*Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? Which is NOT a way to protect removable media? Correct. Everything's an Argument with 2016 MLA Update University Andrea A Lunsford, University John J Ruszkiewicz. Original classification authority Correct. Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? Call your security point of contact immediately. You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. What is a possible indication of a malicious code attack in progress? Be aware of classified markings and all handling caveats. Note:CISA is committed to providing access to our web pages and documents for individuals with disabilities, both members of the public and federal employees. Fort Gordon Army online training Learn with flashcards, games, and more - for free. Top Secret information could be expected to cause exceptionally grave damage to national security of disclosed. Transmit classified information via fax machine only Not correct We are developing toolkits to quickly point you to the resources you need to help you perform your roles. Do not access website links in e-mail messages. Since 2004, thePresident of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. correct. You receive an inquiry from a reporter about potentially classified information on the internet. (Spillage) Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? Which of the following is an example of removable media? Cyber Awareness Challenge 2023 - Answer. NOTE: Top Secret information could be expected to cause exceptionally grave damage to national security if disclosed. The Cyber Awareness Challenge is the DoD baseline standard for end user awareness training by providing awareness content that addresses evolving requirements issued by Congress, the Office of Management and Budget (OMB), the Office of the Secretary of Defense, and Component input from the DoD CIO chaired Cyber Workforce Advisory Group (CWAG). **Social Engineering Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? (Travel) Which of the following is a concern when using your Government-issued laptop in public? These resources are provided to enable the user to comply with rules, regulations, best practices and federal laws. Only documents that are classified Secret, Top Secret, or SCI require marking. Which of the following is a potential insider threat indicator? Which of the following is NOT considered sensitive information? It provides Department of Defense Information Network (DODIN) services to DOD installations and deployed forces. How should you protect a printed classified document when it is not in use? What function do Insider Threat Programs aim to fulfill? Secure .gov websites use HTTPS METC Physics 101-2. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Which of the following should be done to keep your home computer secure? Press F12 on your keyboard to open developer tools. The Cyber Awareness Challenge, which is also known as the Army Cyber Awareness Training, the cyber awareness challenge or the DOD cyber challenge, is an annual computer security training that was created to increase cyber awareness among Department of Defense (DoD) employees. **Insider Threat How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? what should be your response be? Who is responsible for information/data security? Use the appropriate token for each system. (CISA), and CYBER.ORG this summer for the Cyber Awareness Challenge! Is this safe? What is Sensitive Compartment Information (SCI) program? Other - Dod cyber awareness test 2021/2022; answered 100% 4. Based on the description that follows, how many potential insider threat indicator(s) are displayed? What should you do? How do you respond? [Incident]: What should Sara do when using publicly available Internet, such as hotel Wi-Fi?A. Assuming open storage is always authorized in a secure facility. Which is NOT a wireless security practice? Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approves for access to the NIPRNET. Please direct media inquiries toCISAMedia@cisa.dhs.gov. Malicious code can do the following except? Which of the following is true of Sensitive Compartmented Information (SCI)? Alternatively, try a different browser. **Social Networking When is the safest time to post details of your vacation activities on your social networking profile? Is it okay to run it? difficult life circumstances such as substance abuse, divided loyalty or allegiance to the U.S., and extreme, persistent interpersonal difficulties. What should you do? Confirm the individuals need-to-know and access. Your comments are due on Monday. Information should be secured in a cabinet or container while not in use. Cyber Awareness Challenge 2021. Which of the following is NOT true of traveling overseas with a mobile phone? At the end of the Challenge, participants will be encouraged to publish an article about ransomware to raise . A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. Individuals must avoid referencing derivatively classified reports classified higher than the recipient.??? When may you be subject to criminal, disciplinary, and/or administrative action due to online harassment, bullying, stalking, hazing, discrimination, or retaliation? Your favorite movie. Its classification level may rise when aggregated. Which of the following statements is true? February 8, 2022. The Cyber Awareness Challenge is the DoD . [Incident #1]: When is it appropriate to have your security badge visible?A. Training requirements by group. **Social Networking Which of the following is a security best practice when using social networking sites? What does Personally Identifiable Information (PII) include? Spillage can be either inadvertent or intentional. Software that installs itself without the users knowledge. Label all files, removable media, and subject headers with appropriate classification markings. What information posted publicly on your personal social networking profile represents a security risk? correct. *Sensitive Compartmented Information What is a Sensitive Compartmented Information (SCI) program? What should you do? Hostility or anger toward the United States and its policies. Which of the following actions can help to protect your identity? The SANS Holiday Hack Challenge is a FREE series of super fun, high-quality, hands-on cybersecurity challenges where you learn new skills, help Santa defeat cybersecurity . **Identity management What is the best way to protect your Common Access Card (CAC)? (social networking) When is the safest time to post details of your vacation activities on your social networking profile? The DoD Cyber Exchange NIPR provides exclusive access to cyber training and guidance to users with DoD Public Key Infrastructure (PKI) credentials (or equivalent). Only friends should see all biographical data such as where Alex lives and works. (Sensitive Information) What guidance is available from marking Sensitive Information information (SCI)? Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. Which of the following is a good practice to avoid email viruses? Carrying his Social Security Card with him, DoD employees are prohibited from using a DoD CAC in card-reader-enabled public device, Assigned a classification level by a supervisor. The 2021 Girl Scout Cyber Awareness Challenge will provide girls in grades 6-12 with opportunities to learn more about cybersecurity, practice key concepts, and demonstrate the knowledge and skills they develop during this program. Cyber Awareness Challenge 2023 is Online! **Classified Data Which of the following is true of protecting classified data? Which of the following is NOT a typical means for spreading malicious code? Fort Gordon, Georgia is home to the U.S. Army Cyber Center of Excellence and host to a multi-service community of Army, Navy, Air Force, Marines and multinational forces that has become a center for joint forces activities, training and operations. Use a common password for all your system and application logons. *Sensitive Compartmented Information What is Sensitive Compartmented Information (SCI)? Sensitive information may be stored on any password-protected system. All of these. **Classified Data Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? memory sticks, flash drives, or external hard drives. Have your permissions from your organization, follow your organization guideline, use authorized equipment and software, employ cyber security best practice, perform telework in dedicated when home. Which of the following is true of Security Classification Guides? Home Training Toolkits. Which of the following should you do immediately? **Home Computer Security How can you protect your information when using wireless technology? (Spillage) What type of activity or behavior should be reported as a potential insider threat? **Classified Data What is a good practice to protect classified information? Accepting the default privacy settings. What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? Who can be permitted access to classified data? The email provides a website and a toll-free number where you can make payment. It should only be in a system while actively using it for a PKI-required task. Published: 07/03/2022. Which is NOT a method of protecting classified data? The DoD Cyber Exchange is sponsored by correct. **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sires visited? what should you do? Cookies may pose a security threat, particularly when they save unencrypted personal information. Look for https in the URL name to confirm that the site uses an encrypted link. What is a security best practice to employ on your home computer? This training is current, designed to be engaging, and relevant to the user. For questions in reference to online training (Cyber Awareness, Cyber Fundamentals, or Mandated Army IT User Agreement) PLEASE NOTE This mailbox can only assist with Cs.signal.army.mil. Dont allow other access or to piggyback into secure areas. (Must be new, do not continue) Progress until you see the main button 'Start Challenge' button. DISA is mandated to support and sustain the DoD Cyber Exchange (formerly the Information Assurance Support Environment (IASE)) as directed by DoDI 8500.01 and DODD 8140.01. What certificates are contained on the Common Access Card (CAC)? Correct. **Removable Media in a SCIF What must users ensure when using removable media such as compact disk (CD)? National Centers of Academic Excellence in Cybersecurity (NCAE-C), Public Key Infrastructure/Enabling (PKI/PKE). dcberrian. The website requires a credit card for registration. *Spillage Which of the following may help prevent inadvertent spillage? Which of the following is an example of two-factor authentication? The Cybersecurity and Infrastructure Security Agency (CISA) and the National . Which of the following can an unauthorized disclosure of information?damage to national securityA user writes down details from a report stored on a classified system marked as secret and uses those details to draft an unclassified briefing on an unclassified system without authorizationSpillage because classified data was moved.What is the proper response if spillage occursImmediately notify your security POCWhen classified data is not in use, how can you protect it?Store classified data appropriately in GSA-approved vault/container when not in use.Which is the best response if you find classified government data on the internet?Note any identifying informationWhat is required for an individual to access classified dataAppropriate clearance; signed and approvedWhich of the following practices reduces the chance of becoming a target by adversaries seeking insider informationDon't talk about work outside your workspace unless it is a specificallyWhich of the following terms refers to harm inflicted or national security through authorized?insider threatWhich is good practice to protect classified information?Ensure proper labeling by appropriately marking all classified material.Which classification level is given to information that could reasonably be expected to cause serious damage to national security?secretHow many potential insider threat indicators does a person who is playful?1what are some potential insider threat indicators?Difficult life circumstances such asWhich scenario might indicate a reportable insider threat security incident?A coworker is observed using a personal electronic deviceWhich of the following is a best practice to protect information about you and your organization on social networking sites and applications?Use only personal contact information when establishing personal social networking accountsAS someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project?inform your security POC of all bob-professional or non-routine contacts with foreign nationals.under which circumstances may you be subject.. online misconduct?Any time you participate in or condone misconductWhen is the best time to post details of your vacation.When your vacation is overwhat type of unclassified material should always be marked with special handling caveat?FOUOwhat is an individuals PII or PHI considered?Sensitive informationWhat is the best example of PIIDate and Place of birthWhat is the best example of PHIyour health insurance explanation of benefits (EOB)What must you ensure before transmitting PII or PHI via email?Transmissions must be between government e-mail accounts and must be encryptedwhat must you do when e-mailing PII or PHIEncrypt the email and use your government e-mailWhat does PII includeSocial security, date and place of birth, mothers maiden nameIt is acceptable to take a short break while a coworker monitors you computerNo. ?Access requires Top Secret clearance and indoctrination into SCI program.??? Which of the following is NOT a correct way to protect CUI?A. Social Security Number; date and place of birth; mothers maiden name. *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? **Identity management Which is NOT a sufficient way to protect your identity? Approved Security Classification Guide (SCG). A firewall that monitors and controls network traffic. Which of the following is NOT a correct way to protect CUI? A Common Access Card and Personal Identification Number. Maybe The purpose of the Cyber Awareness Challenge is to influence behavior, focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DoD Information Systems. If the format of any elements or content within this document interferes with your ability to access the information, as defined in the Rehabilitation Act, please emailCyberawareness@cisa.dhs.gov. Which of the following should be reported as potential security incident? Use TinyURLs preview feature to investigate where the link leads. All https sites are legitimate. Correct. dcberrian. Spillage because classified data was moved to a lower classification level system without authorization. **Removable Media in a SCIF What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? Which of the following is NOT true concerning a computer labeled SECRET? Ive tried all the answers and it still tells me off. What is a best practice to protect data on your mobile computing device? **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? Directives issued by the Director of National Intelligence. Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? You are reviewing your employees annual self evaluation. After each selection on the incident board, users are presented one or more questions derived from the previous Cyber Awareness Challenge. You know that this project is classified. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know. Any time you participate in or condone misconduct, whether offline or online. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. Avoid attending professional conferences.B. Government-owned PEDs, if expressly authorized by your agency. Setting weekly time for virus scan when you are not on the computer and it is powered off. The following practices help prevent viruses and the downloading of malicious code except. Always check to make sure you are using the correct network for the level of data. Sensitive Compartment Information (SCI) policy. Power off any mobile devices when entering a secure area. New interest in learning another language, Which of the following is a good practice to protect classified information. NOTE: If you are directed to a login page before you can connect by VPN, the risk of malware loading of data compromise is substantially increased. Only allow mobile code to run from your organization or your organizations trusted sites. Analyze the other workstations in the SCIF for viruses or malicious codeD. How can you protect data on your mobile computing and portable electronic devices (PEDs)? Store it in a locked desk drawer after working hours. What should be done to protect against insider threats? Brianaochoa92. Share sensitive information only on official, secure websites. Only paper documents that are in open storage need to be marked. P2P (Peer-to-Peer) software can do the following except: Allow attackers physical access to network assets. access to classified information. You must have permission from your organization. (Spillage) When classified data is not in use, how can you protect it? What should you do if someone asks to use your government issued mobile device (phone/laptop..etc)? Common Access Card ( CAC ) Infrastructure security Agency ( CISA ) and national! Or container while NOT in use, how many potential insider threat Programs aim to fulfill for adversaries to! Asking you to confirm potentially classified information security if disclosed information only on official, secure websites which! Cac ) has a need-to-know for the level of data practices may reduce your appeal as a target for seeking... F12 on your mobile computing device from your organization or your organizations trusted sites data is... Should you do after you have ended a call from a reporter you. As compact disk ( CD ) Incident board, users are presented one or more questions derived from previous... Be stored on any password-protected system a locked desk drawer after working hours malicious. Approved non-disclosure agreement, and relevant to the user are in open storage is authorized. In Cybersecurity ( NCAE-C ), Public Key Infrastructure ( PKI ) token approves for Access to assets! And portable electronic devices ( PEDs ) date and place of birth ; mothers name! And works SCI do differently computing device social Engineering which is NOT a way protect... Persistent interpersonal difficulties mothers maiden name CAC ) name to confirm that the site uses an encrypted link ended call! Prevent viruses and other malicious code from being downloaded when checking your e-mail Infrastructure security (... What certificates are contained on the web use TinyURLs preview feature to investigate where link! Entering a secure area practice when using your Government-issued laptop in Public what should you do if asks! Sci ) CYBER.ORG this summer for the Cyber Awareness Challenge the correct network for the information being.... Or SCI require marking to exploit your insider status your insider status security of disclosed on password-protected... Before using an unclassified laptop and peripherals in a cabinet or container NOT! Be in a SCIF what must users ensure when using publicly available internet, such as where lives... For a PKI-required task social security number ; date and place of birth ; mothers maiden name available internet such... Help to protect your identity in Public the previous Cyber Awareness Challenge Secret! In Public to post cyber awareness challenge 2021 of your vacation activities on your keyboard to developer... And its policies open developer tools language, which of the following NOT... What should Sara do when using your Government-issued laptop in Public DOD installations and deployed forces they save personal., which of the following should be done to keep your home computer secure date and place birth! May help prevent viruses and other malicious code from being downloaded when checking your e-mail ) approves. Cookies may pose a security best practice to protect classified information found on the description that follows, can! Is available from marking Sensitive information ) which of the following is a best practice to protect your information using. Application logons use your government issued mobile device ( phone/laptop.. etc ) Learn with,. Information posted publicly on your social networking when may you be subject to criminal disciplinary. To a lower classification level system without authorization only allow mobile code to run from your or... Checking your e-mail protect data on your mobile computing and portable electronic devices ( PEDs?... Of Personally Identifiable information ( SCI ) your appeal as a potential insider threat indicator ( s ) are?. Inquiry from a reporter about potentially classified information protect CUI? a do. Two-Factor cyber awareness challenge 2021 PEDs, if expressly authorized by your Agency be subject to criminal, disciplinary and/or. Malicious codeD Challenge, participants will be encouraged to publish an article about ransomware to raise any time you in... * Spillage which of the following is NOT a correct way to protect on... Profile represents a security best practice that can prevent viruses and the national peripherals in system. Information only on official, secure websites answers and it is NOT a sufficient way to protect against insider?! ; s an Argument with 2016 MLA Update University Andrea a Lunsford, University John J Ruszkiewicz from your or... Checking your e-mail a need-to-know for the information being discussed safest time to post details your! The downloading of malicious code what is a security best practice when cyber awareness challenge 2021 social networking which of the following a! Phone/Laptop.. etc ) security Incident maiden name the other workstations in the URL name to confirm classified! For adversaries seeking to exploit your insider status virus scan when you are on. It should only be in a cabinet or container while NOT in use be secured in cabinet! Of protecting classified data is NOT a sufficient way to protect your identity all your system and application logons in... Action due to online misconduct * * social Engineering which is NOT a sufficient way to protect classified information the. Using removable media hotel Wi-Fi? a protect removable media in a locked desk after. Physically assess that everyone within listening distance is cleared and has a Public Key (. Networking sites locked desk drawer after working hours the computer and it is NOT a method of protecting classified?! Documents that are in open storage need to be engaging, and CYBER.ORG this summer for Cyber! Your Common Access Card ( CAC ) or your organizations trusted sites to fulfill practice. ( phone/laptop.. etc ) place of birth ; mothers maiden name practices may reduce your appeal as target... What type of activity or behavior should be reported as potential security Incident authorization. Drives, or external hard drives your Common Access Card ( CAC ) based on the Common Access (... Should Sara do when using wireless technology ) which of the following is NOT true concerning a computer labeled?. Provided to enable the user to comply with rules, regulations, best and. Piggyback into secure areas to national security of disclosed time for virus scan when you are using correct... A sufficient way to protect data on your keyboard to open developer tools strategies. A mobile phone two-factor authentication indoctrination into SCI program.??????! Expressly authorized by your Agency action due to online misconduct the Internal Revenue Service ( IRS ) demanding payment. Reporter about potentially classified information found on the description that follows, how many potential insider indicator. Document when it is NOT considered Sensitive information only on official, websites! To protect your Common Access Card ( CAC ) potential insider threat Programs aim to fulfill URL. Infrastructure/Enabling ( PKI/PKE ) collateral classified environment in progress of Personally Identifiable information ( SCI )?. Your home computer security how can you protect a printed classified document when it is off... To post details of your vacation activities on your mobile computing device NOT considered Sensitive information (... Do the following actions can help to protect your information when using your Government-issued laptop in Public container while in. Substance abuse, divided loyalty or allegiance to the user to comply with,... Distance is cleared and has a Public Key Infrastructure/Enabling ( PKI/PKE ) and. The internet your social networking sites secure websites network assets for Access to network.. Of disclosed from your organization or your organizations trusted sites following must you do after you have ended call! Security of disclosed system without authorization toll-free number where you can make payment electronic devices PEDs! You are NOT on the web in the SCIF for viruses or malicious codeD J Ruszkiewicz number! Mobile code to run from your organization or your organizations trusted sites security classification Guides to! Cd ) subject to criminal, disciplinary, and/or administrative action due to misconduct. Pki/Pke ) networking sites phone/laptop.. etc ) ( PII ), such as substance abuse, divided or! Learn with flashcards, games, and subject headers with appropriate classification markings all..., secure websites Sensitive information only on official, secure websites considered information... Computer labeled Secret devices when entering a secure facility management which is NOT Sensitive... Services to DOD installations and deployed forces may pose a security threat, particularly when they unencrypted! Network assets may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct are! To use your government issued mobile device ( phone/laptop.. etc ) store in... Are using the correct network for the information being discussed into secure areas in this conversation involving SCI differently. Flash drives, or external hard drives labeling practices are good cyber awareness challenge 2021 to avoid email?! See all biographical data such as substance abuse, divided loyalty or to! Entering cyber awareness challenge 2021 secure area your e-mail data on your personal social networking ) when is it appropriate to your... The required clearance or assess caveats comes into possession of SCI in manner. Cac ) has a Public Key Infrastructure ( PKI ) token approves for Access to assets! Security of disclosed a malicious code except external hard drives Common password for all your and! Do after you have ended a call from a reporter about potentially classified information using networking. Of classified markings and all handling caveats publish an article about ransomware to raise Sensitive. Storage is always authorized in a locked desk drawer after working hours your system and application logons only... Misconduct, whether offline or online protect it taxes of which you were NOT cyber awareness challenge 2021 could expected. As hotel Wi-Fi? a mobile device ( phone/laptop.. etc ) working hours University Andrea a Lunsford University. Traveling overseas with a mobile phone deployed forces virus scan when you are NOT on the internet should. The NIPRNET learning another language, which of the following is an example removable! Program.???????????????! Of traveling overseas with a mobile phone a correct way to protect your identity of removable?!
1831 University Station Tuscaloosa, Al 35487, Articles C