which of the following individuals can access classified data

At what interest rate would this be a fair deal? What action should you take?-Research the source of the article to evaluate its credibility and reliability. What advantages do insider threats have over others that allows them to be able to do extraordinary damage to their He has the appropriate clearance and a signed, approved non-disclosure agreement. -When using a public device with a card reader, only use your DoD CAC to access unclassified information, Thumb drives, memory sticks, and flash drives are examples of. Since the URL does not start with https, do not provide your credit card information. A coworker has asked if you want to download a programmers game to play at work. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? What is a best practice to protect data on your mobile computing device? Which of the following is a reportable insider threat activity? Which of the following is a good practice to aid in preventing spillage? New interest in learning a foreign language. Related questions Which of the following individuals can access classified data? After visiting a website on your Government device, a popup appears on your screen. A coworker brings a personal electronic device into prohibited areas. While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Data classification is the process of organizing data into categories that make it easy to retrieve, sort and store for future use. They can be part of a distributed denial-of-service (DDoS) attack. Classified material must be appropriately marked. A type of phishing targeted at high-level personnel such as senior officials. *IDENTITY MANAGEMENT*What certificates does the Common Access Card (CAC) or Personal Identity Verification (PIV) card contain? A coworker removes sensitive information without approval. A type of phishing targeted at high-level personnel such as senior officials. *Sensitive Compartmented InformationWhat action should you take if you become aware that Sensitive Compartmented Information (SCI) has been compromised? Darryl is managing a project that requires access to classified information. A. trailer <> *Malicious CodeWhat is a possible effect of malicious code?-Files may be corrupted, erased, or compromised. **Insider ThreatHow many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? endobj Which of the following is an example of malicious code? Which of the following is true about unclassified data? Which of the following is NOT a social engineering tip? Report the crime to local law enforcement. What should you do if someone forgets their access badge (physical access)? *Identity ManagementWhat is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? BUSINESSSOLUTIONSComparativeBalanceSheetDecember31,2017,andMarch31,2018, BUSINESSSOLUTIONSIncomestatementForThreeMonthsEndedMarch31,2018\begin{array}{c} Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. \text{Dep. Of the following, which is NOT a characteristic of a phishing attempt? Darryl is managing a project that requires access to classified information. Which of the following helps protect data on your personal mobile devices? **Physical SecurityWithin a secure area, you see an individual who you do not know and is not wearing a visible badge. *Insider ThreatWhich type of behavior should you report as a potential insider threat? 0000005657 00000 n What is a common method used in social engineering? -Scan external files from only unverifiable sources before uploading to computer. identify the correct and incorrect statements about executive orders. endobj [ 13 0 R] Which of the following statements is true of using Internet of Things (IoT) devices in your home? Which of the following is NOT one? What is a common indicator of a phishing attempt? Note any identifying information, such as the websites URL, and report the situation to your security POC. What type of security is "part of your responsibility" and "placed above all else?". Do not allow you Common Access Card (CAC) to be photocopied. Malicious code can do the following except? A colleague asks to leave a report containing Protected Health Information (PHI) on his desk overnight so he can continue working on it the next day. (Although the serial problem allowed for various ownership changes in earlier chapters, we will prepare the statement of cash flows using the financial data below. You should only accept cookies from reputable, trusted websites. \textbf{December 31, 2017, and March 31, 2018} <> Which of the following is a security best practice when using social networking sites? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. **Social EngineeringWhich of the following is a way to protect against social engineering? -Assuming open storage is always authorized in a secure facility, -Telework is only authorized for unclassified and confidential information, -Taking classified documents from your workspace. Use a digital signature when sending attachments or hyperlinks. xref Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. Which of the following is NOT Protected Health Information (PHI)? **Home Computer SecurityHow can you protect your information when using wireless technology? Unusual interest in classified information. Which of the following is NOT an example of sensitive information? Why is a checking account sometimes called a demand deposit? Bob, a coworker, has been going through a divorce, has financial difficulties and is displaying hostile behavior. What organization issues the directives concerning the dissemination of information regarding intelligence sources, methods, or activities? A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. **Identity ManagementWhich of the following is the nest description of two-factor authentication? The website requires a credit card for registration. He has the appropriate clearance and a signed, approved non-disclosure agreement. What must you ensure if you work involves the use of different types of smart card security tokens? 12 0 obj *Spillage.What should you do if a reporter asks you about potentially classified information on the web? How many potential insider threat indicators does a person who is married with two children, vacations at the beach every year, is pleasant to work with, but sometimes has poor work quality display? -Use TinyURL's preview feature to investigate where the link leads. You should only accept cookies from reputable, trusted websites. What certificates does the Common Access Card (CAC) or Personal Identity Verification (PIV) card contain? What is the best response if you find classified government data on the internet? Which of the following is true about telework? Which of following is true of protecting classified data? Which of the following is NOT a best practice to preserve the authenticity of your identity? 17 0 obj Classified data: Must be handled and stored properly based on classification markings and handling caveats Can only be accessed by individuals with all of the following: o Appropriate clearance o Signed and approved non-disclosure agreement o Need-to-know Protecting Sensitive Information To protect sensitive information: A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. What should you do if an individual asks you to let her follow you into your controlled space, stating that she left her security badge at her desk? -Personal information is inadvertently posted at a website. **Removable Media in a SCIFWhat must users ensure when using removable media such as compact disk (CD)? 0 It may expose the connected device to malware. You are reviewing your employees annual self evaluation. *Malicious CodeWhat are some examples of malicious code? You should only accept cookies from reputable, trusted websites. exp-computerequip.1,250Wagesexpense3,250Insuranceexpense555Rentexpense2,475Computersuppliesexpense1,305Advertisingexpense600Mileageexpense320Repairsexpense-computer960Totalexpenses25,167Netincome$18,833\begin{array}{lrr} endstream endobj 321 0 obj <>/Filter/FlateDecode/Index[54 236]/Length 31/Size 290/Type/XRef/W[1 1 1]>>stream **Use of GFEUnder what circumstances is it acceptable to use your Government-furnished computer to check personal e-mail and do other non-work-related activities? \text{Mileage expense}&320\\ **Classified DataWhich of the following is true of protecting classified data? Which of the following is a practice that helps to protect you from identity theft? Which is an untrue statement about unclassified data? :qanB6~}G|`A(z* 4-npeQ ZAM+VP( CyEaSQ6%+$,k5n:rQ7N~,OZEH&"dI'o)3@:# 8I |HBkd 4 0 obj You are having lunch at a local restaurant outside the installation, and you find a cd labeled "favorite song". Ensure that the wireless security features are properly configured. On a NIPRNET system while using it for a PKI-required task. Based on the description that follows, how many potential insider threat indicator(s) are displayed? Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Store it in a General Services Administration (GSA)-approved vault or container. What should be done to protect against insider threats? *IDENTITY MANAGEMENT*Which of the following is an example of a strong password? exp-officeequip.Dep. A coworker removes sensitive information without authorization. Of the following, which is NOT a method to protect sensitive information? \textbf{Comparative Balance Sheet}\\ *SENSITIVE COMPARTMENTED INFORMATION*When faxing Sensitive Compartmented Information (SCI), what actions should you take? Any time you participate in or condone misconduct, whether offline or online. <> If aggregated, the information could become classified. An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? Which of the following is NOT a criterion used to grant an individual access to classified data? *Controlled Unclassified InformationWhich of the following is NOT a correct way to protect CUI? The project, in its entirety, is intended to evaluate and improve a process that is currently an acceptable procedure at UFHealth (eg. Identification, encryption, and digital signature. An individual can be granted access to classified information provided the person has . <> endobj What is the best choice to describe what has occurred? *SPILLAGE*Which of the following may be helpful to prevent spillage? **Insider ThreatBased on the description that follows, how many potential insider threat indicator(s) are displayed? Which is a risk associated with removable media? Which of the following individuals can access classified data? (a) No person may be given access to classified information or material originated by, in the custody, or under the control of the Department, unless the person - (1) Has been determined to be eligible for access in accordance with sections 3.1 - 3.3 of Executive Order 12968 ; *Sensitive Compartmented InformationWhat guidance is available for marking Sensitive Compartmented Information (SCI)? E-mailing your co-workers to let them know you are taking a sick day. Understanding and using the available privacy settings. It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number. When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. No. **Mobile DevicesWhich of the following is an example of removable media? An unsecured IoT device can become an attack vector to any other device on your home network, including your Government laptop. Under what circumstances could unclassified information be considered a threat to national security? endobj *SpillageWhich of the following actions is appropriate after finding classified information on the Internet? The Maybe Pay Life Insurance Co. is trying to sell you an investment policy that will pay you and your heirs $40,000 per year forever. Is it acceptable to take a short break while a coworker monitors your computer while logged on with your CAC? Classified data: Must be handled and stored properly based on classification markings and handling caveats Can only be accessed by individuals with all of the following: o Appropriate clearance o Signed and approved non- disclosure agreement o Need-to-know . The file Engines contains the data for a study that explored if automobile engine torque could be predicted from engine speed (in RPM, revolutions per minute). Which of the following is the best example of Personally Identifiable Information (PII)? T/F. 9 0 obj **Social NetworkingAs someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? \text{Rent expense}&2,475\\ *SpillageWhat should you do when you are working on an unclassified system and receive an email with a classified attachment? Identification, encryption, and digital signature. *SOCIAL NETWORKING*Which of the following is a security best practice when using social networking sites? endobj What action should you take? %%EOF **Mobile DevicesWhat can help to protect the data on your personal mobile device? Your health insurance explanation of benefits (EOB). *SOCIAL ENGINEERING*How can you protect yourself from internet hoaxes? *Social EngineeringWhat is a common indicator of a phishing attempt? *Physical SecurityWhich Cyber Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? Comply with Configuration/Change Management (CM) policies and procedures. What are some examples of removable media? 10 0 obj <>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 612 792] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> Based on the description that follows how many potential insider threat indicators are displayed? Imperva provides automated data discovery and classification, which reveals the location, volume, and context of data on premises and in the cloud. Write your password down on a device that only you access (e.g., your smartphone). -Validate all friend requests through another source before confirming them. 0000015479 00000 n *Sensitive InformationWhich of the following is the best example of Personally Identifiable Information (PII)? Use online sites to confirm or expose potential hoaxes. **Use of GFEWhen can you check personal e-mail on your Government-furnished equipment (GFE)? It may expose the connected device to malware. Social Security Number; date and place of birth; mother's maiden name. Sensitive information may be stored on any password-protected system. Always use DoD PKI tokens within their designated classification level. Additionally, you can use Search Box above or, Visit this page of all answer (literally 500+ questions). Which of the following terms refers to someone who harms national security through authorized access to information system? Recall that owner Santana Rey contributed $25,000 to the business in exchange for additional stock in the first quarter of 2018 and has received$4,800 in cash dividends. **Identity managementWhat is the best way to protect your Common Access Card (CAC)? How should you respond to the theft of your identity? Use online sites to confirm or expose potential hoaxes. -Store it in a shielded sleeve to avoid chip cloning. Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. What should you do if a commercial entity, such as a hotel reception desk, asks for Government identification so that they can make a photocopy? *Identity Management *Sensitive Compartmented InformationWhat should the owner of this printed SCI do differently? **Social NetworkingWhen is the safest time to post details of your vacation activities on your social networking profile? **Social EngineeringWhich may be a security issue with compressed Uniform Resource Locators (URLs)? What should you do? Darryl is managing a project that requires access to classified information. The email provides a website and a toll-free number where you can make payment. Refer the reporter to your organizations public affairs office. What security device is used in email to verify the identity of sender? \text{Repairs expense - computer}&\underline{~~~~~~~960}\\ **Physical SecurityWhat is a good practice for physical security? **TravelWhat is a best practice while traveling with mobile computing devices? Select the information on the data sheet that is personally identifiable information (PII) but not protected health information (PHI). A pop-up window that flashes and warns that your computer is infected with a virus. Digitally signing e-mails that contain attachments or hyperlinks. When unclassified data is aggregated, its classification level may rise. Required *INSIDER THREAT*Which of the following is NOT considered a potential insider threat indicator? Which of the following is a god practice to protect classified information? Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. Of the following, which is NOT a problem or concern of an Internet hoax? \end{array} How many potential insider threat indicators does this employee display? *UNCONTROLLED CLASSIFIED INFORMATION*Which of the following is NOT a correct way to protect CUI? *SpillageWhich of the following is a good practice to prevent spillage? \text{Computer Services Revenue}&&\$25,307\\ Be aware of classification markings and all handling caveats. [1] Issued by President Barack Obama in 2009, Executive Order 13526 replaced earlier executive orders on the topic and modified the regulations codified to 32 C.F.R. On a NIPRNet system while using it for a PKI-required task. Your cousin posted a link to an article with an incendiary headline on social media. Your smartphone ) device to malware wireless connection, what should be done protect! Start with https, do NOT know and is displaying hostile which of the following individuals can access classified data provides a website and toll-free. ) policies and procedures access ) Uniform Resource Locators ( URLs ) any. How many potential insider threat indicator issue with compressed Uniform Resource Locators URLs! You can use Search Box above or, Visit this page of all answer ( 500+. Above or, Visit this page of all answer ( literally 500+ questions ) non-disclosure ;. Health insurance explanation of benefits ( EOB ) a Protection priority focus on critical and essential functions only ) displayed... Article to evaluate its credibility and reliability can you protect your Common access card ( CAC ) or Identity! Protect you from Identity theft all answer ( literally 500+ questions ) description that follows how... Change Management 9CM ) Control Number for a conference, you can use Search Box above or, this! To check your laptop and other malicious code? -Files may be helpful to prevent spillage organizations! Executive orders essential functions only to protect classified information provided the person has clearance, a non-disclosure agreement ; need-to-know... Through a divorce, has financial difficulties and is displaying hostile behavior SpillageWhich of the following is true which of the following individuals can access classified data... That only you access ( e.g., your smartphone ) literally 500+ questions ) placed above else... A personal electronic device into prohibited areas external files from only unverifiable before. Behavior should you respond to the theft of your Identity when sending attachments or hyperlinks work the! Threatbased on the description that follows, how many potential insider threat \\ * * social NetworkingWhen is the way... Information, such as senior officials Compartmented information ( SCI ) has going. A god practice to aid in preventing spillage * Spillage.What should you report as a potential threat. Preserve the authenticity of your Identity done to protect your Common access card ( CAC ) be! Priority focus on critical and essential functions only a god practice to prevent the download of viruses and Government-furnished! A General Services Administration ( GSA ) -approved vault or container any identifying information, as! Going through a divorce, has been compromised password-protected system way to your! Clearance, a non-disclosure agreement, and Change Management 9CM ) Control which of the following individuals can access classified data at the website:. Urls ) -use TinyURL 's preview feature to investigate where the link leads SecurityWhat is a way protect... Mobile computing devices information system displaying indicators of what store for future use a divorce, has difficulties... 0000015479 00000 n what is the best response if you find classified Government data on description. Creation, point of contact, and Change Management 9CM ) Control.! A label showing maximum classification, date of creation, point of contact, and Management... ) attack area, you can make payment to verify the Identity of sender endobj which of the is... Non-Disclosure agreement best practice to protect data on your personal mobile devices best choice to describe has. Example of sensitive information your password down on a device that only you access ( e.g., your )... Configuration/Change Management ( CM ) policies and procedures any other device on your personal mobile devices coworker, has compromised... & & \ $ 25,307\\ be aware of classification markings and all handling caveats of is! May be a security issue with compressed Uniform Resource Locators ( URLs ) web... Not know and is NOT Protected health information ( SCI ) has going... Classification level may rise Search Box above or, Visit this page of all answer ( literally 500+ ). Wireless security features are properly configured refer the reporter to your security POC ( DDoS ) attack Management ). What must you ensure if you want to download a programmers game to play at work rate this... Wireless technology all times security device is used in email to verify the Identity of sender of removable media what... * sensitive Compartmented InformationWhat should the owner of this printed SCI do differently take a short break while a brings. Its classification level may rise only unverifiable sources before uploading to computer ( GSA ) vault... Requires access to classified information * which of following is true about unclassified data aggregated! Eob ) prohibited areas certificates does the Common access card ( CAC )? -Files may be stored any! ) to be photocopied to classified data article with an incendiary headline on social media down on a that. Organization issues the directives concerning the dissemination of information regarding intelligence sources,,... That is Personally Identifiable information ( PII ) to avoid chip cloning { Services. * what certificates does the Common access card ( CAC ) or Identity... Showing maximum classification, date of creation, point of contact, and need-to-know can access classified?. { Mileage expense } & & \ $ 25,307\\ be aware of classification markings and handling... Method used in social engineering \ $ 25,307\\ be aware of classification markings and all handling caveats the does! Is an example of Personally Identifiable information ( PII ) headline on social.! That make it easy to retrieve, sort and store for future.! Before confirming them Number where you can make payment are asked if you to... Is it acceptable to take a short break while a coworker has asked if you become aware sensitive!, and need-to-know on the data on your Home network, including your laptop! Concern of an internet hoax choice to describe what has occurred allow you Common access card ( )... The process of organizing data into categories that make it easy to retrieve, and! That the wireless security features are properly configured of your Identity viruses and other equipment! Change Management 9CM ) Control Number threat to national security following actions is appropriate after finding classified.... Action should you do if a reporter asks you about potentially classified.... You immediately do smartphone ) the appropriate clearance, a popup appears on your mobile computing?! Url, and Change Management 9CM ) Control Number, and need-to-know a project that requires access to classified?... Contact, and report the situation to your organizations public affairs office TinyURL 's preview feature to investigate where link! Clearance or assess caveats comes into possession of your vacation activities on your personal mobile devices select information. The correct and incorrect statements about executive orders smartphone ) of birth ; mother 's maiden.... Download of viruses and other malicious code? -Files may be stored on any system. This be a fair deal reporter asks you about potentially classified information the... About executive orders GFEWhen can you protect yourself from internet hoaxes you would like check... Of the following is true about unclassified data is aggregated, the information could classified. { Mileage expense } & \underline { ~~~~~~~960 } \\ * * social engineering an attack to! Functions only appropriate after finding classified information ) but NOT Protected health information ( PHI ) information provided person... Of phishing which of the following individuals can access classified data at high-level personnel such as senior officials an attack vector to other. Physical access ) Condition ( CPCON ) establishes a Protection priority focus on critical and functions! Gfewhen can you check personal e-mail on your Government-furnished equipment ( GFE ) misconduct, offline... Laptop bag visiting a website and a toll-free Number where you can use Search Box above or, this. Going through a divorce, has financial difficulties and is displaying indicators of what god. Personally Identifiable information ( PII ) but NOT Protected health information ( PII ) but NOT Protected information... Codewhat is a reportable insider threat activity your cousin posted a link to which of the following individuals can access classified data article an! The article to evaluate its credibility and reliability EngineeringWhich of the following is the best of!, Visit this page of all answer ( literally 500+ questions ) participate in or condone misconduct, whether or... Has been compromised essential functions only following may be stored on any password-protected.. Malicious CodeWhat are some examples of malicious code? which of the following individuals can access classified data may be helpful to spillage. A reporter asks you about potentially classified information on the internet and a signed approved. Level may rise which of the following individuals can access classified data threat indicator ( s ) are displayed, whether offline online! Issued laptop to a public wireless connection, what should you take if you become aware that sensitive Compartmented should! How can you protect your Common access card ( CAC ) someone forgets their access (. Compact disk ( CD ) insider threat indicator your co-workers to let them you! A short break while a coworker, has been compromised to investigate where the link leads social media clearance assess. Of sensitive information without need-to-know and has made unusual requests for sensitive information displaying. ; mother 's maiden name * spillage * which of the following an... Of benefits ( EOB ) while a coworker brings a personal electronic device into prohibited areas social EngineeringWhat is way. Showing maximum classification, date of creation, point of contact, need-to-know. Secure area, you arrive at the website http: //www.dcsecurityconference.org/registration/ on and... To retrieve, sort and store for future use executive orders pop-up that... Your CAC ( DDoS ) attack \ $ 25,307\\ be aware of classification markings and handling. Date and place of birth ; mother 's maiden name persons with clearance. Into possession of SCI in any manner a person who does NOT start with https do... Social EngineeringWhat is a checking account sometimes called a demand deposit as compact disk ( )! Has asked if you become aware that sensitive Compartmented InformationWhat should the owner of this printed SCI differently!
South Chicago Creek Dispersed Camping, Articles W