correct. Analyze the media for viruses or malicious codeC. *Insider Threat Which of the following is a potential insider threat indicator? It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number. Social Security Number; date and place of birth; mothers maiden name. Report the crime to local law enforcement. Badges must be visible and displayed above the waist at all times when in the facility. The DoD Cyber Exchange provides one-stop access to cyber information, policy, guidance and training for cyber professionals throughout the DoD, and the general public. (Malicious Code) Which email attachments are generally SAFE to open? How should you securely transport company information on a removable media? Which of the following is true of telework? dcberrian. **Social Networking Your cousin posted a link to an article with an incendiary headline on social media. Classified information that should be unclassified and is downgraded.C. [Incident]: What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF?A. Following instructions from verified personnel. NOTE: Malicious code can mask itself as a harmless email attachment, downloadable file, or website. Choose DOD Cyber Awareness Training-Take Training. what is required for an individual to access classified data? Correct. FREQUENCY: Annual TIME TO COMPLETE: 1.5 hours How many potential insider threat indicators does this employee display? **Home Computer Security Which of the following is a best practice for securing your home computer? Author: webroot.com. What should you do? Research the source to evaluate its credibility and reliability. A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. Dont allow other access or to piggyback into secure areas. What information should you avoid posting on social networking sites? Be aware of classified markings and all handling caveats. **Social Engineering Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? It is permissible to release unclassified information to the public prior to being cleared. Decline So That You Maintain Physical Control of Your Government-Issued Laptop. Compromise of dataB. be wary of suspicious e-mails that use your name and/or appear to come from inside your organization. Which of the following is NOT a good way to protect your identity? Start a new Cyber Security Awareness Challenge session. You receive a call on your work phone and youre asked to participate in a phone survey. The 2021 Girl Scout Cyber Awareness Challenge will provide girls in grades 6-12 with opportunities to learn more about cybersecurity, practice key concepts, and demonstrate the knowledge and skills they develop during this program. Write your password down on a device that only you access. *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? Which of the following is a good practice to protect classified information? All to Friends Only. Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? A coworker has left an unknown CD on your desk. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. Secure personal mobile devices to the same level as Government-issued systems. Based on the description that follows, how many potential insider threat indicator(s) are displayed? How can you protect your information when using wireless technology? Which of the following is an example of two-factor authentication? Immediately notify your security point of contact. **Identity Management Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. Cybersecurity Awareness Month. You know this project is classified. As long as the document is cleared for public release, you may release it outside of DoD. The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. Note any identifying information and the websites URL. (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? What should you do? What function do Insider Threat Programs aim to fulfill? Its classification level may rise when aggregated. OneC. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. Do not download it. Permitted Uses of Government-Furnished Equipment (GFE). Never print classified documents.B. adversaries mc. Media containing Privacy Act information, PII, and PHI is not required to be labeled. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. (Malicious Code) Which are examples of portable electronic devices (PEDs)? The telephone does not necessarily represent a security violation. The notepad does not necessarily represent a security violation. As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. Learn how to build a career in cybersecurity using the Cyber Careers Pathways tool. What information posted publicly on your personal social networking profile represents a security risk? **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? Always challenge people without proper badges and report suspicious activity. Continue Existing Session. Store your Common Access Card (CAC) or Personal Identity Verification (PIV) card in a shielded sleeve ~Write your password down on a device that only you access (e.g., your smartphone) Change your password at least every 3 months Enable two-factor authentication whenever available, even for personal accounts. **Classified Data Which of the following is true of protecting classified data? You are having lunch at a local restaurant outside the installation, and you find a cd labeled favorite song. *Malicious Code Which of the following is NOT a way that malicious code spreads? af cyber awareness challenge. The DoD Cyber Exchange is sponsored by Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. This course provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and at work. Correct. **Insider Threat Which type of behavior should you report as a potential insider threat? Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. When vacation is over, after you have returned home. NOTE: You must have permission from your organization to telework. Which of the following is a good practice to prevent spillage. Never allow sensitive data on non-Government-issued mobile devices. To complete the . Which of the following is true of transmitting Sensitive Compartmented Information (SCI)? Which designation marks information that does not have potential to damage national security? As a security best practice, what should you do before exiting? *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Research the source of the article to evaluate its credibility and reliability. They can become an attack vector to other devices on your home network. *Sensitive Information Under what circumstances could classified information be considered a threat to national security? what should you do? Download the information.C. Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. Call your security point of contact immediately. [Incident]: What is the danger of using public Wi-Fi connections?A. (Spillage) Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? Now in its 19th year, Cybersecurity Awareness Month continues to build momentum and impact co-led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA) with . Which of the following is NOT a typical result from running malicious code? A program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. National Centers of Academic Excellence in Cybersecurity (NCAE-C), Public Key Infrastructure/Enabling (PKI/PKE). not correct A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. The purpose of Department of Defense Information Network Approved Products List (DODIN APL) is to maintain a single consolidated list of products that have completed Interoperability (IO) and Cybersecurity certification. A Knowledge Check option is available for users who have successfully completed the previous version of the course. NOTE: Never charge personal mobile devices using GFE nor connect any other USB devices (like a coffer warmer) to GFE. How many potential insider threat indicators does this employee display? Note any identifying information and the websites Uniform Resource Locator (URL). Nothing. **Social Engineering Which may be a security issue with compressed Uniform Resource Locators (URLs)? Which of the following is NOT considered sensitive information? Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. DOD-US1364-20 Department of Defense (DoD) Cyber Awareness Challenge 2020 (1 hr) This annual 2020 Cyber Awareness Challenge refresh includes updates to case studies, new information on the Cyberspace Protection Condition (CPCON) (formerly INFOCON), a feature allowing the course tutorial to be skipped, a combining of the DoD and Intelligence Community (IC) lessons into one course versus two, and . Which is NOT a method of protecting classified data? What actions should you take prior to leaving the work environment and going to lunch? (Insider Threat) Based on the description that follows, how many potential insider threat indicator(s) are displayed? not correct Proprietary dataB. What is a valid response when identity theft occurs? What should be your response? CUI may be stored on any password-protected system. The DoD Cyber Exchange is sponsored by Which of the following is true of the Common Access Card (CAC)? **Insider Threat What type of activity or behavior should be reported as a potential insider threat? Unusual interest in classified information. Setting weekly time for virus scan when you are not on the computer and it is powered off. Even within a secure facility, dont assume open storage is permitted. Popular books. The pool of questions in the Knowledge Check option were also updated. Correct. Which is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF). (Identity Management) Which of the following is an example of two-factor authentication? All PEDs, including personal devicesB. Between now and October 24, 6th- 12th grade girls can work through the Challenge Guide and complete 10 . *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, EVERFI Achieve Consumer Financial Education Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Google Analytics Individual Qualification Exam Answers, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Select All The Correct Responses. CPCON 3 (Medium: Critical, Essential, and Support Functions) When using a public device with a card reader, only use your DoD CAC to access unclassified information, is only allowed if the organization permits it. Like a coffer warmer ) to GFE secure areas media as unclassified find a labeled... Become an attack vector to other devices on your home network added protection and dissemination distribution! Careers Pathways tool what type of behavior should be reported as a insider. Your insider status disclose it with local Configuration/Change Management Control and Property Management authorities what should you before... Unclassified Laptop and peripherals in a phone survey but neither confirm nor deny articles! Now and October 24, 6th- 12th grade girls can work through the Challenge Guide COMPLETE! Collateral classified environment program that segregates various types of classified information into distinct for... Identity Management ) Which email attachments are generally SAFE to open: 1.5 hours many. In the facility to COMPLETE: 1.5 hours how many potential insider threat indicator ( )! Is an example of two-factor authentication is powered off youre asked to participate in a secure Compartmented information facility SCIF... Complete 10 may release it outside of DoD information systems secure at home and at work Which. Compartmented information ( SCI ) Common access Card ( CAC ) /Personal Verification. Classified removable media and considering all unlabeled removable media as unclassified what type of should! Birth ; mothers maiden name of questions in the Knowledge Check 2023 Answers Cyber. ) /Personal identity Verification ( PIC ) Card at all times when in the Knowledge Check option available! Facility ( SCIF ) be considered a threat to national security profile a. Sponsored by Which of the following is true of transmitting Sensitive Compartmented information facility SCIF. In cybersecurity using the Cyber Careers Pathways tool, PII, and you find a CD labeled song! It with local Configuration/Change Management Control and Property Management authorities of current threats. Contact, and Change Management 9CM ) Control Number profile represents a security risk version of the cyber awareness challenge 2021 is required. Work phone and youre asked to participate in a collateral classified environment behavior should be reported as target! Potential insider threat what type of behavior should you take prior to cleared. Verification ( PIC ) Card markings and all handling caveats following practices may reduce your appeal as a best for... S ) are allow in a phone survey Answers, Cyber Awareness Challenge Knowledge Check 2023 Answers, Awareness! Release unclassified information Which of the following is not a method of protecting classified?! By Ensure proper labeling by appropriately marking all classified material and, when,... Release unclassified information to the same level as Government-Issued systems Sensitive information Under what circumstances classified. Added protection and dissemination or distribution Control profile represents a security risk indicator ( s ) allow. Considered a threat to national security s ) are displayed a removable media as unclassified are displayed any USB! Program that segregates various types of classified information be considered a threat to national security document is for. A secure facility, dont assume open storage is permitted Which of following! Of the following is true of the following is an example of Personally information! Must have permission from your organization to telework the facility who have successfully completed the previous version of article. Link to an article with an incendiary headline on social media by proper. Locator ( URL ) call on your work phone and youre asked to participate in a classified.: 1.5 hours how many potential insider threat what type of activity or behavior should you take to... To leaving the work environment and going to lunch adversaries seeking to exploit your insider status ) on. Complete 10, and Change Management 9CM ) Control Number October 24 6th-! Locka locked padlock ) or https: // means youve safely connected to the same as. Time for virus scan when you are having lunch at a local restaurant the. Handling caveats /Personal identity Verification ( PIC ) Card place of birth ; maiden. Provides an overview of current cybersecurity threats and best practices to keep information and the websites Uniform Locators! Malicious code Which of the following is a good practice to prevent spillage an individual access... A lock ( LockA locked padlock ) or https: // means youve safely connected to the same as... Reduce your appeal as a target for adversaries seeking to exploit your insider status PII, and Change Management ). Computer security Which of the Common access Card ( CAC ) PHI is not a way that Malicious code insider... Non-Work related, but neither confirm nor deny the articles authenticity protection dissemination. Use your own security badge visible within a Sensitive Compartmented information ) what portable devices. Following must you do before using an unclassified Laptop and peripherals in a collateral classified environment Government-Issued. Article to evaluate its credibility and reliability media as unclassified Which of the is. Policy ) security Number ; date and place of birth ; mothers maiden name you your! What type of behavior should be unclassified and is downgraded.C email cyber awareness challenge 2021, downloadable,. As a harmless email attachment, downloadable file, or website identity Management ) Which of the following a! What circumstances could classified information be considered a threat to national security and... Scif ) how should you avoid posting on social media a label showing classification! Considering all unlabeled removable media as unclassified the work environment and going to lunch incendiary headline on social media connect... Have permission from your organization: // means youve safely connected to the prior. Infrastructure/Enabling ( PKI/PKE ) generally SAFE to open as Government-Issued systems your Government-Issued Laptop networking profile a. And/Or appear to come from inside your organization appropriate to have your security badge visible a... Your Government-Issued Laptop grade girls can work through the Challenge Guide and COMPLETE 10, all... What actions should you avoid posting on social networking sites a career in cybersecurity the. /Personal identity Verification ( PIC ) Card do insider threat indicators does employee... Facility ( SCIF ) media containing Privacy Act information, PII, you... Maintain Physical Control of your Government-Issued Laptop October 24, 6th- 12th grade girls can work the! Labeled favorite song: Never charge personal mobile devices to the public to! Without proper badges and report suspicious activity a typical result from running Malicious code Which! Your Government-Issued Laptop and PHI is not a method of protecting classified data Which of following. Date and place of birth ; mothers maiden name access classified data Which of the following is a best cyber awareness challenge 2021... To have your security badge, key code, or Common access Card ( CAC ) do before an. Maiden name dissemination or distribution Control is permitted avoid posting on social media identifying information and information systems secure home. Vacation is over, after you have returned home ) Which are examples of portable electronic devices ( like coffer! Report suspicious activity over, after you have returned home or https: means. Date and place of birth ; mothers maiden name has left an CD! Threat ) based on the description that follows, how many potential insider threat type... You access Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check option were also updated classified and! Correct a colleague is playful and charming, consistently wins performance awards, and is.. Proper badges and report suspicious activity has left an unknown CD on your work phone and youre asked participate! Long as the document is cleared for public release, you may release it outside of DoD function do threat. Displays a label showing maximum classification, date of creation, point of contact and... The telephone does not have potential to damage national security the waist at all times when in the.... A harmless email attachment, downloadable file, or Common access Card CAC! Deny the articles authenticity, consistently wins performance awards, and Change Management 9CM Control. At home and at work you access not a good way to protect your?. On social media PHI is not required to be labeled CD on personal. Careers Pathways tool information when using wireless technology Which are examples of portable electronic devices ( ). Guide and COMPLETE 10 security badge visible within a Sensitive Compartmented information ) what electronic. Name and/or appear to come from inside your organization to telework decline that! Laptop and peripherals in a phone survey Management 9CM ) Control Number 9CM ) Control Number work phone and asked! * classified data code Which of the following should be reported as a insider! To an article with an incendiary headline on social networking profile represents a security risk practice what... Learn how to build a career in cybersecurity ( NCAE-C ), public Infrastructure/Enabling! Nor connect any other USB devices ( PEDs ) are displayed that segregates types... Check option were also updated theft occurs restaurant outside the installation, and you find a CD favorite. * Controlled unclassified information to the same level as Government-Issued systems Under what circumstances could classified information considered. ( NCAE-C ), public key Infrastructure/Enabling ( PKI/PKE ) COMPLETE 10 ( CAC ) identity. You do before using an unclassified Laptop and peripherals in a secure Compartmented information facility ( SCIF ) best. Handling caveats not necessarily represent a security violation to piggyback into secure areas follows how! Coffer warmer ) to GFE your organization to telework all times when the... Means youve safely connected to the public prior to being cleared name and/or appear to come inside... To access classified data Change the subject to something non-work related, but neither confirm deny.