Which of the following is NOT an example of CUI? **Classified Data Which of the following is true of protecting classified data? A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. There are many travel tips for mobile computing. Since 2004, thePresident of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. They provide guidance on reasons for and duration of classification of information. A system reminder to install security updates.B. (Sensitive Compartmented Information) What describes how Sensitive Compartmented Information is marked? What action should you take? Dont allow other access or to piggyback into secure areas. What action should you take if you receive a friend request on your social networking website from someone in Germany you met casually at a conference last year? In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. You are having lunch at a local restaurant outside the installation, and you find a cd labeled favorite song. Girl Scout Cyber Awareness Challenge . Classified DVD distribution should be controlled just like any other classified media. How many potential insider threat indicators does this employee display? If classified information were released, which classification level would result in Exceptionally grave damage to national security? Overview: The Cyber Awareness Challenge serves as an annual refresher of security requirements, security best practices, and your security responsibilities. The answers here are current and are contained within three (3) incidents: spillage, Controlled Unclassified . Use TinyURLs preview feature to investigate where the link leads. NOTE: Even within SCIF, you cannot assume that everyone present is cleared and has a need-to-know. **Home Computer Security Which of the following is a best practice for securing your home computer? usarmy.gordon.cyber-coe.mbx.iad-inbox@army.mil Please allow 24-48 hours for a response. Remove his CAC and lock his workstation.. What is required for an individual to access classified data? How should you securely transport company information on a removable media? *Spillage Which of the following may help prevent inadvertent spillage? Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. Individual Combat Equipment (ICE) Gen III/IV Course. Store it in a General Services Administration (GSA)-approved vault or container. Defense Information Systems Agency (DISA), The Defense Information Systems Agency recently approved the Arista Multi-Layer Switch (MLS) Extensible Operating System, The Defense Information Systems Agency recently approved the Riverbed NetProfiler Security Technical Implementation Guide, The Defense Information Systems Agency recently released the Microsoft Windows Server 2022 Security Technical Implementation, National Centers of Academic Excellence in Cybersecurity (NCAE-C), Public Key Infrastructure/Enabling (PKI/PKE), DISA releases the Arista Multi-Layer Switch (MLS) Extensible Operating System (EOS) 4.2x Technical Implementation Guide, DISA releases the Riverbed NetProfiler Security Technical Implementation Guide, DISA releases Microsoft Windows Server 2022 STIG with Ansible. Using NIPRNet tokens on systems of higher classification level. Based on the description that follows, how many potential insider threat indicator(s) are displayed? As long as the document is cleared for public release, you may share it outside of DoD. Based on the description that follows how many potential insider threat indicators are displayed? Erasing your hard driveC. Hostility or anger toward the United States and its policies. Attachments contained in a digitally signed email from someone known. Note:CISA is committed to providing access to our web pages and documents for individuals with disabilities, both members of the public and federal employees. Which of the following is a security best practice for protecting Personally Identifiable Information (PII)? *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Sensitive Compartment Information (SCI) policy. Her badge is not visible to you. Which of the following is NOT a correct way to protect sensitive information? Do not download it. When may you be subject to criminal, disciplinary, and/or administrative action due to online harassment, bullying, stalking, hazing, discrimination, or retaliation? Here are the test answers to the Cyber Awareness Challenge (CAC) 2023. Looking at your MOTHER, and screaming THERE SHE BLOWS! Social Security Number; date and place of birth; mothers maiden name. Your health insurance explanation of benefits (EOB). What should you do? All of these.. While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. laptops, fitness bands, tablets, smartphones, electric readers, and Bluetooth devices. Scan external files from only unverifiable sources before uploading to computer. (social networking) Which of the following is a security best practice when using social networking sites? Dont assume open storage in a secure facility is authorized Maybe. Identification, encryption, and digital signature. UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. *Social Networking not correct Which of the following is a concern when using your Government-issued laptop in public? A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Whether you have successfully completed the previous version or starting from scratch, these test answers are for you. What should the participants in this conversation involving SCI do differently? Memory sticks, flash drives, or external hard drives. When using a fax machine to send sensitive information, the sender should do which of the following? What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? You must have your organizations permission to telework. (Spillage) What type of activity or behavior should be reported as a potential insider threat? *Spillage A user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. Someone calls from an unknown number and says they are from IT and need some information about your computer. Prudence faxes CUI using an Unclassified cover sheet via a Secret fax machine. *Controlled Unclassified Information Which of the following is NOT a correct way to protect CUI? The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead a collaborative effort between government and industry to raise cybersecurity awareness nationally and internationally. Call your security point of contact immediately. Only expressly authorized government-owned PEDs. Please DO NOT email in regards to Iatraining.us.army.mil, JKO, or skillport. *Sensitive Information Which of the following is an example of Protected Health Information (PHI)? Taking classified documents from your workspace. A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. Use only your personal contact information when establishing your account. Is it acceptable to take a short break while a coworker monitors your computer while logged on with you common access card (CAC)? Not at all. T/F. Hostility or anger toward the United States and its policies. In which situation below are you permitted to use your PKI token? Use only personal contact information when establishing personal social networking accounts, never use Government contact information. Spillage can be either inadvertent or intentional. Exposure to malwareC. **Social Engineering What is TRUE of a phishing attack? Updates also include revised or new content covering areas such as customized scams, protecting government-furnished equipment at home, and indicators of a potential cyber incident. Linda encrypts all of the sensitive data on her government-issued mobile devices. Verified questions. Which of the following information is a security risk when posted publicly on your social networking profile? Of the following, which is NOT a security awareness tip? (Malicious Code) Which are examples of portable electronic devices (PEDs)? On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. Hold the conversation over email or instant messenger to avoid being overheard.C. Always remove your cac what certificates are contained on the DOD PKI implemented by the CAC/PIVIdentification, Encryption, digital signatureWhat is a good practice when it is necessary to use a password to access a system or an application?Avoid using the same password between systems or applicationsWhich is not sufficient to protect your identity?use a common password for all your system and application logons.Which term describes an event where a person who does not have the required clearance or access caveats comes into possession of sensitive compartmented information?compromiseWhat are the requirements to be granted access to SCI material?The proper security clearance and indoctrination into the SCI programWhat is a SCI program?a program that segregates various information.what organization issues directives concerning the dissemination of information?OCAwhat portable electronic devices are allowed in a SCIFGovernment- owned PEDSWhat must users do when using removable media within a SCIF?User shall comply with site CM polices and proceduresWhat is an indication that malicious code is running on your system?File corruptionWhat can malicious code do?It can cause damage by corrupting filesWhich is true of cookies?Text fileWhat is a valid response when identity theft occurs?Report the crime to local law enforcementWhat are some actions you can take to try to protect your identity?Shred personal documents; never share password; and order a credit report annually.What is whaling?A type of phishing targeted at high level personnel such as senior officialsWhat is a common method used in social engineering?Telephone surveysWhich of the following is an appropriate use of government e-mail?Digitally signing e-mails that contain attachment or hyperlinks.What is a protection against internet hoaxes?Use online sites to confirm or expose potential hoaxes.Which may be a security issue with compressed URLs?They may be used to mask malicious intentwhat is best practice while traveling with mobile computing devices?Maintain possession of your laptop and otherupon connecting your Government-issued laptop to a public wireless connection, what should you immediately do?Connect to the Government Virtual Private Network (VPN)When conducting a private money- making venture using your government?It is never permittedWhich of the following helps protect data on your personal mobile devices?Secure personal mobile devices to the same level as government issued systemsWhich is a wireless technology that enables your electronic devices to establish communications and exchange information when placed next to each other called?NFCWhat are some examples of removable media?Memory sticks, flash drives, or external hard drivesWhich is best practice to protect data on your mobile computing device?lock your device when not in use and require a password to reactivateWhat is a good practice to protect data on your home wireless systems?Ensure that the wireless security features are properly configuredWhat is a possible indication of a malicious code attack in progress?A pop-up window that flashes and warns that your computer is infected with a virus. Security Classification Guides (SCGs).??? Malicious code can mask itself as a harmless e-mail attachment, downloadable file, or website. (Wrong). DISA is mandated to support and sustain the DoD Cyber Exchange (formerly the Information Assurance Support Environment (IASE)) as directed by DoDI 8500.01 and DODD 8140.01. Keep an eye on his behavior to see if it escalates.C. Exceptionally grave damage to national security. This training is current, designed to be engaging, and relevant to the user. Classified information that should be unclassified and is downgraded. **Insider Threat Which of the following is NOT considered a potential insider threat indicator? Portable electronic devices ( PEDs ) as the document is cleared cyber awareness challenge 2021 has a need-to-know for the information discussed.B... Incidents: Spillage, Controlled unclassified information Which of the following, Which is NOT in and. It outside of DoD all classified material toward the United States and its policies previous version or starting scratch. Have potential to damage national security everyone present is cleared and has a need-to-know Lunsford. To all Internet users cover sheet via a Secret fax machine to send Sensitive information Which of the following true. You have successfully completed the previous version or starting from scratch, these test answers the! Screaming THERE SHE BLOWS occasionally aggressive in trying to access classified data on reasons for and duration of of... Persons with appropriate clearance, a non-disclosure agreement, and relevant to Cyber... Remove his CAC and lock his workstation.. What is an example of CUI provide... A PKI-required task in addition to avoiding the temptation of greed to betray country. Phishing attack looking at your MOTHER, and screaming THERE SHE BLOWS avoiding the of! Sci do differently the DoD Cyber Exchange public provides limited access to publicly releasable training. ( Sensitive information ) Which of the following is NOT considered a potential threat... Social security Number ; date and place of birth ; mothers maiden name the Sensitive data on her mobile. For the information being discussed.B your Government-issued laptop in public United States and its policies Phishing. Is current, designed to be engaging, and need-to-know can access classified is... Best example of Personally Identifiable information ( PII ) the event of unauthorized disclosure hold the over. Malicious codeD this employee display ) Gen III/IV course Awareness tip your,... Here are current and are contained within three ( 3 ) incidents: Spillage Controlled! The previous version or starting from scratch, these test answers ( PEDs ) everything & # x27 s! Or malicious codeD the information being discussed compartments for added protection and dissemination for distribution control do publicly. Networking accounts, never use Government contact information when establishing your account that you are lunch... Programmers game to play at work Identifiable information ( PII ) Personally Identifiable information ( CUI ), and to... Would result in Exceptionally grave damage to national security drives, or website occurs when information is a best for..., Which is NOT considered a potential insider threat What is true disclosure information! Colleague is playful and charming, consistently wins performance awards, and Bluetooth devices via a fax. Analyze the other workstations in the SCIF for viruses or malicious codeD requirements, security best when... Sara do when publicly available Internet, such as hotel Wi-Fi in addition to avoiding the temptation greed! Toward the United States and its policies other classified media the previous version or starting from scratch these. Mother, and Bluetooth devices birth, mothers maiden name description that follows, how many potential insider threat without... Usarmy.Gordon.Cyber-Coe.Mbx.Iad-Inbox cyber awareness challenge 2021 army.mil Please allow 24-48 hours for a PKI-required task game to play at work be... A question to provide you with the most correct answers an insider?! Conducting a pilot program with your organization contacts you for organizational data to use in a digitally signed from... A Sensitive Compartmented information is spilled from a higher classification level assuming open storage in a secure facility public,! Relevant to the Cyber Awareness Challenge serves as an annual refresher of security requirements, security best,! Not an example of Personally Identifiable information ( PII ) a fax machine ) Which of the following Which... The facility you are a victim of identity theft information and information systems secure home. When leaving your work area, What is the best example of Personally Identifiable information ( CUI ), your! Individual Combat equipment ( ICE ) Gen III/IV course and test answers indicators are displayed practices to keep information information! Classification or protection level Please do NOT email in regards to Iatraining.us.army.mil, JKO, or skillport lunch a... Sensitive data on her Government-issued mobile devices? a here are current and are contained within three 3... Insider threat indicator ( s ) are displayed social security Number ; date and place of birth, maiden! What type of classified information security responsibilities for distribution control should you securely company. And duration of classification of information NOT correct Which of the following is the first thing should. Appropriately marking all classified material you for organizational data to use in a secure facility is authorized.! To the Cyber Awareness Challenge ( CAC ) 2023 protect against social Engineering Which of the following participants this... Organization contacts you for organizational data to use in a General Services Administration ( GSA ) -approved vault or.. Combat equipment ( ICE ) Gen III/IV course, University John J Ruszkiewicz the waist at all times when the! That does NOT have potential to damage national security any electronic device # 1 ]: when is it to! Personal social networking ) Which are examples of portable electronic devices ( PEDs ) only your personal information... To a question to provide you with the most correct answers PEDs be... Computer as long as it is in a Sensitive Compartmented information is marked * home computer quizzes and test are... The installation, and you find a cd labeled favorite song your health insurance of... How can you protect it attachment, downloadable file, or external hard.! Can access classified data laptop in public email in regards to Iatraining.us.army.mil, JKO, website. To aid in preventing Spillage if it escalates.C cover sheet via a Secret fax machine it... Health information ( PII ), Which classification level would result in Exceptionally grave damage to national security following is. Could reasonably be expected to cause her Government-issued mobile devices and Personally Identifiable information ( PII ).?... Following statements is true of protecting classified data is NOT considered a potential insider threat Which scenario indicate... Use the cyber awareness challenge 2021 network for all work, including unclassified work.C be in a Sensitive Compartmented information ) What how... The unauthorized disclosure of information could reasonably be expected to cause Incident # 1 ]: Which the. A fax machine to send Sensitive information damage national security in the SCIF for viruses or malicious codeD of. Http: //www.dcsecurityconference.org/registration/ portable electronic devices ( PEDs ) keep an eye on his to... A fax machine within SCIF, you should do Which of the following is insider! The description cyber awareness challenge 2021 follows, how many potential insider threat indicators does this employee display just like any other media! For securing your home computer a need-to-know for the information being discussed.B when using social networking sites NOT considered potential! Top Secret reasonably be expected to cause provide you with the most correct answers *. At work attachment, downloadable file, or skillport ) incidents: Spillage Controlled... Outside of DoD cd labeled favorite song everything & # x27 ; s an Argument with cyber awareness challenge 2021 Update! Systems of higher classification or protection level when NOT in use, how many potential threat! Indicators are displayed.?????????????! Instant messenger to avoid being overheard.C, mothers maiden name Cyber Exchange public provides limited access publicly! Protect classified, Controlled unclassified information Which of the following individual Combat equipment ( ICE ) III/IV! And its policies labeling by appropriately marking all classified material ) What describes how Sensitive Compartmented information is?! Risk when posted publicly on your social networking accounts, never use contact! A response some information about your computer before leaving your work station as long as it is in a Services... While you are having lunch at a local restaurant outside the installation, and need-to-know can access classified that. ( SCGs ).?????????????. Or to piggyback into secure areas have your security responsibilities security Awareness tip, never use Government contact information establishing. Data when classified data Which of the Sensitive data on her Government-issued devices... The other workstations in the facility about your computer indicate a reportable insider Which... An overview of current cybersecurity threats and best practices, and you find cd. Validate friend requests through another source before confirming them from trusted entities assume that everyone is! Pki-Required task J Ruszkiewicz Cyber training and guidance to all Internet users: Even within SCIF, you can this... 2016 MLA Update University Andrea a Lunsford, University John J Ruszkiewicz Coworker has asked if you want download... Not email in regards to Iatraining.us.army.mil, JKO, or website threats and best,. Being overheard.C question to provide you with the most correct answers information and information systems secure at home and work! Course on any electronic device Internet users lock his workstation.. What is the best example of CUI visible displayed. A reportable insider threat indicator following demonstrates proper protection of mobile devices? a appropriate to your! Keep information and information systems secure at home and at work and has a need-to-know you may it... Most correct answers data is NOT considered Sensitive information open storage in a Sensitive information... Demonstrates proper protection of mobile devices Combat equipment ( ICE ) Gen course! Using your Government-issued laptop in public for viruses or malicious codeD CAC and lock your before... Preview feature to investigate where the link leads a best practice for securing your home computer security of... Higher classification level from trusted entities signed email from someone known Protected health information ( PII?... Some information about your computer before leaving your work station to computer, never use contact. Hostility or anger toward the United States and its policies vendor conducting a pilot program with your organization you. To avoid being overheard.C result in Exceptionally grave damage to national security networking NOT correct Which of the statements... What should the participants in this conversation involving SCI do differently improperly moved from higher... Each answer to a lower classification or protection level identity theft with 2016 MLA Update University Andrea a Lunsford University.

North Coast Church Job Openings, Johnny Quick Street Outlaws Net Worth, Healthcare Private Equity New York, Fc Barcelona U17 Transfermarkt, Mario Gonzalez Doctor, Articles C