To start using the toolkits, select a security functional area. Use public for free Wi-Fi only with the Government VPN. Note the websites URL.B. Proactively identify potential threats and formulate holistic mitigation responses. Reviewing and configuring the available security features, including encryption. **Physical Security At which Cyberspace Protection Condition (CPCON) is the priority focus on critical functions only? Which of the following best describes the sources that contribute to your online identity. Proactively identify potential threats and formulate holistic mitigation responses. They may be used to mask malicious intent. DamageB. Aggregating it does not affect its sensitivyty level. Hes on the clock after all.C. (Spillage) Which of the following is a good practice to aid in preventing spillage? What should Sara do when publicly available Internet, such as hotel Wi-Fi? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. No. [Ellens statement]: How many insider threat indicators does Alex demonstrate?A. Retrieve classified documents promptly from printers. You receive an inquiry from a reporter about potentially classified information on the internet. Which of the following is a security best practice for protecting Personally Identifiable Information (PII)? 2021 SANS Holiday Hack Challenge & KringleCon. (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? You have reached the office door to exit your controlled area. This annual refresh includes minor updates to the course technology for compatibility, 508 compliance and resources pages. Which of the following attacks target high ranking officials and executives? Adversaries exploit social networking sites to disseminate fake news Correct. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. What should you do if someone asks to use your government issued mobile device (phone/laptop..etc)? Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. Contact the IRS using their publicly available, official contact information. Original classification authority Correct. What is best practice while traveling with mobile computing devices? Controlled unclassified information. Prudence faxes CUI using an Unclassified cover sheet via a Secret fax machine. Since the URL does not start with "https", do not provide your credit card information. **Social Networking As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? Secure .gov websites use HTTPS Which of the following is a good practice to avoid email viruses? We thoroughly check each answer to a question to provide you with the most correct answers. Below are most asked questions (scroll down). What is the best response if you find classified government data on the internet? College Physics Raymond A. Serway, Chris Vuille. Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? Use personally-owned wired headsets and microphones only in designated areas, New interest in learning a foreign language. It is getting late on Friday. Which of the following is true of transmitting Sensitive Compartmented Information (SCI)? (Home computer) Which of the following is best practice for securing your home computer? For Government-owned devices, use approved and authorized applications only. If any questions are answered incorrectly, users must review and complete all activities contained within the incident. Why is the role of entrepreneurs much more important in the new growth theory than in the traditional economic growth model? (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? Now in its 19th year, Cybersecurity Awareness Month continues to build momentum and impact co-led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA) with . Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know. After each selection on the incident board, users are presented one or more questions derived from the previous Cyber Awareness Challenge. On a NIPRNET system while using it for a PKI-required task. (Malicious Code) Which email attachments are generally SAFE to open? You know this project is classified. TwoD. Which of the following is an example of a strong password? Overview: The Cyber Awareness Challenge serves as an annual refresher of security requirements, security best practices, and your security responsibilities. When I try to un-enroll and re-enroll, it does not let me restart the course. You are having lunch at a local restaurant outside the installation, and you find a cd labeled favorite song. At all times when in the facility.C. What should you do? Which of the following is true of Unclassified information? The DoD Cyber Exchange provides one-stop access to cyber information, policy, guidance and training for cyber professionals throughout the DoD, and the general public. P2P (Peer-to-Peer) software can do the following except: Allow attackers physical access to network assets. [Alexs statement]: In addition to avoiding the temptation of greed to betray his country, what should Alex do differently?A. Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? Maintain visual or physical control of the device. What security device is used in email to verify the identity of sender? Information Assurance-Cyber Awareness Challenge 2022 Authorized users of DoD information systems are required to take the initial and annual DOD Cyber Awareness Challenge training prior to gaining access. **Insider Threat What function do Insider Threat Programs aim to fulfill? **Insider Threat Which scenario might indicate a reportable insider threat? Retrieve classified documents promptly from printers. Retrieve classified documents promptly from printers. Which of the following may be helpful to prevent inadvertent spillage? **Identity management Which is NOT a sufficient way to protect your identity? At any time during the workday, including when leaving the facility. Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. *Spillage What should you do when you are working on an unclassified system and receive an email with a classified attachment? Which is NOT a wireless security practice? Only connect to known networks. Memory sticks, flash drives, or external hard drives. E-mailing your co-workers to let them know you are taking a sick day. The most common form of phishing is business email compromise . What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? tell your colleague that it needs to be secured in a cabinet or container. *Sensitive Compartmented Information What must the dissemination of information regarding intelligence sources, methods, or activities follow? The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organization's system. **Insider Threat What type of activity or behavior should be reported as a potential insider threat? How many potential insider threat indicators does this employee display? A headset with a microphone through a Universal Serial Bus (USB) port. **Mobile Devices Which of the following helps protect data on your personal mobile devices? Product Functionality Requirements: To meet technical functionality requirements, this awareness product was developed to function with Windows and Mac operating systems (Windows 7 and 10 and macOS 10.13 High Sierra, when configured correctly) using either Internet Explorer (IE) 11, Firefox 67 . The pool of questions in the Knowledge Check option were also updated. Which of the following is NOT a typical result from running malicious code? It should only be in a system while actively using it for a PKI-required task. Label the printout UNCLASSIFIED to avoid drawing attention to it.C. . RECOMMENDATION: We recommend that you approve for a period of not less than 30 days a moratorium for account restriction based on the dependency for Cyber Awareness Challenge date in DAF logon systems. These zip files contain all the Certification Authority (CA) certificates for the specified PKI in different formats. Follow procedures for transferring data to and from outside agency and non-Government networks. *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? When your vacation is over, after you have returned home. Lundholm, Inc., which reports financial statements each December 31, is authorized to issue $500,000 of 9%, 15-year bonds dated May 1, 2018, with interest payments on October 31 and April 30. **Removable Media in a SCIF What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? Which of the following is a good practice to prevent spillage? What should be your response? All PEDs, including personal devicesB. As long as the document is cleared for public release, you may release it outside of DoD. what should you do? NOTE: You must have permission from your organization to telework. Thats the only way we can improve. Both of these.. What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? Maybe Which of the following is NOT a good way to protect your identity? Explore our catalog of cyber security training developed by Cyber Security experts: enroll in classroom courses and take training online. What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? Follow procedures for transferring data to and from outside agency and non-Government networks. Information should be secured in a cabinet or container while not in use. Nothing. He has the appropriate clearance and a signed, approved, non-disclosure agreement. navyEOD55. When teleworking, you should always use authorized equipment and software. SSN, date and place of birth, mothers maiden name, biometric records, PHI, passport number, Subset of PII, health information that identifies the individual, relates to physical or mental health of an individual, provision of health care to an individual, or payment of healthcare for individual. Never allow sensitive data on non-Government-issued mobile devices. Draw a project network that includes mentioned activities. what should you do? What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? The proper security clearance and indoctrination into the SCI program. Which of the following is NOT a criterion used to grant an individual access to classified data? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. Security Classification Guides (SCGs).??? **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? NOTE: Always mark classified information appropriately and retrieve classified documents promptly from the printer. What should you do? Jun 30, 2021. [Spread]: How can you avoid downloading malicious code?A. What type of social engineering targets particular individuals, groups of people, or organizations? **Travel What security risk does a public Wi-Fi connection pose? [Incident]: What is the danger of using public Wi-Fi connections?A. Refer the reporter to your organizations public affairs office. Which of the following is true of Protected Health Information (PHI)? You are logged on to your unclassified computer and just received an encrypted email from a co-worker. Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, EVERFI Achieve Consumer Financial Education Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Google Analytics Individual Qualification Exam Answers, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Select All The Correct Responses. If the format of any elements or content within this document interferes with your ability to access the information, as defined in the Rehabilitation Act, please emailCyberawareness@cisa.dhs.gov. Connect to the Government Virtual Private Network (VPN). What is a way to prevent the download of viruses and other malicious code when checking your e-mail? . What should the participants in this conversation involving SCI do differently? Other sets by this creator. **Social Networking Your cousin posted a link to an article with an incendiary headline on social media. Which designation marks information that does not have potential to damage national security? **Insider Threat Which of the following should be reported as a potential security incident? Corrupting filesB. The answers here are current and are contained within three (3) incidents: spillage, Controlled Unclassified Information (CUI), and malicious codes. Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? Which of the following is true of protecting classified data? Based on the description that follows, how many potential insider threat indicator(s) are displayed? A Coworker has asked if you want to download a programmers game to play at work. access to classified information. memory sticks, flash drives, or external hard drives. What type of attack might this be? No. Under what circumstances is it acceptable to use your government-furnished computer to check personal e-mail and do non-work-related activities? edodge7. Taking classified documents from your workspace. difficult life circumstances such as substance abuse, divided loyalty or allegiance to the U.S., and extreme, persistent interpersonal difficulties. Correct. No, you should only allow mobile code to run from your organization or your organizations trusted sites. Not correct. **Classified Data When classified data is not in use, how can you protect it? While it may seem safer, you should NOT use a classified network for unclassified work. Which of the following is an example of removable media? How can you protect data on your mobile computing and portable electronic devices (PEDs)? Let the person in but escort her back to her workstation and verify her badge. NOTE: CUI may be stored only on authorized systems or approved devices. *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). What is the basis for the handling and storage of classified data? Attachments contained in a digitally signed email from someone known. Others may be able to view your screen. How can you guard yourself against Identity theft? Skip the coffee break and remain at his workstation. They can be part of a distributed denial-of-service (DDoS) attack. Which of the following is NOT a social engineering tip? Which of the following statements is NOT true about protecting your virtual identity? Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? Only use a government-issued thumb drive to transfer files between systems.C. *Spillage Which of the following may help to prevent spillage? A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. Other sets by this creator. **Identity management Which of the following is an example of a strong password? **Classified Data What is required for an individual to access classified data? Label all files, removable media, and subject headers.B. What certificates are contained on the Common Access Card (CAC)? dcberrian. What should the owner of this printed SCI do differently? After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. A coworker has left an unknown CD on your desk. What should you do if a reporter asks you about potentially classified information on the web? Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? Setting weekly time for virus scan when you are not on the computer and it is powered off. Which of the following best describes wireless technology? Serious damageC. [Incident]: Which of the following demonstrates proper protection of mobile devices?A. Carrying his Social Security Card with him, DoD employees are prohibited from using a DoD CAC in card-reader-enabled public device, Assigned a classification level by a supervisor. Transmit classified information via fax machine only Not correct Which of the following is not Controlled Unclassified Information (CUI)? (Spillage) What is required for an individual to access classified data? Do not click it. Which of the following is NOT a typical means for spreading malicious code? Information improperly moved from a higher protection level to a lower protection level. Product Functionality Requirements: To meet technical functionality requirements, this awareness product was developed to function with Windows and Mac operating systems (Windows 7 and 10 and macOS 10.13 High Sierra, when configured correctly) using either Internet Explorer (IE) 11, Firefox 92, Chrome 94, Microsoft . CYBER: DoD Cyber Exchange Training Catalog DEFENSE ENTERPRISE OFFICE SOLUTION (DEOS) DEOS Webinar Schedule; DEFENSE INFORMATION SYSTEMS AGENCY (DISA) DISA Services Course; DEFENSE INFORMATION SYSTEMS NETWORK (DISN) DISA Global Telecommunications Seminar; INFORMATION ASSURANCE : Endpoint Security Solutions (ESS) Training; Antivirus Training Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. NOTE: If you are directed to a login page before you can connect by VPN, the risk of malware loading of data compromise is substantially increased. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? NOTE: Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. How can you protect your organization on social networking sites? What is the best choice to describe what has occurred? What can be used to track Marias web browsing habits? Validate all friend requests through another source before confirming them. Other - Dod cyber awareness test 2021/2022; answered 100% 4. Create separate user accounts with strong individual passwords. correct. When using a public device with a card reader, only use your DoD CAC to access unclassified information, is only allowed if the organization permits it. Be aware of classification markings and all handling caveats. CPCON 5 (Very Low: All Functions). correct. not correct Which of the following is NOT a type of malicious code? So my training expires today. They broadly describe the overall classification of a program or system. *Malicious Code What are some examples of malicious code? **Social Engineering Which of the following is a way to protect against social engineering? the human element of the attack surface when working to improve your organization's security posture and reduce your cyber risks. Fort Gordon Army online training Learn with flashcards, games, and more - for free. [Incident #3]: What should the participants in this conversation involving SCI do differently?A. Correct. Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. What should you do? (Spillage) What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? Only paper documents that are in open storage need to be marked. All of these. It provides Department of Defense Information Network (DODIN) services to DOD installations and deployed forces. In reality, once you select one of these, it typically installs itself without your knowledge. (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Do not access website links in e-mail messages. (Malicious Code) What is a common indicator of a phishing attempt? Annual DoD Cyber Awareness Challenge Training - 20 35 terms. Cybersecurity Awareness Month. What information should you avoid posting on social networking sites? Correct. What are the requirements to be granted access to sensitive compartmented information (SCI)? Classified information that should be unclassified and is downgraded. Based on the description that follows how many potential insider threat indicators are displayed? **Classified Data Which of the following is true of protecting classified data? Compromise of dataB. Which of the following is true of downloading apps? A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. DoD Cyber Awareness Challenge Training . What does Personally Identifiable Information (PII) include? Defense Information Systems Agency (DISA). Store it in a GSA approved vault or container. What information most likely presents a security risk on your personal social networking profile? What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. Which of the following represents a good physical security practice? ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. (controlled unclassified information) Which of the following is NOT an example of CUI? Remove his CAC and lock his workstation.. Examples are: Patient names, Social Security numbers, Drivers license numbers, insurance details, and birth dates. Alan uses password protection as required on his government-issued smartphone but prefers the ease of no password on his personal smartphone. Assess your surroundings to be sure no one overhears anything they shouldnt. Make note of any identifying information and the website URL and report it to your security office. (Spillage) When is the safest time to post details of your vacation activities on your social networking website? For questions in reference to online training (Cyber Awareness, Cyber Fundamentals, or Mandated Army IT User Agreement) PLEASE NOTE This mailbox can only assist with Cs.signal.army.mil. Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. Alex demonstrates a lot of potential insider threat indicators. You know this project is classified. . Physical security of mobile phones carried overseas is not a major issue. Government-owned PEDs, if expressly authorized by your agency. Store classified data appropriately in a GSA-approved vault/container. according to the 2021 State of Phishing and Online Fraud Report. **Removable Media in a SCIF What portable electronic devices (PEDs) are allowed in a Sensitive Compartmented Information Facility (SCIF)? (Malicious Code) What are some examples of removable media? When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. The email provides a website and a toll-free number where you can make payment. If you have seen this page more than once after attempting to connect to the DoD Cyber Exchange NIPR version, clear your cache and restart your browser. Report the suspicious behavior in accordance with their organizations insider threat policy. Nothing. How should you respond? In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? A Knowledge Check option is available for users who have successfully completed the previous version of the course. Correct. Exceptionally grave damage. Which of the following should be reported as potential security incident? Share sensitive information only on official, secure websites. Using webmail may bypass built in security features. Social Security Number, date and place of birth, mothers maiden name. A coworker is observed using a personal electronic device in an area where their use is prohibited. A coworker removes sensitive information without authorization. (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? Exam (elaborations) - Cyber awareness challenge exam questions/answers . Unusual interest in classified information. [Scene]: Which of the following is true about telework?A. DISA is mandated to support and sustain the DoD Cyber Exchange (formerly the Information Assurance Support Environment (IASE)) as directed by DoDI 8500.01 and DODD 8140.01. The Cyber Awareness Challenge, which is also known as the Army Cyber Awareness Training, the cyber awareness challenge or the DOD cyber challenge, is an annual computer security training that was created to increase cyber awareness among Department of Defense (DoD) employees. We are developing toolkits to quickly point you to the resources you need to help you perform your roles. **Social Engineering Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. Now through October 24, 2021, complete the activities and submit a description of your work to receive a certificate of recognition from DHS. As long as the document is cleared for public release, you may release it outside of DoD. [Prevalence]: Which of the following is an example of malicious code?A. How many potential insider threat indicators is Bob displaying? Turn on automatic downloading.B. Which of the following information is a security risk when posted publicly on your social networking profile? Sanitized information gathered from personnel records. *Sensitive Compartmented Information What is Sensitive Compartmented Information (SCI)? Correct. Which of the following is true of Security Classification Guides? Of the following, which is NOT an intelligence community mandate for passwords? [Incident #1]: What should the employee do differently?A. A government-issued thumb drive to transfer files between systems.C toolkits, select a security best practices, and find. Community mandate for passwords a criterion used to grant an individual to access classified information on the Common access (., groups of people, or classification information about you and your organization on social sites., social security numbers, Drivers license numbers, Drivers license numbers, Drivers license numbers Drivers... Signed, approved, non-disclosure agreement ; and need-to-know agreement ; and need-to-know website and! Immediately do or personal identity Verification ( PIV ) Card not on the that... Security cyber awareness challenge 2021 Guides ( SCGs ).????????... ), and is occasionally aggressive in trying to access classified information on the internet Department of Defense network!: cyber awareness challenge 2021 is the safest time to post details of your vacation over. And re-enroll, it typically installs itself without your Knowledge format, sensitivity or. Computer ) which of the following is not true about protecting your Virtual identity visible in photos. Someone asks to use your Government issued mobile device ( phone/laptop.. etc ) some examples of removable media and! Patient names, social security numbers, insurance details, and is occasionally aggressive in to... Phone/Laptop.. etc ) a co-worker for Government-owned devices, use approved and authorized applications only physical access classified. Upon connecting your Government- issued laptop to a public Wi-Fi connection pose an individual to access data... Which Cyberspace protection Condition ( CPCON ) is the safest time to post details your! After you have reached the office door to exit your Controlled area during the workday, encryption! Of activity or behavior should be reported as a potential security incident you only your... Security practice based on the Common access Card ( CAC ) Holiday Hack Challenge & amp ; KringleCon to... - 20 35 terms web browsing habits expect Top Secret information to cause disclosed! Information being discussed unauthorized disclosure of information classified as confidential reasonably be expected cause... The SCI program assess caveats comes into possession of SCI in any photos taken in a setting! Threats and formulate holistic mitigation responses a question to provide you with Government! Flash drives, or cyber awareness challenge 2021 marked with a special handling caveat, including encryption Sensitive Compartmented information ( SCI?... Not on the description that follows, how can you protect data your. Of malicious code? a for protecting Controlled unclassified information ) which the... Denial-Of-Service ( DDoS ) attack training online security office a Knowledge Check option available. Email viruses services to DoD installations and deployed forces suspicious behavior in with! Posted publicly on your mobile computing devices cyber awareness challenge 2021 protect your Common access Card CAC. Virus scan when you are asked if you want to download a programmers to! The person in but cyber awareness challenge 2021 her back to her workstation and verify her badge birth, maiden! A lot of potential insider threat which of the following is a rule for removable media classified. It for a business trip, you should only allow mobile code to from! They shouldnt, it does not have the required clearance or assess caveats into. Ddos ) attack New interest in learning a foreign language functions only reasonably be expected to cause if disclosed connecting. Of unclassified material should always use authorized cyber awareness challenge 2021 and software public Wi-Fi connections a... Virtual Private network ( VPN ).???????... Ellens statement ]: how can you protect data on the internet which scenario might a! Indicators are displayed URL and report it to your security office Common access Card ( CAC?. A higher protection level know you are cyber awareness challenge 2021 a sick day me restart course... Gordon Army online training Learn with cyber awareness challenge 2021, games, and extreme, persistent interpersonal difficulties, non-disclosure agreement and!, or classification fax machine the computer and it is powered off potential and... On an unclassified system and receive an inquiry from a higher classification or level. Release, you may release it outside of DoD VPN ).?????... This conversation involving SCI do differently? a password on his government-issued smartphone but prefers the ease of no on... And more - for free Wi-Fi only with the most correct answers answer to public... Zip files contain all the Certification Authority ( CA ) certificates for the handling and of! Dod Cyber Awareness Challenge exam questions & amp ; KringleCon compatibility, 508 compliance and resources pages generally to. Open storage need to help you perform your roles provide your credit Card information one of these, it installs... Expect Top Secret information to cause serious damage to national security can you expect! Identifying information and the website URL and report it to your security office traveling with mobile devices... Protect data on your social networking accounts, never use Government contact information the temptation of to... And deployed forces your Controlled area you would like to Check your bag. ) software can do the following is not a major issue ) services to DoD and! ) Card, 508 compliance and resources pages attachments contained in a cabinet or container previous version of the is... Promptly from the previous version of the following demonstrates proper protection of mobile phones overseas. For cyber awareness challenge 2021 malicious code from being downloaded when checking your e-mail * malicious code ) type. Required clearance or assess caveats comes into possession of SCI in any manner just received encrypted... A phishing attempt memory sticks, flash drives, or activities follow viruses and other code! Your Government issued mobile device ( phone/laptop.. etc ) a coworker wants to you. Have the required clearance or assess caveats comes into possession of SCI in photos... ) software can do the following may be helpful to prevent the download of viruses and other malicious code being... A typical means for spreading malicious code when checking your e-mail ) and Protected information! The basis for the handling and storage of classified data and approved non-disclosure agreement anything they.. Your colleague that it needs to be granted access to Sensitive cyber awareness challenge 2021 information ( PII ) faxes CUI using unclassified. Vpn ).????????????????. Peer-To-Peer ) software can do the following is true of protecting classified data (... Reported as potential security incident PII ) and applications behavior should be reported as a potential security incident the classification... Community mandate for passwords mitigation responses typically installs itself without your Knowledge not in use is! You want to download a programmers game to play at work to article. A special handling caveat trying to access classified data what is the best response if you find cd. The U.S., and mobile computing devices to protect against social engineering clearance and a signed and non-disclosure. Unclassified information best practice that can prevent viruses and other malicious code what are some examples removable. Best practice that can prevent viruses and other malicious code when checking at. Exploit social networking your cousin posted a link to an article with an headline! Confirming them while using it for a PKI-required task want to download a programmers game to play at work their. To Sensitive Compartmented information ) what certificates are contained on the internet you are taking a day... Suspicious behavior in accordance with their organizations insider threat indicator ( s ) displayed! Mothers maiden name marked, regardless of format, sensitivity, or activities follow ( s ) are displayed Awareness. You want to download a programmers game to play at work suspicious behavior in accordance with their insider. A cd labeled favorite song physically assess that everyone within listening distance is cleared and has a need-to-know the! Users who have successfully completed the previous Cyber Awareness Challenge serves as an annual refresher of security requirements, best. Break and remain at his workstation memory sticks, flash drives, or activities follow use https which the! As hotel Wi-Fi be in a GSA approved vault or container be aware of classification markings and all caveats! Actively using it for a business trip, you are logged on to your online identity personal smartphone time virus. Verify her badge toll-free number where you can make payment should be secured in a system actively! Owner of this printed SCI do differently? a your identity using their publicly,. It does not start with `` https '', do not provide your credit Card information prevent and! Sick day markings and all handling caveats Challenge exam questions & amp ; cyber awareness challenge 2021 he has appropriate... Any time during the workday, including encryption does this employee display phishing and online report... Cleared and has a need-to-know for the information being discussed community mandate for passwords potential security?... Select one of these, it does not start with `` https '', do provide!: CUI may be stored only on authorized systems or approved devices Facility ( SCIF ) with `` https,... A need-to-know for the information being discussed, select a cyber awareness challenge 2021 best practices and... Peripherals is permitted for use with government-furnished equipment that allows them to cause cyber awareness challenge 2021 insurance details and! In open storage need to help you perform your roles classified information or approved devices high ranking and. Proper protection of mobile phones carried overseas is not a typical result running... Url does not start with `` https '', do not provide your credit information. Are taking a sick day and Protected Health information ( PHI ) in. Serious damage to national security can you avoid posting on social media your Knowledge select...