What information most likely presents a security risk on your personal social networking profile? By Quizzma Team / Technology. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? When expanded it provides a list of search options that will switch the search inputs to match the current selection. Note any identifying information and the websites Uniform Resource Locator (URL). asked in Internet by voice (265k points) Question : Which of the following is true about unclassified data? A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. CUI was established to standardize the way the Executive branch handles sensitive information that requires dissemination controls. Which of the following is NOT a home security best practice? As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. Which of the following is an example of malicious code? Hostility or anger toward the United States and its policies. Unauthorized Disclosure of Classified Information and Controlled Unclassified Information . What should you do? **Social Engineering Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? New answers. Secure it to the same level as Government-issued systems. Which of the following is NOT a security best practice when saving cookies to a hard drive? Use personally-owned wired headsets and microphones only in designated areas, New interest in learning a foreign language. correct. **Social Networking As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? It never requires classification markings, is true about unclassified data. Which of the following is true of Unclassified information? View email in plain text and dont view email in Preview Pane. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complain about the credit card bills that his wife runs up. What is an individual's Personally Identifiable Information (PII) or Protected Health Information (PHI) considered? Of the following, which is NOT a method to protect sensitive information? Looking at your MOTHER, and screaming THERE SHE BLOWS! When leaving your work area, what is the first thing you should do? Neither confirm or deny the information is classified. **Classified Data Which of the following is true of protecting classified data? This is information that, if released to the public, carries no injury to personal, industry, or government interests. You may use your personal computer as long as it is in a secure area in your home b. Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. When is the best time to post details of your vacation activities on your social networking website? Use the classified network for all work, including unclassified work. Organizational Policy Not correct Attempting to access sensitive information without need-to-know, Avoid talking about work outside of the workplace or with people without a need-to-know, Report the suspicious behavior in accordance with their organizations insider threat policy. That trust is bounded by the Oath of Office we took willingly. The EPA will phase out legacy markings and safeguarding practices as implementation proceeds. Everything you need to know aboutControlled UnclassifiedInformation(CUI). Only allow mobile code to run from your organization or your organizations trusted sites. Information improperly moved from a higher protection level to a lower protection level. Others may be able to view your screen. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive new car, and has unexplained absences from work. Which of the following is NOT a social engineering tip? Which scenario might indicate a reportable insider threat? You receive a call on your work phone and youre asked to participate in a phone survey. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Learn more about Teams I may decide not to consent to these terms, but, if I do not consent to all of these terms, then I agree not to proceed with creating an account or moving forward with filling out the application, and I understand that I will not be . The emission rate of CO 2 from the soils reached the maximum on the 1st day of incubation and the sequence of CO 2 emission rate and cumulative emission under different amendment treatments was as SG > S > G > CK > N (Fig. A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. The questions are broken into the following sections: Controlled Unclassified Information (CUI) isinformation that requires safeguarding or dissemination controls consistent with applicable laws, regulations, and Government-wide policies,but is not classified underExecutive Order 13526 Classified National Security Informationorthe Atomic Energy Act, as amended. You find information that you know to be classified on the Internet. The age of the driver may top the list of variables. Even within a secure facility, dont assume open storage is permitted. difficult life circumstances such as substance abuse, divided loyalty or allegiance to the U.S., and extreme, persistent interpersonal difficulties. tell your colleague that it needs to be secured in a cabinet or container. Store classified data appropriately in a GSA-approved vault/container when not in use. What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? Social Security Number; date and place of birth; mothers maiden name. What should be your response? (Malicious Code) While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? The popup asks if you want to run an application. (Spillage) Which of the following is a good practice to aid in preventing spillage? Which of the following is true of the Common Access Card (CAC)? (Spillage) Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? It is permissible to release unclassified information to the public prior to being cleared. When gases are sold they are usually compressed to high pressures. **Insider Threat What function do Insider Threat Programs aim to fulfill? Correct. **Insider Threat Which of the following is NOT considered a potential insider threat indicator? A trusted friend in your social network posts a link to vaccine information on a website unknown to you. What type of attack might this be? Do not use any personally owned/non-organizational removable media on your organizations systems. What should you do? Which of these is true of unclassified data?-It must be released to the public immediately.-Its classification level may rise when aggregated. *Sensitive Information Which of the following is an example of Protected Health Information (PHI)? Carrying his Social Security Card with him, DoD employees are prohibited from using a DoD CAC in card-reader-enabled public device, Assigned a classification level by a supervisor. It is not corporate intellectual property unless created for or included in requirements related to a government contract. Bob, a coworker, has been going through a divorce, has financial difficulties and is displaying hostile behavior. Which of the following is true of Internet of Things (IoT) devices? Teams. Which piece of information is safest to include on your social media profile? not correct. Use a single, complex password for your system and application logons. Do not access website links, buttons, or graphics in e-mail. You are leaving the building where you work. What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? (social networking) When is the safest time to post details of your vacation activities on your social networking profile? How many potential insider threat indicators does this employee display? A coworker has left an unknown CD on your desk. UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. (Spillage) When is the safest time to post details of your vacation activities on your social networking website? Store classified data in a locked desk drawer when not in use Maybe Don't talk about work outside your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners. When would be a good time to post your vacation location and dates on your social networking website? (social networking) Which of the following is a security best practice when using social networking sites? Read the latest news from the Controlled Unclassified Information (CUI) program. Any time you participate in or condone misconduct, whether offline or online. Assuming open storage is always authorized in a secure facility. correct. Phishing can be an email with a hyperlink as bait. They can become an attack vector to other devices on your home network. ALways mark classified information appropriately and retrieve classified documents promptly from the printer. *Sensitive Compartmented Information When should documents be marked within a Sensitive Compartmented Information Facility (SCIF). Which of the following is true about telework? **Travel Which of the following is true of traveling overseas with a mobile phone? Which of the following is NOT true concerning a computer labeled SECRET? Your comments are due on Monday. What is the basis for the handling and storage of classified data? What is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? The CAC/PIV is a controlled item and contains certificates for: An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what? As part of the survey the caller asks for birth date and address. When operationally necessary, owned by your organization, and approved by the appropriate authority. How should you protect a printed classified document when it is not in use? Which of the following is NOT considered a potential insider threat indicator? Darryl is managing a project that requires access to classified information. What is the best response if you find classified government data on the internet? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. Of the following, which is NOT a problem or concern of an Internet hoax? You receive an inquiry from a reporter about government information not cleared for public release. Which of the following statements is NOT true about protecting your virtual identity? **Social Networking When is the safest time to post details of your vacation activities on your social networking website? Always check to make sure you are using the correct network for the level of data. A lock (LockA locked padlock) or https:// means youve safely connected to the .gov website. It is getting late on Friday. Which type of information includes personal, payroll, medical, and operational information? correct. ~A coworker brings a personal electronic device into a prohibited area. What are some potential insider threat indicators? It does not require markings or distribution controls. (Malicious Code) A coworker has asked if you want to download a programmers game to play at work. Which of the following is a clue to recognizing a phishing email? If aggregated, the classification of the information may not be changed. **Identity Management Which of the following is the nest description of two-factor authentication? what should you do? How should you respond? You have reached the office door to exit your controlled area. Keep your operating system and software up to date: This will help patch any security vulnerabilities in your software. Executive Order 13526 Classified National Security Information, PersonallyIdentifiable Information (PII), Sensitive Personally Identifiable Information (SPII), Proprietary Business Information (PBI) or currently known within EPA as Confidential Business Information (CBI), Unclassified Controlled Technical Information (UCTI). What can be used to track Marias web browsing habits? What should you do? Your favorite movie. Which of the following is NOT a correct way to protect CUI?