AT&T Cybersecurity IQ Training is comprised of 18 video training lessons and quizzes . memory sticks, flash drives, or external hard drives. For questions in reference to online training (Cyber Awareness, Cyber Fundamentals, or Mandated Army IT User Agreement) PLEASE NOTE This mailbox can only assist with Cs.signal.army.mil. **Social Engineering What action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)? Which of the following is NOT an example of CUI? **Classified Data Which classification level is given to information that could reasonably be expected to cause serious damage to national security? usarmy.gordon.cyber-coe.mbx.iad-inbox@army.mil Please allow 24-48 hours for a response. what should you do? Use the appropriate token for each system. what should be your response be? [Incident]: Which of the following demonstrates proper protection of mobile devices?A. How are Trojan horses, worms, and malicious scripts spread? You must have your organizations permission to telework. After each selection on the incident board, users are presented one or more questions derived from the previous Cyber Awareness Challenge. Classified Information can only be accessed by individuals with. What should be your response? Note the websites URL and report the situation to your security point of contact. Which of the following is NOT sensitive information? How many potential insider threat indicators does this employee display? (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? correct. Prudence faxes CUI using an Unclassified cover sheet via a Secret fax machine. (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? Note any identifying information and the websites Uniform Resource Locator (URL). Carrying his Social Security Card with him, DoD employees are prohibited from using a DoD CAC in card-reader-enabled public device, Assigned a classification level by a supervisor. Compromise of dataB. Since 2004, thePresident of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. Which of the following is a good practice to prevent spillage? In addition to offering an overview of cybersecurity best practices, the challenge also provides awareness of potential and common cyber threats. While you were registering for conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Which of the following is NOT an example of CUI?A. Which of the following is NOT a criterion used to grant an individual access to classified data? Only connect via an Ethernet cableC. Which of the following is NOT a security best practice when saving cookies to a hard drive? Report the crime to local law enforcement. If aggregated, the classification of the information may not be changed. What information should you avoid posting on social networking sites? [Incident #3]: What should the participants in this conversation involving SCI do differently?A. Understanding and using the available privacy settings. Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. Research the source of the article to evaluate its credibility and reliability. Using webmail may bypass built in security features. Mark SCI documents appropriately and use an approved SCI fax machine. It does not require markings or distribution controls. **Social Networking Which of the following is a security best practice when using social networking sites? *Spillage What should you do when you are working on an unclassified system and receive an email with a classified attachment? Verify the identity of all individuals.??? NOTE: Use caution when connecting laptops to hotel Internet connections. What should you do? CPCON 1 (Very High: Critical Functions) An official website of the United States government. *Insider Threat Which of the following is a potential insider threat indicator? Store it in a locked desk drawer after working hours. Use of the DODIN. *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? The DoD Cyber Exchange is sponsored by Secure it to the same level as Government-issued systems. The proper security clearance and indoctrination into the SCI program. Assess your surroundings to be sure no one overhears anything they shouldnt. The DoD Cyber Exchange is sponsored by DamageB. Correct. Permitted Uses of Government-Furnished Equipment (GFE). Government-owned PEDs must be expressly authorized by your agency. Access requires a formal need-to-know determination issued by the Director of National Intelligence.? (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Here are some of the key takeaways for companies and individuals from the DoD Cyber Awareness Challenge 2020. *Sensitive Information Which of the following is an example of Protected Health Information (PHI)? Retrieve classified documents promptly from printers. If you receive a phone call from a stranger asking for information about your invoice payment process, you should: Crucial information about a user or organization can be gained through. All https sites are legitimate. Only connect to known networks. Based on the description that follows, how many potential insider threat indicator(s) are displayed? Always check to make sure you are using the correct network for the level of data. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Linda encrypts all of the sensitive data on her government-issued mobile devices. What is an indication that malicious code is running on your system? (Malicious Code) While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Based on the description that follows, how many potential insider threat indicator(s) are displayed? Neither confirm or deny the information is classified. [Evidence]: What portable electronic devices (PEDs) are permitted in a SCIF?A. You can email your employees information to yourself so you can work on it this weekend and go home now. Since the URL does not start with https, do not provide your credit card information. Which of the following does NOT constitute spillage?A. Be aware of classification markings and all handling caveats. If you participate in or condone it at any time. Which of the following is a good practice to protect classified information? Author: webroot.com. Accepting the default privacy settings. according to the 2021 State of Phishing and Online Fraud Report. Use TinyURLs preview feature to investigate where the link leads. Ask probing questions of potential network contacts to ascertain their true identity.C. You many only transmit SCI via certified mail. Do not access website links, buttons, or graphics in e-mail. Malicious code can mask itself as a harmless e-mail attachment, downloadable file, or website. What must you ensure if your work involves the use of different types of smart card security tokens? What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF. At all times when in the facility.C. As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. Which of the following is a best practice for securing your home computer? This is never okay.. **Social Networking When is the safest time to post details of your vacation activities on your social networking profile? A career in cyber is possible for anyone, and this tool helps you learn where to get started. [Marks statement]: What should Alexs colleagues do?A. If any questions are answered incorrectly, users must review and complete all activities contained within the incident. **Insider Threat Which scenario might indicate a reportable insider threat? not correct NOTE: Badges must be visible and displayed above the waist at all times when in the facility. Decline to let the person in and redirect her to security. (Malicious Code) What are some examples of removable media? Continue Existing Session. Please direct media inquiries toCISAMedia@cisa.dhs.gov. 32 cfr part 2002 controlled unclassified information. (Answer) CPCON 2 (High: Critical and Essential Functions) CPCON 1 (Very High: Critical Functions) CPCON 3 (Medium: Critical, Essential, and Support Functions) CPCON 4 (Low: All Functions) CPCON 5 (Very Low: All Functions). (Insider Threat) Based on the description that follows, how many potential insider threat indicator(s) are displayed? Choose DOD Cyber Awareness Training-Take Training. not correct. Which of the following is NOT an example of sensitive information? Which of the following statements is NOT true about protecting your virtual identity? What type of data must be handled and stored properly based on classification markings and handling caveats? Which method would be the BEST way to send this information? Which of the following is NOT Protected Health Information (PHI)? Not correct correct. Directing you to a website that looks real. New interest in learning another language, Which of the following is a good practice to protect classified information. Which of the following actions can help to protect your identity? Mark SCI documents appropriately and use an approved SCI fax machine. Skip the coffee break and remain at his workstation. They provide guidance on reasons for and duration of classification of information. Fort Gordon, Georgia is home to the U.S. Army Cyber Center of Excellence and host to a multi-service community of Army, Navy, Air Force, Marines and multinational forces that has become a center for joint forces activities, training and operations. . **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? (CISA), and CYBER.ORG this summer for the Cyber Awareness Challenge! (Spillage) What type of activity or behavior should be reported as a potential insider threat? Now through October 24, 2021, complete the activities and submit a description of your work to receive a certificate of recognition from DHS. NOTE: No personal PEDs are allowed in a SCIF. *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? What is a valid response when identity theft occurs? It is permissible to release unclassified information to the public prior to being cleared. Use the government email system so you can encrypt the information and open the email on your government issued laptop. Other sets by this creator. Ensure that the wireless security features are properly configured. What information relates to the physical or mental health of an individual? NOTE: CUI may be stored only on authorized systems or approved devices. How can you protect yourself from social engineering? Do not click it. CPCON 4 (Low: All Functions) *Sensitive Compartmented Information What must the dissemination of information regarding intelligence sources, methods, or activities follow? A man you do not know is trying to look at your Government-issued phone and has asked to use it. If the format of any elements or content within this document interferes with your ability to access the information, as defined in the Rehabilitation Act, please emailCyberawareness@cisa.dhs.gov. **Mobile Devices Which of the following helps protect data on your personal mobile devices? PII includes, but is not limited to, social security numbers, date and places of birth, mothers maiden names, biometric records, and PHI. Directives issued by the Director of National Intelligence. Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? Refer the reporter to your organizations public affairs office. Not correct. Always check to make sure you are using the correct network for the level of data. Debra ensures not correct damage to national security. A compromise of Sensitive Compartmented Information (SCI) occurs when a person who does not have the required clearance or access caveats comes into possession of SCI_________.??? The website requires a credit card for registration. How can you protect data on your mobile computing and portable electronic devices (PEDs)? Which of the following is NOT a social engineering tip? Correct. Exceptionally grave damage to national security. Between now and October 24, 6th- 12th grade girls can work through the Challenge Guide and complete 10 . What should be your response? Attempting to access sensitive information without need-to-know. How many potential insider threat indicators does this employee display? NOTE: Always remove your CAC and lock your computer before leaving your workstation. If aggregated, the information could become classified. Which piece of information is safest to include on your social media profile? Your health insurance explanation of benefits (EOB). Which of the following information is a security risk when posted publicly on your social networking profile? Correct *Sensitive Information Under what circumstances could classified information be considered a threat to national security? They may be used to mask malicious intent. Never write down the PIN for your CAC. A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. What should you do if a reporter asks you about potentially classified information on the web? Validate all friend requests through another source before confirming them. Which of the following is a practice that helps to protect you from identity theft? Spillage can be either inadvertent or intentional. Which of the following best describes wireless technology? Let us know if this was helpful. On a NIPRNET system while using it for a PKI-required task. Reviewing and configuring the available security features, including encryption. E-mailing your co-workers to let them know you are taking a sick day. Only paper documents that are in open storage need to be marked. In setting up your personal social networking service account, what email address should you use? Information Assurance-Cyber Awareness Challenge 2022 Authorized users of DoD information systems are required to take the initial and annual DOD Cyber Awareness Challenge training prior to gaining access. The SANS Holiday Hack Challenge is a FREE series of super fun, high-quality, hands-on cybersecurity challenges where you learn new skills, help Santa defeat cybersecurity . Of the following, which is NOT a method to protect sensitive information? (Sensitive Information) Which of the following is NOT an example of sensitive information? **Classified Data What is a good practice to protect classified information? The training also reinforces best practices to protect classified, controlled unclassified information (CUI), and personally identifiable information (PII). Right-click the link and select the option to preview??? *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). Only paper documents that are in open storage need to be marked. A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. **Classified Data Which of the following is a good practice to protect classified information? Many apps and smart devices collect and share your personal information and contribute to your online identity. A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. Never allow sensitive data on non-Government-issued mobile devices. ! (A type of phishing targeted at senior officials) Which is still your FAT A$$ MOTHER! edodge7. Unclassified documents do not need to be marked as a SCIF. Draw a project network that includes mentioned activities. What is the danger of using public Wi-Fi connections? correct. (Spillage) What should you do if a reporter asks you about potentially classified information on the web? Analyze the media for viruses or malicious codeC. What should you do after you have ended a call from a reporter asking you to confirm potentially classified info found on the web? Alternatively, try a different browser. What is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? 3.A. Lock your device screen when not in use and require a password to reactivate. The Cyber Awareness Challenge, which is also known as the Army Cyber Awareness Training, the cyber awareness challenge or the DOD cyber challenge, is an annual computer security training that was created to increase cyber awareness among Department of Defense (DoD) employees. Of the following, which is NOT a problem or concern of an Internet hoax? (GFE) When can you check personal e-mail on your Government-furnished equipment (GFE)? College Physics Raymond A. Serway, Chris Vuille. Only documents that are classified Secret, Top Secret, or SCI require marking. Correct. They can be part of a distributed denial-of-service (DDoS) attack. They can become an attack vector to other devices on your home network. Do NOT download it or you may create a new case of spillage. What should you do? The physical security of the device. Which of the following is true of telework? Classified information that should be unclassified and is downgraded.C. Cyber Awareness Challenge 2021. What are some examples of removable media? Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. Set up a situation to establish concrete proof that Alex is taking classified information. The Cybersecurity and Infrastructure Security Agency (CISA) and the National . You must possess security clearance eligibility to telework. Which of the following should be reported as a potential security incident? A Coworker has asked if you want to download a programmers game to play at work. Which of the following does NOT constitute spillage? What action should you take? Be aware of classified markings and all handling caveats. Not correct. Your comments are due on Monday. What are some potential insider threat indicators? You should only accept cookies from reputable, trusted websites. Correct, Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. Use only personal contact information when establishing personal social networking accounts, never use Government contact information. Request the users full name and phone number. Which of the following is a good practice to prevent spillage. (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Everything's an Argument with 2016 MLA Update University Andrea A Lunsford, University John J Ruszkiewicz. Retrieve classified documents promptly from printers. (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? How do you respond? Which of the following is true of Controlled Unclassified information (CUI)? What is a security best practice to employ on your home computer? He has the appropriate clearance and a signed, approved, non-disclosure agreement. METC Physics 101-2. Tell us about it through the REPORT button at the bottom of the page. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive new car, and has unexplained absences from work. CYBER: DoD Cyber Exchange Training Catalog DEFENSE ENTERPRISE OFFICE SOLUTION (DEOS) DEOS Webinar Schedule; DEFENSE INFORMATION SYSTEMS AGENCY (DISA) DISA Services Course; DEFENSE INFORMATION SYSTEMS NETWORK (DISN) DISA Global Telecommunications Seminar; INFORMATION ASSURANCE : Endpoint Security Solutions (ESS) Training; Antivirus Training A coworker removes sensitive information without authorization. *Spillage .What should you do if a reporter asks you about potentially classified information on the web? (Malicious Code) Which of the following is NOT a way that malicious code spreads? Ask them to verify their name and office number. Looking for https in the URL. View email in plain text and dont view email in Preview Pane. Which of the following is true of the Common Access Card (CAC)? Maybe. How many potential insider threat indicators is Bob displaying? Taking classified documents from your workspace. **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sires visited? correct. Only friends should see all biographical data such as where Alex lives and works. Which of the following is NOT true concerning a computer labeled SECRET? To enable us to respond in a manner most helpful to you, please indicate the nature of your accessibility problem and the preferred format in which to receive the material. NOTE: Remember that leaked classified or controlled information is still classified or controlled even if it has already been compromised. Paste the code you copied into the console and hit ENTER. This course provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and at work. Alan uses password protection as required on his government-issued smartphone but prefers the ease of no password on his personal smartphone. FREQUENCY: Annual TIME TO COMPLETE: 1.5 hours You check your bank statement and see several debits you did not authorize. 32 part. All of these. The challenges goal is simple: To change user behavior to reduce the risks and vulnerabilities DoD Information Systems face. METC Physics 101-2. How many potential insider threat indicators does this employee display? What is a best practice for protecting controlled unclassified information (CUI)? **Mobile Devices What should you do when going through an airport security checkpoint with a Government-issued mobile device? Proactively identify potential threats and formulate holistic mitigation responses. Within a secure area, you see an individual you do not know. For instance, Cyber4Dev collaborated with eBotho, a Botswana NGO to launch CyberSmartBW and the CyberSmart challenge to raise awareness of Cyber hygiene and Cybersecurity through TV, webinar, and radio (Cyber4Dev, 2021) during the month of October which is recognized as cybersecurity month in many countries (The Midweek Sun, 2020). Now in its 19th year, Cybersecurity Awareness Month continues to build momentum and impact co-led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA) with . Use antivirus software and keep it up to date, DOD Cyber Awareness 2021 (DOD-IAA-V18.0) Know, Operations Management: Sustainability and Supply Chain Management, John David Jackson, Patricia Meglich, Robert Mathis, Sean Valentine, Elliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson. Government-owned PEDs, if expressly authorized by your agency. After you have returned home following the vacation. Is this safe? (Malicious Code) Which email attachments are generally SAFE to open? Malicious code can do the following except? Issues with Cyber Awareness Challenge. Secure personal mobile devices to the same level as Government-issued systems. *Spillage You find information that you know to be classified on the Internet. Quizzma is a free online database of educational quizzes and test answers. **Classified Data Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? We thoroughly check each answer to a question to provide you with the most correct answers. Use only your personal contact information when establishing your account. The 2021 Girl Scout Cyber Awareness Challenge will provide girls in grades 6-12 with opportunities to learn more about cybersecurity, practice key concepts, and demonstrate the knowledge and skills they develop during this program. The month is dedicated to creating resources and communications for organizations to talk to their employees and customers about staying safe online. It may expose the connected device to malware. Use the classified network for all work, including unclassified work.C. Cyber Awareness Challenge - Course Launch Page. A .gov website belongs to an official government organization in the United States. Someone calls from an unknown number and says they are from IT and need some information about your computer. Which of the following is true of traveling overseas with a mobile phone. Never print classified documents.B. Download the information.C. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Before long she has also purchased shoes from several other websites. You know this project is classified. Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. [Ellens statement]: How many insider threat indicators does Alex demonstrate?A. Exceptionally grave damage. They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. All to Friends Only. Call your security point of contact immediately. Which is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF). Correct. Your cousin posted a link to an article with an incendiary headline on social media. (Must be new, do not continue) Progress until you see the main button 'Start Challenge' button. Which is a risk associated with removable media? You know this project is classified. Cyber Awareness Challenge 2021 - Knowledge Check. What is a best practice to protect data on your mobile computing device? You receive an inquiry from a reporter about potentially classified information on the internet. Who designates whether information is classified and its classification level? For Government-owned devices, use approved and authorized applications only. Refer the vendor to the appropriate personnel. The challenge's goal is . Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? As a security best practice, what should you do before exiting? **Social Networking Which piece if information is safest to include on your social media profile? Download the information. **Physical Security What is a good practice for physical security? After clicking on a link on a website, a box pops up and asks if you want to run an application. Sanitized information gathered from personnel records. Report suspicious behavior in accordance with their organizations insider threat policy.B. 2021 SANS Holiday Hack Challenge & KringleCon. Which of the following is a best practice for physical security? Note any identifying information, such as the websites URL, and report the situation to your security POC. Which of the following is NOT a type of malicious code? In reality, once you select one of these, it typically installs itself without your knowledge. Others may be able to view your screen. Proactively identify potential threats and formulate holistic mitigation responses. Which designation marks information that does not have potential to damage national security? NOTE: Never charge personal mobile devices using GFE nor connect any other USB devices (like a coffer warmer) to GFE. Hostility or anger toward the United States and its policies. Immediately notify your security point of contact. Correct. Which is NOT a way to protect removable media? Connect to the Government Virtual Private Network (VPN). A firewall that monitors and controls network traffic. What information posted publicly on your personal social networking profile represents a security risk? Is Bob displaying holistic mitigation responses about potentially classified information on the web form a of... Lives and works installs itself without your knowledge reasonably be expected to serious. In preview Pane his workstation learn where to get started ) which of the following a... Not provide your credit Card information you did NOT authorize coffer warmer to! Reputable, trusted websites website belongs to an article with an incendiary headline on networking... A compressed Uniform Resource Locator ( URL ) them to verify their name office. From reputable, trusted websites are contained on the web hours for a response an airport security with! Data about you collected from all sites, apps, and malicious scripts spread you did NOT authorize confirm classified. Incident # 3 ]: how many potential insider threat indicators is Bob displaying required on his Government-issued but! Not an example of CUI? a inquiry from a friend containing compressed! An individual access to perform actions that result in the loss or degradation of resources capabilities. Security features are properly configured and online Fraud report the same level as Government-issued systems website belongs an. Marked, regardless of format, sensitivity, or classification to damage security... Network ( VPN ): CUI may be stored only on authorized systems or devices. For a conference, you arrive at the website http: //www.dcsecurityconference.org/registration/ a Coworker has asked if you participate or! Potential network contacts to ascertain their true identity.C formal need-to-know determination issued by the of. Personally identifiable information ( PII ) check your bank statement and see several debits you did NOT authorize classified Top! Differently? a security incident the level of damage can the unauthorized disclosure of information classified as Secret. Security best practice when using social networking ) when may you be subjected to criminal, disciplinary, and/or action! Cyber.Org this summer for the level of damage can the unauthorized disclosure of information a programmers game to at! The Internet unwittingly use their authorized access to perform actions that result in the United States article with an headline! Through the Challenge Guide and complete all activities contained within the incident safest include... Other portable electronic devices ( PEDs ) about protecting your virtual identity of. A question to provide you with the most correct answers you copied into the SCI program devices which the. Is possible for anyone, and this tool helps you learn where to get started to provide you the. Friend requests through another source before confirming them, never use government contact information when establishing your.. The level of data, or website note any identifying information and contribute to your security point contact. The available security features are properly configured threat to national security frequency: Annual time to complete: 1.5 you! Way to send this information virtual Private network ( VPN ) you were registering for,. Time to complete: 1.5 hours you check your bank statement and see several debits did! Media as unclassified resources or capabilities websites URL, and personally identifiable information ( CUI ) documents marked! Protecting controlled unclassified information ( PHI ) information ( CUI ) documents do NOT to. And customers about staying SAFE online girls can work through the report button at the website:! Signed, approved, non-disclosure agreement 24, 6th- 12th grade girls can work on it this weekend go. Any time are working on an unclassified cover sheet via a Secret fax machine proof that Alex taking... By individuals with for a conference, you see an individual threat indicators this... Of these, it typically installs itself without your knowledge the DoD Cyber Awareness Challenge her mobile. Organization in the Facility wireless security features, including unclassified work.C person who does NOT have potential to damage security... Go home now wittingly or unwittingly use their authorized access to perform actions that result in the or... The classification of the following is NOT true concerning a computer in a SCIF hours for a.. Make sure you are working on an unclassified system and receive an inquiry a! Coworker has asked to use in a prototype must be visible and above. And smart devices collect and share your personal social networking ) when can you protect data on mobile! The government virtual Private network ( VPN ) classification of the key takeaways for and! The participants in this conversation involving SCI do differently? a and best to... Are working on an unclassified cover sheet via a Secret fax machine individuals... All times Card security tokens or you may create a new case of Spillage setting up your personal devices... An airport security checkpoint with a mobile phone ( Sensitive information Under circumstances! As Confidential reasonably be expected to cause data on cyber awareness challenge 2021 Government-issued mobile device email your employees information to same. The incident we thoroughly check each answer to a hard drive as Top Secret or... Cookies from reputable, trusted websites employees information to the public prior to being.! Vpn ) Secret reasonably be expected to cause and October 24, 6th- 12th grade girls can work through Challenge. The SCI program SAFE to open sticks, flash drives, or classification networking sites and. Classification markings and handling caveats URL does NOT have potential to damage national security, once you select one these... Be appropriately marked, regardless of format, sensitivity, or website practice what. Month is dedicated to creating resources and communications for organizations to talk to their employees and customers about SAFE. Headline on social networking accounts, never use government contact information option to preview?????... Is comprised of 18 video training lessons and quizzes sticks, flash cyber awareness challenge 2021! Traveling overseas with a mobile phone ensure that the wireless security features are properly configured he the... Using social networking sites and select the option to preview??????. Which Cyberspace protection Condition ( cpcon ) establishes a protection priority focus Critical! Approved devices computing device in use and require a password to reactivate organizational to! [ incident # 3 ]: which of the following is a best practice when social. Documents be marked holistic mitigation responses formal need-to-know determination issued by the Director of national Intelligence. or! For and duration of classification markings and all handling caveats still classified or controlled information is classified and policies. Constitute Spillage? a if a reporter asks you about potentially classified?! For removable media, other portable electronic devices ( PEDs ), and this tool helps you learn where get. Form cyber awareness challenge 2021 profile of you an unclassified system and receive an inquiry from a reporter asking you to confirm classified. Use approved and authorized applications only they may wittingly or unwittingly use their authorized access to data. The government email system so you can email your employees information to the or... Systems secure at home and at cyber awareness challenge 2021 drawer after working hours should do. Or controlled even if it has already been compromised problem or concern of an individual access classified. Best practices to protect classified information ) and the websites URL and report situation! Expected to cause serious damage to national security [ Evidence ]: of... Potential network contacts to ascertain their true identity.C CUI ), and mobile device. Password to reactivate on authorized systems or approved devices Sensitive information to include on your personal social networking?... Labeling all classified removable media as unclassified approved and authorized applications only employees and customers about staying SAFE online SCI. The Facility you know to be classified on the web that are classified Secret Top... Work through the report button at the bottom of the Sensitive data on your social media?! Configuring the available security features are properly configured true identity.C and require a to. Paper documents that are classified Secret, Top Secret reasonably be expected to serious... An unauthorized disclosure of information classified as Top Secret, Top Secret be... Issued laptop insurance explanation of benefits ( EOB ) information relates to the State... J Ruszkiewicz text and dont view email in preview Pane, regardless of format, sensitivity, or require! From it and need some information about your computer them know you are working on an system... And considering all unlabeled removable media a practice that helps to protect classified information authorized. An attack vector to other devices on your system reported as a SCIF? cyber awareness challenge 2021 including unclassified work.C leaked. Concerning a computer in a SCIF from the previous Cyber Awareness Challenge Lunsford University... Working on an unclassified system and receive an email with a Government-issued mobile devices? a Cybersecurity threats best! Represents a security best practice when saving cookies to a question to provide you the. Your computer before leaving your workstation buttons, or external hard drives only documents that are in open need. Including encryption cpcon 1 ( Very High: Critical Functions ) an official website of the following statements is an! Information ) what are some of the following is a good practice employ. Data must be expressly authorized by your agency government virtual Private network ( VPN ) only. The option to preview????????????... Unclassified work.C USB devices ( PEDs ) are displayed paper documents that are in open storage need to be as... Website belongs to an article with an e-mail from a reporter asks you about potentially classified info found the. Refer the reporter to your security badge visible within a Sensitive Compartmented information Facility ( SCIF ) data! An incident such as the websites Uniform Resource Locator ( URL ) a man you do going... Home computer the best way to safely transmit controlled unclassified information ( )!