A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Which is NOT a method of protecting classified data? Refer the reporter to your organizations public affairs office. Based on the description that follows, haw many potential insider threat indicator(s) are displayed? Which of the following best describes good physical security? HDMI or DisplayPort may be used if VGA and DVI are unavailable. Brainscape helps you realize your greatest personal and professional ambitions through strong habits and hyper-efficient studying. What should you do? Note any identifying information and the websites URL. Validate all friend requests through another source before confirming them. A colleague saves money for an overseas vacation every year, is a single father, and occasionally consumes alcohol. Found a mistake? All government-owned PEDs c. Only expressly authorized government-owned PEDs. only connect government-owned PEDs to the same level classification information system when authorized. spillage definition cyber awareness. You should only accept cookies from reputable, trusted websites. (Malicious Code) What are some examples of malicious code? **Social Networking When is the safest time to post details of your vacation activities on your social networking profile? You are working at your unclassified system and receive an email from a coworker containing a classified attachment. Appropriate confidentiality agreements will be put in place. A colleague often makes others uneasy with her persistent efforts to obtain information about classified project where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. The following table summarizes the rules of debit and credit. The Contractor shall use Standard Form 1428 for Inventory Disposal. 1082 0 obj <>/Filter/FlateDecode/ID[<6D11769074A68B4F9710B6CBF53B0C2B>]/Index[1068 34]/Info 1067 0 R/Length 76/Prev 82724/Root 1069 0 R/Size 1102/Type/XRef/W[1 2 1]>>stream (Sensitive Information) Which of the following is true about unclassified data? Spillage can be either inadvertent or intentional. . The popup asks if you want to run an application. It refers to property used by a contractor during a DoD government contract. Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. **Mobile Devices Which of the following helps protect data on your personal mobile devices? What should Sara do when using publicly available Internet, such as hotel Wi-Fi? Note any identifying information and the websites Uniform Resource Locator (URL). Search for instructions on how to preview where the link actually leads. E-mailing your co-workers to let them know you are taking a sick day. They can be part of a distributed denial-of-service (DDoS) attack. General Services Administration (GSA) approval. **Home Computer Security Which of the following is a best practice for securing your home computer? CUI must be handled using safeguarding or dissemination controls. When using your government-issued laptop in public environments, with which of the following should you be concerned? *Spillage Which of the following is a good practice to prevent spillage? What should be done to sensitive data on laptops and other mobile computing devices? OR-2020-013. Sanitized information gathered from personnel records. Dofficult life circumstances, such as death of spouse. 870 Summit Park Avenue Auburn Hills, MI 48057. HHS published the HHS Memorandum: the Use of Government Furnished Equipment during Foreign Travel. Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. Status, photos, and posts - Friends Only *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? Do not access website links in e-mail messages. As long as the document is cleared for public release, you may share it outside of DoD. A trusted friend in your social network posts a link to vaccine information on a website unknown to you. What function do Insider Threat Programs aim to fulfill? What should you do? The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. How many potential insiders threat indicators does this employee display? ) Use of Government Property, Time, and Information Updated DASA Terms and Conditions - including new contract and intellectual property guidance. *Spillage What should you do when you are working on an unclassified system and receive an email with a classified attachment? When vacation is over, after you have returned home. If classified information were released, which classification level would result in Exceptionally grave damage to national security? Correct. You must have your organizations permission to telework c. You may use unauthorized software as long as your computers antivirus software is up to date. Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Opening the link would allow the sender to steal Isabels information. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. DASA Standard Terms and Conditions - GOV.UK Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. This short and simple contracting method aims to encourage engagement with DASA, whilst having the complexities of some other contracting methods removed. a. endstream endobj 1075 0 obj <>stream a. Which of the following information is a security risk when posted publicly on your social networking profile? Further guidance included in "What DASA does not fund" section. A colleague enjoys playing video games online, regularly use social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited. d) Vertical; can be either greater than or less than the natural level of real output. How many insider threat indicators does Alex demonstrate? Which of the following is a practice that helps to protect you from identity theft? What is a way to prevent the download of viruses and other malicious code when checking your e-mail? It would be best to contact the institution using verified contact information to confirm. Which of the following is true of sharing information in a Sensitive Compartmented Information Facility (SCIF)? Keep an eye on his behavior to see if it escalates c. Set up a situation to establish concrete proof that Alex is taking classified information. Photos and videos you are in - Friends Only All to Friends Only. a. NON-MEDICAL NECESSITY COVERAGE AND PAYMENT RULES. $l*#p^B{HA<>C^9OdND_ ` See PGI 245.103-72, Government- furnished property (GFP) attachments to solicitations and awards. What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? How can you protect your organization on social networking sites? *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? Which of the following is NOT Government computer misuse? Which of the following is an example of Protected Health Information (PHI)? SP4 0JQ, Urgent DASA enquiries - Telephone +44 (0)1980 950000 option 3 (open 09:00am 12:00pm Monday-Friday), In the section 'What DASA does not fund' the 'Innovation Outline' has been replaced with the 'Contact DASA Form'. Avoid attending professional conferences. A Coworker has asked if you want to download a programmers game to play at work. Only use Government-furnished or Government-approved equipment to process PII. Break-even units equal 2,000. Telework is only authorized for unclassified and confidential information. Which of the following is an example of malicious code? Follow policy for using personally-owned computer peripherals with government furnished equipment (GFE): Permitted Monitors, with the following conditions: Connected via Visual Graphic Array (VGA), Digital Video Interface (DVI), High Definition Multimedia Interface (HDMI), or DisplayPort No other devices connected to the monitor Using webmail may bypass built in security features. DASA recognises the value of your intellectual property (IP). Unclassified information cleared for public release. How can you protect data on your mobile computing and portable electronic devices (PEDs)? Select Yes or No for each item. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Only use Government-approved equipment to process PII. What action should you take? Software that installs itself without the users knowledge, Malicious Code (Damage): How can malicious code cause damage? When your vacation is over, after you have returned home. A pop-up window that flashes and warns that your computer is infected with a virus. What action should you take? sensitive but unclassified. Which of the following should you NOT do if you find classified information on the internet? Only when there is no other charger available. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. correct. All PEDs, including personal devices b. The email provides a website and a toll-free number where you can make payment. In competitions using the ISC and DEFCON 705 you must also state in your proposal if the deliverables are what we call Full Rights or Limited Rights versions. A colleague asks to leave a report containing protected health information (PHI) on his desk overnight so he can continue working on it the next day. What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? Secure .gov websites use HTTPSA It includes a threat of dire circumstances. Birthday - Friends Only What information posted publicly on your personal social networking profile represents a security risk? A federal government website managed and paid for by the U.S. Centers for Medicare & Medicaid Services. What should you do? Correct. (Sensitive Information) Which of the following is NOT an example of sensitive information? Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical functions only? You receive an inquiry from a reporter about potentially classified information on the internet. Salisbury SSN, date and place of birth, mothers maiden name, biometric records, PHI, passport number, Subset of PII, health information that identifies the individual, relates to physical or mental health of an individual, provision of health care to an individual, or payment of healthcare for individual. It should only be in a system while actively using it for a PKI-required task. Which of the following is NOT a criterion used to grant an individual access to classified data? There are many travel tips for mobile computing. Which of the following is a best practice for using removable media? Photos of your pet Correct. Classified information that is accidentally moved to a lower classification or protection level. Attempting to access sensitive information without need-to-know. *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? Which of the following is true of Security Classification Guides? Alex demonstrates a lot of potential insider threat indicators. When is the best time to post details of your vacation activities on your social networking website? Only use Government-furnished or Government-approved equipment to process PII. You are misusing a Government vehicle when you use it for your personal benefit as opposed to using it for the benefit of the Government. Aggregating it does not affect its sensitivyty level. HHS published the HHS Memorandum: the Use of Government Furnished Equipment during Foreign Travel. Unclassified documents do not need to be marked as a SCIF. 7500 Security Boulevard, Baltimore, MD 21244, Use of Government Furnished Equipment (GFE) During Foreign Travel, An official website of the United States government, Back to Information Security and Privacy Library. To help with this, prices in your proposal must be supported by a full cost breakdown. Your health insurance explanation of benefits (EOB). Exposure to malware. Contracting officers shall provide property to contractors only when it is clearly demonstrated: That the overall benefit to the acquisition significantly outweighs the increased cost of administration, including ultimate property disposal; That providing the property does not substantially increase the Governments assumption of risk; and. Sticky note with Pin number. Thats the only way we can improve. Which of the following is a clue to recognizing a phishing email? Government furnished property can be designated as either equipment or material. Depending on the specifics of any proposed change of use, including any building work . %PDF-1.7 If you have a product and are looking to become a defence supplier, you may wish to speak to the MOD Defence Suppliers Service. What is NOT Personally Identifiable Information (PII)? If you participate in or condone it at any time. What information relates to the physical or mental health of an individual? Which of the following should be reported as a potential security incident? Which of the following is true of downloading apps? Based on the description that follows, how many potential insider threat indicators(s) are displayed? Do not use any personally owned/non-organizational removable media on your organizations systems. where there would be significant financial or quality benefits to the work as a result of using GFA). c. Analyze the other workstations in the SCIF for viruses or malicious code. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive new car, and has unexplained absences from work. DoD Cyber Awareness 2019 - Subjecto.com Avoid talking about work outside of the workplace or with people without a need-to-know. !vk\I* 2ziCB&9pFX[SdW'9$v 0P0 E 572 /P)FP#?:6A,$yB$jut42>]|5Q:|%C}F|::r=5GrI!y+fO)MJ)a*'os}OzAPTTHHfu Connect to the Government Virtual Private Network (VPN). **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? Which of the following may help to prevent inadvertent spillage? A type of phishing targeted at senior officials. Three or more. Wiltshire What action should you take? News stories, speeches, letters and notices, Reports, analysis and official statistics, Data, Freedom of Information releases and corporate reports. Use a digital signature when sending attachments or hyperlinks. Sensitive information may be stored on any password-protected system. **Insider Threat Which of the following is NOT considered a potential insider threat indicator? not correct. Which of the following represents an ethical use of your Government You should confirm that a site that wants to store a cookie uses an encrypted link. Note any identifying information, such as the websites URL, and report the situation to your security POC. Article - Pneumatic Compression Devices - Policy Article (A52488) **Social Networking Which piece if information is safest to include on your social media profile? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? New interest in learning another language, Which of the following is a good practice to protect classified information. What type of data must be handled and stored properly based on classification markings and handling caveats? More information on DEFCON 705 can be found here. Throughout the life of any contract you must notify us in writing if you intend to change or add additional research workers. Which of the following is NOT one? difficult life circumstances such as substance abuse, divided loyalty or allegiance to the U.S., and extreme, persistent interpersonal difficulties. **Physical Security At which Cyberspace Protection Condition (CPCON) is the priority focus on critical functions only? Which of the following actions can help to protect your identity? You are logged on to your unclassified computer and just received an encrypted email from a co-worker. Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? d. All of these. If authorized, what can be done on a work computer? % Avoid talking about work outside of the workplace or with people without a need-to-know, Report the suspicious behavior in accordance with their organization's insider threat policy. Incident #2 Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? Which of the following is not Controlled Unclassified Information (CUI)? (Spillage) What is required for an individual to access classified data? Annual DoD Cyber Awareness Challenge Training, Military Requirements for Petty Officers Thir, EPRC Operator Course JKO (8 hour) Pretest Ans, Elliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson, Operations Management: Sustainability and Supply Chain Management, Anderson's Business Law and the Legal Environment, Comprehensive Volume, David Twomey, Marianne Jennings, Stephanie Greene, John David Jackson, Patricia Meglich, Robert Mathis, Sean Valentine, Chapter 22: Signal Transduction Mechanisms: I, Business Continuation and Succession Planning. Cyber Awareness Challenge 2022 Knowledge Check, DoD Mandatory Controlled Unclassified Informa, Headlight 4 Unit 4 p. 222,3 theme 3,story, Cyber Awareness Challenge 2023 (Incomplete). Classified material must be appropriately marked b. Note the websites URL and report the situation to your security point of contact. Government Furnished Assets (GFA) could be equipment, information or resources that are government-owned and loaned (on a free-of-charge basis) to a contractor to . No. \text{Balance sheet accounts:}\\ Which of the following represents an ethical use of your Government-furnished equipment (GFE)? Tell us about it through the REPORT button at the bottom of the page. How many potential insider threat indicators does this employee display? 1.3 GENERAL REQUIREMENTS ***** NOTE: Indicate the configuration and layout for all food . (Sensitive Information) Which of the following represents a good physical security practice? Typically, a model is developed for analyzing both CFE and GFE when considering the use of GFE. CUI may be stored on any password-protected system. [1]. How should you respond? How can you avoid downloading malicious code? (Insider Threat) Based on the description that follows, how many potential insider threat indicator(s) are displayed? Maybe. A smartphone that transmits credit card payment information when held in proximity to a credit card reader. *Malicious Code Which of the following is NOT a way that malicious code spreads? What should the owner of this printed SCI do differently? **Insider Threat Which of the following should be reported as a potential security incident? You must have your organization's permission to telework. (Spillage) What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? Army OPSEC level 1 (Newcomers & Refresher) 29 terms. Reasons for this decision can be related to standardization, economy, production, or other circumstances. A separate document, Form AD-107, must be completed to document the loan of U.S. Forest Service property. a. Contractors are ordinarily required to furnish all property necessary to perform Government contracts. The contractors inability or unwillingness to supply its own resources is not a sufficient reason for the furnishing or acquisition of property. requirements to access classified information. not correct When using a fax machine to send sensitive information, the sender should do which of the following?
?>
permitted uses of government furnished equipment