It contains certificates for identification, encryption, and digital signature. What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? After you have returned home following the vacation. NARA has the authority and responsibility to manage the CUI Program across the Federal government. You many only transmit SCI via certified mail. Malicious code can include viruses, worms, and macros. They can be part of a distributed denial-of-service (DDoS) attack. A user writes down details from a report stored on a classified system marked as Secret and uses those details to draft an unclassified briefing on an unclassified system without authorization. What should you do after you have ended a call from a reporter asking you to confirm potentially classified info found on the web? As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. What is the basis for the handling and storage of classified data? Found a mistake? A colleague removes sensitive information without seeking authorization in order to perform authorized telework. Which of the following is NOT a correct way to protect sensitive information? What is the best choice to describe what has occurred? A compromise of Sensitive Compartmented Information (SCI) occurs when a person who does not have the required clearance or access caveats comes into possession of SCI_________.??? Only paper documents that are in open storage need to be marked. Everything you need to know aboutControlled UnclassifiedInformation(CUI). Classification markings and handling caveats. Thiswill enabletimely and consistent informationsharing andincreasetransparency throughout the Federal government and with non-Federal stakeholders. Which of these is true of unclassified data? Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? Which of the following is a best practice for handling cookies? Information improperly moved from a higher protection level to a lower protection level. What action should you take? The proper security clearance and indoctrination into the SCI program. How many potential insiders threat indicators does this employee display? (Malicious Code) Which of the following is NOT a way that malicious code spreads? Rating. Many apps and smart devices collect and share your personal information and contribute to your online identity. *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. What should you do? Search the Registry: Categories, Markings and Controls: Category list CUI markings cyber-awareness. Search by Location. It is created or received by a healthcare provider, health plan, or employer. Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. What would you do if you receive a game application request on your government computer that includes permission to access your friends, profile information, cookies, and sites visited? The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. Which Of The Following Is Not A Correct Way To Protect CUI. **Classified Data Which of the following is a good practice to protect classified information? What is the best response if you find classified government data on the internet? John submits CUI to his organizations security office to transmit it on his behalf. Which of the following is true of Internet of Things (IoT) devices? Store it in a locked desk drawer after working hours. **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? Which of the following is true of Controlled Unclassified information (CUI)? Which of the following practices reduces the chance of becoming a target by adversaries seeking insider information? Correct. Malicious code can do the following except? correct. **Classified Data Which of the following must you do before using and unclassified laptop and peripherals in a collateral environment? It is permissible to release unclassified information to the public prior to being cleared. (Spillage) Which of the following is a good practice to aid in preventing spillage? A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. Adversaries exploit social networking sites to disseminate fake news. (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? Secure .gov websites use HTTPS Asked 8/5/2020 6:29:36 PM. Unauthorized Disclosure of Classified Information and Controlled Unclassified Information . Only paper documents that are in open storage need to be marked. A colleague asks to leave a report containing protected health information (PHI) on his desk overnight so he can continue working on it the next day. Which of the following is a security best practice for protecting Personally Identifiable Information (PII)? What should you do? What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. What is considered a mobile computing device and therefore shouldnt be plugged in to your Government computer? The National Archives and Records Administration (NARA) serves as the Controlled Unclassified Information (CUI) Executive Agent (EA). Classified Information can only be accessed by individuals with. be wary of suspicious e-mails that use your name and/or appear to come from inside your organization. Which of the following represents a good physical security practice? A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. **Insider Threat Which of the following should be reported as a potential security incident? Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? Write your password down on a device that only you access. When teleworking, you should always use authorized and software. *Sensitive Compartmented Information When is it appropriate to have your security badge visible? Figure 1. What is the best course of action? **Social Engineering Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? 1.1.4 Social Networking. Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. What should be your response? Should you always label your removable media? Alexa May, director of accounts, received a bill for $648\$648$648, dated April 666, with sales terms 2/10,1/15,n/302/10, 1/15, n/302/10,1/15,n/30. The age of the driver may top the list of variables. Which of the following is true of Unclassified Information? Correct. **Website Use Which of the following statements is true of cookies? What should you do? Unclassified is a security classification assigned to official information that does not warrant the assignment of Confidential, Secret, or Top Secret markings but which is not publicly-releasable without authorization. How can you protect data on your mobile computing and portable electronic devices (PEDs)? *Social Networking Log in for more information. When your vacation is over, and you have returned home. Which of the following is true of sharing information in a Sensitive Compartmented Information Facility (SCIF)? Which of the following does NOT constitute spillage? Software that installs itself without the users knowledge. What amount is due if Alexa pays on or betwee n April 222222 and May 666? CPCON 2 (High: Critical and Essential Functions) *Insider Threat Which of the following is a reportable insider threat activity? Correct. *Spillage What is a proper response if spillage occurs? Jozeal. A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complain about the credit card bills that his wife runs up. Call your security point of contact immediately. Reviewing and configuring the available security features, including encryption. (Spillage) What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? You are leaving the building where you work. Were mitochondria as abundant in human epithelial cells as in onion epidermal cells (procedure 4.6)? Which of the following definitions is true about disclosure of confidential information? For example, when you buy propane for your barbecue, your tank is placed on a scale while it is filled under high pressure (Figure 7). (Spillage) What should you do if a reporter asks you about potentially classified information on the web? which of the following is true about unclassified data. Correct. Which of the following is NOT true of traveling overseas with a mobile phone? Classified material must be appropriately marked. The Registry is updated as agencies continue to submit governing authorities that authorize the protection and safeguarding of sensitive information. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. No, you should only allow mobile code to run from your organization or your organizations trusted sites. Ask them to verify their name and office number. What should be done to protect against insider threats? In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? **Home Computer Security How can you protect your information when using wireless technology? Which of the following is true of traveling overseas with a mobile phone. Others may be able to view your screen. All data transfers via the internet are not 100% secure and there might be some security vulnerabilities. Try this test to determine if it's considered unclassified, classified or protected, and check out tips on what to do and what not to do when working with sensitive information. Based on the description that follows how many potential insider threat indicators are displayed? What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? An official website of the United States government. If authorized, what can be done on a work computer? What should you do? **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? Linda encrypts all of the sensitive data on her government-issued mobile devices.