As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. Which of the following is NOT sensitive information? In unsupervised machine learning, clustering is the most common process used to identify and group similar entities or items together. Examples are: Patient names, Social Security numbers, Drivers license numbers, insurance details, and birth dates. Protection may be required for privacy, law enforcement, contractual protections, or other reasons. Classified information is defined in PL 96-456, the Classified Information Procedures Act: Which is NOT a wireless security practice? Which of the following individuals can access classified data? The following table lists the number of drivers in the United States, the number of fatal accidents, and the number of total accidents in each age group in 2002. Try this test to determine if it's considered unclassified, classified or protected, and check out tips on what to do and what not to do when working with sensitive information. They can become an attack vector to other devices on your home network. A coworker removes sensitive information without authorization. *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Understanding and using the available privacy settings. 1.To provide opportunities for individuals and businesses to open checking accounts __________, To write rules and guidelines for financial institutions under its supervision __________, To be the lender of last resort for financial institutions __________, To conduct the nations monetary policy with the goals of maintaining full employment and price stability __________, 5. Refer the vendor to the appropriate personnel. Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. Which of the following may be helpful to prevent inadvertent spillage? How many potential insiders threat indicators does this employee display. CUI is an umbrella term that encompasses many different markings toidentifyinformationthat is not classified but which should be protected. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Correct. Updated 8/5/2020 8:06:16 PM. When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. Under what circumstances could unclassified information be considered a threat to national security? You check your bank statement and see several debits you did not authorize. To transmit large payments through Fedwire __________, To regulate and supervise the stock market to provide stability and security to individual investors. Historically, each agency developed its own practices for sensitive unclassified information, resulting in a patchwork of systems across the Executive branch, in which similar information might be defined or labeled differently, or where dissimilar information might share a definition and/or label. *Spillage Which of the following may help to prevent spillage? How can you protect your organization on social networking sites? Which of the following is not Controlled Unclassified Information (CUI)? It is getting late on Friday. Since the URL does not start with https, do not provide your credit card information. What should you do to protect yourself while on social networks? **Travel What security risk does a public Wi-Fi connection pose? **Social Networking As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? What should you do? Ask them to verify their name and office number. Which of the following is true about telework? 10-3 X-ray Interaction with Matter, Fundamentals of Engineering Economic Analysis, David Besanko, Mark Shanley, Scott Schaefer. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. (Sensitive Information) What should you do if a commercial entity, such as a hotel reception desk, asks to make a photocopy of your Common Access Card (CAC) for proof of Federal Government employment? Which of the following is NOT a home security best practice? What should you do? Federal agencies routinely generate, use, store, and share information that, while not classified, still requires some level of protection from unauthorized access and release. What is the best example of Protected Health Information (PHI)? 1.1 Standard Challenge Answers. Her badge is not visible to you. Lionel stops an individual in his secure area who is not wearing a badge. The emission rate of CO 2 from the soils reached the maximum on the 1st day of incubation and the sequence of CO 2 emission rate and cumulative emission under different amendment treatments was as SG > S > G > CK > N (Fig. Others may be able to view your screen. Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? Which of the following is a potential insider threat indicator? If you participate in or condone it at any time. On September 14, 2016, NARA issued a final rule amending 32 CFR Part 2002 to establish a uniform policy for all Federal agencies and prescribe Government-wide program implementation standards, including designating, safeguarding, disseminating, marking, decontrolling, and disposing of CUI; self-inspection and oversight requirements; and other facets of the CUI Program. How do you think antihistamines might work? Use a common password for all your system and application logons. We recommend Norton Security or McAfee Total Protection. (Malicious Code) Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? **Social Networking When is the safest time to post details of your vacation activities on your social networking profile? Not correct. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. Sanitized information gathered from personnel records. Store your Common Access Card (CAC) or Personal Identity Verification (PIV) card in a shielded sleeve ~Write your password down on a device that only you access (e.g., your smartphone) Change your password at least every 3 months Enable two-factor authentication whenever available, even for personal accounts. What portable electronic devices (PEDs) are permitted in a SCIF? How can you protect your information when using wireless technology? Which is a good practice to protect classified information? *Sensitive Compartmented Information What must the dissemination of information regarding intelligence sources, methods, or activities follow? (Spillage) What type of activity or behavior should be reported as a potential insider threat? Which of the following does not constitute spillage. correct. Note That The Integers Should Be Type Cast To Doubles. Share sensitive information only on official, secure websites. Security Classification Guides (SCGs).??? How many indicators does this employee display? What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? When using a fax machine to send sensitive information, the sender should do which of the following? (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? NARA has the authority and responsibility to manage the CUI Program across the Federal government. If you participate in or condone it at any time. CPCON 2 (High: Critical and Essential Functions) What is a best practice for protecting controlled unclassified information (CUI)? Which of the following is an example of malicious code? Which Of The Following Is Not A Correct Way To Protect CUI. Which of the following is true of downloading apps? Exceptionally grave damage to national security. **Mobile Devices Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? -Ask them to verify their name and office number The email provides a website and a toll-free number where you can make payment. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. Contents hide. All https sites are legitimate. Controlled unclassified information. What information most likely presents a security risk on your personal social networking profile? What can be used to track Marias web browsing habits? Senior government personnel, military or civilian. February 8, 2022. Which of the following is NOT considered sensitive information? You know this project is classified. Mark SCI documents appropriately and use an approved SCI fax machine. -Its classification level may rise when aggregated. true-statement. Three or more. Which of the following is a proper way to secure your CAC/PIV? A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. For programmatic questions regarding Controlled Unclassified Information (CUI), including any challenges to CUI marked by EPA, pleasecontact EPA's CUI Program Office. tell your colleague that it needs to be secured in a cabinet or container. What is a valid response when identity theft occurs? Keeping a database from being accessed by unauthorized visitors C. Restricting a subject at a lower classification level from accessing data at a higher classification level D. Preventing an . How many potential insider threat indicators does this employee display? 1.1.2 Classified Data. Which of the following best describes wireless technology? What information relates to the physical or mental health of an individual? Approved Security Classification Guide (SCG). Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. Reviewing and configuring the available security features, including encryption. What action is recommended when somebody calls you to inquire about your work environment or specific account information? (Sensitive Information) What must the dissemination of information regarding intelligence sources, methods, or activities follow? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Which is an untrue statement about unclassified data? Taking classified documents from your workspace. NARAissuespolicy directives and publishesan annualreportto the President of the United Stateson the status of agency CUI Program implementation in accordance with Executive Order 13556, Controlled Unclassified Information. Of the following, which is NOT a problem or concern of an Internet hoax? Press release data. What should you do? Download the information. Adversaries exploit social networking sites to disseminate fake news. When traveling or working away from your main location, what steps should you take to protect your devices and data? Validate all friend requests through another source before confirming them. How should you securely transport company information on a removable media? You have reached the office door to exit your controlled area. When is it appropriate to have your security badge visible? When your vacation is over, after you have returned home. Use only personal contact information when establishing your personal account. This lets the service person know when the tank is "full." Classified information that should be unclassified and is downgraded. Which type of information includes personal, payroll, medical, and operational information? P2P (Peer-to-Peer) software can do the following except: Allow attackers physical access to network assets. It never requires classified markings, it is true about unclassified data. Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)? A smartphone that transmits credit card payment information when held in proximity to a credit card reader. What should you do? Search by Subject Or Level. (Correct) -It does not affect the safety of Government missions. Which of the following is NOT a typical result from running malicious code? A colleague often makes others uneasy with her persistent efforts to obtain information about classified project where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. -TRUE The use of webmail is -is only allowed if the organization permits it Using webmail may bypass built in security features. Create separate user accounts with strong individual passwords. Based on the description that follows how many potential insider threat indicators are displayed? Secure .gov websites use HTTPS Your password and the second commonly includes a text with a code sent to your phone. Leaked classified or controlled information is still classified/controlled even if it has already been compromised. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Ask the individual to see an identification badge. Classified material must be appropriately marked. *Spillage Which of the following may help prevent inadvertent spillage? What type of data must be handled and stored properly based on classification markings and handling caveats? which of the following is true about unclassified data. true-statement. You receive an unexpected email from a friend: "I think you'll like this: (URL)" What action should you take? **Social Networking Your cousin posted a link to an article with an incendiary headline on social media. Which of the following is NOT a correct way to protect sensitive information? **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sires visited? When your vacation is over, and you have returned home. Where. What is required for an individual to access classified data? Note the websites URL and report the situation to your security point of contact. What should you do? Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. 8. What does Personally Identifiable information (PII) include? Who designates whether information is classified and its classification level? Which of the following should be done to keep your home computer secure? *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Personal information is inadvertently posted at a website. Following instructions from verified personnel. c. ignoring a tantrum You should remove and take your CAC/PIV card whenever you leave your workstation. Which may be a security issue with compressed Uniform Resource Locators (URLs)? What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. PII includes, but is not limited to, social security numbers, date and places of birth, mothers maiden names, biometric records, and PHI. While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Many apps and smart devices collect and share your personal information and contribute to your online identity. Look for a digital signature on the email. **Use of GFE When can you check personal e-mail on your Government-furnished equipment (GFE)? **Identity Management Which of the following is the nest description of two-factor authentication? They can be part of a distributed denial-of-service (DDoS) attack. The National Archives and Records Administration (NARA) serves as the Controlled Unclassified Information (CUI) Executive Agent (EA). Always check to make sure you are using the correct network for the level of data. Since the URL does not start with https, do not provide you credit card information. (Spillage) What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? correct. Note any identifying information and the websites Uniform Resource Locator (URL). Decline to let the person in and redirect her to security. **Identity management Which of the following is an example of a strong password? Organizational Policy Not correct How many potential insiders threat indicators does this employee display? Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Which of the following is an example of Protected Health Information (PHI)? (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? **Website Use How should you respond to the theft of your identity? Which of the following is an example of two-factor authentication? Use personally-owned wired headsets and microphones only in designated areas, New interest in learning a foreign language. What should you do? Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? Which of the following actions is appropriate after finding classified Government information on the internet? (Malicious Code) Which of the following is NOT a way that malicious code spreads? How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? *Sensitive Compartmented Information What is Sensitive Compartmented Information (SCI)? Sensitive information. Correct. Assuming open storage is always authorized in a secure facility. He has the appropriate clearance and a signed, approved, non-disclosure agreement. Which scenario might indicate a reportable insider threat security incident? What should be your response? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Ans: True Question 2: The Government Information Security Reform Act (Security Reform Act) of 2000 focuses on management View the full answer What type of security is part of your responsibility and placed above all else?, If your wireless device is improperly configured someone could gain control of the device? Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? Store it in a locked desk drawer after working hours. When operationally necessary, owned by your organization, and approved by the appropriate authority. What should be done to sensitive data on laptops and other mobile computing devices? Which of the following is a practice that helps to protect you from identity theft? *Spillage Which of the following is a good practice to aid in preventing spillage? Social Security Number; date and place of birth; mothers maiden name. Classified material must be appropriately marked. Question. Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. What action should you take? A coworker has left an unknown CD on your desk. What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? Confirm the individuals need-to-know and access. Ive tried all the answers and it still tells me off, part 2. ALways mark classified information appropriately and retrieve classified documents promptly from the printer. You must have your organization's permission to telework. Government-owned PEDs when expressly authorized by your agency. What actions should you take prior to leaving the work environment and going to lunch? Which of these is true of unclassified data? This button displays the currently selected search type. Which of the following is true of Sensitive Compartmented Information (SCI)? cyber. Original classification authority Correct. not correct Is this safe? (Malicious Code) While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. The CUI Registry is the Government-wide online repository for Federal-level guidance regarding CUI policy and practice. a. A program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. (Spillage) What is required for an individual to access classified data? Linda encrypts all of the sensitive data on her government-issued mobile devices. Which of the following is an example of a strong password? **Insider Threat What do insiders with authorized access to information or information systems pose? *Malicious Code Which of the following is NOT a way that malicious code spreads? Which of the following information is a security risk when posted publicly on your social networking profile? **Social Engineering What action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)? Digitally signed e-mails are more secure. Someone calls from an unknown number and says they are from IT and need some information about your computer. A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. Badges must be visible and displayed above the waist at all times when in the facility. A trusted friend in your social network posts a link to vaccine information on a website unknown to you. A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complain about the credit card bills that his wife runs up. You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? Unclassified Information Student Guide . How should you respond? What should you do to protect classified data? Research the source to evaluate its credibility and reliability. If aggregated, the information could become classified. Which of the following represents an ethical use of your Government-furnished equipment (GFE)? A coworker has asked if you want to download a programmers game to play at work. Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Correct. Which of the following should you do immediately? **Insider Threat Which of the following is NOT considered a potential insider threat indicator? Only friends should see all biographical data such as where Alex lives and works. **Physical Security Within a secure area, you see an individual who you do not know and is not wearing a visible badge. Correct. Exceptionally grave damage. Your favorite movie. Unclassified information can become a threat to national security. Which of the following is not considered an example of data hiding? **Insider Threat Which of the following should be reported as a potential security incident? what should be your response be? A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number. **Use of GFE Under what circumstances is it acceptable to use your Government-furnished computer to check personal e-mail and do other non-work-related activities? Report the crime to local law enforcement. Secure personal mobile devices to the same level as Government-issued systems. Alexa May, director of accounts, received a bill for $648\$648$648, dated April 666, with sales terms 2/10,1/15,n/302/10, 1/15, n/302/10,1/15,n/30. When unclassified data is aggregated, its classification level may rise. How should you respond? A type of phishing targeted at senior officials. Contact the IRS using their publicly available, official contact information. c. What similarities and differences are there between plant and animal cells?