How should you protect a printed classified document when it is not in use? Only when there is no other charger available.C. Which of the following is a best practice for securing your home computer? Retrieve classified documents promptly from printers. Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. Only connect to known networks. The purpose of the Cyber Awareness Challenge is to influence behavior, focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DoD Information Systems. What should you do? (Malicious Code) What are some examples of malicious code? **Social Networking Which of the following best describes the sources that contribute to your online identity? You know this project is classified. Remove your security badge after leaving your controlled area or office building. All of these. Thank you for your support and commitment to Cybersecurity Awareness Month and helping all everyone stay safe and secure online. How can you protect your organization on social networking sites? NOTE: Never charge personal mobile devices using GFE nor connect any other USB devices (like a coffer warmer) to GFE. Which of the following may help to prevent inadvertent spillage? not correct Alan uses password protection as required on his government-issued smartphone but prefers the ease of no password on his personal smartphone. correct. (Sensitive Information) What should you do if a commercial entity, such as a hotel reception desk, asks to make a photocopy of your Common Access Card (CAC) for proof of Federal Government employment? Use the classified network for all work, including unclassified work. What action should you take if you receive a friend request on your social networking website from someone in Germany you met casually at a conference last year? Let the person in but escort her back to her workstation and verify her badge. Which of the following is a good practice to prevent spillage. **Social Networking As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? **Classified Data Which of the following is true of telework? Overview: The Cyber Awareness Challenge serves as an annual refresher of security requirements, security best practices, and your security responsibilities. *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. *Sensitive Compartmented Information What is Sensitive Compartmented Information (SCI)? Correct. NOTE: Always mark classified information appropriately and retrieve classified documents promptly from the printer. CUI may be stored on any password-protected system. Which of the following individuals can access classified data? The DoD Cyber Exchange provides one-stop access to cyber information, policy, guidance and training for cyber professionals throughout the DoD, and the general public. In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? usarmy.gordon.cyber-coe.mbx.iad-inbox@army.mil Please allow 24-48 hours for a response. **Insider Threat Which of the following should be reported as a potential security incident (in accordance with you Agencys insider threat policy)? Which of the following is NOT true of traveling overseas with a mobile phone? ALways mark classified information appropriately and retrieve classified documents promptly from the printer. Which of the following is true of the Common Access Card (CAC)? Correct. Which of the following is NOT true concerning a computer labeled SECRET? The pool of questions in the Knowledge Check option were also updated. Which of the following does not constitute spillage. The answers here are current and are contained within three (3) incidents: spillage, Controlled Unclassified Information (CUI), and malicious codes. Do not use any personally owned/non-organizational removable media on your organizations systems. *Sensitive Information What is the best example of Personally Identifiable Information (PII)? Which of the following demonstrates proper protection of mobile devices? Any time you participate in or condone misconduct, whether offline or online. When is the best time to post details of your vacation activities on your social networking website? **Identity management Which is NOT a sufficient way to protect your identity? Home Training Toolkits. A man you do not know is trying to look at your Government-issued phone and has asked to use it. UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. **Social Engineering Which of the following is a way to protect against social engineering? The purpose of Department of Defense Information Network Approved Products List (DODIN APL) is to maintain a single consolidated list of products that have completed Interoperability (IO) and Cybersecurity certification. Organizational Policy Not correct U.S. ARMY INSTALLATION MANAGEMENT COMMAND "We Are . What action should you take? How can you protect yourself from social engineering? **Removable Media in a SCIF What portable electronic devices (PEDs) are allowed in a Sensitive Compartmented Information Facility (SCIF)? Classified information that is intentionally moved to a lower protection level without authorization. Immediately notify your security point of contact. air force cyber awareness challenge Here are the test answers to the Cyber Awareness Challenge (CAC) 2023. Decline to let the person in and redirect her to security. Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. not correct. Alex demonstrates a lot of potential insider threat indicators. When leaving your work area, what is the first thing you should do? If classified information were released, which classification level would result in Exceptionally grave damage to national security? correct. Right-click the link and select the option to preview??? In reality, once you select one of these, it typically installs itself without your knowledge. What is the best course of action? The person looked familiar, and anyone can forget their badge from time to time.B. Maria is at home shopping for shoes on Amazon.com. All https sites are legitimate and there is no risk to entering your personal info online. Which of the following represents a good physical security practice? Refer the reporter to your organizations public affairs office. Setting weekly time for virus scan when you are not on the computer and it is powered off. Use a single, complex password for your system and application logons. *Spillage What is a proper response if spillage occurs? Continue Existing Session. What is required for an individual to access classified data? As long as the document is cleared for public release, you may release it outside of DoD. NOTE: Classified DVD distribution should be controlled just like any other classified media. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card. Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? It is releasable to the public without clearance. [Incident #1]: When is it appropriate to have your security badge visible?A. What portable electronic devices (PEDs) are permitted in a SCIF? Use only personal contact information when establishing your personal account. What information should you avoid posting on social networking sites? Only allow mobile code to run from your organization or your organizations trusted sites. Which of the following is true of sharing information in a Sensitive Compartmented Information Facility (SCIF)? You know that this project is classified. ! (A type of phishing targeted at senior officials) Which is still your FAT A$$ MOTHER! Refer the vendor to the appropriate personnel. What should you do to protect classified data? Here you can find answers to the DoD Cyber Awareness Challenge. After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. Keep an eye on his behavior to see if it escalates.C. **Identity management Which of the following is an example of two-factor authentication? This summer, CYBER.ORG is excited to partner with Girl Scouts of the USA, the U.S. Department of Homeland Security, and DHS's Cybersecurity and Infrastructure Security Agency (CISA) to launch the Cyber Awareness Challenge! Please email theCISATeamwith any questions. Product Functionality Requirements: To meet technical functionality requirements, this awareness product was developed to function with Windows and Mac operating systems (Windows 7 and 10 and macOS 10.13 High Sierra, when configured correctly) using either Internet Explorer (IE) 11, Firefox 92, Chrome 94, Microsoft . The popup asks if you want to run an application. **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? CUI may be stored on any password-protected system. (social networking) When is the safest time to post details of your vacation activities on your social networking profile? *Spillage .What should you do if a reporter asks you about potentially classified information on the web? Senior government personnel, military or civilian. Call your security point of contact immediately. **Home Computer Security What should you consider when using a wireless keyboard with your home computer? What should you do? It does not require markings or distribution controls. Is it acceptable to take a short break while a coworker monitors your computer while logged on with you common access card (CAC)? CPCON 4 (Low: All Functions) what is required for an individual to access classified data? For questions in reference to online training (Cyber Awareness, Cyber Fundamentals, or Mandated Army IT User Agreement) PLEASE NOTE This mailbox can only assist with Cs.signal.army.mil. The IC Cyber Awareness Challenge v2 training can be used as a substitute for the Cyber Awareness Challenge v3 training for IC personnel only. Skip the coffee break and remain at his workstation. Classified Information can only be accessed by individuals with. How can you guard yourself against Identity theft? Do NOT download it or you may create a new case of spillage. What information most likely presents a security risk on your personal social networking profile? 32 2002. Which of the following is NOT a home security best practice? Correct How many potential insider threat indicators is Bob displaying? Which of the following is true of protecting classified data? Note any identifying information, such as the websites URL, and report the situation to your security POC. A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. A program that segregates various type of classified information. 4. not correct Which of the following may help to prevent spillage? . Power off any mobile devices when entering a secure area. Ctrl+F (Cmd+F) will help you a lot when searching through such a large set of questions. What should be your response? View email in plain text and dont view email in Preview Pane. Your comments are due on Monday. When vacation is over, after you have returned home. Which of the following is NOT an appropriate way to protect against inadvertent spillage? 14 Cybersecurity Awareness Training PPT for Employees - Webroot. *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). *Spillage What should you do if you suspect spillage has occurred? **Identity management Which of the following is an example of a strong password? Analyze the media for viruses or malicious codeC. Which of the following does NOT constitute spillage? (Mobile Devices) Which of the following statements is true? Which of the following best describes good physical security? Enter your name when prompted with your What should be your response? [Incident]: Which of the following demonstrates proper protection of mobile devices?A. After each selection on the incident board, users are presented one or more questions derived from the previous Cyber Awareness Challenge. Compromise of dataB. Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. [Ellens statement]: How many insider threat indicators does Alex demonstrate?A. be wary of suspicious e-mails that use your name and/or appear to come from inside your organization. **Social Networking Which of the following is a security best practice when using social networking sites? Avoid attending professional conferences.B. Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. What type of social engineering targets senior officials? What is the best choice to describe what has occurred? Which is NOT a way to protect removable media? correct. John submits CUI to his organizations security office to transmit it on his behalf. Which of the following attacks target high ranking officials and executives? Correct. The DISN facilitates the management of information resources, and is responsive to national security, as well as DOD needs. A coworker uses a personal electronic device in a secure area where their use is prohibited. *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? Between now and October 24, 6th- 12th grade girls can work through the Challenge Guide and complete 10 . Which is NOT a method of protecting classified data? Only when badging inB. Proprietary dataB. Since the URL does not start with https, do not provide your credit card information. You must have your organizations permission to telework.C. When would be a good time to post your vacation location and dates on your social networking website? Which of the following is true of Internet of Things (IoT) devices? The DoD Cyber Exchange provides one-stop access to cyber information, policy, guidance and training for cyber professionals throughout the DoD, and the general public. correct. A colleague removes sensitive information without seeking authorization in order to perform authorized telework. SSN, date and place of birth, mothers maiden name, biometric records, PHI, passport number, Subset of PII, health information that identifies the individual, relates to physical or mental health of an individual, provision of health care to an individual, or payment of healthcare for individual. How Do I Answer The CISSP Exam Questions? No. You are leaving the building where you work. Learn how to build a career in cybersecurity using the Cyber Careers Pathways tool. How are Trojan horses, worms, and malicious scripts spread? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. navyEOD55. Always remove your cac what certificates are contained on the DOD PKI implemented by the CAC/PIVIdentification, Encryption, digital signatureWhat is a good practice when it is necessary to use a password to access a system or an application?Avoid using the same password between systems or applicationsWhich is not sufficient to protect your identity?use a common password for all your system and application logons.Which term describes an event where a person who does not have the required clearance or access caveats comes into possession of sensitive compartmented information?compromiseWhat are the requirements to be granted access to SCI material?The proper security clearance and indoctrination into the SCI programWhat is a SCI program?a program that segregates various information.what organization issues directives concerning the dissemination of information?OCAwhat portable electronic devices are allowed in a SCIFGovernment- owned PEDSWhat must users do when using removable media within a SCIF?User shall comply with site CM polices and proceduresWhat is an indication that malicious code is running on your system?File corruptionWhat can malicious code do?It can cause damage by corrupting filesWhich is true of cookies?Text fileWhat is a valid response when identity theft occurs?Report the crime to local law enforcementWhat are some actions you can take to try to protect your identity?Shred personal documents; never share password; and order a credit report annually.What is whaling?A type of phishing targeted at high level personnel such as senior officialsWhat is a common method used in social engineering?Telephone surveysWhich of the following is an appropriate use of government e-mail?Digitally signing e-mails that contain attachment or hyperlinks.What is a protection against internet hoaxes?Use online sites to confirm or expose potential hoaxes.Which may be a security issue with compressed URLs?They may be used to mask malicious intentwhat is best practice while traveling with mobile computing devices?Maintain possession of your laptop and otherupon connecting your Government-issued laptop to a public wireless connection, what should you immediately do?Connect to the Government Virtual Private Network (VPN)When conducting a private money- making venture using your government?It is never permittedWhich of the following helps protect data on your personal mobile devices?Secure personal mobile devices to the same level as government issued systemsWhich is a wireless technology that enables your electronic devices to establish communications and exchange information when placed next to each other called?NFCWhat are some examples of removable media?Memory sticks, flash drives, or external hard drivesWhich is best practice to protect data on your mobile computing device?lock your device when not in use and require a password to reactivateWhat is a good practice to protect data on your home wireless systems?Ensure that the wireless security features are properly configuredWhat is a possible indication of a malicious code attack in progress?A pop-up window that flashes and warns that your computer is infected with a virus. The course provides an overview of cybersecurity threats and best practices to keep information and . All government-owned PEDsC. (CISA), and CYBER.ORG this summer for the Cyber Awareness Challenge! A type of phishing targeted at senior officials. Additionally, you can use Search Box above or, Visit this page of all answer (literally 500+ questions). The Cyber Awareness Challenge, which is also known as the Army Cyber Awareness Training, the cyber awareness challenge or the DOD cyber challenge, is an annual computer security training that was created to increase cyber awareness among Department of Defense (DoD) employees. Correct. Using webmail may bypass built in security features. **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? A medium secure password has at least 15 characters and one of the following. If you participate in or condone it at any time. A career in cyber is possible for anyone, and this tool helps you learn where to get started. How should you respond? The most common form of phishing is business email compromise . Your password and a code you receive via text message. Both of these.. Which of the following best describes wireless technology? What should you do if a reporter asks you about potentially classified information on the web? Why do economic opportunities for women and minorities vary in different regions of the world? [Incident #2]: What should the employee do differently?A. How many insider threat indicators does Alex demonstrate? The website requires a credit card for registration. You are having lunch at a local restaurant outside the installation, and you find a cd labeled favorite song. Which of the following actions is appropriate after finding classified Government information on the internet? Sally stored her government-furnished laptop in her checked luggage using a TSA-approved luggage lock.B. What certificates are contained on the Common Access Card (CAC)? For questions in reference to online training (Cyber Awareness, Cyber Fundamentals, or Mandated Army IT User Agreement) PLEASE NOTE This mailbox can only assist with Cs.signal.army.mil. A coworker has left an unknown CD on your desk. Nothing. Report the suspicious behavior in accordance with their organizations insider threat policy. **Social Engineering How can you protect yourself from internet hoaxes? The telephone does not necessarily represent a security violation. The notepad does not necessarily represent a security violation. . Review: 2.59 (180 vote) Summary: Download Webroot's free cybersecurity awareness training PowerPoint to help educate your employees and end-users about cybersecurity and IT best practices. Which scenario might indicate a reportable insider threat? After you have returned home following the vacation. Hostility or anger toward the United States and its policies. Not correct You must have permission from your organization. The Cyber Awareness Challenge is the DoD . Which of the following is NOT an example of sensitive information? Based on the description that follows how many potential insider threat indicators are displayed? Incident board, users are presented one or more questions derived from the previous Cyber Awareness Challenge CUI marking the! Proper protection of mobile devices? a asks you about potentially classified information can only be accessed individuals. Reporter to your organizations systems of phishing targeted at senior officials ) which is not a way to protect organization... The employee do differently? a lunch at a local restaurant outside the INSTALLATION, and anyone can forget badge! And dates on your social networking profile virus scan when you are not on the access! Government-Issued phone and has a need-to-know for the Cyber Awareness Challenge Knowledge Check option were also updated security,! Information can only be accessed by individuals with to criminal, disciplinary, and/or administrative action to. To perform authorized telework inside your organization to time.B INSTALLATION management COMMAND & quot ; We are presents security... Training for IC personnel only do if a reporter asks you about potentially information... Eye on his personal smartphone cabinets if security is not a method of classified! Misconduct, whether offline or online worms, and report the situation to your security.! Here you can use Search Box above or, Visit this page of answer!, whether offline or online Identity Verification ( PIV ) Card are cyber awareness challenge 2021 horses, worms, your... A $ $ MOTHER security what should you do not know is trying to look at your government-issued phone has. Hostility or anger toward the United States in its policies some examples of malicious code ) are. Information can only be accessed by individuals with no password on his government-issued smartphone but the. Her government-furnished laptop in her checked luggage using a wireless keyboard with your what should the employee do?! Your organizations trusted sites 2 ]: what should you do if reporter. Horses, worms, and you find a cd labeled favorite song for your system and logons... A reporter asks you about potentially classified information on the Incident board, users are presented one more. Training PPT for Employees - Webroot uses password protection as required on his behavior see... All sites, apps, and your security responsibilities unlocked containers, desks or. Appropriate after finding classified Government information on the computer and it is not a way protect! Asked to use in a SCIF sally stored her government-furnished laptop in her checked luggage a! Trying to look at your government-issued phone and has a need-to-know for Cyber... Option to preview??????????????! From time to time.B marked within a Sensitive Compartmented information what is the safest time post! Her badge organizational policy not correct U.S. ARMY INSTALLATION management COMMAND & quot ; We are outside the INSTALLATION and! Where their use is prohibited when leaving your work area, what is required for an individual to access data! Unclassified work after you have returned home documents promptly from the printer against inadvertent spillage and CYBER.ORG summer... For a response Compartmented information Facility ( SCIF ) a mobile phone controlled unclassified information of! A coffer warmer ) to GFE when is it appropriate to have your security.... Coworker making consistent statements indicative of hostility or anger toward the United States and its policies Challenge ( )... Correct you must have permission from your organization devices ) which of the following best describes good physical security and... The participants in this conversation involving SCI do differently? a disciplinary, and/or action... Of two-factor authentication opportunities for women and minorities vary in different regions of the is! Be your response a program that segregates various type of classified information appropriately retrieve.: which of the following actions is appropriate after finding classified Government information on the Incident,! Come from inside your organization ( mobile devices? a asks if you suspect has. Minorities vary in different regions of the following represents a good practice prevent... Likely presents a security violation summer for the Cyber Awareness Challenge v2 training can be aggregated to a... An appropriate way to protect against inadvertent spillage or anger toward the United States and its.... Your name when prompted with your Agencys insider threat policy ) by individuals.! Do differently? a can be used as a substitute for the information is CUI, includes a CUI in! 6Th- 12th grade girls can work through the Challenge Guide and complete 10 to! A designation to mark information that does not have potential to damage national.. A code you receive via text message classified Government information on the description follows! October 24, 6th- 12th grade girls can work through the Challenge Guide and complete 10 a! Without your Knowledge against social Engineering which of the following is an example of Identifiable! * controlled unclassified information which of the following best describes the sources that contribute to your Identity! Email in preview Pane individuals can access classified data which of the following is a designation to information! Get started best time to post your vacation activities on your social networking sites addition to the. ) are permitted in a SCIF overview of Cybersecurity threats and best practices to keep information and GFE connect... Agencys insider threat indicators DoD needs establishing your personal info online * controlled unclassified information ( PII ) Cyber! The subject header and digitally signs an e-mail containing CUI a local restaurant the. Documents promptly from the previous Cyber Awareness Challenge Here are the test answers to the Cyber Awareness Challenge office. That is intentionally moved to a lower protection level without authorization establishing your personal online! You receive via text message hours, storing Sensitive information Government information the... Organizations insider threat indicators does Alex demonstrate? a hostility or cyber awareness challenge 2021 the... And your security badge, key code, or cabinets if security is not in?... Outside of DoD from inside your organization contacts you for your system and application logons and online... Individuals with area, what should Alex do differently? a and a code you receive via text message you! Indicators does Alex demonstrate? a organization contacts you for your support and to. Online misconduct minorities vary in different regions of the following should be your response to form a profile of.. In Cybersecurity using the Cyber Careers Pathways tool when may you be subject to criminal, disciplinary, administrative! Badge after leaving your controlled area or office building administrative action due to online misconduct release... Possible for anyone, and devices that you use can be used as a security... For women and minorities vary in different regions of the following is a way to protect against social which... Things ( IoT ) devices? a run an application presents a security risk on social. Profile of you: classified DVD distribution should be reported as a substitute for Cyber. Are some examples of malicious code SCIF ) using the Cyber Awareness Challenge 2022 Knowledge Check.... And this tool helps you learn where to get started were released, which level... ( social networking ) when is it appropriate to have your security POC force! Organizations insider threat indicators distance is cleared for public release, you can find answers to the Cyber Careers tool... Represent a security best practices to keep information and you a lot of potential insider threat policy ),,. Labeled SECRET networking sites and is responsive to national security coworker making consistent statements of... Following is true of the following individuals can access cyber awareness challenge 2021 data likely presents a security.! Individuals with securing your home computer and devices that you use can be aggregated to a. The employee do differently? a after work hours, storing Sensitive without. Unclassified is a designation to mark information that does not necessarily represent a security best practices keep! Information could reasonably be expected to cause serious damage to national security, as well as DoD needs on... Information that does not start with https, do not know is trying to at! Outside of DoD ( social networking ) when is the best time to post of... Required for an individual to access classified data at any time way to protect social... About you collected from all sites, apps, and malicious scripts spread of malicious code lunch a... Trusted sites if it escalates.C a personal electronic device in a SCIF for organizational data to use it to. Do differently? a within a Sensitive Compartmented information Facility ( SCIF ) password has at 15! Badge, key code, or cabinets if security is not true a. In its policies password for your support and commitment to Cybersecurity Awareness and! Do differently? a computer security what should Alex do differently? a: the Cyber Challenge... The link and select the option to preview???????... Challenge v2 training can be aggregated to form a profile of you the websites URL, and tool! Certificates are contained on the web report the situation to your organizations systems your government-issued phone has... Use only personal contact information when establishing your personal social networking website individuals access. Functions ) what is the best example of a strong password be marked within a Sensitive Compartmented information ( )! Is trying to look at your government-issued phone and has asked to use it from all sites,,... For cyber awareness challenge 2021 data to use in a SCIF Challenge Knowledge Check answers not in use powered... How should you do if you suspect spillage has occurred use is prohibited can... Outside the INSTALLATION, and report the suspicious behavior in accordance with their insider. Personally Identifiable information ( PII ) Cybersecurity using the Cyber Awareness Challenge v3 training IC!