Who Can Be Permitted Access to Classified Data
We thoroughly check each respond to a question to provide yous with the about right answers. Plant a mistake? Allow united states of america know virtually it through the REPORT button at the bottom of the page.
- What is the best response if you detect classified authorities information on the internet?
Note any identifying information, such as the website's URL, and study the situation to your security POC. - What is a good practice to protect classified data?
Ensure proper labeling by appropriately mark all classified textile and when required, sensitive textile. - How many potential insider threat indicators does a person who is playful and mannerly, consistently wins performance awards, but is occasionally ambitious in trying to admission information display?
Undercover. - Who might "insiders" be able to cause damage to their organizations more than hands than others.
Insiders are given a level of trust and have authorized admission to Government information systems.
*Spillage
After reading an online story about a new security project existence developed on the military installation where you lot piece of work, your neighbor asks y'all to comment near the article. You know this project is classified. What should be your response?
Attempt to change the bailiwick to something not-work related, only neither confirm nor deny the commodity's authenticity.
*Spillage
Which of the following may assist foreclose inadvertent spillage?
Characterization all files, removable media, and subject headers with appropriate classification markings.
*Spillage
A user writes down details marked every bit Secret from a report stored on a classified system and uses those details to typhoon a conference on an unclassified system without authorization. What is the all-time pick to describe what has occurred?
Spillage because classified information was moved to a lower classification level arrangement without potency.
*Spillage
What should you practice when you lot are working on an unclassified system and receive an email with a classified attachment?
Call your security point of contact immediately
*Spillage
What should you do if a reporter asks y'all near potentially classified information on the web?
Ask for information about the website, including the URL.
*Spillage
.What should you exercise if a reporter asks you lot about potentially classified information on the web?
Refer the reporter to your organization's public affairs office.
*Spillage
What is a proper response if spillage occurs?
~Immediately notify your security POC.
*Spillage
Which of the post-obit is a practiced practice to assist in preventing spillage?
Be enlightened of classification markings and all treatment caveats.
**Classified Information
When classified data is not in apply, how can yous protect it?
Store classified data appropriately in a GSA-approved vault/container.
**Classified Information
What is required for an private to access classified data?
Advisable clearance, a signed and approved not-disclosure agreement, and need-to-know
**Classified Data
Which classification level is given to information that could reasonably exist expected to cause serious impairment to national security?
Hugger-mugger
**Classified Data
What is a good do to protect classified information?
Ensure proper labeling by appropriately marking all classified material and, when required, sensitive textile.
**Classified Data
Which of the post-obit is true of protecting classified information?
Classified material must exist accordingly marked.
**Classified Data
Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause?
Damage to national security
**Insider Threat
Which of the following is NOT considered a potential insider threat indicator?
New interest in learning a foreign language
**Insider Threat
A colleague has visited several strange countries recently, has adequate piece of work quality, speaks openly of unhappiness with U.Due south. foreign policy, and recently had his car repossessed. How many potential insider threat indicators does this employee display?
1 Indicator(wrong)
~iii or more indicators
**Insider Threat
A colleague vacations at the embankment every year, is married and a father of four, his piece of work quality is sometimes poor, and he is pleasant to piece of work with. How many potential insider threat indicators does this employee display?
ane indicator
**Insider Threat
How many potential insider threat indicators does a coworker who frequently makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his married woman putting them in credit carte du jour debt, and frequently complains about anxiety and exhaustion brandish?
3 or more indicators
**Insider Threat
How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive data display?
one indicator
**Insider Threat
What advantages practise "insider threats" have over others that allows them to cause harm to their organizations more than easily?
Insiders are given a level of trust and have authorized admission to Government information systems
**Insider Threat
What blazon of activity or behavior should exist reported equally a potential insider threat?
Coworker making consequent statements indicative of hostility or acrimony toward the Us in its policies.
**Insider Threat
Which of the following should be reported every bit a potential security incident?
A coworker removes sensitive data without authorization
**Insider Threat
Which of the following should be reported as a potential security incident (in accordance with you Agency's insider threat policy)?
~A coworker brings a personal electronic device into a prohibited surface area.
**Social Networking
When is the safest time to post details of your vacation activities on your social networking website?
When vacation is over, after you take returned domicile
**Social Networking
What should yous do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sires visited?
Decline the request
*Sensitive Information
Under which circumstances is it permitted to share an unclassified draft certificate with a non-DoD professional discussion group?
As long as the certificate is cleared for public release, you may share it outside of DoD.
*Sensitive Information
What is the best example of Personally Identifiable Information (PII)?
Date and place of birth
*Sensitive Information
Which of the following is the best instance of Personally Identifiable Data (PII)?
Passport number
*Sensitive Data
Which of the following is an example of Protected Health Information (PHI)?
Medical test results
*Sensitive Information
What type of unclassified textile should always be marked with a special handling caveat?
For Official Use Only (FOUO)
*Sensitive Data
Nether what circumstances could classified information be considered a threat to national security?
If aggregated, the data could become classified.
**Physical Security
What is a good practise for concrete security?
Challenge people without proper badges.
**Concrete Security
At which Net Protection Condition (CPCON) is the priority focus on critical functions only?
CPCON one
**Identity Management
Your DoD Common Access Carte du jour (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. In which state of affairs below are yous permitted to use your PKI token?
On a NIPRNet system while using information technology for a PKI-required task
**Identity Management
Which of the post-obit is the nest description of ii-factor authentication?
Something you possess, like a CAC, and something yous know, like a PIN or password
**Identity management
Which is Non a sufficient style to protect your identity?
Employ a common password for all your system and application logons.
**Identity management
What is the best way to protect your Common Access Card (CAC)?
Maintain possession of it at all times.
*Sensitive Compartmented Data
What is a Sensitive Compartmented Information (SCI) program?
A plan that segregates various blazon of classified information into distinct compartments for added protection and broadcasting for distribution control.
*Sensitive Compartmented Information
Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)?
A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner.
*Sensitive Compartmented Information
When should documents be marked within a Sensitive Compartmented Information Facility (SCIF)
~All documents should be accordingly marked, regardless of format, sensitivity, or classification.
Unclassified documents exercise not demand to be marked every bit a SCIF.
Simply paper documents that are in open storage need to be marked.
But documents that are classified Secret, Elevation Cloak-and-dagger, or SCI require marking. (Wrong)
*Sensitive Compartmented Information
Which must exist canonical and signed by a cognizant Original Nomenclature Potency (OCA)?
Security Classification Guide (SCG)
**Removable Media in a SCIF
What must users ensure when using removable media such as compact deejay (CD)?
It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number.
*Malicious Code
What are some examples of malicious lawmaking?
Viruses, Trojan horses, or worms
**Website Use
While you are registering for a conference, y'all make it at the website http://world wide web.dcsecurityconference.org/registration/. The website requires a credit card for registration. What should you do?
Since the URL does not start with "https," practice non provide you lot credit menu data.
**Social Engineering science
Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your electronic mail?
Do not access links or hyperlinked media such every bit buttons and graphics in email letters.
**Social Applied science
What is Truthful of a phishing attack?
Phishing tin be an email with a hyperlink as bait.
**Social Engineering
Which of the following is a manner to protect against social engineering?
Follow instructions given only by verified personnel.
**Travel
What is a best practice while traveling with mobile computing devices?
Maintain possession of your laptop and other government-furnished equipment (GFE) at all times.
**Utilize of GFE
Under what circumstances is it acceptable to use your Government-furnished computer to cheque personal e-mail and do other non-piece of work-related activities?
If allowed by organizational policy
**Mobile Devices
Which is a dominion for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems?
Do not use whatever personally owned/non-organizational removable media on your arrangement'south systems.
**Mobile Devices
Which of the post-obit helps protect data on your personal mobile devices?
Secure personal mobile devices to the same level as Government-issued systems.
**Dwelling house Computer Security
How can you lot protect your data when using wireless applied science?
Avoid using not-Bluetooth-paired or unencrypted wireless computer peripherals.
What is the best response if yous find classified regime data on the internet?
Notation any identifying data, such as the website'due south URL, and report the situation to your security POC.
What information posted publicly on your personal social networking contour represents a security chance?
Your place of nascence
What is the best instance of Protected Wellness Information (PHI)?
Your health insurance explanation of benefits (EOB)
What does Personally Identifiable Data (PII) include?
Social Security Number; engagement and place of birth; mother's maiden proper noun
What certificates are contained on the DoD Public Central Infrastructure (PKI) implemented by the Common Access Carte (CAC)/Personal Identity Verification (PIV) card?
Identification, encryption, and digital signature
What describes how Sensitive Compartmented Information is marked?
Approved Security Classification Guide (SCG)
Which is a risk associated with removable media?
Spillage of classified information.
What is an indication that malicious code is running on your arrangement?
File corruption
What is a valid response when identity theft occurs?
Report the crime to local constabulary enforcement.
What is whaling?
A blazon of phishing targeted at high-level personnel such as senior officials.
What is a best exercise to protect information on your mobile computing device?
Lock your device screen when non in apply and crave a password to reactivate.
What is a possible indication of a malicious code attack in progress?
A pop-up window that flashes and warns that your computer is infected with a virus.
Which of the following may be helpful to prevent inadvertent spillage?
Which of the following may be helpful to prevent inadvertent spillage?
What should you do after y'all have ended a telephone call from a reporter request yous to confirm potentially classified info found on the web?
Warning your security betoken of contact.
Which of the following is NOT an example of sensitive information?
Which of the following is Non an case of sensitive information?
PII
SSN, date and place of birth, mother'southward maiden name, biometric records, PHI, passport number
PHI
Subset of PII, health information that identifies the individual, relates to physical or mental health of an individual, provision of health care to an individual, or payment of healthcare for individual
Which of the following is NOT a typical event from running malicious code?
Disable cookies
What kind of information could reasonably be expected to cause serious harm to national security in the event of unauthorized disclosure?
Cloak-and-dagger
Telework
Have your permissions from your organization, follow your organization guideline, use authorized equipment and software, employ cyber security all-time do, perform telework in dedicated when dwelling house.
Which of the post-obit should exist reported as a potential security incident (in accordance with your Agency'southward insider threat policy)?
A coworker brings a personal electronic device into prohibited areas.
A colleague complains virtually anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions nigh classified projects, and complains nearly the credit card bills that his married woman runs up. How many potential insider threat indicators does this employee display?
3 or more indicators
A colleague has won ten loftier-performance awards, tin be playful and charming, is non currently in a relationship, and occasionally aggressive in trying to access sensitive data. How many potential insider threat indicators does this employee display?
one indicator
What information most likely presents a security risk on your personal social networking profile?
Mother's maiden name
Which of the post-obit represents a good physical security practise?
Use your own security bluecoat, key code, or Common Admission Card (CAC)/Personal Identity Verification (PIC) card.
How should you protect your Mutual Access Card (CAC) or Personal Identity Verification (PIV) carte du jour?
Store it in a shielded sleeve to avoid scrap cloning.
Which of the following statements is NOT truthful about protecting your virtual identity?
Use personal information to assist create potent passwords.
While you lot are registering for a conference, you make it at the website http://www.dcsecurityconference.org/registration/. The website requires a credit bill of fare for registration. What should y'all do?
Since the URL does not start with "https," practice not provide your credit card information.
You receive an email from the Internal Acquirement Service (IRS) demanding immediate payment of back taxes of which you lot were not aware. The email provides a website and a toll-costless number where you can make payment. What action should you have?
Contact the IRS using their publicly available, official contact information.
Which of the post-obit is a practice that helps to prevent the download of viruses and other malicious code when checking your e-mail?
Do non access links or hyperlinked media such as buttons and graphics in email letters.
Which of the following is truthful of Net hoaxes?
They can be office of a distributed denial-of-service (DDoS) attack.
Which of the post-obit is Non true of traveling overseas with a mobile telephone?
Physical security of mobile phones carried overseas is not a major consequence.
A coworker has asked if you want to download a developer'south game to play at piece of work. What should be your response?
I'll pass.
A coworker wants to send you a sensitive document to review while you are at lunch and you but have your personal tablet. What should you do?
Never permit sensitive data on not-Regime-issued mobile devices.
A human being yous exercise not know is trying to expect at your Authorities-issued phone and has asked to utilise it. What should you practice?
Decline to lend the man your phone.
How can you protect your information when using wireless technology?
Avoid using non-Bluetooth-paired or unencrypted wireless calculator peripherals.
What should you do if a reporter asks you nigh potentially classified information on the spider web?
Neither confirm or deny the information is classified.
Which of the post-obit may be helpful to foreclose inadvertent spillage?
Label all files, removable media, and subject headers with advisable classification markings.
What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure?
Secret
Which of the following is NOT true concerning a reckoner labeled Hole-and-corner?
May be used on an unclassified network.
A colleague complains virtually feet and exhaustion, makes coworkers uncomfortable by asking excessive questions nearly classified projects, and complains about the credit card bills that his wife runs upwardly. How many potential insider threat indicators does this employee brandish?
iii or more indicators
Which of the following should be reported as a potential security incident?
A coworker removes sensitive information without approval.
Which of the post-obit should be reported as a potential security incident (in accordance with your Bureau'south insider threat policy)?
A coworker brings a personal electronic device into prohibited areas.
When would exist a good time to postal service your holiday location and dates on your social networking website?
When you lot render from your vacation.
In setting up your personal social networking service business relationship, what email address should you utilise?
Your personal email address.
Which of the post-obit is NOT a correct way to protect sensitive information?
Sensitive information may be stored on any password-protected system.
Which of these is true of unclassified data?
Information technology's classification level may ascension when aggregated.
Is it permitted to share an unclassified typhoon document with a non-DoD professional person discussion grouping?
As long as the document is cleared for public release, you may share it outside of DoD.
Within a secure area, you see an private you lot do non know. Her bluecoat is non visible to y'all. What is the best grade of action?
Ask the individual to place herself.
How should you lot protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card?
Shop it in a shielded sleeve to avoid chip cloning.
Your DoD Common Access Card (CAC) has a Public Cardinal Infrastructure (PKI) token approves for access to the NIPRNET. In which state of affairs below are you permitted to utilize your PKI token?
On a NIPRNET system while using it for a PKI-required task
Later clicking on a link on a website, a box pops up and asks if you want to run an awarding. Is information technology okay to run it?
No. Just allow mobile code to run from your organisation or your organization's trusted sites.
Upon connecting your Government- issued laptop to a public wireless connexion, what should you immediately practise?
Connect to the Regime Virtual Private Network (VPN).
Source: https://quizzma.com/cyber-awareness-answers/
0 Response to "Who Can Be Permitted Access to Classified Data"
Post a Comment