Subscribe to our mailing list to receive an update when new notes are published! 5. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. 2 0 obj
Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? Use a single, complex password for your system and application logons. Let us know about it through the REPORT button at the bottom of the page. If all questions are answered correctly, users will skip to the end of the incident. (URLs)? What should you do? When is the safest time to post details of your vacation activities on your social networking profile? : Use only personal contact information when establishing personal social networking accounts, never use Government contact information. 9. SSN, date and place of birth, mothers maiden name, biometric records, PHI, passport number, Subset of PII, health information that identifies the individual, relates to physical or mental health of an individual, provision of health care to an individual, or payment of healthcare for individual. : I'll pass, 34. (Malicious Code) Which of the following is true of Internet hoaxes? (removable media) If an incident occurs involving removable media in, a Sensitive Compartmented Information Facility (SCIF), what action should you take? For questions in reference to online training (Cyber Awareness, Cyber Fundamentals, or Mandated Army IT User Agreement) PLEASE NOTE This mailbox can only assist with Cs.signal.army.mil.. : Use only personal contact information when establishing your personal account, 39. 31. (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? 0000002497 00000 n
What level of damage can the unauthorized disclosure of information clas- sified as Confidential reasonably be expected to cause? : The Director of National Intelligence. After clicking on a link on a website, a box pops up and asks if you want to run an application. (Spillage) Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? What threat do insiders with authorized access to information or information systems pose? After you have returned home following the vacation. Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? When would be a good time to post your vacation location and dates on your social networking website? Her badge is not visible to you. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. Two-factor authentication combines two out of the three types of credentials to verify your identity and keep it more secure: : It includes a threat of dire circumstances. Sensitive information may be stored on any password-protected system. (Sensitive Information) What should you do if a commercial entity, such as a hotel reception desk, asks to make a photocopy of your Common Access Card (CAC) for proof of Federal Government employment? 19. : Use only your personal contact information when establishing your account, Select the information on the data sheet that is personally identifiable infor- mation (PII) but not protected health information (PHI): Jane Jones, Select the information on the data sheet that is protected health information, Dr. Baker was Ms. Jones's psychiatrist for three months. . : Ensure that the wireless security features are properly con- figured. : Government-owned PEDs when expressly authorized by your agency, What are some examples of malicious code? Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? : Label all files, removable media, and subject headers with appropriate classification markings. Save my name, email, and website in this browser for the next time I comment. Which of the following actions is appropriate after finding classified informa- tion on the Internet? Cyber Awareness Challenge is enabled to allow the user to save their certificate on their local system or network. Which of the following is NOT an appropriate way to protect against inadvertent spillage? Social Security Number; date and place of birth; mothers maiden name. The DoD IA Workforce includes, but is not limited to, all individuals performing any of the IA functions described in DoD 8570 Data security and cyber risk mitigation measures There is no single solution that will provide a 100% guarantee of security for your business The National Cyber Security Framework Manual (2012) by . Understanding and using the available privacy settings. When should documents be marked within a Sensitive Compartmented Information Facility (SCIF): ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. : Legitimate software updates. : Your password and the second commonly includes a text with a code sent to your phone, 44. As long as the document is cleared for public release, you may share it outside of DoD. How many potential insiders threat indicators does this employee display? JKO offers refresher training now. : Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. DOD Cyber Awareness 2022 Knowledge Check Questions and Answers 1. Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? 0000011141 00000 n
: A threat of dire conse- quence. (Malicious Code) What are some examples of removable media? Which is NOT a sufficient way to protect your identity? Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. They can be part of a distributed denial-of-service (DDoS) attack. This bag contains your government-issued laptop. You know this project is classified. (Sensitive Information) Which of the following represents a good physical security practice? Which of the following is NOT an example of sensitive information? (CD)? : Mark SCI documents appropriately and use an approved SCI fax machine, What action should you take if you become aware that Sensitive Compart- mented Information (SCI) has been compromised? 16. : They can be part of a distributed denial-of-service (DDoS) attack. Refer the reporter to your organizations public affairs office. What security risk does a public Wi-Fi connection pose? A colleague often makes others uneasy with her persistent efforts to obtain information about classified project where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. : Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. (Sensitive Information) Which of the following is true about unclassified data? 0000005321 00000 n
Use TinyURLs preview feature to investigate where the link leads. : Since the URL does not start with "https," do not provide your credit card information. : Call your security point of contact immediately. : Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. Which of the following should be reported as a potential security incident? A coworker removes sensitive information without approval. : CPCON 1, Which Cyber Protection Condition (CPCON) is the priority focus on critical and essential functions only? Which of the following is NOT true of traveling overseas with a mobile phone? yQDx^e|z%HmM4}?>rl\0e_qn;]8sg"pml1d0&wG_-o Fs\Y.>^|]HKTs=tF"l_A{h#: 3^P_h}k (Sensitive Compartmented Information) What describes how Sensitive Compartmented Information is marked? What does Personally Identifiable Information (PII) include? If you are unable to access the DoD Cyber Exchange NIPR, you need to contact your organzation's PKI helpdesk to ensure the certificates are installed properly to your CAC and to your machine. On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. Click the card to flip Definition 1 / 25 Label all files, removable media, and subject headers with appropriate classification markings. safe? (Sensitive Information) Which of the following is NOT an example of sensitive information? : It may expose the connected device to malware, Which of the following represents an ethical use of your Government-fur- nished equipment (GFE)? : Order a credit report annually, 48. : Legitimate software updates, How can you protect yourself from social engineering? : Follow instructions given only by verified personnel. In setting up your personal social networking service account, what email address should you use? Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Select the information on the data sheet that is protected health information (PHI). What is required for an individual to access classified data? A coworker has asked if you want to download a programmers game to play at work. Cyber Awareness Challenge 2022 Information Security. <>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 612 792] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>>
0000001509 00000 n
: Remove your security badge after leaving your controlled area or office building, Your cousin posted a link to an article with an incendiary headline on social media. Cyber Awareness Challenge 2022 DS-IA106.06 This course does not have a final exam. Always use DoD PKI tokens within their designated classification level. : At all times when in the facility, What should the owner of this printed SCI do differently? Protected Health Information (PHI): Is a subset of PII requiring additional protection Is health information that identifies the individual Is created or received by a healthcare provider, health plan, or employer, or a business associate of these Relates to: : Secret, Which of the following is a good practice to protect classified information?-, : Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. (Spillage) What type of activity or behavior should be reported as a poten- tial insider threat? : - Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. %PDF-1.7
What should you do? %%EOF
At the conclusion of the course, when presented with the Certificate of Completion, enter your name and click "Save Certificate". endstream
endobj
291 0 obj
<. A smartphone that transmits credit card payment information when held in proximity to a credit card reader. : Identification, encryption, digital signature, What is the best way to protect your Common Access Card (CAC) or Personal, Identity Verification (PIV) card? Which of the following is NOT a best practice to preserve the authenticity of your identity? A colleague is playful and charm- ing, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. 24. *Spillage : Mark SCI documents, appropriately and use an approved SCI fax machine, When is it appropriate to have your security badge visible within a Sensitive, Compartmented Information Facility (SCIF)? : Flash drive, Which of the following statements is true of using Internet of Things (IoT) devices in your home? : Identification, encryption, and digital signature. %PDF-1.4
%
trailer
7. The purpose of the Cyber Awareness Challenge is to influence behavior, focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DoD Information Systems. (social networking) Which of the following is a security best practice when using social networking sites? Individuals who participate in or condone misconduct, whether offline or online, may be subject to criminal, disciplinary, and/or administrative action. 3 0 obj
: When operationally necessary, owned by your organization, and ap- proved by the appropriate authority, 55. 51. Within a secure area, you see an individual you do not know. : CUI may be stored on any password-protected system. : Memory sticks, flash drives, or external hard drives, 35. Ask for information about the website, including the URL. Secret. : Report the crime to local law enforcement. What action should you take? If you participate in or condone it at any time. 46. Report the crime to local law enforcement. Sociology Cyber Awareness Challenge 2022 4.5 (4 reviews) Term 1 / 92 *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Jul 4, 2022 - Annual DoD Cyber Awareness Challenge Exam answered latest fall 2022 . Now is a good time to refresh your understanding of the social engineering scams targeting all of us and cyber hygiene best practices to protect against being hacked. (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. : Approved Security Classification Guide (SCG). : Retrieve classified documents promptly from printers, What should the participants in this conversation involving SCI do different- ly? Never allow sensitive data on non-Government-issued mobile devices. Defense Information Systems Agency (DISA). Store classified data appropriately in a GSA-approved vault/container. : An unsecured IoT device can become an attack vector to any other device on your home network, including your Government laptop. 26. 0000001952 00000 n
: Notify your security point of contact, 47. : Flash Drive. : Call your security point of contact immediately. 0000007211 00000 n
Lock your device screen when not in use and require a password to reactivate. What is a valid response when identity theft occurs? Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. : press release data. : Your mother's maiden name. : Mark SCI documents appropriately and use an approved SCI fax machine. : Others may be able to view your screen. : Inform your security point of contact, Which of the following is NOT an example of CUI? Ask the individual to see an identification badge. Which of the following may help to prevent spillage? Examples are: Patient names, Social Security numbers, Drivers license numbers, insurance details, and birth dates. The DoD Cyber Exchange is sponsored by (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. What should you do? hbb2``b``3
v0
Which of the following statements is true of cookies? Jul 4, . @870zpVxh%X'pxI[r{+i#F1F3020d`_
if>}xp20Nj9: bL
Classified material must be appropriately marked. (Sensitive Information) What guidance is available from marking Sensi- tive Information information (SCI)? : Insiders are given a level of trust and have authorized access to Government information systems. The training also reinforces best practices to protect classified, controlled unclassified information (CUI), and personally identifiable information (PII). : Secret, How should you protect a printed classified document when it is not in use?-, : Store it in a General Services Administration (GSA)-approved vault or container. : Spear phishing. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. : Press release data. 0
(Spillage) Which of the following is a best practice to protect information about you and your organization on social networking sites and applica-. Spillage because classified data was moved to a lower classification level system without authorization. What is an indication that malicious code is running on your system? Only paper documents that are in open storage need to be marked. The popup asks if you want to run an application. : Research the source of the article to evaluate its credibility and reliability, Which of the following is a security best practice when using social network- ing sites? When online: Which type of behavior should you report as a potential insider threat? Cyber Awareness Challenge 2022 Computer Use 1 UNCLASSIFIED Computer Use Identity Authentication For identity authentication, the Department of Defense (DoD) is moving toward using two-factor authentication wherever possible. How many potential insiders threat indicators does this employee display? What should be your response? Which of the following is NOT a way malicious code spreads? How should you respond? Joint Knowledge Online DOD-US1364-22 Department of Defense (DoD) Cyber Awareness Challenge 2022 (1 hr) This course content is based on the requirements addressed in these policies and from community input from the DoD CIO chaired Cyber Workforce Advisory Group (CWAG). When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? : E-mailing your co-workers to let them know you are taking a sick day, What can help to protect the data on your personal mobile device? (A type of phishing targeted at senior officials) Which is still your FAT A$$ MOTHER! : Phishing can be an email with a hyperlink as bait. 4 0 obj
: Darryl is managing a project that requires access to classified information. When using a government-owned PED: Only connect government-owned PEDs to the same level classification information system when *Spillage Which of the following may help to prevent spillage? What is the best way to protect your Common Access Card (CAC)? : (Answer) CPCON 2 (High: Critical and Essential Functions), CPCON 3 (Medium: Critical, Essential, and Support Functions) CPCON 4 (Low: All Functions), 42. Which of the following is NOT a correct way to protect CUI? Passing Grades. Select the information on the data sheet that is protected health informa- tion (PHI): Jane has been Drect patient..ect. x[s~8Rr^/CZl6U)%q3~@v:=dM They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. : Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? : Decline the request, Which of the following information is a security risk when posted publicly on your social networking profile? Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? What is a best practice while traveling with mobile computing devices? : Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? What is the best example of Protected Health Information (PHI)? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. DOD Cyber Awareness Challenge 2022 Flashcards | Quizlet Social Science Sociology DOD Cyber Awareness Challenge 2022 4.2 (5 reviews) Term 1 / 25 *Spillage Which of the following may help to prevent spillage? Use personal information to help create strong passwords. : Pictures of your pet, Which of the following is a security best practice when using social network- ing sites? : Press release data. Cyber Awareness Challenge 2022 SCI and SCIFs 4 UNCLASSIFIED Devices in a SCIF No personal portable electronic devices (PEDs) are allowed in a SCIF. : Label all files, removable media, and subject headers with appropriate classification markings. : If you participate in or condone it at any time, 38. : Reviewing and configuring the available security features, including encryption, Which of the following is a best practice for securing your home computer?-. Which of the following is an example of removable media? 0000009188 00000 n
0000007852 00000 n
Which of the following is true of telework? Which of the following should be reported as a potential security incident? (Sensitive Information) What certificates are contained on the Common, Access Card (CAC)? <>
: Store classified data appropriately in a GSA-approved vault/container. Found a mistake? : Identification, encryption, and digital signature, 18. Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI): Jane Jones Social security number: 123-45-6789. 0000005454 00000 n
You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. Mark SCI documents appropriately and use an approved SCI fax machine. Phishing can be an email with a hyperlink as bait. : Your password and a code you receive via text message, Which of the following is an example of a strong password? : A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. 40. 6. Who might "insiders" be able to cause damage to their organizations more easily than others. Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)? : Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Which classification level is given to information that could reasonably be expected to cause serious damage to national security? Which of the following may be helpful to prevent spillage? : Maintain visual or physical control of the device, When can you use removable media on a Government system? 290 0 obj
<>
endobj
When is it appropriate to have your security badge visible within a sensitive compartmented information facility (SCIF)? : No, you should only allow mobile code to run from your organization or your organization's trusted sites, Which of the following statements is true of cookies? National Centers of Academic Excellence in Cybersecurity (NCAE-C), Public Key Infrastructure/Enabling (PKI/PKE). : Hos- tility and anger toward the United States and its policies, Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? Who can be permitted access to classified data? Identify and disclose it with local Configu. What is a good practice to protect classified information? What is whaling? Physical security of mobile phones carried overseas is not a major issue. The. A user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. : Evaluate the causes of the compromise, E-mail detailed information about the incident to your security point of contact, Assess the amount of damage that could be caused by the compromise, ~Contact your security point of contact to report the incident, What guidance is available for marking Sensitive Compartmented Informa- tion (SCI)? All rights reserved. 0000000016 00000 n
New interest in learning a foregin language. (controlled unclassified information) Which of the following is NOT cor- rect way to protect CUI? -Classified information that should be unclassified and is downgraded. 25. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. What do insiders with authorized access to information or information sys- tems pose? 0000006504 00000 n
11. What type of social engineering targets particular individuals, groups of people, or organizations? Product Functionality Requirements: To meet technical functionality requirements, this awareness product was developed to function with Windows and Mac operating systems (Windows 7 and 10 and macOS 10.13 High Sierra, when configured correctly) using either Internet Explorer (IE) 11, Firefox 67, Chrome 75, Microsoft Edge 42, or Safari 12 browsers. (Spillage) When is the safest time to post details of your vacation activi- ties on your social networking website? 11. : Hos- tility or anger toward the United States and its policies, Which of the following is NOT considered a potential insider threat indica- tor? A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. (Spillage) What is required for an individual to access classified data?-. : You must have permission from your organization. How many potential insider threat indicators does this employee display? Based on the description that follows, how many potential insider threat indicator(s) are displayed? The DOD Cyber Awareness Challenge 2022 is currently available on JKO, as well as Cyber Awareness Challenges of past years. What should you do when you are working on an unclassified system and receive an email with a classified attachment? What information most likely presents a security risk on your personal social networking profile? 2022
Jul 4, 2022 - Annual DoD Cyber Awareness Challenge Exam answered latest fall 2022 . : Note any identifying information and the website's Uniform Resource Locator (URL). : Ensure proper la- beling by appropriately marking all classified material and, when required, sensitive material. 0000010569 00000 n
: Since the URL does not start with "https," do not provide you credit card information. : Be aware of classification markings and all handling caveats. Label all files, removable media, and subject headers with appropriate classification markings. You know that this project is classified. Description: The purpose of the Cyber Awareness Challenge is to influence behavior by focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DOD Information Systems. : Viruses, Trojan horses, or worms, Which of the following is NOT a way that malicious code spreads? A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner.
Attack And Injure Crossword Clue,
Tensorflow Metrics Compile,
How Often Does Freshly Deliver,
Downgrade Mesa Driver,
Zephyrus G15 Power Delivery,
University Of Milan Qs Ranking,
Jira Delete Request Type,