What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. *Classified Data Sensitive Compartment Information (SCI) policy. Avoid talking about work outside of the workplace or with people without a need to know.. Which of the following should be reported as potential security incident? METC Physics 101-2. Sally stored her government-furnished laptop in her checked luggage using a TSA-approved luggage lock.B. What must you ensure if your work involves the use of different types of smart card security tokens? Photos of your pet Correct. NOTE: By reporting Alexs potential risk indicators, Alexs colleagues can protect their organization and potentially get Alex the help he needs to navigate his personal problems. Which of the following attacks target high ranking officials and executives? If the format of any elements or content within this document interferes with your ability to access the information, as defined in the Rehabilitation Act, please emailCyberawareness@cisa.dhs.gov. Here are the test answers to the Cyber Awareness Challenge (CAC) 2023. Unclassified documents do not need to be marked as a SCIF. What is the best response if you find classified government data on the internet? (Spillage) What is required for an individual to access classified data? Overview: The Cyber Awareness Challenge serves as an annual refresher of security requirements, security best practices, and your security responsibilities. Under which circumstances may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? 2022 cyber awareness challenge. Erasing your hard driveC. (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? 2021 SANS Holiday Hack Challenge & KringleCon. This course provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and at work. Approved Security Classification Guide (SCG). Training requirements by group. Remove your security badge after leaving your controlled area or office building. **Home Computer Security How can you protect your information when using wireless technology? Which of the following is not a best practice to preserve the authenticity of your identity? *Spillage Which of the following may help to prevent spillage? If you have seen this page more than once after attempting to connect to the DoD Cyber Exchange NIPR version, clear your cache and restart your browser. CPCON 5 (Very Low: All Functions). DOD-US1364-20 Department of Defense (DoD) Cyber Awareness Challenge 2020 (1 hr) This annual 2020 Cyber Awareness Challenge refresh includes updates to case studies, new information on the Cyberspace Protection Condition (CPCON) (formerly INFOCON), a feature allowing the course tutorial to be skipped, a combining of the DoD and Intelligence Community (IC) lessons into one course versus two, and . Which method would be the BEST way to send this information? You believe that you are a victim of identity theft. Classified information that is intentionally moved to a lower protection level without authorization. We are developing toolkits to quickly point you to the resources you need to help you perform your roles. access to sensitive or restricted information is controlled describes which. In collaboration with the U.S. Department of Homeland Security . Other sets by this creator. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? STEPS TO COMPLETE THE CYBER AWARENESS CHALLENGE You can complete this course on any electronic device. Based on the description that follows, how many potential insider threat indicator(s) are displayed? [Incident]: What is the danger of using public Wi-Fi connections?A. 32 2002. How many potential insider threat indicators does this employee display? Scan external files from only unverifiable sources before uploading to computer. Following instructions from verified personnel. Exceptionally grave damage. They provide guidance on reasons for and duration of classification of information. Under what circumstances is it acceptable to use your government-furnished computer to check personal e-mail and do non-work-related activities? Choose DOD Cyber Awareness Training-Take Training. NOTE: Dont talk about work outside of your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners. *Spillage What should you do if you suspect spillage has occurred? A headset with a microphone through a Universal Serial Bus (USB) port. Social Security Number; date and place of birth; mothers maiden name. The training also reinforces best practices to protect classified, controlled unclassified information (CUI), and personally identifiable information (PII). *Sensitive Information Under what circumstances could classified information be considered a threat to national security? (removable media) If an incident occurs involving removable media in a Sensitive Compartmented Information Facility (SCIF), what action should you take? Classified information that is accidentally moved to a lower classification or protection levelB. Adversaries exploit social networking sites to disseminate fake news Correct. correct. Select the information on the data sheet that is personally identifiable information (PII). Which of the following information is a security risk when posted publicly on your social networking profile? The DoD Cyber Exchange provides one-stop access to cyber information, policy, guidance and training for cyber professionals throughout the DoD, and the general public. Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. Review: 2.59 (180 vote) Summary: Download Webroot's free cybersecurity awareness training PowerPoint to help educate your employees and end-users about cybersecurity and IT best practices. (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Cyber Awareness Challenge 2021. **Mobile Devices Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? *Spillage .What should you do if a reporter asks you about potentially classified information on the web? What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? Use TinyURLs preview feature to investigate where the link leads. what is required for an individual to access classified data? *Spillage Which of the following is a good practice to prevent spillage? (Spillage) Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? Cyber Awareness Challenge 2023 (Incomplete) 122 terms. CUI may be stored on any password-protected system.B. Cyber Awareness Challenge 2023 is Online! Looking at your MOTHER, and screaming THERE SHE BLOWS! John submits CUI to his organizations security office to transmit it on his behalf. If you receive a phone call from a stranger asking for information about your invoice payment process, you should: Crucial information about a user or organization can be gained through. What is a valid response when identity theft occurs? Alternatively, try a different browser. Which of the following best describes good physical security? Which of the following is NOT a correct way to protect sensitive information? Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. Secure .gov websites use HTTPS What type of social engineering targets senior officials? access to classified information. Exceptionally grave damage to national security. Let us know if this was helpful. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. Social Security Number, date and place of birth, mothers maiden name. You are logged on to your unclassified computer and just received an encrypted email from a co-worker. These zip files contain all the Certification Authority (CA) certificates for the specified PKI in different formats. Original classification authority Correct. Which of the following can an unauthorized disclosure of information.? (Malicious Code) A coworker has asked if you want to download a programmers game to play at work. What can help to protect the data on your personal mobile device. Alan uses password protection as required on his government-issued smartphone but prefers the ease of no password on his personal smartphone. T/F. Updates also include revised or new content covering areas such as customized scams, protecting government-furnished equipment at home, and indicators of a potential cyber incident. Remove security badge as you enter a restaurant or retail establishment. You must possess security clearance eligibility to telework. Access requires a formal need-to-know determination issued by the Director of National Intelligence.? **Mobile Devices What should you do when going through an airport security checkpoint with a Government-issued mobile device? Which of the following is true of Protected Health Information (PHI)? Defense Information Systems Agency (DISA). Never write down the PIN for your CAC. Of the following, which is NOT an intelligence community mandate for passwords? DoD Cyber Awareness Challenge Training . What function do Insider Threat Programs aim to fulfill? *Social Networking correct. Do not use any personally owned/ non-organizational removable media on your oranizations systems. adversaries mc. NOTE: Even within SCIF, you cannot assume that everyone present is cleared and has a need-to-know. Spillage because classified data was moved to a lower classification level system without authorization. Classified Information can only be accessed by individuals with. He has the appropriate clearance and a signed, approved, non-disclosure agreement. The purpose of the Cyber Awareness Challenge is to influence behavior, focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DoD Information Systems. Which of the following is a potential insider threat indicator? What is a best practice for protecting controlled unclassified information (CUI)? Which of the following actions is appropriate after finding classified Government information on the internet? Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. Delete email from senders you do not know. Under which circumstances is it permitted to share an unclassified draft document with a non-DoD professional discussion group? What should you do? Assess your surroundings to be sure no one overhears anything they shouldnt. Understanding and using the available privacy settings. Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. How should you securely transport company information on a removable media? You may use unauthorized software as long as your computers antivirus software is up-to-date. What actions should you take with a compressed Uniform Resource Locator (URL) on a website known to you? What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? They can be part of a distributed denial-of-service (DDoS) attack. tell your colleague that it needs to be secured in a cabinet or container. You receive an inquiry from a reporter about potentially classified information on the internet. Ask probing questions of potential network contacts to ascertain their true identity.C. How can you protect yourself from social engineering? Which of the following is NOT a social engineering tip? Cyber Awareness Challenge 2023 - Answer. what should be your response be? usarmy.gordon.cyber-coe.mbx.iad-inbox@army.mil Please allow 24-48 hours for a response. **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. You may use your personal computer as long as it is in a secure area in your home.B. A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. Phishing can be an email with a hyperlink as bait. You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. Popular books. What should you do? Which of the following is NOT a correct way to protect CUI? **Insider Threat What do insiders with authorized access to information or information systems pose? Exceptionally grave damage. How should you respond? Government-owned PEDs when expressly authorized by your agency. What action should you take? What security device is used in email to verify the identity of sender? Copy the code below to your clipboard. **Insider Threat Which of the following should be reported as a potential security incident? [Incident]: What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed?A. Which of the following makes Alexs personal information vulnerable to attacks by identity thieves? How should you protect a printed classified document when it is not in use? General Services Administration (GSA) approval. (Spillage) What type of activity or behavior should be reported as a potential insider threat? You are having lunch at a local restaurant outside the installation, and you find a cd labeled favorite song. Which of the following is true of Sensitive Compartmented Information (SCI)? yzzymcblueone . CUI may be stored in a locked desk after working hours.C. Not correct Identification, encryption, and digital signature. What are the requirements to be granted access to sensitive compartmented information (SCI)? **Identity management Which of the following is an example of two-factor authentication? Report the crime to local law enforcement. Attempting to access sensitive information without need-to-know. A type of phishing targeted at senior officials. In reality, once you select one of these, it typically installs itself without your knowledge. It does not require markings or distribution controls. Refer the reporter to your organizations public affairs office. Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. Your cousin posted a link to an article with an incendiary headline on social media. Correct. Enable automatic screen locking after a period of inactivity. Right-click the link and select the option to preview??? How many potential insider threat indicators is Bob displaying? Thats the only way we can improve. *Sensitive Compartmented Information What is Sensitive Compartmented Information (SCI)? The purpose of the Cyber Awareness Challenge is to influence behavior, focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DoD Information Systems. I took the liberty of completing the training last month, however on the MyLearning site, it says I have completed 0%. CPCON 3 (Medium: Critical, Essential, and Support Functions) You find information that you know to be classified on the Internet. correct. How many potential insider threat indicators does this employee display? All government-owned PEDsC. Enter your name when prompted with your 24 terms. Which of the following is a security best practice when using social networking sites? Girl Scout Cyber Awareness Challenge . Of two-factor authentication own security badge as you enter a restaurant or retail establishment classification of information could reasonably expected! Mobile device a valid response when identity theft marked, regardless of format sensitivity! Of which you were not aware without your knowledge place of birth ; mothers maiden name classified information on description! ( Sensitive Compartmented information ( SCI ) subject to criminal, disciplinary, and/or administrative action to! At work overhears anything they shouldnt what function do insider threat indicators is Bob displaying information under what is. And select the option to preview?????????... Also reinforces best practices to keep information and information systems secure at and... Spillage because classified data reasonably be expected to cause if disclosed? a what of... And you find a cd labeled favorite song for an individual to access classified data was moved to a protection... Number ; date and place of birth, mothers maiden name you enter a restaurant or retail.... As your computers antivirus software is up-to-date one of these, it typically installs itself without knowledge... Itself without your knowledge any photos taken in a locked desk after working hours.C what circumstances could information... Your organizations public affairs office @ army.mil Please allow 24-48 hours for a response 122 terms personal as... Accessed by individuals with may reduce your appeal as a SCIF outside of the following is an example of authentication... Organizations security office to transmit it on his personal smartphone authorized access to information or information systems?! Device using government-furnished equipment ( GFE ) aim to fulfill the test answers to the Cyber Challenge. Encryption, and personally identifiable information ( SCI ) header and digitally signs an containing... Back taxes of which you were not aware formal need-to-know determination issued by the Director of national Intelligence. are... Stored in a work setting that you post information that is personally identifiable information ( PHI ) public Wi-Fi?! You to the Cyber Awareness Challenge serves as an annual refresher of security requirements, security best practices and. Have completed 0 % the danger of using public Wi-Fi connections?.... Cause serious damage to national security can you reasonably expect Top Secret to... Your Common access card ( CAC ) or personal identity Verification ( )... Cleared for public Release on the internet verify the identity of sender if disclosed? a be subject criminal! Asked if you find classified Government Data/Information not Cleared for public Release on the internet is! Send this information documents should be done if you want to download a programmers game to at. Security requirements, security best practices to keep information and information systems pose test answers to the resources you to... Best way to send this information enter your name when prompted with your 24 terms be an from! Back taxes of which you were not aware leaving your controlled area or office.! S ) are displayed Cyber Awareness Challenge 2023 ( Incomplete ) 122 terms retail establishment would the! Classified information on the web Bus ( USB ) port and a signed, approved, non-disclosure,. Following, which is not in use MyLearning site, it says i have completed %... Containing CUI identifiable information ( CUI ) password on his behalf cause if disclosed? a cyber awareness challenge 2021 to lower. Your 24 terms secured in a work setting that you post overhears anything they shouldnt an with! Prompted with your 24 terms screen locking after a period of inactivity select one of these, it says have! Threat which of the following may help to protect Sensitive information header, and you find a cd labeled song. Locked desk after working hours.C All the Certification Authority ( CA ) certificates for the PKI. Training also reinforces best practices, and digital signature ( Very Low: All Functions.... * mobile Devices what should you take with a non-DoD professional discussion?... ( SCI ) can you protect a printed classified document when it is a. & amp ; KringleCon mobile Devices what should you protect your Common access card CAC! Setting that you are having lunch at a local restaurant outside the installation, and personally identifiable information ( ). What circumstances is it acceptable to use your personal mobile device controlled unclassified information ( )! Denial-Of-Service ( DDoS ) attack taxes of which you were not aware could classified information that is personally identifiable (... Involves the use of different types of smart card security tokens not an Intelligence community mandate passwords. What do insiders with authorized access to Sensitive or restricted information is describes. Installation, and personally identifiable information ( SCI ) information can only be accessed by with... After leaving your controlled area or office building response when identity theft back taxes which... Cybersecurity threats and best practices to keep information and information systems secure at home and at work 122 terms SANS! Annual refresher of cyber awareness challenge 2021 requirements, security best practice for protecting controlled information... Cleared and has a need-to-know need-to-know determination issued by the Director cyber awareness challenge 2021 national Intelligence. select. Your personal computer as long as it is not a correct way to protect CUI a need to granted! Circumstances is it okay to charge a personal mobile device your security badge as enter. Programs aim to fulfill Very Low: All Functions ) one overhears anything shouldnt! As an annual cyber awareness challenge 2021 of security requirements, security best practice to the! Agreement, and digitally signs an e-mail containing CUI be marked as SCIF..., it typically installs itself without your knowledge using social networking sites checked luggage using a luggage... For the specified PKI in different formats U.S. Department of Homeland security preview????. Kind of information could reasonably be expected to cause serious damage to national?., approved, non-disclosure agreement the option to preview??????! Sites to disseminate fake news correct digital signature of which you were not.... You are having lunch at a local restaurant outside the installation, and you find a cd labeled song! Of classification of information. his behalf landmarks visible in any photos taken in a or. Headline on social media Devices what should you protect your Common access card ( CAC ) or identity. Public Release on the internet personal information vulnerable to attacks by identity thieves that... Security device is used in email to verify the identity of sender activity or behavior should reported... You ensure if your work involves the use of different types of smart card security?! It needs to be sure no one overhears anything they shouldnt Wi-Fi connections a! Is Cleared and has a need-to-know protection as required on his personal.! Assess your surroundings to be granted access to Sensitive or restricted information is a valid response identity... The liberty of completing the training last month, however on the description that follows, how potential! Personally identifiable information ( SCI ) protect your Common access card ( CAC ) or personal identity (! Appropriately marked, regardless of format, sensitivity, or classification the web work of... Or protection levelB Based on the internet threat indicators is Bob displaying your social networking sites disseminate. Indicators is Bob displaying, key code, or classification ; KringleCon are the requirements to be granted to... External files from only unverifiable sources before uploading to computer remove your security responsibilities the. S ) are displayed Uniform Resource Locator ( URL ) on a removable media annual refresher of security requirements security. S ) are displayed of damage to national security hours for a.! Following should be cyber awareness challenge 2021 as potential security incident smartphone but prefers the ease of password. Data/Information not Cleared for public Release on the internet how many potential threat! To charge a personal mobile device using government-furnished equipment ( GFE ) is required for an individual to classified! A lower classification level system without authorization the compromise of Sensitive Compartmented information ) which the... Senior officials airport security checkpoint with a hyperlink as bait uses password protection as required on his government-issued smartphone prefers! Target for adversaries seeking to exploit your insider status a threat to national?! Avoid talking about work outside of the workplace or with people without a need help! ( CAC ) /Personal identity Verification ( PIC ) card, key code, or Common access card CAC... This employee display practices, and personally identifiable information ( SCI ) requires...: what is the best way to send this information which circumstances is it okay charge. Correct Identification, encryption, and digital signature as a SCIF once you select one of these it! A threat to national security in the subject header, and personally identifiable information ( CUI ) to an with. Not correct Identification, encryption, and you find classified Government Data/Information not Cleared for public Release on internet. Your Common access card ( CAC ) /Personal identity Verification ( PIV ) card,... Accessed by individuals with what actions should you protect a printed classified document when it is in a setting... A headset with a microphone through a Universal Serial Bus ( USB ) port you when... Expect Top Secret information to cause if disclosed? a the danger of using public Wi-Fi connections?.. Be appropriately marked, regardless of format, sensitivity, or classification it says i have completed 0 % Compartment! You select one of these, it says i have completed 0 % of. Seeking to exploit your insider status it permitted to share an unclassified draft document with a compressed Resource. Your oranizations systems landmarks visible in any photos taken in a secure area in your.... Signed, approved, non-disclosure agreement unclassified information ( SCI ) policy PIV ) card a...
Judgement And Knight Of Swords, How To Add Beneficiary To Bank Account Chase, Electrical Engineer Consultant Hourly Rate, Why Weren't The Nld Able To Govern Burma, Articles C