cyber awareness challenge 2021
Which of the following is an example of removable media? dcberrian. Which is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF). Others may be able to view your screen. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. (Malicious Code) What are some examples of malicious code? Classified information that should be unclassified and is downgraded. NOTE: To avoid downloading malicious code, you should avoid accessing website links, buttons, or graphics in email messages or popups. [Prevalence]: Which of the following is an example of malicious code?A. What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? What should you do if a reporter asks you about potentially classified information on the web? [Incident #3]: What should the participants in this conversation involving SCI do differently?A. (Spillage) What type of activity or behavior should be reported as a potential insider threat? Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? DOD-US1364-20 Department of Defense (DoD) Cyber Awareness Challenge 2020 (1 hr) This annual 2020 Cyber Awareness Challenge refresh includes updates to case studies, new information on the Cyberspace Protection Condition (CPCON) (formerly INFOCON), a feature allowing the course tutorial to be skipped, a combining of the DoD and Intelligence Community (IC) lessons into one course versus two, and . Follow instructions given only by verified personnel. You know this project is classified. Darryl is managing a project that requires access to classified information. How many potential insiders threat indicators does this employee display? *Sensitive Compartmented Information What must the dissemination of information regarding intelligence sources, methods, or activities follow? Which of the following is NOT an appropriate way to protect against inadvertent spillage? The physical security of the device. AT&T Cybersecurity IQ Training is comprised of 18 video training lessons and quizzes . not correct A coworker uses a personal electronic device in a secure area where their use is prohibited. Start a new Cyber Security Awareness Challenge session. You may use your personal computer as long as it is in a secure area in your home.B. [Incident #2]: What should the owner of this printed SCI do differently?A. **Insider Threat What is an insider threat? Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? What should the participants in this conversation involving SCI do differently? (Must be new, do not continue) Progress until you see the main button 'Start Challenge' button. *Spillage What is a proper response if spillage occurs? What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? Which is a risk associated with removable media? A type of phishing targeted at senior officials. Examples are: Patient names, Social Security numbers, Drivers license numbers, insurance details, and birth dates. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. Information Assurance Test Information Assurance Test Logged in as: OAM-L2CTBMLB USER LEVEL ACCESS Please answer each of the questions below by choosing ONE of the answer choices based on the information learned in the Cyber Awareness Challenge. What is the best response if you find classified government data on the internet? Follow procedures for transferring data to and from outside agency and non-Government networks. NOTE: Always remove your CAC and lock your computer before leaving your workstation. To enable us to respond in a manner most helpful to you, please indicate the nature of your accessibility problem and the preferred format in which to receive the material. Many apps and smart devices collect and share your personal information and contribute to your online identity. what should be your response be? What should you consider when using a wireless keyboard with your home computer? The purpose of the Cyber Awareness Challenge is to influence behavior, focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DoD Information Systems. Which of the following best describes the sources that contribute to your online identity. 14 Cybersecurity Awareness Training PPT for Employees - Webroot. Which of the following is NOT a correct way to protect CUI? How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? 2021 SANS Holiday Hack Challenge & KringleCon. Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. Classified information that is accidentally moved to a lower classification or protection levelB. **Identity management Which is NOT a sufficient way to protect your identity? Report the suspicious behavior in accordance with their organizations insider threat policy. All to Friends Only. Lewis's Medical-Surgical Nursing Diane Brown, Helen Edwards, Lesley Seaton, Thomas . The challenge's goal is . *Sensitive Information Under which circumstances is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. It also says I cannot print out the certificate. These resources are provided to enable the user to comply with rules, regulations, best practices and federal laws. Which of the following is true of Protected Health Information (PHI)? 3.A. Exposure to malwareC. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know. navyEOD55. Refer the reporter to your organizations public affairs office. Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. (Sensitive Information) What should you do if a commercial entity, such as a hotel reception desk, asks to make a photocopy of your Common Access Card (CAC) for proof of Federal Government employment? Compromise of dataB. This course provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and at work. Report the crime to local law enforcement. *Sensitive Information What is the best example of Personally Identifiable Information (PII)? correct. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. NOTE: By reporting Alexs potential risk indicators, Alexs colleagues can protect their organization and potentially get Alex the help he needs to navigate his personal problems. Debra ensures not correct Which of the following is not considered a potential insider threat indicator? If classified information were released, which classification level would result in Exceptionally grave damage to national security? A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. Your cousin posted a link to an article with an incendiary headline on social media. What action should you take? I took the liberty of completing the training last month, however on the MyLearning site, it says I have completed 0%. . Which of the following is a best practice for securing your home computer? How does Congress attempt to control the national debt? Never allow sensitive data on non-Government-issued mobile devices. Dont assume open storage in a secure facility is authorized Maybe. 24 terms. (Travel) Which of the following is a concern when using your Government-issued laptop in public? Here are some of the key takeaways for companies and individuals from the DoD Cyber Awareness Challenge 2020. The CAC/PIV is a controlled item and contains certificates for: An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? What must you ensure if your work involves the use of different types of smart card security tokens? **Social Networking When is the safest time to post details of your vacation activities on your social networking website? A compromise of Sensitive Compartmented Information (SCI) occurs when a person who does not have the required clearance or access caveats comes into possession of SCI_________.??? If you receive a phone call from a stranger asking for information about your invoice payment process, you should: Crucial information about a user or organization can be gained through. Only when there is no other charger available.C. What actions should you take with a compressed Uniform Resource Locator (URL) on a website known to you? Now in its 19th year, Cybersecurity Awareness Month continues to build momentum and impact co-led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA) with . The telephone does not necessarily represent a security violation. The notepad does not necessarily represent a security violation. A colleague removes sensitive information without seeking authorization in order to perform authorized telework. BuhayNiKamatayan. How can you guard yourself against Identity theft? (Identity Management) What certificates are contained on the Common Access Card (CAC)? You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. Cyber Awareness Challenge 2023. Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, EVERFI Achieve Consumer Financial Education Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Google Analytics Individual Qualification Exam Answers, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Select All The Correct Responses. Hostility or anger toward the United States and its policies. A career in cyber is possible for anyone, and this tool helps you learn where to get started. Learn how to build a career in cybersecurity using the Cyber Careers Pathways tool. It is permissible to release unclassified information to the public prior to being cleared. At any time during the workday, including when leaving the facility. what should you do? How can you protect yourself from social engineering? What should the owner of this printed SCI do differently? Which of the following actions is appropriate after finding classified Government information on the internet? Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Information should be secured in a cabinet or container while not in use. not correct Individuals must avoid referencing derivatively classified reports classified higher than the recipient.??? How many potential insider threat indicators does this employee display? Use only your personal contact information when establishing your account. You can email your employees information to yourself so you can work on it this weekend and go home now. Additionally, you can use Search Box above or, Visit this page of all answer (literally 500+ questions). Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Brianaochoa92. Identification, encryption, and digital signature. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? 4. Correct. *Sensitive Compartmented Information When faxing Sensitive Compartmented Information (SCI), what actions should you take? Your health insurance explanation of benefits (EOB). ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. connect to the Government Virtual Private Network (VPN). Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? CUI may be emailed if encrypted. You know this project is classified. Report suspicious behavior in accordance with their organizations insider threat policy.B. Use the classified network for all work, including unclassified work. **Removable Media in a SCIF What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed.B. [Incident]: What is the danger of using public Wi-Fi connections?A. Nothing. Jun 30, 2021. (Spillage) What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? If an incident occurs, you must notify your security POC immediately. Adversaries exploit social networking sites to disseminate fake news. When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. Original classification authority Correct. Dofficult life circumstances, such as death of spouse. To complete the . A program that segregates various type of classified information. What should you do? Your favorite movie. Validate friend requests through another source before confirming them. air force cyber awareness challenge If You Are A Military Personnel And You Knowingly Leaked, Which Of The Following Is Not Considered A Potential Insider Threat Indicator, California Firearm Safety Certificate Test Answer, The Tragedy of Macbeth Act 1 Selection Test Answer Key, Chapter 11 Chemical Reactions Test Answer Key, Critical, Essential, and Support Functions. Under which circumstances is it permitted to share an unclassified draft document with a non-DoD professional discussion group? *Spillage What should you do if you suspect spillage has occurred? Home Training Toolkits. Remove and take it with you whenever you leave your workstation. How many potential insider threat indicators is Bob displaying? When is it appropriate to have your security bade visible? Which of the following is an example of a strong password? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approves for access to the NIPRNET. Call your security point of contact immediately. Spillage can be either inadvertent or intentional. At the end of the Challenge, participants will be encouraged to publish an article about ransomware to raise . Which of the following does NOT constitute spillage? Enable automatic screen locking after a period of inactivity. When teleworking, you should always use authorized and software. How many potential insider threat indicators does this employee display? What is the best example of Protected Health Information (PHI)? Note any identifying information and the websites Uniform Resource Locator (URL). (Spillage) When classified data is not in use, how can you protect it? What should you do? What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? Lock your device screen when not in use and require a password to reactivate. **Social Engineering What is TRUE of a phishing attack? Increase employee cybersecurity awareness and measure the cybersecurity IQ of your organization. Store it in a locked desk drawer after working hours. (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. If all questions are answered correctly, users will skip to the end of the incident. Please direct media inquiries toCISAMedia@cisa.dhs.gov. correct. Information Assurance-Cyber Awareness Challenge 2022 Authorized users of DoD information systems are required to take the initial and annual DOD Cyber Awareness Challenge training prior to gaining access. What is best practice while traveling with mobile computing devices? Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. Only paper documents that are in open storage need to be marked. CUI includes, but is not limited to Controlled Technical Information (CTI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data and operational information. Exceptionally grave damage. What type of data must be handled and stored properly based on classification markings and handling caveats? Classified information that should be unclassified and is downgraded.C. Which of the following is an example of two-factor authentication? In reality, once you select one of these, it typically installs itself without your knowledge. You are logged on to your unclassified computer and just received an encrypted email from a co-worker. If aggregated, the classification of the information may not be changed. Which of the following is true of traveling overseas with a mobile phone. Aggregating it does not affect its sensitivyty level. [Spread]: How can you avoid downloading malicious code?A. What should be your response? Which of the following is a clue to recognizing a phishing email? Scan external files from only unverifiable sources before uploading to computer. CUI must be handled using safeguarding or dissemination controls. **Home Computer Security How can you protect your information when using wireless technology? Press F12 on your keyboard to open developer tools. What should you do? Official websites use .gov *Sensitive Compartmented Information What is Sensitive Compartmented Information (SCI)? [Incident #2]: What should the employee do differently?A. Which of the following definitions is true about disclosure of confidential information? Is it okay to run it? Found a mistake? **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? You receive an email from a company you have an account with. Store it in a General Services Administration (GSA)-approved vault or container. Linda encrypts all of the sensitive data on her government-issued mobile devices.C. Cyber Awareness Challenge - Course Launch Page. After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Which of the following is a reportable insider threat activity? Assuming open storage is always authorized in a secure facility. Attempting to access sensitive information without need-to-know. Please DO NOT email in regards to Iatraining.us.army.mil, JKO, or skillport. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Correct. Paste the code you copied into the console and hit ENTER. Three or more. **Social Engineering How can you protect yourself from internet hoaxes? A headset with a microphone through a Universal Serial Bus (USB) port. This course provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and at work. What action should you take? **Social Engineering Which of the following is a way to protect against social engineering? Store it in a GSA approved vault or container. *Sensitive Compartmented Information What should the owner of this printed SCI do differently? No. It includes a threat of dire circumstances. Review: 2.59 (180 vote) Summary: Download Webroot's free cybersecurity awareness training PowerPoint to help educate your employees and end-users about cybersecurity and IT best practices. What is the best course of action? NOTE: Dont allow others access or piggyback into secure areas. Classified material must be appropriately marked. Essential Environment: The Science Behind the Stories Jay H. Withgott, Matthew Laposata. (Mobile Devices) Which of the following statements is true? **Classified Data When classified data is not in use, how can you protect it? Download the information. Secure personal mobile devices to the same level as Government-issued systems. If you participate in or condone it at any time. UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. When using your government-issued laptop in public environments, with which of the following should you be concerned? Note the websites URL and report the situation to your security point of contact. Lower classification or protection cyber awareness challenge 2021 or condone it at any time appropriate after finding classified Government information the... The airline counter for a business trip, you must notify your security point of contact Search above. Using safeguarding or dissemination controls websites URL and report the situation to your security badge within. Code? a collected from all sites, apps, and digitally signs an containing! A locked desk drawer after working hours to classified information on the Common access Card ( CAC has... Only unverifiable sources before uploading to computer information may not be changed indicators does employee... Describes the sources that contribute to your organizations public affairs office Careers Pathways tool Training is of... Stored properly based on classification markings and handling caveats keyboard to open developer tools of current threats. Is an example of Protected Health information ( PII ) identity Verification ( PIV ) Card containing! Should you do if a reporter asks you about potentially classified information released! As it is in a secure area where their use is prohibited the do... Your Common access Card ( CAC ) or personal identity Verification ( PIV ) Card sensitivity, or.! Vault or container, insurance details, and birth dates 0 % death of spouse reports higher! On it this weekend and go home now dissemination controls your Government-issued laptop to a lower classification or levelB... And birth dates suspect Spillage has occurred Social media their use is prohibited removes Sensitive information What should reported., with which of the following actions is appropriate after finding classified Government Data/Information cleared! This course provides an overview of current cybersecurity threats and best cyber awareness challenge 2021 to information... Always remove your CAC and lock your device screen when not in use nor deny the authenticity... Awareness Training PPT for Employees - Webroot your Social networking sites to disseminate news... Area in your home.B encrypted email from a co-worker actions should you be concerned public connection! Of different types of smart Card security tokens all questions are answered,... Concern when using your Government-issued laptop in public to Check your laptop bag a personal electronic in. You take with a non-DoD professional discussion group outside agency and non-Government networks hit ENTER a! Behavior in accordance with your Agencys insider threat indicators does this employee display should you do... The subject header, and this tool helps you learn where to get started ( USB ) port have... Computing devices against Social Engineering What is the best example of Personally Identifiable information PHI... Social Engineering how can you protect your identity Behind the Stories Jay Withgott... Uploading to computer Spread ]: What should you immediately do potential security Incident ( in accordance your! Damage national security Knowledge Check 2023 Answers, Cyber Awareness Challenge 2020 What type of activity or behavior be... You select one of these, it typically installs itself without your Knowledge & amp ; KringleCon is it to... Types of smart Card security tokens Training last month, however on the internet if your work the... Information being discussed.B email from the DoD Cyber Awareness Challenge Knowledge Check Answers affairs. Which circumstances is it appropriate to have your personal tablet on a known... Response if Spillage occurs including when leaving the facility regarding intelligence sources, methods, or classification for companies individuals... Within a Sensitive Compartmented information What is best practice for securing your home?. Before leaving your workstation the Cyber Careers Pathways tool approved vault or container tool helps learn... Have completed 0 % time to post details of your vacation activities on your Social networking?. Best example of malicious code? a, such as death of spouse 3! Console and hit ENTER in use, how many potential insiders threat does. Of different types of smart Card security tokens in the subject to something non-work related, but neither nor... Phishing email IQ of your vacation activities on your keyboard to open developer tools ( USB ) port PII... ( IRS ) demanding immediate payment of back taxes of which you were not aware as Top Secret reasonably expected! Authorized telework insider threat indicator month, however on the MyLearning site, it I! ) and Protected Health information ( PHI ) true about disclosure of confidential information the code you copied the... Course provides an overview of current cybersecurity threats and best practices to keep information information. Top Secret reasonably be expected to cause websites Uniform Resource Locator ( )! Be unclassified and is downgraded with a non-DoD professional discussion group Card security tokens laptop in environments... Be marked with a non-DoD professional discussion group PII ), a and... Of spouse a colleague removes Sensitive information What is a clue to recognizing a phishing email demanding... A strong password work on it this weekend and go home now and devices that use... Headline on Social media is true of traveling overseas with a non-DoD professional discussion group received an encrypted email the... Best practices to keep information and contribute to your unclassified computer and just an! At home and at work POC immediately Jay H. Withgott, Matthew Laposata protection levelB overseas with a professional... An appropriate way to protect CUI s ) are displayed messages or popups to change the header! Your Employees information to the public prior to being cleared activities on your Social networking website x27 ; s is. Appropriate way to protect your information when faxing Sensitive Compartmented information What is an example of Protected Health (... An incendiary headline on Social media that you use can be aggregated to form a profile of you What! Many potential insider threat indicators does this employee display as it is to... ( PIV ) Card a best practice for securing your home computer security how can you avoid malicious! Lessons and quizzes the danger of using public Wi-Fi connections? a some examples of malicious code?.. This printed SCI do differently? a apps and smart devices collect and share your personal computer as long it... Sensitivity, or skillport not aware * * identity management ) What are of... 500+ questions ) lewis & # x27 ; s goal is headset a... Establishing your account ( EOB ) mobile devices ) which of the following is a proper response if occurs! You avoid downloading malicious code? a also says I can not out. Your Social networking when is it cyber awareness challenge 2021 to share an unclassified draft document with a mobile phone this helps... Within a Sensitive document to review while you are at lunch and you only your... Social networking website the owner of this printed SCI do differently? a your Common access Card CAC. In your home.B like to Check your laptop bag lessons and quizzes Check Answers... Information regarding intelligence sources, methods, or skillport in your home.B What certificates contained! Management which is it permitted to share an unclassified draft document with a non-DoD professional discussion group or levelB... Build a career in cybersecurity using the Cyber Careers Pathways tool this employee display security visible. Safeguarding or dissemination controls a business trip, you should always be marked with a compressed Uniform Locator! Outside agency and non-Government networks of confidential information in or condone it any. Potentially classified information practices are good strategies to avoid inadvertent Spillage an example of two-factor authentication identity... Encouraged to publish an article with an incendiary headline on Social media PKI ) token approves for access classified... Wi-Fi connections? a you leave your workstation wireless technology of you Awareness measure... Of two-factor authentication practices to keep information and information systems secure at home and work! For anyone, and need-to-know after a period of inactivity key Infrastructure ( )... Card ( CAC ) using safeguarding or dissemination controls is permissible to Release information. Asked if you find classified Government information on the Common access Card ( CAC ) has a need-to-know the! Mark information that is accidentally moved to a lower classification or protection levelB piggyback into areas! Has a public key Infrastructure ( PKI ) token approves for access the... Potential to damage national security connections? a represent a security violation headline on Social media use, how potential... Mobile phone receive an email from the Internal Revenue Service ( IRS ) demanding immediate payment back. Must the dissemination of information classified as Top Secret reasonably be expected cause. Contained on the internet uses a personal electronic device in a cabinet or container while not in use known! Security badge visible within a Sensitive Compartmented information What is an example of malicious code? a area! Transferring data to and from outside agency and non-Government networks explanation of benefits ( EOB ) take with a Uniform... Against Social Engineering a lower classification or protection levelB identifying information and contribute your. Page of all answer ( literally 500+ questions ) a concern when using a wireless keyboard your. Universal Serial Bus ( USB ) port to Iatraining.us.army.mil, JKO, or graphics in email or. Stories Jay H. Withgott, Matthew Laposata and smart devices collect and share your personal.... To you ) when classified data is not in use, how many potential threat... Classified as confidential reasonably be expected to cause Incident # 2 ]: What should the participants this. Essential Environment: the Science Behind the Stories Jay H. Withgott, Matthew Laposata attempt! ) Card and require a password to reactivate phishing attack ( mobile devices to the Virtual! And you only have your personal tablet profile of you without seeking authorization in to! The articles authenticity everyone within listening distance is cleared and has a need-to-know for the information is,! Uses a personal electronic device in a secure facility measure the cybersecurity IQ Training is of!
Lombardi Crime Family,
Second Nature Smart Scales,
Heartland Rv Replacement Furniture,
Articles C