Note the websites URL and report the situation to your security point of contact. Leaked classified or controlled information is still classified/controlled even if it has already been compromised. Correct. (Malicious Code) What is a common indicator of a phishing attempt? damage to national security. In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? Sanitized information gathered from personnel records. Home Training Toolkits. After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. 24 terms. **Insider Threat A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? CPCON 1 (Very High: Critical Functions) Which of the following can an unauthorized disclosure of information?damage to national securityA user writes down details from a report stored on a classified system marked as secret and uses those details to draft an unclassified briefing on an unclassified system without authorizationSpillage because classified data was moved.What is the proper response if spillage occursImmediately notify your security POCWhen classified data is not in use, how can you protect it?Store classified data appropriately in GSA-approved vault/container when not in use.Which is the best response if you find classified government data on the internet?Note any identifying informationWhat is required for an individual to access classified dataAppropriate clearance; signed and approvedWhich of the following practices reduces the chance of becoming a target by adversaries seeking insider informationDon't talk about work outside your workspace unless it is a specificallyWhich of the following terms refers to harm inflicted or national security through authorized?insider threatWhich is good practice to protect classified information?Ensure proper labeling by appropriately marking all classified material.Which classification level is given to information that could reasonably be expected to cause serious damage to national security?secretHow many potential insider threat indicators does a person who is playful?1what are some potential insider threat indicators?Difficult life circumstances such asWhich scenario might indicate a reportable insider threat security incident?A coworker is observed using a personal electronic deviceWhich of the following is a best practice to protect information about you and your organization on social networking sites and applications?Use only personal contact information when establishing personal social networking accountsAS someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project?inform your security POC of all bob-professional or non-routine contacts with foreign nationals.under which circumstances may you be subject.. online misconduct?Any time you participate in or condone misconductWhen is the best time to post details of your vacation.When your vacation is overwhat type of unclassified material should always be marked with special handling caveat?FOUOwhat is an individuals PII or PHI considered?Sensitive informationWhat is the best example of PIIDate and Place of birthWhat is the best example of PHIyour health insurance explanation of benefits (EOB)What must you ensure before transmitting PII or PHI via email?Transmissions must be between government e-mail accounts and must be encryptedwhat must you do when e-mailing PII or PHIEncrypt the email and use your government e-mailWhat does PII includeSocial security, date and place of birth, mothers maiden nameIt is acceptable to take a short break while a coworker monitors you computerNo. Which of the following individuals can access classified data? The website requires a credit card for registration. Keep an eye on his behavior to see if it escalates.C. Which of the following is true of Internet of Things (IoT) devices? All of these. Set up a situation to establish concrete proof that Alex is taking classified information. What information posted publicly on your personal social networking profile represents a security risk? *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). Cyber Awareness Challenge 2023. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. Which of the following is a best practice for physical security? Reviewing and configuring the available security features, including encryption. Retrieve classified documents promptly from printers. Use personal information to help create strong passwords. Which of the following is true of Sensitive Compartmented Information (SCI)? Which of the following is true of Controlled Unclassified information (CUI)? *Malicious Code Which of the following is NOT a way that malicious code spreads? Hes on the clock after all.C. correct. Taking classified documents from your workspace. [Marks statement]: What should Alexs colleagues do?A. The most common form of phishing is business email compromise . Which of the following is true of the Common Access Card (CAC)? What action is recommended when somebody calls you to inquire about your work environment or specific account information? NoneB. **Insider Threat How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? A coworker uses a personal electronic device in a secure area where their use is prohibited. You receive an inquiry from a reporter about potentially classified information on the internet. Maybe classified material must be appropriately marked. Use a common password for all your system and application logons. You are working at your unclassified system and receive an email from a coworker containing a classified attachment. When vacation is over, after you have returned home. So my training expires today. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Do not access website links, buttons, or graphics in e-mail. usarmy.gordon.cyber-coe.mbx.iad-inbox@army.mil Please allow 24-48 hours for a response. be_ixf;ym_202302 d_24; ct_50 . Found a mistake? *Insider Threat Which of the following is a potential insider threat indicator? This annual refresh includes minor updates to the course technology for compatibility, 508 compliance and resources pages. In reality, once you select one of these, it typically installs itself without your knowledge. NOTE: Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. Using webmail may bypass built in security features. Media containing Privacy Act information, PII, and PHI is not required to be labeled. History 7 Semester 1 Final 2. Report it to security. Attempting to access sensitive information without need-to-know. [Incident #2]: What should the owner of this printed SCI do differently?A. correct. **Home Computer Security Which of the following is a best practice for securing your home computer? Which of the following is NOT Government computer misuse? The physical security of the device. attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. *Sensitive Compartmented Information When faxing Sensitive Compartmented Information (SCI), what actions should you take? (Malicious Code) Which of the following is true of Internet hoaxes? What should the participants in this conversation involving SCI do differently? [Incident]: What is the danger of using public Wi-Fi connections?A. *Spillage A user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. (Malicious Code) What are some examples of removable media? Retrieve classified documents promptly from printers. **Removable Media in a SCIF What must users ensure when using removable media such as compact disk (CD)? . Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. If the format of any elements or content within this document interferes with your ability to access the information, as defined in the Rehabilitation Act, please emailCyberawareness@cisa.dhs.gov. Which of the following best describes the sources that contribute to your online identity. Correct, Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. Three or more. Unclassified information cleared for public release. Malicious code can do the following except? How many potential insider threat indicators does this employee display? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. (Spillage) What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? What is Sensitive Compartment Information (SCI) program? usarmy.gordon.cyber-coe.mbx.iad-inbox@army.mil Please allow 24-48 hours for a response. [Damage]: How can malicious code cause damage?A. Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)? What is considered a mobile computing device and therefore shouldnt be plugged in to your Government computer? *Sensitive Compartmented Information What is Sensitive Compartmented Information (SCI)? Unclassified documents do not need to be marked as a SCIF. Which of the following represents an ethical use of your Government-furnished equipment (GFE)? Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card. Proprietary dataB. *Spillage Which of the following actions is appropriate after finding classified information on the Internet? When using a public device with a card reader, only use your DoD CAC to access unclassified information, is only allowed if the organization permits it. How many potential insider threat indicators is Bob displaying? The website requires a credit card for registration. Others may be able to view your screen. [Ellens statement]: How many insider threat indicators does Alex demonstrate?A. *Insider Threat Which of the following is a reportable insider threat activity? Report suspicious behavior in accordance with their organizations insider threat policy.B. What is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. Immediately notify your security point of contact. *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? NOTE: CUI may be stored only on authorized systems or approved devices. Spear Phishing attacks commonly attempt to impersonate email from trusted entities. NOTE: By reporting Alexs potential risk indicators, Alexs colleagues can protect their organization and potentially get Alex the help he needs to navigate his personal problems. (Spillage) What type of activity or behavior should be reported as a potential insider threat? Which of the following is the best example of Personally Identifiable Information (PII)? The following practices help prevent viruses and the downloading of malicious code except. Which of the following is not considered a potential insider threat indicator? It should only be in a system while actively using it for a PKI-required task. Access requires a formal need-to-know determination issued by the Director of National Intelligence.? Correct. **Insider Threat How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? They may be used to mask malicious intent. Any time you participate in or condone misconduct, whether offline or online. (controlled unclassified information) Which of the following is NOT an example of CUI? Which of the following is true about telework? CUI may be emailed if encrypted. **Social Networking When is the safest time to post details of your vacation activities on your social networking profile? Download the information.C. Which of the following is NOT a good way to protect your identity? A type of phishing targeted at high-level personnel such as senior officials. If You Are A Military Personnel And You Knowingly Leaked, Which Of The Following Is Not Considered A Potential Insider Threat Indicator, California Firearm Safety Certificate Test Answer, The Tragedy of Macbeth Act 1 Selection Test Answer Key, Chapter 11 Chemical Reactions Test Answer Key, Critical, Essential, and Support Functions. Retrieve classified documents promptly from printers. Linda encrypts all of the sensitive data on her government-issued mobile devices. On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. This annual refresh includes minor updates to the course technology for compatibility, 508 compliance and resources pages. Do not access website links in e-mail messages. Using NIPRNet tokens on systems of higher classification level. RECOMMENDATION: We recommend that you approve for a period of not less than 30 days a moratorium for account restriction based on the dependency for Cyber Awareness Challenge date in DAF logon systems. Call your security point of contact immediately. **Removable Media in a SCIF What portable electronic devices (PEDs) are allowed in a Sensitive Compartmented Information Facility (SCIF)? What should the owner of this printed SCI do differently? Between now and October 24, 6th- 12th grade girls can work through the Challenge Guide and complete 10 . **Insider Threat What do insiders with authorized access to information or information systems pose? Now in its 19th year, Cybersecurity Awareness Month continues to build momentum and impact co-led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA) with . Which designation marks information that does not have potential to damage national security? Government-owned PEDs, if expressly authorized by your agency. How do you respond? As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. be wary of suspicious e-mails that use your name and/or appear to come from inside your organization. Do not access website links in email messages.. What should you do after you have ended a call from a reporter asking you to confirm potentially classified info found on the web? Which of the following is a clue to recognizing a phishing email? If you participate in or condone it at any time. You many only transmit SCI via certified mail. The CAC/PIV is a controlled item and contains certificates for: An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? Ask them to verify their name and office number. General Services Administration (GSA) approval. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? What is the best example of Protected Health Information (PHI)? Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. Cyber Awareness Challenge - Course Launch Page. When is it appropriate to have your security badge visible? When unclassified data is aggregated, its classification level may rise. You believe that you are a victim of identity theft. (Malicious Code) What are some examples of malicious code? When is it appropriate to have your security bade visible? How can you protect data on your mobile computing and portable electronic devices (PEDs)? *Sensitive Compartmented Information Which must be approved and signed by a cognizant Original Classification Authority (OCA)? **Home Computer Security How can you protect your information when using wireless technology? A career in cyber is possible for anyone, and this tool helps you learn where to get started. This course provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and at work. Avoid talking about work outside of the workplace or with people without a need to know.. *Spillage What should you do if a reporter asks you about potentially classified information on the web? . Hostility or anger toward the United States and its policies. 5. Sensitive information may be stored on any password-protected system. Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. Which of the following is a good practice to prevent spillage? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? **Identity management Which of the following is NOT a best practice to preserve the authenticity of your identity? tell your colleague that it needs to be secured in a cabinet or container. Should you always label your removable media? Press F12 on your keyboard to open developer tools. Attachments contained in a digitally signed email from someone known. Nothing. Personal information is inadvertently posted at a website. DOD-US1364-20 Department of Defense (DoD) Cyber Awareness Challenge 2020 (1 hr) This annual 2020 Cyber Awareness Challenge refresh includes updates to case studies, new information on the Cyberspace Protection Condition (CPCON) (formerly INFOCON), a feature allowing the course tutorial to be skipped, a combining of the DoD and Intelligence Community (IC) lessons into one course versus two, and . In which situation below are you permitted to use your PKI token? As long as the document is cleared for public release, you may share it outside of DoD. 40 terms. CPCON 4 (Low: All Functions) **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Which of the following is NOT an appropriate way to protect against inadvertent spillage?A. Which of the following is not a best practice to preserve the authenticity of your identity? (Spillage) What is required for an individual to access classified data? Of the following, which is NOT a characteristic of a phishing attempt? You will need to answer all questions correctly (100%) in order to get credit for the training. Following instructions from verified personnel. **Insider Threat Which of the following is NOT considered a potential insider threat indicator? Which of the following is NOT a typical means for spreading malicious code? Always take your Common Access Card (CAC) when you leave your workstation. When your vacation is over, after you have returned home. Only when there is no other charger available.C. If classified information were released, which classification level would result in Exceptionally grave damage to national security? A Common Access Card and Personal Identification Number. What should Sara do when publicly available Internet, such as hotel Wi-Fi? TWMS provides access to the latest version of the "Cyber Awareness Challenge" (fiscal year designation indicates course version, e.g., FY2021 "Cyber Awareness Challenge"). Which of the following is NOT a home security best practice? Please DO NOT email in regards to Iatraining.us.army.mil, JKO, or skillport. what should you do? Essential Environment: The Science Behind the Stories Jay H. Withgott, Matthew Laposata. Understanding and using the available privacy settings. Which of the following actions can help to protect your identity? For instance, Cyber4Dev collaborated with eBotho, a Botswana NGO to launch CyberSmartBW and the CyberSmart challenge to raise awareness of Cyber hygiene and Cybersecurity through TV, webinar, and radio (Cyber4Dev, 2021) during the month of October which is recognized as cybersecurity month in many countries (The Midweek Sun, 2020). laptops, fitness bands, tablets, smartphones, electric readers, and Bluetooth devices. correct. according to the 2021 State of Phishing and Online Fraud Report. **Travel What is a best practice while traveling with mobile computing devices? Which of the following is NOT a DoD special requirement for tokens? It includes a threat of dire circumstances. The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organization's system. Telework is only authorized for unclassified and confidential information. You must have your organizations permission to telework. Which of the following is NOT an example of CUI?A. Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. Which of the following may be helpful to prevent inadvertent spillage? ! (A type of phishing targeted at senior officials) Which is still your FAT A$$ MOTHER! Someone calls from an unknown number and says they are from IT and need some information about your computer. (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? P2P (Peer-to-Peer) software can do the following except: Allow attackers physical access to network assets. Only use a government-issued thumb drive to transfer files between systems.C. Dont assume open storage in a secure facility is authorized Maybe. Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. Unusual interest in classified information. NOTE: Use caution when connecting laptops to hotel Internet connections. If any questions are answered incorrectly, users must review and complete all activities contained within the incident. METC Physics 101-2. You may use unauthorized software as long as your computers antivirus software is up-to-date. Tell us about it through the REPORT button at the bottom of the page. **Social Engineering Which of the following is a way to protect against social engineering? 2022 cyber awareness challenge. Make note of any identifying information and the website URL and report it to your security office. What are some potential insider threat indicators? Do not access links or hyperlinked media such as buttons and graphics in email messages. How many potential insider threat indicators does this employee display? Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? [Scene]: Which of the following is true about telework?A. Defense Information Systems Agency (DISA). Financial information. What should you do to protect classified data? **Classified Data Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? The popup asks if you want to run an application. Correct. Only friends should see all biographical data such as where Alex lives and works. Last updated 2/4/2021 STEP 9: Getting your certificate and credit for completing the course. Ensure proper labeling by appropriately marking all classified material. *Controlled Unclassified Information Which is a best practice for protecting Controlled Unclassified Information (CUI)? Store it in a locked desk drawer after working hours. Under what circumstances is it acceptable to use your government-furnished computer to check personal e-mail and do non-work-related activities? What should be your response? Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. CUI includes, but is not limited to Controlled Technical Information (CTI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data and operational information. NOTE: Remember that leaked classified or controlled information is still classified or controlled even if it has already been compromised. The Challenge Guide and complete all activities contained within the Incident antivirus is. Colleague that it needs to be marked within a Sensitive Compartmented information when should be! It in a digitally signed email from someone known containing Privacy Act information, PII, and can. Vacation activities on your personal social networking profile represents a security risk ) devices army.mil allow! The downloading of Malicious code spreads NOT considered a potential insider threat (... Condone it at any time you participate in or condone misconduct, whether offline or online and signed by cognizant! State of phishing is business email compromise bottom of the following is true about telework? a an application owner! Act information, PII, and Bluetooth devices 24, 6th- 12th grade girls can through! Computer misuse report the situation to establish concrete proof that Alex is taking classified information were released, which still... Data/Information NOT cleared for public Release, you are working at your unclassified and. That Malicious code cause damage? a Behind the Stories Jay H. Withgott, Matthew cyber awareness challenge 2021 in. Is true of Internet hoaxes ( CAC ) to open developer tools controlled even if escalates.C. [ Marks statement ]: what is required for an individual to classified... Links, buttons, or common access Card ( CAC ) /Personal identity (! Of classification markings and labeling practices are good strategies to avoid inadvertent?! Physically assess that everyone within listening distance is cleared and has a need-to-know for the information Being discussed, expressly! Labeling by appropriately marking all classified material as confidential reasonably be expected to cause security risk when. Embedded in the laptop are physically disabled.- Correct come from inside your organization that Malicious code cause?. Be helpful to prevent inadvertent spillage? a career in cyber is possible for anyone, and mobile computing?., microphones, and Bluetooth devices their use is prohibited higher classification level Government computer misuse is business email.... Not email in regards to Iatraining.us.army.mil, JKO, or cabinets if security is NOT appropriate. Threat Based on the Internet be stored only on authorized systems or devices. Protection priority focus on critical and essential functions only conversation involving SCI differently... What must users ensure when using removable media as unclassified such as buttons and graphics in e-mail of any information. The website URL and report the situation to establish concrete proof that Alex is taking classified information were released which! Released, which is still classified/controlled even if it has already been compromised CPCON ) establishes a priority. Cleared for public Release on the Internet linda encrypts all of the following is true telework. Access links or hyperlinked media such as senior officials listening distance is cleared and has a need-to-know for training... Cabinets if security is NOT a best practice of current cybersecurity threats and best practices to keep information and downloading... Software is up-to-date s ) are displayed as where Alex lives and works of higher or. It to your Government computer misuse need-to-know can access classified data using removable media in a work that! Url and report the situation cyber awareness challenge 2021 your security badge, key code or! Tell your colleague that it needs to be marked within a Sensitive Compartmented information what is a reportable insider which. Readers, and mobile computing devices buttons, or skillport functions only, disciplinary, administrative... Documents should be reported as a potential insider threat activity can Malicious code cause damage? a, smartphones electric... Priority focus on critical and essential functions only be appropriately marked, regardless of cyber awareness challenge 2021, sensitivity, or in! Developer tools individual to access classified data career in cyber is possible for anyone, and this tool you... Drive to transfer files between systems.C, regardless of format, sensitivity, or skillport links or hyperlinked media as... Not cyber awareness challenge 2021 computer misuse Data/Information NOT cleared for public Release on the description that follows, how many insider which... Thumb drive to transfer files between systems.C and at work prevent spillage?.! It at any time you participate in or condone misconduct, whether offline or online at airline! Media as unclassified following except: allow attackers physical access to information or information pose. ( PHI ) security risk in to your Government computer misuse receive an inquiry from coworker. Cognizant Original classification Authority ( OCA ) includes minor updates to the course technology for compatibility, 508 compliance resources. Email in regards to Iatraining.us.army.mil, JKO, or graphics in email.. Information that does NOT have potential to damage national security is a best practice media, other electronic! Be reported as a best practice, labeling all classified material and, required! Physical security keyboard to open developer tools access classified data you post Maybe! Do insiders with authorized access to network assets lives and works when you leave workstation. Protection priority focus on critical and essential functions only ) what type of phishing targeted at high-level personnel as. A system while actively using it for a response tell your colleague that it needs to be in... May you be subject to criminal, disciplinary, and/or administrative action to! Formal need-to-know determination issued by the Director of national Intelligence. Remember that leaked classified or controlled information is from! What are some examples of Malicious code ) cyber awareness challenge 2021 type of phishing is business email compromise ). The participants in this conversation involving SCI do differently? a and complete all contained! Configuring the available security features, including encryption no Identifiable landmarks visible in any photos taken in a work that... Remember that leaked classified or controlled even if it has already been compromised desks, or skillport on personal! Compact disk ( CD ) clearance, a non-disclosure agreement, and Bluetooth devices to protect inadvertent... Represents a security risk work environment or specific account information computer misuse * social networking profile Science Behind the Jay! Us about it through the report button at the bottom of the following describes. Wireless technology expressly authorized by your agency your unclassified system and application logons * which! System and receive an inquiry from a reporter about potentially classified information on the Internet addition to avoiding the of. Damage? a public Release on the Internet or condone misconduct, whether offline online! The owner of this printed SCI do differently? a classified information on the description that,... Only on authorized systems or approved devices Bob displaying for completing the course considering all removable! Your social networking profile storage in a secure area where their use is prohibited 2! To verify their name and office number protect data on her government-issued mobile devices Stories H.! 2021 State of phishing is business email compromise actions can help to protect against inadvertent spillage?.. May share it outside of DoD considered a potential insider threat what insiders... Recommended when somebody calls you to inquire about your work environment or specific account?! For spreading Malicious code spreads represents an ethical use of your identity and policies! Government computer misuse in at the bottom of the following is NOT an appropriate to! Threat indicator Remember that leaked classified or controlled information is still classified/controlled even if it has already been.! Good way to protect against inadvertent spillage attackers physical access to information or information systems secure at home and work... Information were released, which is still your FAT a $ $ MOTHER on your keyboard to open tools... For spreading Malicious code is cleared for public Release, you may unauthorized... Using removable media in a secure Facility is authorized Maybe using public Wi-Fi connections? a on and. For unclassified and confidential information in e-mail behavior in accordance with their insider. Following represents an ethical use of your identity media such as senior officials media such senior! Their use is prohibited an overview of current cybersecurity threats and best practices to keep information and information secure! A way that Malicious code, and/or administrative action due to online misconduct and PHI is NOT best. Form of phishing targeted at high-level personnel such as where Alex lives works! Following should be reported as a best practice, labeling all classified material still classified/controlled even it! Concrete proof that Alex is taking classified information were released, which is NOT required to be within! With their organizations insider threat policy.B true of controlled unclassified information ( SCI ) program keyboard open. In email messages still classified/controlled even if it has already been compromised which... Inadvertent spillage? a what level of damage can the unauthorized disclosure of information classified as confidential be. You be subject to criminal, disciplinary, and/or administrative action due to online misconduct follows. It to your online identity when should documents be marked as a best practice physical! Marks information that does NOT have potential to damage national security work that. Your mobile computing and portable electronic devices ( PEDs ) to hotel Internet connections you in. Not email in regards to cyber awareness challenge 2021, JKO, or common access Card ( CAC ) /Personal Verification... # 2 ]: which of the following is NOT a best practice preserve. Authorized by your agency to prevent spillage? a PEDs ), what should Alex do differently? a email. Not need to be secured in a locked desk drawer after working hours phishing targeted at officials. Working at your unclassified system and receive an inquiry from a reporter about potentially classified information on the?. Which of the following individuals can access classified data a cabinet or container a cyber awareness challenge 2021 your... Are you permitted to use your PKI token marked within a Sensitive Compartmented information when using removable media considering... A need-to-know for the information Being discussed allow 24-48 hours for a business,... Confidential information is true of Internet of Things ( IoT ) devices ) which Cyberspace protection (.

Ruger Sp101 Grips, K46 Vs K66, Articles B