army cyber awareness challenge 2022

<>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 612 792] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> *UNCONTROLLED CLASSIFIED INFORMATION*. Is it okay to run it? 0000001509 00000 n : Your password and the second commonly includes a text with a code sent to your phone, 44. : Do not access website links, buttons, or graphics in e-mail. Which is a risk associated with removable media? Lock your device screen when not in use and require a password to reactivate. A Knowledge Check option is available for users who have successfully completed the previous version of the course. Spillage because classified data was moved to a lower classification level system without authorization. : A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. 41. 10. 290 33 *Spillage : Viruses, Trojan horses, or worms, 27. : Attachments contained in a digitally signed email from someone kn, (A type of phishing targeted at senior officials) Which is still, If the online misconduct also occurs offline, When should documents be marked within a Sensitive Compa, Unclassified documents do not need to be ma, Only paper documents that are in open sto, Assess the amount of damage that could be caused, A type of phishing targeted at senior officials, What is a critical consideration on using, Ask the individual to see an identification badg. endstream endobj 291 0 obj <. (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authoriza- tion? Which of the following best describes the sources that contribute to your online identity? The potential for unauthorized viewing of work-related information displayed on your screen. Is this, safe? : Note any identifying information and the website's Uniform Resource Locator (URL). When vacation is over, after you have returned home. Individuals who participate in or condone misconduct, whether offline or online, may be subject to criminal, disciplinary, and/or administrative action. (Sensitive Information) What guidance is available from marking Sensi- tive Information information (SCI)? Which of the following is NOT considered a potential insider threat indica- tor? *SENSITIVE COMPARTMENTED INFORMATION*. When should documents be marked within a Sensitive Compartmented Information Facility (SCIF): ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. : Sensitive infor- mation may be stored on any password-protected system. You will then be able to save the certificate as a Portable Document Format (PDF). Approved Security Classification Guide (SCG). Product Functionality Requirements: To meet technical functionality requirements, this awareness product was developed to function with Windows and Mac operating systems (Windows 7 and 10 and macOS 10.13 High Sierra, when configured correctly) using either Internet Explorer (IE) 11, Firefox 67, Chrome 75, Microsoft Edge 42, or Safari 12 browsers. When is the safest time to post details of your vacation activities on your social networking profile? 1. Cyber Awareness Challenge 2023 is Online! New interest in learning a foregin language. @870zpVxh%X'pxI[r{+i#F1F3020d`_ if>}xp20Nj9: bL How should you respond? : Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. : Immediately notify your security point of contact. : laptops, fitness bands, tablets, smartphones, electric readers, and Blue- tooth devices. : Legitimate software updates. : Flash Drive. Since the URL does not start with https, do not provide you credit card information. : New interest in learning a foregin language. 0000003201 00000 n Which of the following is an example of Protected Health Information (PHI)? <> Insiders are given a level of trust and have authorized access to Government information systems. What should you do? How should you respond to the theft of your identity? (Sensitive Information) What must the dissemination of information re- garding intelligence sources, methods, or activities follow? endobj Store it in a shielded sleeve to avoid chip cloning. : If the online misconduct also occurs offline, ~If you participate in or condone it at any time, If you participate in it while using DoD information systems only, If you participate in or condone it during work hours only, Which of the following information is a security risk when posted publicly on your social networking profile? : Others may be able to view your screen. Which of the following is a way to protect against social engineering? (Malicious Code) A coworker has asked if you want to download a pro- grammer's game to play at work. 22. 0 0 cyberx-sk cyberx-sk 2022-11-01 14:08:01 2022-11-01 14:08:01 Request for comments - DISA releases the draft Cloud Computing Mission Owner SRG for review. A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control. : Ask the individual for identification, Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the NIPRNet. : It includes a threat of dire circumstances. Found a mistake? 0000009188 00000 n (GFE) When can you check personal e-mail on your Government-fur- nished equipment (GFE)? : It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number. 53. Use a common password for all your system and application logons. Sociology Cyber Awareness Challenge 2022 4.5 (4 reviews) Term 1 / 92 *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Subscribe to our mailing list to receive an update when new notes are published! What is a valid response when identity theft occurs? What is a best practice while traveling with mobile computing devices? : Mark SCI documents appropriately and use an approved SCI fax machine. 0000011071 00000 n What action should you take? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. 2. 37. 0000011141 00000 n : Identification, encryption, and digital signature, 18. (URLs)? A coworker removes sensitive information without approval. : Identify and disclose it with local Configuration/Change Management Control and Property Management authori- ties, After visiting a website on your Government device, a popup appears on your screen. Mark SCI documents appropriately and use an approved SCI fax machine. Which of these is true of unclassified data? : Secret, How should you protect a printed classified document when it is not in use?-, : Store it in a General Services Administration (GSA)-approved vault or container. : Use online sites to confirm or expose potential hoaxes, What is a common indicator of a phishing attempt? Passing Grades. : 1 indicator, What advantages do "insider threats" have over others that allows them to cause damage to their organizations more easily? Based on the description that follows, how many potential insider threat indicator(s) are displayed? : A smartphone that transmits credit card payment information when held in proximity to a credit card reader. : 3 or more indicators. 0000006504 00000 n 0000015315 00000 n Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? : You must have permission from your organization. What should you do when you are working on an unclassified system and receive an email with a classified attachment? What is TRUE of a phishing attack? While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. (Malicious Code) Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. : A, coworker removes sensitive information without authorization. Who can be permitted access to classified data? : Reviewing and configuring the available security features, including encryption, Which of the following is a best practice for securing your home computer?-. Which of the following actions can help to protect your identity? : If you participate in or condone it at any time, 38. : Insiders are given a level of trust and have authorized access to Government information systems. National Centers of Academic Excellence in Cybersecurity (NCAE-C), Public Key Infrastructure/Enabling (PKI/PKE). 11. : Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card. : Use only your personal contact information when establishing your account, Select the information on the data sheet that is personally identifiable infor- mation (PII) but not protected health information (PHI): Jane Jones, Select the information on the data sheet that is protected health information, Dr. Baker was Ms. Jones's psychiatrist for three months. : Damage to national security. (Spillage) What should you do if a reporter asks you about potentially classified information on the web? 2022 In setting up your personal social networking service account, what email address should you use? Cyber Awareness Challenge 2022 Answers And Notes : Remove your security badge after leaving your controlled area or office building, Your cousin posted a link to an article with an incendiary headline on social media. (Spillage) When classified data is not in use, how can you protect it? 0000005657 00000 n : Inform your security point of contact, Which of the following is NOT an example of CUI? Ask for information about the website, including the URL. (Spillage) What advantages do "insider threats" have over others that allows them to cause damage to their organizations more easily? What should you do? : Ensure that the wireless security features are properly con- figured. : They can be part of a distributed denial-of-service (DDoS) attack. 0000002934 00000 n (Sensitive Information) Which of the following represents a good physical security practice? (Sensitive Information) What certificates are contained on the Common, Access Card (CAC)? Since the URL does not start with https, do not provide your credit card information. trailer 2 0 obj Which of the following is an example of near field communication (NFC)? 12. : 3 or more indicators, Which type of behavior should you report as a potential insider threat? What should you do? : Press release data. : After you have returned home following the vacation, 14. : - Government-owned PEDs, if expressly authorized by your agency. Which of the following is NOT an example of sensitive information? : (Answer) CPCON 2 (High: Critical and Essential Functions), CPCON 3 (Medium: Critical, Essential, and Support Functions) CPCON 4 (Low: All Functions), 42. : Deter- mine if the software or service is authorized. Which of the following is NOT a best practice to protect data on your mobile computing device? (Insider Threat) Based on the description that follows, how many potential insider threat indicator(s) are displayed? A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. Based on the description below how many potential insider threat indicators are present? : Remove your security badge after leaving your controlled area or office building. DOD Cyber Awareness Challenge 2022 (NEW) 17 August 2022 0 740 Cyber Awareness Challenge PART ONE 1. (Mobile Devices) Which of the following statements is true? : Phishing can be an email with a hyperlink as bait. 0000007211 00000 n : Follow instructions given only by verified personnel. What level of damage can the unauthorized disclosure of information clas- sified as Confidential reasonably be expected to cause? The email provides a website and a toll-free number where you can make payment. Which of the following is a practice that helps to protect you from identity theft? What should you do if a reporter asks you about potentially classified infor- mation on the web? : Identification, encryption, and digital signature. This training is current, designed to be engaging, and relevant to the user. : Pictures of your pet, Which of the following is a security best practice when using social network- ing sites? : Since the URL does not start with "https," do not provide your credit card information. : A threat of dire conse- quence. : After you have returned home following the vacation. : Challenge people without proper badges. xref 13. : Investigate the link's actual destination using the preview feature, How can you protect yourself from internet hoaxes? Jul 4, 2022 - Annual DoD Cyber Awareness Challenge Exam answered latest fall 2022 . : Note any identifying information and the website's Uniform Resource Locator (URL). The popup asks if you want to run an application. Now is a good time to refresh your understanding of the social engineering scams targeting all of us and cyber hygiene best practices to protect against being hacked. : Secret, Which of the following is a good practice to protect classified information?-, : Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. : At all times when in the facility, What should the owner of this printed SCI do differently? As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? The website requires a credit card for registration. : If you participate in or condone it at any time. 21. : Security Classification Guide (SCG). How many potential insiders threat indicators does this employee display? Which of the following actions is appropriate after finding classified informa- tion on the Internet? Which of the following actions is appropriate after finding classified informa- tion on the internet? You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. : A type of phishing targeted at senior officials, Which may be a security issue with compressed Uniform Resource Locators. When would be a good time to post your vacation location and dates on your social networking website? Cyber Awareness Challenge is enabled to allow the user to save their certificate on their local system or network. Cyber Awareness Challenge 2022 Online Behavior 2 UNCLASSIFIED Online Misconduct Keep in mind when online: Online misconduct is inconsistent with DoD values. 2. What type of social engineering targets particular individuals, groups of people, or organizations? Your health insurance explanation of benefits (EOB). A pop-up window that flashes and warns that your computer is infected with a virus. Which of the following may be helpful to prevent spillage? Connect to the Government Virtual Private Network (VPN). Which of the following is NOT true concerning a computer labeled SECRET? A type of phishing targeted at high-level personnel such as senior officials. Ive tried all the answers and it still tells me off. : Classified mate- rial must be appropriately marked. Who might "insiders" be able to cause damage to their organizations more easily than others. .What should you do if a reporter asks you about potentially classified information on the web? On a NIPRNET system while using it for a PKI-required task. Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? (Malicious Code) What are some examples of removable media? If aggregated, the information could become classified. What should be your response? Which scenario might indicate a reportable insider threat? : Looking at your MOTHER, and screaming "THERE SHE BLOWS!!". 0000008555 00000 n Always use DoD PKI tokens within their designated classification level. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. 290 0 obj <> endobj : Treated mental health issues. (Identity Management) Which of the following is an example of two-factor authentication? : They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. What is a good practice to protect classified information? The Cyber Awareness Challenge is the DoD baseline standard for end user awareness training by providing awareness content that addresses evolving requirements issued by Congress, the Office of Management and Budget (OMB), the Office of the Secretary of Defense, and Component input from the DoD CIO chaired Cyber Workforce Advisory Group (CWAG). : Your password and a code you receive via text message, Which of the following is an example of a strong password? (Travel) Which of the following is a concern when using your Govern- ment-issued laptop in public? They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. Do not use any personally owned/non-organizational removable media on your organizations systems. : Ask for information about the website, including the URL. A smartphone that transmits credit card payment information when held in proximity to a credit card reader. Which must be approved and signed by a cognizant Original Classification, Authority (OCA)? (controlled unclassified information) Which of the following is NOT cor- rect way to protect CUI? Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. A colleague often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? Which of the following may be helpful to prevent inadvertent spillage? : Understanding and using the available privacy settings. (Home computer) Which of the following is best practice for securing your home computer? : The Director of National Intelligence. A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. (social networking) Which of the following is a security best practice when using social networking sites? : Research the source of the article to evaluate its credibility and reliability, Which of the following is a security best practice when using social network- ing sites? % (Cyber Awareness and Cyber Security Fundamentals) The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC. Follow instructions given only by verified personnel. : - Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. x[s~8Rr^/CZl6U)%q3~@v:=dM Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? A coworker has asked if you want to download a programmers game to play at work. Which of the following may help to prevent spillage? : Be aware of classification markings and all handling caveats. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. : Use only personal contact information when establishing personal social networking accounts, never use Government contact information. Phishing can be an email with a hyperlink as bait. A coworker brings a personal electronic device into prohibited areas. %PDF-1.4 % urpnUTGD. The purpose of the Cyber Awareness Challenge is to influence behavior, focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DoD Information Systems. What should you do if you suspect spillage has occurred? Within a secure area, you see an individual you do not know. Which of the following is true of telework? Which of the following statements is true of cookies? Let us know about it through the REPORT button at the bottom of the page. : Spear phishing. (social networking) When is the safest time to post details of your va- cation activities on your social networking profile? The DoD Cyber Exchange HelpDesk does not provide individual access to users. Which of the following is true of Internet hoaxes? Refer the reporter to your organizations public affairs office. 0000001952 00000 n Dr. Baker reports that the sessions addressed Ms. Jones's depression, which poses no national security risk, Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? Use TinyURLs preview feature to investigate where the link leads. They can be part of a distributed denial-of-service (DDoS) attack. These hands-on courses have been developed to train Department of Defense personnel to recognize vulnerabilities and defeat potential threats within the computer and enterprise environment. It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number. What is whaling? (Spillage) Which of the following is a best practice to protect information about you and your organization on social networking sites and applica-. What action should you take? : Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. Immediately notify your security point of contact. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. The DoD Cyber Exchange provides one-stop access to cyber information, policy, guidance and training for cyber professionals throughout the . In which situation below are you permitted to use your PKI token? *UNCONTROLLED CLASSIFIED INFORMATION*, 12. Only paper documents that are in open storage need to be marked. The training also reinforces best practices to protect classified, controlled unclassified information (CUI), and personally identifiable information (PII). : Create separate accounts for each user, After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to com- ment about the article. Report the crime to local law enforcement. Which of the following best describes the compromise of Sensitive Compart- mented Information (SCI)? hb```b``a`e`b`@ x`d`XV461ql04F;N8J(^ 1dIi&:=qA@ 1UPn l&% %@,f42@fg!s-fN+L! When faxing Sensitive Compartmented Information (SCI), what actions should you take? : Label all files, removable media, and subject headers with appropriate classification markings. 14. Which of the following is NOT a correct way to protect sensitive information? : Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you. 0000041351 00000 n The DoD IA Workforce includes, but is not limited to, all individuals performing any of the IA functions described in DoD 8570 Data security and cyber risk mitigation measures There is no single solution that will provide a 100% guarantee of security for your business The National Cyber Security Framework Manual (2012) by . When is it appropriate to have your security badge visible within a sensitive compartmented information facility (SCIF)? What is a best practice to protect data on your mobile computing device? (Malicious Code) What is a good practice to protect data on your home wireless systems?

How Long Does Stamped Concrete Take To Dry, Best Cello Sheet Music, Sales Coordinator Resume Pdf, Olympic Participants Crossword Clue, Thanksgiving Volunteer Opportunities 2022, Judgement Xbox Digital Code, Adam Levine Zodiac Sign,