GFA is not provided lightly and only where there are substantial and pressing reasons (e.g. Correct. Mobile Devices (Incident): When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? What should be your response? Someone calls from an unknown number and says they are from IT and need some information about your computer. Thats the only way we can improve. When unclassified data is aggregated, its classification level may rise. Balancesheetaccounts:AssetLiabilityStockholdersEquity:CapitalStockRetainedEarningsDividendsIncomestatementaccounts:RevenueExpenseIncreasCreditCredit(l)DecreaseDebitCreditCreditNormalBalanceDebitCreditCreditDebit. Turn on automatic downloading b. Phishing can be an email with a hyperlink as bait. How can you avoid downloading malicious code? or The interim payment plan must provide clearly defined work stages, deliverables with associated payments and timescales. Sensitive Compartmented Information GuidesB. \text{Capital Stock}&\text{Credit}&&\\ Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. Annual DoD Cyber Awareness Challenge Training, Military Requirements for Petty Officers Thir, EPRC Operator Course JKO (8 hour) Pretest Ans, Elliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson, Operations Management: Sustainability and Supply Chain Management, Anderson's Business Law and the Legal Environment, Comprehensive Volume, David Twomey, Marianne Jennings, Stephanie Greene, John David Jackson, Patricia Meglich, Robert Mathis, Sean Valentine, Chapter 22: Signal Transduction Mechanisms: I, Business Continuation and Succession Planning. CUI must be handled using safeguarding or dissemination controls. CUI may be stored on any password-protected system. CPCON 2 (High: Critical and Essential Functions) The information contained in this Website is for informational purposes only and is not intended as a form of direction or advice and should not be relied upon as a complete definitive statement in relation to any specific issue. 1101 0 obj <>stream A coworker has asked if you want to download a programmers game to play at work. How can you guard yourself against Identity theft? Which of the following is an example of removable media? Use the classified network for all work, including unclassified work. Beware of sudden flashing pop-ups that warn your computer is infected with a virus. **Social Networking Which piece if information is safest to include on your social media profile? Based on the description that follows how many potential insider threat indicators are displayed? Insider threat: (Marks statement): What should Alexs colleagues do? Incident The following guidance will help you to understand what these terms and conditions mean. *Controlled Unclassified Information Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? To help with this, prices in your proposal must be supported by a full cost breakdown. **Insider Threat What type of activity or behavior should be reported as a potential insider threat? What actions should you take with a compressed Uniform Resource Locator (URL) on a website known to you? Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know, Insiders are given a level of trust and have authorized access to Government information systems. *Malicious Code What are some examples of malicious code? *Sensitive Compartmented Information Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? **Social Networking As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? Which is a risk associated with removable media? How should you protect a printed classified document when it is not in use? What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? Break-even units equal 2,000. Select the information on the data sheet that is protected health information (PHI). (Malicious Code) While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. (Answer) CPCON 2 (High: Critical and Essential Functions) CPCON 1 (Very High: Critical Functions) CPCON 3 (Medium: Critical, Essential, and Support Functions) CPCON 4 (Low: All Functions) CPCON 5 (Very Low: All Functions). Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? (Spillage) When is the safest time to post details of your vacation activities on your social networking website? Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? correct. Which is a best practice for protecting Controlled Unclassified Information (CUI)? Using webmail may bypass built in security features. You have reached the office door to exit your controlled area. (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? Your password and the second commonly includes a text with a code sent to your phone. Be aware of classification markings and all handling caveats. When submitting your proposal, you must provide a resourcing plan that identifies, where possible, the nationalities of those proposed research workers that you intend working on this phase. Memory sticks, flash drives, or external hard drives. means youve safely connected to the .gov website. How many potential insider threat indicators does this employee display? Hold the conversation over e-mail or instant messenger to avoid being overheard. Program Area: Property and Information Technology. You can decide how often to receive updates. CUI may be stored on any password-protected system. Digitally signed e-mails are more secure. \text{Expense}&(l)&\text{Credit}&\text{Debit}\\ It contains certificates for identification, encryption, and digital signature. Added link to Current Themed Competitions in the Our Standard Contracts section. \text{Dividends}&\text{Credit}&\text{Credit}&\\ How should you respond? Based on the description that follows, how many potential insider threat indicator(s) are displayed? The long-run aggregate supply curve (LRAS) curve is ______ with a real output level that _____, a) Upward sloping; varies positively with the price level ALways mark classified information appropriately and retrieve classified documents promptly from the printer. Use the classified network for all work, including unclassified work. be wary of suspicious e-mails that use your name and/or appear to come from inside your organization. Update or Remind me later? What should be done if you find classified Government Data/Information Not Cleared for Public Release on the Internet? What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred? Added to "Our Standard Contracts" section: Themed Competitions have specific terms and conditions which you can find alongside the relevant competition document. Uploaded new terms and conditions document: DASA Open Call Terms and Conditions July 2022 (Also contains Schedules). b. Linda encrypts all of the sensitive data on her government issued mobile devices. A coworker removes sensitive information without approval. Connect to the Government Virtual Private Network (VPN). Implement Wi-Fi Protected Access 2 (WPA2) Personal encryption at a minimum. In addition to the guidance on this page you must refer to the relevant competition document for the competition specific terms and conditions, including the specific contract. You may use your personal computer as long as it is in a secure area in your home b. c. Only connect to known networks, Travel (Incident): What is the danger of using public Wi-Fi connections? **Classified Data What level of damage can the unauthorized disclosure of information classified as Confidential reasonably be expected to cause? Which of these is true of unclassified data? CUI must be handled using safeguarding or dissemination controls. Store it in a GSA approved vault or container. The Government relies on and requires its contractors to provide effective and efficient stewardship of the . **Insider Threat Which scenario might indicate a reportable insider threat? A headset with a microphone through a Universal Serial Bus (USB) port. Which of the following statements is true of cookies? Damage b. **Physical Security At which Cyberspace Protection Condition (CPCON) is the priority focus on critical functions only? It may be compromised as soon as you exit the plane. Delete email from senders you do not know. &\textbf{Increas}&\textbf{Decrease}&\textbf{Normal Balance}\\ (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? 1 0 obj \text{Liability}&&\text{Debit}&\\ a. Linda encrypts all of the sensitive data on her government-issued mobile devices. You must provide details to us of any related public announcement for review prior to release. Update now? c. This is never okay. Do not forward, read further, or manipulate the file; Do not give out computer or network information, Do not follow instructions from unverified personnel. Which of the following statements is true? How should you respond? Read more about MOD ethical approval and other regulations which may affect your work. website belongs to an official government organization in the United States. Classified Data: (Incident) What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? Well send you a link to a feedback form. %PDF-1.7 Aggregating it does not affect its sensitivyty level. Directing you to a website that looks real. Which is NOT a wireless security practice? The email provides a website and a toll-free number where you can make payment. Retrieve classified documents promptly from printers. When may you be subject to criminal, disciplinary, and/or administrative action due to online harassment, bullying, stalking, hazing, discrimination, or retaliation? After you have returned home following the vacation. If you receive a phone call from a stranger asking for information about your invoice payment process, you should: Crucial information about a user or organization can be gained through. In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? You are misusing a Government vehicle when you use it for your personal benefit as opposed to using it for the benefit of the Government. Which of the following is true of Sensitive Compartmented Information (SCI)? Best answer. a. elsieteel. Write your password down on a device that only you access. Her badge is not visible to you. What type of data must be handled and stored properly based on classification markings and handling caveats? Which of the following is true of removable media and portable electronic devices (PEDs)? Making unauthorized configuration changes - No. You must have your organizations permission to telework. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Use a single, complex password for your system and application logons. Report email. information generated under previous private venture funding. A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. What should you do? 2 0 obj CUI may be stored on any password-protected system. What should you do? The relevant people will be named in the subsequent contract. Classified DVD distribution should be controlled just like any other classified media. Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.- Correct. Avoid talking about work outside of the workplace or with people without a need-to-know. **Use of GFE What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)? b. The watermark names the person who will assess the proposal, along with the date and time it was downloaded. Correct, Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. Which designation marks information that does not have potential to damage national security? Which of the following is true of Controlled Unclassified Information (CUI)? What is a possible indication of a malicious code attack in progress? Use of GFE (Incident): Permitted Uses of Government-Furnished Equipment (GFE) A No to all: Viewing or downloading pornography, gambling online, conducting a private money-making venture, using unauthorized software, Illegally downloading copyrighted material, making unauthorized configuration changes. Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? Download the information. Since the URL does not start with https, do not provide your credit card information. When using mobile computing devices, including laptops and cell phones, in public: Be careful of information visible on your mobile computing device; consider screen protection Maintain possession of laptop and other government-furnished equipment (GFE) at all times and be extra vigilant in protecting it Protect your mobile computing device ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. Install now? c Incident #1 Which of the following is true of downloading apps? Approved Security Classification Guide (SCG). Do not access website links in e-mail messages. (Spillage) When classified data is not in use, how can you protect it? Media containing Privacy Act information, PII, and PHI is not required to be labeled. You must have your organizations permission to telework. **Social Engineering How can you protect yourself from internet hoaxes? Note the websites URL and report the situation to your security point of contact. More information on DEFCON 705 can be found here. See PGI 245.103-72, Government- furnished property (GFP) attachments to solicitations and awards. In your opinion, will there be individual differences? Your health insurance explanation of benefits (EOB). Each Form 388 must be signed and returned with a brief curriculum vitae (CV) of each person by the nominated individual completing the work. (Permitted Uses of Government-Furnished Equipment GFE)) Viewing or downloading pornography - No Gambling online - No Conducting a private money-making venture - No Using unauthorized software - No Illegally downloading copyrighted material - No Making unauthorized configuration changes - No Incident endobj Individuals must avoid referencing derivatively classified reports classified higher than the recipient.??? correct. Security updates are ready to install. Government furnished property is a bit of an umbrella term. Since the URL does not start with https, do not provide you credit card information. Connect to the Government Virtual Private Network (VPN). **Insider Threat A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Bob, a coworker, has been going through a divorce, has financial difficulties and is displaying hostile behavior. (social networking) Which of the following is a security best practice when using social networking sites? You know this project is classified. Only expressly authorized government-owned PEDs. Which of the following is NOT an example of sensitive information? a. Corrupting files b. Erasing your hard drive. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. It includes a threat of dire circumstances. (Malicious Code) Which are examples of portable electronic devices (PEDs)? Social Security Number, date and place of birth, mothers maiden name. b. How can you protect yourself on social networking sites? A Common Access Card and Personal Identification Number. We will make sure all proposals which are downloaded by us from our online submission service are appropriately classified and get a digital watermark. We thoroughly check each answer to a question to provide you with the most correct answers. Which of the following actions can help to protect your identity? Validate all friend requests through another source before confirming them. *Controlled Unclassified Information Which of the following is NOT a correct way to protect CUI? Serious damage c. Exceptionally grave damage. Found a mistake? DASA submissions are welcome from the private sector, academia, individuals (i.e. Which of the following is true of Controlled Unclassified Information (CUI)? Nonstandard Government property contract clauses (reference 41 U.S.C. Hostility or anger toward the United States and its policies. Dont allow other access or to piggyback into secure areas. What actions should you take prior to leaving the work environment and going to lunch? **Website Use Which of the following statements is true of cookies? Only when there is no other charger available. Maria is at home shopping for shoes on Amazon.com. Classified information that should be unclassified and is downgraded. This HHS Policy supersedes the CMS ARS 3.0 CM-2 Enhancement 7 Configure Systems or Components for High Risk Areas control. GOVERNMENT-FURNISHED PROPERTY may only use U.S. Forest Service property furnished under this agreement for performing tasks assigned in this agreement. b. Incident remain prohibited. Home Computer Security (Evidence): Update Status: Install or Remind me later, Home Computer Security (Evidence): Firewall Status: Enable or Keep Disabled, Home Computer Security (Evidence): Virus Alert! An experiment consists of tossing three fair (not weighted) coins, except that one of the three coins has a head on both sides. Identity Management Evidence (Incident): Select all violations at this unattended workstation. DASA recognises the value of your intellectual property (IP). Which of the following is true of telework? c. Analyze the other workstations in the SCIF for viruses or malicious code. What does Personally Identifiable information (PII) include? Incident a. correct. **Travel What is a best practice while traveling with mobile computing devices? Calculate the margin of safety in terms of the number of units. When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. relates to reporting of gross mismanagement and/or abuse of authority. Select Yes or No for each item. For any item to be covered by Medicare, it must 1) be eligible for a defined Medicare benefit category, 2) be reasonable and necessary for the diagnosis or treatment of illness or injury or to improve the functioning of a malformed body member, and 3) meet all other applicable Medicare statutory and regulatory requirements. Based on the description that follows, how many potential insider threat indicators(s) are displayed? The popup asks if you want to run an application. You must have your organizations permission to telework. Which of the following is a good practice to avoid email viruses? **Classified Data What is a good practice to protect classified information? (Malicious Code) Which of the following is NOT a way that malicious code spreads? Physical Security: (Incident #2): What should the employee do differently? (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. Classified information that is accidentally moved to a lower classification or protection level. *Spillage Which of the following is a good practice to prevent spillage? where there would be significant financial or quality benefits to the work as a result of using GFA). What is the basis for the handling and storage of classified data? not correct. Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. Do not use any personally owned/non-organizational removable media on your organizations systems. (Malicious Code) Which email attachments are generally SAFE to open? Information improperly moved from a higher protection level to a lower protection level. *Sensitive Information Under which circumstances is it permitted to share an unclassified draft document with a non-DoD professional discussion group? <>/Metadata 317 0 R/ViewerPreferences 318 0 R>> What should the employee do differently? Controlled Unclassified Information (CUI). If aggregated, the information could become classified. **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? Which piece of information is safest to include on your social media profile? Chillmax Company plans to sell 3,500 pairs of shoes at $60 each in the coming year. (Malicious Code) What are some examples of malicious code? As long as the document is cleared for public release, you may release it outside of DoD. Which of the following does NOT constitute spillage? Report the suspicious behavior in accordance with their organizations insider threat policy. Social Security Number; date and place of birth; mothers maiden name. Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)? Many apps and smart devices collect and share your personal information and contribute to your online identity. (Malicious Code) Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do? Which is an appropriate use of government e-mail? The determination of GFE is usually made by the government Program Manager (PM) and Contracting Officer. \text{Revenue}&&&\text{Credit}\\ As part of your proposal you will be required to provide a proposal title and a short abstract that you permit us to publish and use freely. What should the participants in this conversation involving SCI do differently? endstream endobj 1076 0 obj <>stream a. Photos and videos you are in - Friends Only, Controlled Unclassified Information: (Incident) Which of the following is NOT an example of CUI?
Rebel Characters In Literature,
How To Stop Cursor From Blinking In Microsoft Word,
Craigslist Farm Animals Lafayette Georgia,
Articles P
permitted uses of government furnished equipment
You must be charles colville cricket commentator to post a comment.