- 7. Mai 2023
- Posted by:
- Category: Allgemein
Following instructions from verified personnel. \text{Asset}&&&\text{Debit}\\ Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. Assuming open storage is always authorized in a secure facility. Note any identifying information and the websites Uniform Resource Locator (URL). Follow procedures for transferring data to and from outside agency and non-Government networks. Use personal information to help create strong passwords. **Insider Threat What do insiders with authorized access to information or information systems pose? If aggregated, the classification of the information may not be changed. **Insider Threat What type of activity or behavior should be reported as a potential insider threat? Incident #2 What should you do? These are tangible items that the Contractor must manage and account for. Not correct. Which of the following is true of telework? Which of the following is NOT an example of CUI? If your organization allows it. Which of the following is NOT a correct way to protect sensitive information? On a computer displaying a notification to update the antivirus softwareB. How was one of the weaknesses of a free enterprise economy illustrated by the Great Depression? Which of the following is NOT sensitive information? (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? It may expose the connected device to malware. Avoid talking about work outside of the workplace or with people without a need-to-know. *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Report the crime to local law enforcement. They can be part of a distributed denial-of-service (DDoS) attack. No, you should only allow mobile code to run from your organization or your organizations trusted sites. Which of the following best describes good physical security? Which of the following statements is true of cookies? We use some essential cookies to make this website work. (Identity Management) Which of the following is an example of two-factor authentication? Select the information on the data sheet that is protected health information (PHI). **Mobile Devices Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? You should only accept cookies from reputable, trusted websites. This directive provides FSIS Federal and non-Federal employees (e.g., contractors) with instructions regarding the acceptable and unacceptable use of FSIS government-furnished equipment (GFE) (e.g., telecommunications resources, computers, laptops, and smartphones) and Government-issued e-mail addresses when conducting government business both GO1 1.4.6. Which of the following should you do immediately? 2) Difficult life circumstances, such as death of spouse. How can you avoid downloading malicious code? Hold the conversation over e-mail or instant messenger to avoid being overheard. *Spillage Which of the following actions is appropriate after finding classified information on the Internet? Use the classified network for all work, including unclassified work. **Social Engineering Which of the following is a way to protect against social engineering? **Physical Security What is a good practice for physical security? You must have permission from your organization. This may be a malicious code attack. a. (controlled unclassified information) Which of the following is NOT an example of CUI? Exceptionally grave damage. DASA reserves the right to disclose on a confidential basis any information it receives from you during the procurement process to any third party engaged by DASA for the specific purpose of evaluating or assisting DASA in the evaluation of your proposal. What are some potential insider threat indicators? Exposure to malware. What should you do? A coworker has left an unknown CD on your desk. Your DOD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the Non-classified Internet Protocol Router Network (NIPRNet). Based on the description that follows how many potential insider threat indicators are displayed? Dont allow other access or to piggyback into secure areas. What information posted publicly on your personal social networking profile represents a security risk? Classified information that is accidentally moved to a lower classification or protection level. How should you respond? (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? The container prevents malware, intruders, system resources or other applications from interacting with the . Setting weekly time for virus scan when you are not on the computer and it is powered off. Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. When is it appropriate to have your security badge visible? Your favorite movie. website belongs to an official government organization in the United States. Note any identifying information and the websites URL. The determination of GFE is usually made by the government Program Manager (PM) and Contracting Officer. Store it in a locked desk drawer after working hours. Best wishes answered by admic (1.0m points) selected by voice. Decisions to provide GFE must be identified and a comparison made of the cost difference between using GFE or CFE. Which of the following is true of using DoD Public key Infrastructure (PKI) token? In providing Government Property to a Contractor the Contracting Officer must also make sure that a Contractor is not given an unfair competitive advantage over another Contractor who may not have Government Property. Do not access website links in e-mail messages. Country A has a (n) ___ in the production of a good if it can produce the good at lower opportunity cost than country B . Report the crime to local law enforcement. Storage devices (e.g., USB memory sticks, hard drives, etc.) Sensitive information may be stored on any password-protected system. All PEDs, including personal devices b. P2P (Peer-to-Peer) software can do the following except: Allow attackers physical access to network assets. The determination of GFE is usually made by the government Program Manager (PM) and Contracting Officer. Which of the following is NOT a potential insider threat? For your proposal to be accepted for assessment, you must tick a box to confirm your organisations unqualified acceptance of DASA terms and conditions for the respective competition. b. Beware of sudden flashing pop-ups that warn your computer is infected with a virus. Which of the following is NOT true of traveling overseas with a mobile phone? You receive an email from a company you have an account with. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Maybe. What type of data must be handled and stored properly based on classification markings and handling caveats? Always take your CAC when you leave your workstation. endstream endobj 1069 0 obj <>/Metadata 18 0 R/Pages 1066 0 R/StructTreeRoot 22 0 R/Type/Catalog/ViewerPreferences 1083 0 R>> endobj 1070 0 obj <>/MediaBox[0 0 842.04 595.32]/Parent 1066 0 R/Resources<>/Font<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI]>>/Rotate 0/StructParents 0/Tabs/S/Type/Page>> endobj 1071 0 obj <>stream They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. HHS published the HHS Memorandum: the Use of Government Furnished Equipment during Foreign Travel. If aggregated, the information could become classified. *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? Call your security point of contact immediately. (social networking) Which of the following is a security best practice when using social networking sites? Correct. Full Rights Versions only contain Foreground Information information generated under the work that we contract with you. (Spillage) What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? You are misusing a Government vehicle when you use it for your personal benefit as opposed to using it for the benefit of the Government. Which of the following is an example of malicious code? Which of the following should you NOT do if you find classified information on the internet? Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. Which of the following is true of the Common Access Card (CAC) or Personal Identity Verification (PIV) card? Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? c. Remove his CAC and lock his workstation. Never use personal e-mail accounts for transmitting PII. \end{array} When checking in at the airline counter for a business trip Decline so that you maintain physical contact of your Government-issued laptop. Which of the following is an example of malicious code? A type of phishing targeted at high-level personnel such as senior officials. Three or more. CPCON 2 (High: Critical and Essential Functions) Only when badging in b. Please note that this process will take as long as necessary and could take up to 6 weeks in some cases for non-UK nationals. CUI must be handled using safeguarding or dissemination controls. An investment in knowledge pays the best interest.. It contains certificates for identification, encryption, and digital signature. You should submit your priced proposal using a staged approach, detailing deliverables and prices for work that can be done before and after getting ethical approval. Sensitive Compartmented Information (Incident #3): What should the participants in this conversation involving SCI do differently? d. All of these. Only friends should see all biographical data such as where Alex lives and works. What should the owner of this printed SCI do differently? **Social Networking Which of the following information is a security risk when posted publicly on your social networking profile? *Sensitive Compartmented Information What must the dissemination of information regarding intelligence sources, methods, or activities follow? cyber-awareness permission government equipment action answer Under what circumstances is it acceptable to use your Government-furnished computer to check person e-mail asked in Internet by voice (263k points) internet internet-quiz cyber cyber-awareness government computer email personal policy answer where there would be significant financial or quality benefits to the work as a result of using GFA). *Sensitive Compartmented Information What is Sensitive Compartmented Information (SCI)? What is a valid response when identity theft occurs? Government furnished property can be designated as either equipment or material. *Controlled Unclassified Information Which of the following is NOT a correct way to protect CUI? c. Be aware of classified markings and all handling caveats. All https sites are legitimate and there is no risk to entering your personal info online. spillage definition cyber awareness. Mobile Devices (Incident): When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? *Sensitive Information Under which circumstances is it permitted to share an unclassified draft document with a non-DoD professional discussion group? (Malicious Code) What is a common indicator of a phishing attempt? Where any deliverable is subject to third party intellectual property rights (IPR) you must also describe this in your proposal. It is often the default but can be prevented by disabling the location function. Browse over 1 million classes created by top students, professors, publishers, and experts. Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? **Insider Threat Which type of behavior should you report as a potential insider threat? \text{Liability}&&\text{Debit}&\\ Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. Reviewing and configuring the available security features, including encryption. However, the equipment can be furnished by the Government if it is in the best interest of the Government to provide GFE for use by the contractor. After you have returned home following the vacation. Hes on the clock after all! *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? Sign up to get the latest information about your choice of CMS topics. Article Text. (Spillage) What is required for an individual to access classified data? This email is fake. endstream endobj startxref When may you be subject to criminal, disciplinary, and/or administrative action due to online harassment, bullying, stalking, hazing, discrimination, or retaliation? What portable electronic devices (PEDs) are permitted in a SCIF? To help with this, prices in your proposal must be supported by a full cost breakdown. Correct. Read more about MOD ethical approval and other regulations which may affect your work. You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? When would be a good time to post your vacation location and dates on your social networking website? Access to and use of the information of this website is at the user's risk. a. Incident The job cost sheet for Job 413 shows that $12,000 in direct materials has been used on the job and that$8,000 in direct labor cost has been incurred. Which of the following demonstrates proper protection of mobile devices? Never write down the PIN for your CAC. hbbd``b` $gE@eHLD tk%bUHT 9L,,F|` &1/ Security Classification Guides. (Insider Threat) Based on the description that follows, how many potential insider threat indicator(s) are displayed? *Spillage What should you do when you are working on an unclassified system and receive an email with a classified attachment? Which scenario might indicate a reportable insider threat? shall not modify, cannibalize, or make alterations to U.S. Forest Service property. \text{Dividends}&\text{Credit}&\text{Credit}&\\ Update now? 1.3 GENERAL REQUIREMENTS ***** NOTE: Indicate the configuration and layout for all food . What should the owner of this printed SCI do differently? Instruction Memorandum No. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. GFAE: Government-Furnished Aeronautical Equipment. For Government-owned devices, use approved and authorized applications only. You may use your personal computer as long as it is in a secure area in your home b. Submission Service reopen dates published. Controlled Unclassified Information: (Victim) Select the information on the data sheet that is protected health information (PHI). **Identity Management Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. Only expressly authorized government-owned PEDs. (Wrong). Building 5 We thoroughly check each answer to a question to provide you with the most correct answers. This bag contains your government-issued laptop. Delete email from senders you do not know. **Social Engineering How can you protect yourself from internet hoaxes? Official websites use .govA You know this project is classified. a. Avoid inserting removable media with unknown content into your computer. Proprietary data b. You must have your organizations permission to telework. Proactively identify potential threats and formulate holistic mitigation responses. Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? **Classified Data Which of the following is true of protecting classified data? Refer the reporter to your organizations public affairs office. Which of the following best describes good physical security? What is the best response if you find classified government data on the internet? How many potential insider threat indicators does this employee display? For proposals that we fund, in accordance with the Governments Transparency Agenda, we are required to publish information in respect of Contract documents, comprising: In addition to the above, for proposals that we fund we will publish on DASA website your organisation name and type; DASA reference (ACCxxxxxx) and project title; and contract value. Within a secure area, you see an individual you do not know. Government Furnished Equipment (GFE) (FAR Part 45) is equipment that is owned by the government and delivered to or made available to a contractor. Conducting a private g*mbling online. c. Report it to security. A trusted friend in your social network posts a link to vaccine information on a website unknown to you. How can you protect yourself from social engineering? Research the source of the article to evaluate its credibility and reliability. Correct. Army OPSEC level 1 (Newcomers & Refresher) 29 terms. If you receive a phone call from a stranger asking for information about your invoice payment process, you should: Crucial information about a user or organization can be gained through. Government requirements cannot otherwise be met. What should be your response? E-mailing your co-workers to let them know you are taking a sick day. This must include the overall price, but not a breakdown of the pricing structure if that detailed information can be redacted under the Freedom of Information Act. Download the information. Telework is only authorized for unclassified and confidential information. endstream endobj 1072 0 obj <>stream Government-furnished assets. Controlled Unclassified Information (CUI). Use only personal contact information when establishing personal social networking accounts, never use Government contact information. Which of the following is true about telework? a. A man you do not know is trying to look at your Government-issued phone and has asked to use it. CPCON 1 (Very High: Critical Functions) For any item to be covered by Medicare, it must 1) be eligible for a defined Medicare benefit category, 2) be reasonable and necessary for the diagnosis or treatment of illness or injury or to improve the functioning of a malformed body member, and 3) meet all other applicable Medicare statutory and regulatory requirements. Unclassified documents do not need to be marked as a SCIF. The Defence and Security Accelerator. c. This is never okay. Limited Rights Versions of deliverables wont be released by us outside of Government. Bob, a coworker, has been going through a divorce, has financial difficulties and is displaying hostile behavior. Use of Government Furnished Equipment (GFE) During Foreign Travel. How can you protect your information when using wireless technology? What is a security best practice to employ on your home computer? Is it okay to run it? **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? Insider threat: (Alexs statement) In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? How many potential insider threat indicators does this employee display? T/F. Which of the following is NOT a home security best practice? Only use a government-issued thumb drive to transfer files between systems. How can you protect data on your mobile computing and portable electronic devices (PEDs)? Which of the following is not Controlled Unclassified Information (CUI)? Only use Government-furnished or Government-approved equipment to process PII. (Malicious Code) What are some examples of removable media? The email provides a website and a toll-free number where you can make payment. Disclaimer: AcqNotes is not an official Department of Defense (DoD), Air Force, Navy, or Army website. Store classified data in a locked desk drawer when not in use Maybe <>/Metadata 317 0 R/ViewerPreferences 318 0 R>> Adversaries exploit social networking sites to disseminate fake news. means youve safely connected to the .gov website. correct. What certificates are contained on the Common Access Card (CAC)? Therefore, analyses must be performed to determine the optimal approach. In which situation below are you permitted to use your PKI token? You must have your organizations permission to telework. They broadly describe the overall classification of a program or system. https:// What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. Proactively identify potential threats and formulate holistic mitigation responses. Who designates whether information is classified and its classification level? \text{Income statement accounts:}&&&\\ The website requires a credit card for registration. IRS employees are permitted to utilize secure Public Wi-Fi access (e.g., hospital, Internet caf, coffee shop, public library). **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? An official website of the United States government What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? Government Furnished Equipment (GFE) is the generic term for materiel loaned to a contractor. What security device is used in email to verify the identity of sender? Turn on automatic downloading b. Attempting to access sensitive information without need-to-know. **Identity management Which is NOT a sufficient way to protect your identity? How can you protect your organization on social networking sites? A total of 200 units were produced in Job 413. b. Its a condition of the contract that, as certain work must be justified ethically as well as scientifically, we reserve the right to terminate the work with immediate effect if you dont gain the relevant approval. Which Of The Following Is Not A Correct Way To Protect CUI. Which of the following is NOT a security best practice when saving cookies to a hard drive? CPCON 4 (Low: All Functions) What information sources do you think students on your campus use when acquiring dress clothes? Find out about the Energy Bills Support Scheme, Armed forces and Ministry of Defence reform, Defence and Security Accelerator (DASA) Open Call for Innovation, Defence and Security Accelerator: ethical, legal and regulatory guidance, Technology concept and/or application formulated, Analytical and experimental critical function and/or characteristic proof of concept, Technology basic validation in a laboratory environment, Technology basic validation in a relevant environment, Technology model or prototype demonstration in a relevant environment, Technology prototype demonstration in an operational environment, Actual technology completed and qualified through test and demonstration, Actual technology qualified through successful mission operations, projects or manpower that is currently receiving funding or has already been funded from elsewhere in government, concepts which are not novel or innovative.