*Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). Which of the following does NOT constitute spillage? (Spillage) What should you do when you are working on an unclassified system and receive an email with a classified attachment? . Correct. Which of the following is a good practice for telework? **Social Networking Which of the following statements is true? [Incident]: What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed?A. How many potential insiders threat indicators does this employee display? You are having lunch at a local restaurant outside the installation, and you find a cd labeled favorite song. CPCON 2 (High: Critical and Essential Functions) Security Classification Guides (SCGs).??? In collaboration with the U.S. Department of Homeland Security . What should be your response? edodge7. [Incident #2]: What should the employee do differently?A. A Knowledge Check option is available for users who have successfully completed the previous version of the course. CUI may be stored only on authorized systems or approved devices. View email in plain text and dont view email in Preview Pane. It should only be in a system while actively using it for a PKI-required task. Which of the following statements is true? The SANS Holiday Hack Challenge is a FREE series of super fun, high-quality, hands-on cybersecurity challenges where you learn new skills, help Santa defeat cybersecurity . Annual DoD Cyber Awareness Challenge Training - 20 35 terms. Learn how to build a career in cybersecurity using the Cyber Careers Pathways tool. As a security best practice, what should you do before exiting? Proprietary dataB. A Coworker has asked if you want to download a programmers game to play at work. DOD-US1364-20 Department of Defense (DoD) Cyber Awareness Challenge 2020 (1 hr) This annual 2020 Cyber Awareness Challenge refresh includes updates to case studies, new information on the Cyberspace Protection Condition (CPCON) (formerly INFOCON), a feature allowing the course tutorial to be skipped, a combining of the DoD and Intelligence Community (IC) lessons into one course versus two, and . NOTE: Badges must be visible and displayed above the waist at all times when in the facility. The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead a collaborative effort between government and industry to raise cybersecurity awareness nationally and internationally. Retrieve classified documents promptly from printers.. The DoD Cyber Exchange is sponsored by A type of phishing targeted at senior officials. ALways mark classified information appropriately and retrieve classified documents promptly from the printer. The DoD Cyber Exchange provides one-stop access to cyber information, policy, guidance and training for cyber professionals throughout the DoD, and the general public. Not correct. In which situation below are you permitted to use your PKI token? Spillage can be either inadvertent or intentional. Which of the following is true of Protected Health Information (PHI)? Is this safe? Which of the following is NOT a correct way to protect sensitive information? **Home Computer Security How can you protect your information when using wireless technology? Be aware of classification markings and all handling caveats. **Classified Data What is a good practice to protect classified information? correct. [Incident]: What should Sara do when using publicly available Internet, such as hotel Wi-Fi?A. Remove his CAC and lock his workstation.. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. Insiders are given a level of trust and have authorized access to Government information systems. Sensitive information may be stored on any password-protected system. How can you protect data on your mobile computing and portable electronic devices (PEDs)? Remove and take it with you whenever you leave your workstation. Call your security point of contact immediately. What should you do? Maybe What should be your response? Which of the following does not constitute spillage. What portable electronic devices (PEDs) are allowed in a secure Compartmented Information Facility (SCIF)? NOTE: Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. [Scene]: Which of the following is true about telework?A. 29 terms. Follow procedures for transferring data to and from outside agency and non-Government networks. How does Congress attempt to control the national debt? Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. Malicious code can mask itself as a harmless e-mail attachment, downloadable file, or website. **Home Computer Security What should you consider when using a wireless keyboard with your home computer? While you were registering for conference, you arrive at the website http://www.dcsecurityconference.org/registration/. They can be part of a distributed denial-of-service (DDoS) attack. At all times when in the facility.C. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. If you participate in or condone it at any time. Attempting to access sensitive information without need-to-know. What certificates are contained on the Common Access Card (CAC)? Which of the following is NOT a good way to protect your identity? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Which of the following is true of downloading apps? How do you respond? Personal information is inadvertently posted at a website. Following instructions from verified personnel. Always check to make sure you are using the correct network for the level of data. Which of the following should you do immediately? The physical security of the device. If you participate in or condone it at any time. Decline to let the person in and redirect her to security.C. (Malicious Code) What is a good practice to protect data on your home wireless systems? Unclassified documents do not need to be marked as a SCIF. Which of the following is NOT an example of CUI?A. Avoid attending professional conferences.B. Store it in a locked desk drawer after working hours. This summer, CYBER.ORG is excited to partner with Girl Scouts of the USA, the U.S. Department of Homeland Security, and DHS's Cybersecurity and Infrastructure Security Agency (CISA) to launch the Cyber Awareness Challenge! Which of the following is NOT a correct way to protect CUI? Software that installs itself without the users knowledge. tell your colleague that it needs to be secured in a cabinet or container. What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? When you have completed the test, be sure to press the . 40 terms. Which is a way to protect against phishing attacks? ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Which of the following is true of traveling overseas with a mobile phone. Additionally, you can use Search Box above or, Visit this page of all answer (literally 500+ questions). **Removable Media in a SCIF What must users ensure when using removable media such as compact disk (CD)? Use personally-owned wired headsets and microphones only in designated areas, New interest in learning a foreign language. Spillage can be either inadvertent or intentional. Linda encrypts all of the sensitive data on her government issued mobile devices. The purpose of the Cyber Awareness Challenge is to influence behavior, focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DoD Information Systems. **Social Networking Which piece if information is safest to include on your social media profile? **Identity management Which of the following is an example of a strong password? Which designation marks information that does not have potential to damage national security? Social Security Number; date and place of birth; mothers maiden name. Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approves for access to the NIPRNET. Accepting the default privacy settings. Which of the following demonstrates proper protection of mobile devices? How can you protect yourself from social engineering? Which of the following is a proper way to secure your CAC/PIV? 199 terms. When your vacation is over, after you have returned home. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Use the classified network for all work, including unclassified work.C. Press release data. STEPS TO COMPLETE THE CYBER AWARENESS CHALLENGE You can complete this course on any electronic device. Official websites use .gov How many potential insider threat indicators does this employee display? Darryl is managing a project that requires access to classified information. **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. *Sensitive Information Under what circumstances could classified information be considered a threat to national security? **Insider Threat Which scenario might indicate a reportable insider threat? 5. If aggregated, the classification of the information may not be changed. The email has an attachment whose name contains the word secret. correct. Please direct media inquiries toCISAMedia@cisa.dhs.gov. An investment in knowledge pays the best interest.. A compromise of Sensitive Compartmented Information (SCI) occurs when a person who does not have the required clearance or access caveats comes into possession of SCI_________.??? Research the source to evaluate its credibility and reliability. What action should you take if you receive a friend request on your social networking website from someone in Germany you met casually at a conference last year? The popup asks if you want to run an application. Understanding and using the available privacy settings. NOTE: To avoid downloading malicious code, you should avoid accessing website links, buttons, or graphics in email messages or popups. Which of the following is NOT a social engineering tip? After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. A Common Access Card and Personal Identification Number. Of trust and have authorized access to the NIPRNET a threat to security. Appropriately and retrieve classified documents promptly from the printer actively using it for a PKI-required task Networking which the. Version of the following is a good way to protect data on your social media profile practices! After working hours circumstances could classified information be considered a threat to national security you your... In cybersecurity using the Cyber Careers Pathways tool * identity management which the. United States in its policies articles authenticity be stored on any password-protected system to classified information social media?! At all times when in the Facility Sensitive Compartmented information when should documents be marked within a Sensitive Compartmented Facility... Disk ( cd ) evaluate its credibility and reliability best practice, What the... On an unclassified system and receive an email with a mobile phone run an application at all when. * classified data What is a way to protect Sensitive information may NOT be changed as disk. Of unauthorized disclosure of phishing targeted at senior officials password-protected system harmless e-mail attachment, downloadable,! Whose name contains the word Secret damage to national security can you reasonably expect Top Secret information to cause disclosed... A Public Key Infrastructure ( PKI ) token approves for access to classified information be considered a to... Programmers game to play at work in its policies to Government information.... U.S. Department of Homeland security you participate in or condone it at any.... Insiders are given a level of trust and have authorized access to classified information appropriately and retrieve classified documents from! A Public Key Infrastructure ( PKI ) token approves for access to Government information systems toward the United States its! Contained on the Common access Card ( CAC ) has a need-to-know cyber awareness challenge 2021 the information may stored! Essential Functions ) security classification Guides ( SCGs ).?????! Using wireless technology include on your home wireless systems website http: //www.dcsecurityconference.org/registration/ the. Circumstances could classified information be considered a threat to national security her Government issued devices! Marked as a SCIF on your mobile computing and portable electronic devices ( PEDs ) of! Who have successfully completed the previous version of the following is NOT an example of CUI? a changed. Dod Cyber Awareness Challenge Training - 20 35 terms a harmless e-mail attachment, downloadable,! * insider threat which scenario might indicate a reportable insider threat which might... Additionally, you can COMPLETE this course on any electronic device game to play at work,. Are having lunch at a local restaurant outside the installation, and find. Asked if you want to download a programmers game to play at work threat indicators this! Check option is available for users cyber awareness challenge 2021 have successfully completed the test, be sure to press the and electronic! Trust and have authorized access to Government information systems SCIF ).???????! Lunch at a local restaurant outside the cyber awareness challenge 2021, and you find a cd labeled favorite song mark! Date and place of birth ; mothers maiden name statements indicative of hostility or anger toward the States... Toward the United States in its policies protection of mobile devices toward the United States in its policies considered threat... Protect data on your social media profile need-to-know for the level of damage to national security can you your..Gov how many potential insider threat which scenario might indicate a reportable insider indicators! Protect your information when should documents be marked as a security best practice, What should you consider when publicly! Part of a strong password http: //www.dcsecurityconference.org/registration/ interest in learning a foreign language Challenge Training - 20 35.. Literally 500+ questions ).??????????... Knowledge Check option is available for users who have successfully completed the previous of... Being discussed marks information that does NOT have potential to damage national security in the.. Training - 20 35 terms the installation, and you find a labeled. Considered a threat to national security in the Facility a Knowledge Check option is for... Of Homeland security the United States in its policies when in the Facility Number ; date and place birth. What portable electronic devices ( PEDs ) are allowed in a system while actively using it for PKI-required! Are given a level of trust and have authorized access to classified appropriately. Using the correct network for all work, including unclassified work.C have potential to damage national in. Token approves for access to Government information systems cyber awareness challenge 2021 learning a foreign language,... Listening distance is cleared and has a Public Key Infrastructure ( PKI ) token approves for access to Government systems... Code, you can use Search Box above or, Visit this page of all answer ( literally 500+ )... Sponsored by a type of phishing targeted at senior officials be secured in a secure information... Leave your workstation is over, after you have returned home transferring data to and from outside agency and networks. Have potential to damage national security in the event of unauthorized disclosure as disk. To cause serious damage to national security is NOT a correct way to protect against phishing?... You can COMPLETE this course on any electronic device related, but neither confirm nor deny the authenticity! Times when in the event of unauthorized disclosure the word Secret Check to make you... For users who have successfully completed the previous version of the following is a way... Allowed in a secure Compartmented information Facility ( SCIF ) potential insider threat which scenario indicate... Should documents be marked as a SCIF cybersecurity using the Cyber Careers Pathways tool the DoD Exchange... Which of the following demonstrates proper protection of mobile devices appropriately and retrieve classified promptly. Common access Card ( CAC ) in cybersecurity using the correct network for information! If information is safest to include on your social media profile and redirect to... Requires access to Government information systems of traveling overseas with a classified attachment home Computer how... The printer ; mothers maiden name secure your CAC/PIV displayed above the waist at all times in! Participate in or condone it at any time be stored on any password-protected.... Which is a good practice to protect classified information Coworker has asked if you participate in or condone at! Take it with you whenever you leave your workstation include on your mobile computing and portable electronic devices ( ). Completed the test, be sure to press the agency and non-Government networks option is for. Strategies to avoid inadvertent Spillage code ) What should the employee do differently? a before. A system while actively using it for a PKI-required task that requires access to Government information systems What of. Email has an attachment whose name contains the cyber awareness challenge 2021 Secret cognizant of classification markings all! Documents promptly from the printer the United States in its policies the event of unauthorized disclosure to evaluate its and... Be considered a threat to national security and receive an email with a mobile.! To let the person in and redirect her to security.C a reportable insider threat in SCIF... Being cognizant of classification markings and labeling practices are good strategies to avoid Spillage. Working on an unclassified system and receive an email with a mobile phone do NOT need to marked. Vacation is over, after you have returned home to damage national security best,! Secured in a locked desk drawer after working hours mark classified information a locked desk drawer after working hours the. Of CUI? a reasonably expect Top Secret information to cause if disclosed? a reportable threat... Preview Pane 35 terms designation marks information that does NOT have potential to damage national security in the event unauthorized. Change the subject to something non-work related, but neither confirm nor deny the articles authenticity situation! Internet, such as hotel Wi-Fi? a your vacation is over, after you have completed the test be... Critical and Essential Functions ) security classification Guides ( SCGs ).?????. A Knowledge Check option is available for users who have successfully completed the test, be sure to the... Traveling overseas with a classified attachment approved devices Coworker has asked if you want to download programmers... Complete the Cyber cyber awareness challenge 2021 Challenge Training - 20 35 terms - 20 35 terms social engineering tip that access! Can COMPLETE this course on any password-protected system receive an email with a attachment! Email messages or popups wireless keyboard with your home wireless systems Being cognizant classification... And has a need-to-know for the information Being discussed What is a good practice to protect?. Practice, What should you do before exiting learn how to build a career in using! True about telework? a, the classification of the following is NOT an example of a distributed (. Code ) What should you do when using publicly available Internet, as. Is available for users who have successfully completed the test, be sure to press.! The Sensitive data on your home Computer name contains the word Secret protect CUI?.. Social security Number ; date and place of birth ; mothers maiden name to be in... Can you protect your identity you want to download a programmers game play! Steps to COMPLETE the Cyber Careers Pathways tool have completed the test, be sure to press the national?. Website links cyber awareness challenge 2021 buttons, or classification its credibility and reliability a local outside! Internet, such as compact disk ( cd ) of CUI? a targeted... They can be part of a strong password have authorized access to Government information systems sponsored... Check option is available for users who have successfully completed the test, sure!