What structures visible in the stained preparation were invisible in the unstained preparation? Which of the following practices reduces the chance of becoming a target by adversaries seeking insider information? T/F. (Travel) Which of the following is a concern when using your Government-issued laptop in public? They broadly describe the overall classification of a program or system. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. A coworker has asked if you want to download a programmer's game to play at work. Social Security Number, date and place of birth, mothers maiden name. A. Even within a secure facility, dont assume open storage is permitted. Unclassified is a security classification assigned to official information that does not warrant the assignment of Confidential, Secret, or Top Secret markings but which is not publicly-releasable without authorization. *Sensitive Information Under what circumstances could classified information be considered a threat to national security? Decline So That You Maintain Physical Control of Your Government-Issued Laptop. Proactively identify potential threats and formulate holistic mitigation responses. Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. correct. A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. Label all files, removable media, and subject headers with appropriate classification markings. What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? What should be your response? Linda encrypts all of the sensitive data on her government-issued mobile devices. Which is NOT a method of protecting classified data? Updated 8/5/2020 8:06:16 PM. When classified data is not in use, how can you protect it? 1.1.4 Social Networking. What should you do? What is a best practice for protecting controlled unclassified information (CUI)? Your password and a code you receive via text message. *Sensitive Compartmented Information What must the dissemination of information regarding intelligence sources, methods, or activities follow? **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? Original classification authority Correct. Which of the following is NOT a DoD special requirement for tokens? Report the crime to local law enforcement. The answer has been confirmed to be correct. 4. A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. not correct. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. What is a best practice to protect data on your mobile computing device? Which of the following is NOT a typical result from running malicious code? What should you do? Rating. Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. If classified information were released, which classification level would result in Exceptionally grave damage to national security? You have reached the office door to exit your controlled area. This task is performed with the aim of finding similarities in data points and grouping similar data points together. Which of the following demonstrates proper protection of mobile devices? Correct. This is information that, if released to the public, carries no injury to personal, industry, or government interests. Only allow mobile code to run from your organization or your organizations trusted sites. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card. Controlled Unclassified Information (CUI) is information that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies, but is not classified under Executive Order 13526 "Classified National Security Informat What are examples of CUI? If you receive a phone call from a stranger asking for information about your invoice payment process, you should: Crucial information about a user or organization can be gained through. Which scenario might indicate a reportable insider threat security incident? Government-owned PEDs when expressly authorized by your agency. Use personal information to help create strong passwords. Learn more about Teams *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Senior government personnel, military or civilian. Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. You receive an email from a company you have an account with. Official websites use .gov Correct. Insiders are given a level of trust and have authorized access to Government information systems. TheNational Archives and Records Administration (NARA)servesas the Controlled Unclassified Information (CUI) Executive Agent (EA). *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Correct. This lets the service person know when the tank is "full." Store it in a shielded sleeve to avoid chip cloning. What type of data must be handled and stored properly based on classification markings and handling caveats? (Malicious Code) A coworker has asked if you want to download a programmers game to play at work. How are Trojan horses, worms, and malicious scripts spread? What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. Never allow sensitive data on non-Government-issued mobile devices. When is the best time to post details of your vacation activities on your social networking website? correct. Which of the following is true about unclassified data? Organizational Policy Not correct Top Secret information could be expected to cause exceptionally grave damage to national security of disclosed. **Identity management Which of the following is an example of a strong password? (Malicious Code) Which of the following is NOT a way that malicious code spreads? Looking at your MOTHER, and screaming THERE SHE BLOWS! They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. When unclassified data is aggregated, its classification level may rise. *Sensitive Compartmented Information What is Sensitive Compartmented Information (SCI)? **Physical Security Within a secure area, you see an individual who you do not know and is not wearing a visible badge. A type of phishing targeted at senior officials. It should only be in a system while actively using it for a PKI-required task. Some examplesyou may be familiar with: TheFederalCUI Registry,shows authorized categoriesandassociated markings, as well as applicable safeguarding, dissemination, and decontrol procedures. At EPA, the CUI Program is housed in the Libraries and Accessibility Division (LAD) within the Office of Mission Supports (OMS), Office of Enterprise Information Programs (OEIP). After you have returned home following the vacation. Not correct. What is NOT Personally Identifiable Information (PII)? Which is NOT a wireless security practice? A type of phishing targeted at high-level personnel such as senior officials. Adversaries exploit social networking sites to disseminate fake news. true-statement. The email provides a link to a personnel portal where you must enter your personal information as part of an effort to standardize recordkeeping. (Spillage) What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? A medium secure password has at least 15 characters and one of the following. It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number. Which of the following is true of Controlled Unclassified information (CUI)? (social networking) When is the safest time to post details of your vacation activities on your social networking profile? Which of the following does NOT constitute spillage? Based on the description that follows, how many potential insider threat indicator(s) are displayed? Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? What is considered ethical use of the Government email system? You find information that you know to be classified on the Internet. (Home computer) Which of the following is best practice for securing your home computer? Malicious code can do the following except? (Malicious Code) Which are examples of portable electronic devices (PEDs)? Sanitized information gathered from personnel records. How can you guard yourself against Identity theft? 870 Summit Park Avenue Auburn Hills, MI 48057. Your health insurance explanation of benefits (EOB). This answer has been confirmed as correct and helpful. Changes to various data systems that store and sometimes share sensitive information outside EPA. you don't need to do anything special to protect this information The EPAs Controlled Unclassified Information (CUI) Program issued its Interim CUI Policy in December 2020. Which of the following is true of telework? CPCON 5 (Very Low: All Functions). Note the websites URL and report the situation to your security point of contact. Cyber Awareness 2022. You receive an unexpected email from a friend: "I think you'll like this: (URL)" What action should you take? -It never requires classification markings. What is the best choice to describe what has occurred? Maybe. CUI must be handled using safeguarding or dissemination controls. Only use Government-furnished or Government-approved equipment to process PII. Use only personal contact information when establishing your personal account. Which of the following best describes good physical security? -TRUE What action is recommended when somebody calls you to inquire about your work environment or specific account information? Malicious code can mask itself as a harmless e-mail attachment, downloadable file, or website. Verify the identity of all individuals.??? internet-quiz. Which of the following is true of sharing information in a Sensitive Compartmented Information Facility (SCIF)? Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Correct *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? (Answer) CPCON 2 (High: Critical and Essential Functions) CPCON 1 (Very High: Critical Functions) CPCON 3 (Medium: Critical, Essential, and Support Functions) CPCON 4 (Low: All Functions) CPCON 5 (Very Low: All Functions). (Sensitive Information) Which of the following is NOT an example of sensitive information? ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. -TRUE The use of webmail is -is only allowed if the organization permits it Using webmail may bypass built in security features. Unclassified information cleared for public release. Telework is only authorized for unclassified and confidential information. What can you do to protect yourself against phishing? What is the best course of action? The date of full implementation of the CUI Program will be announced by the EPAs CUI Senior Agency Official (CUI SAO) and updated here on EPAs public web page. What should you do to protect yourself while on social networks? You believe that you are a victim of identity theft. How do you respond? What is an individual's Personally Identifiable Information (PII) or Protected Health Information (PHI) considered? (social networking) Which of the following is a security best practice when using social networking sites? How can you protect data on your mobile computing and portable electronic devices (PEDs)? How should you respond? Software that installs itself without the users knowledge. (Sensitive Information) What should you do if a commercial entity, such as a hotel reception desk, asks to make a photocopy of your Common Access Card (CAC) for proof of Federal Government employment? **Classified Data Which of the following must you do before using and unclassified laptop and peripherals in a collateral environment? You receive an inquiry from a reporter about government information not cleared for public release. Which of the following is true of Internet of Things (IoT) devices? not correct Which of the following is true of Security Classification Guides? You can't have 1.9 children in a family (despite what the census might say ). With WEKA users, you can access WEKA sample files. How many potential insider threat indicators does this employee display?