Classified information that should be unclassified and is downgraded. Section 26. Wireless and Mobile Device Security Policy It does not require markings or distribution controls. Which of the following is true of Internet of Things (IoT) devices? This short and simple contracting method aims to encourage engagement with DASA, whilst having the complexities of some other contracting methods removed. Note the websites URL and report the situation to your security point of contact. Correct. What threat do insiders with authorized access to information or information systems pose? Classified data: (Theory) Which of the following is true of protecting classified data? NB0A 3v(Raz-i*%d^pO0!L'$u(qly/;rg((ob {|Y_1z^oh&d;uE[;W5I_ "j Which of the following should be done to keep your home computer secure? What is the basis for the handling and storage of classified data? b. Linda encrypts all of the sensitive data on her government issued mobile devices. Which of the following is NOT a correct way to protect CUI? When may you be subject to criminal, disciplinary, and/or administrative action due to online harassment, bullying, stalking, hazing, discrimination, or retaliation? Which of the following is NOT a security best practice when saving cookies to a hard drive? Your antivirus is out-of-date. Of the following, which is NOT a security awareness tip? What action should you take? OR-2020-013. (Malicious Code) Which of the following is NOT a way that malicious code spreads? Government-owned PEDs, if expressly authorized by your agency. Attempting to access sensitive information without need-to-know. You must have your organizations permission to telework c. You may use unauthorized software as long as your computers antivirus software is up to date. Correct. *Sensitive Compartmented Information Which must be approved and signed by a cognizant Original Classification Authority (OCA)? Understanding and using the available privacy settings. What should you do if someone asks to use your government issued mobile device (phone/laptop..etc)? b. Which of the following is true of Security Classification Guides? (Malicious Code) What are some examples of malicious code? Wed like to set additional cookies to understand how you use GOV.UK, remember your settings and improve government services. In which situation below are you permitted to use your PKI token? This may be a malicious code attack. You can propose an interim payment plan, which must be supported by a detailed expenditure profile showing projected monthly expenditure figures. A trusted friend in your social network posts a link to vaccine information on a website unknown to you. Attempting to access sensitive information without need-to-know, Avoid talking about work outside of the workplace or with people without a need-to-know, Report the suspicious behavior in accordance with their organizations insider threat policy. News stories, speeches, letters and notices, Reports, analysis and official statistics, Data, Freedom of Information releases and corporate reports. Checking personal e-mail when allowed by your organization. cyber-awareness permission government equipment action answer Under what circumstances is it acceptable to use your Government-furnished computer to check person e-mail asked in Internet by voice (263k points) internet internet-quiz cyber cyber-awareness government computer email personal policy answer A Form 388 will be sent to you if youre successful under a DASA competition. Implement Wi-Fi Protected Access 2 (WPA2) Personal encryption at a minimum. % Note the websites URL and report the situation to your security point of contact. Article Text. A coworker brings a personal electronic device into prohibited areas. Wiltshire Report the crime to local law enforcement. Submission Service reopen dates published. (Home computer) Which of the following is best practice for securing your home computer? What should you do? Where this is the case you should also state clearly in your proposal the details of the prior contract and the associated intellectual property contract conditions. Ensure proper labeling by appropriately marking all classified material. In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? What security risk does a public Wi-Fi connection pose? Definition:Government Furnished Property (GFP) is the property in possession ofor acquired by the Government and subsequently furnished to the Contractor for the performance of a contract. &\textbf{Increas}&\textbf{Decrease}&\textbf{Normal Balance}\\ Therefore, analyses must be performed to determine the optimal approach. On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. The potential for unauthorized viewing of work-related information displayed on your screen. Who is responsible for information/data security? \text{Dividends}&\text{Credit}&\text{Credit}&\\ It may be compromised as soon as you exit the plane. Instruction Memorandum No. Only friends should see all biographical data such as where Alex lives and works. On a NIPRNET system while using it for a PKI-required task. c. Be aware of classified markings and all handling caveats. John submits CUI to his organizations security office to transmit it on his behalf. Calculate the margin of safety in terms of the number of units. On a NIPRNet system while using it for a PKI-required taskC. What is the basis for handling and storage of classified data? **Identity management Which is NOT a sufficient way to protect your identity? You know this project is classified. endobj What information should you avoid posting on social networking sites? Incident Report the suspicious behavior in accordance with their organizations insider threat policy. It is releasable to the public without clearance. Damage b. **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sires visited? What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? What does Personally Identifiable information (PII) include? Which of the following is true of portable electronic devices (PEDs) in a Sensitive Compartmented Information Facility (SCIF)? What type of social engineering targets senior officials? **Identity management What is the best way to protect your Common Access Card (CAC)? No federal endorsement of sponsors intended. Avoid inserting removable media with unknown content into your computer. (Travel) Which of the following is a concern when using your Government-issued laptop in public? Ask the individual to see an identification badge. After you have returned home following the vacation. If you participate in or condone it at any time. \end{array} DOD Cyber Awareness 2022 Knowledge Check Flashcards | Quizlet *Sensitive Compartmented Information What must the dissemination of information regarding intelligence sources, methods, or activities follow? Office of Management Assessment - NIH Policy Manual Government requirements cannot otherwise be met. Equipment which is Government-provided will be furnished and installed by the Government in space made available by the Contractor and with rough-in made by the Contractor in accord with the information made available or referenced herein or indicated. ;A- fKpe'xfX@na=lzt Qh|(j@SYG}~1BY/6:{HqMvD` KNZ/)t\+b*"gO1s Under the PHE, the federal government implemented a range of modifications and waivers impacting Medicare, Medicaid and private insurance requirements, as well as numerous other programs, to provide relief to healthcare . Accepting the default privacy settings. Only connect via an Ethernet cable. Which is an untrue statement about unclassified data? 0, 1, 2, or 3+. Subject: Government Furnished Equipment for Telework and Remote Employees. (Spillage) Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? . c. Allowing hackers access. What is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? HTMk0(XlB[[CxBIQv ,h{K{:2I!ILaTh}|?~54C&F. Which of the following is true of transmitting Sensitive Compartmented Information (SCI)? E-mailing your co-workers to let them know you are taking a sick day. Which of the following is NOT one? For Government-owned devices, use approved and authorized applications only. Under the terms of DEFCON 705 any intellectual property generated under the contract belongs to the contractor. Limited Rights Versions of deliverables wont be released by us outside of Government. What action should you take? Linda encrypts all of the sensitive data on her government-issued mobile devices. Which is NOT a wireless security practice? Removable Media in a SCIF (Evidence): What portable electronic devices (PEDs) are permitted in a SCIF? (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? For proposals that we fund, in accordance with the Governments Transparency Agenda, we are required to publish information in respect of Contract documents, comprising: In addition to the above, for proposals that we fund we will publish on DASA website your organisation name and type; DASA reference (ACCxxxxxx) and project title; and contract value. See the table below for guidance. Maybe. ideas from within Government (excluding Public Sector Research Establishments (PSREs). Which of the following may help to prevent inadvertent spillage? Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? You receive a call on your work phone and youre asked to participate in a phone survey. What should be your response? Y"{+lr)v&e]8OMoUBgT+E G +$f}'@$c(QxE'{=Q[M{Qdf7N*1^1zyti#;@_r+~>(.D$!yn@L3pgA0#Dk(-]+utfoZaF0gyz=l%Ec\'"]e:7i/-L(*#Nw%r0I3Km@ P@Ya5 $ .nlPE*k8]xkh0D!_/~CyVIS What should you do? Let us know if this was helpful. It includes a threat of dire circumstances. all non-redacted elements of your proposal where these are incorporated into the final contract schedules or the terms and conditions. Exit. Which of the following is NOT an appropriate way to protect against inadvertent spillage? HTKo1[05R4I)RJU=,erh"swJ-k{fo^f^``rf@g]8/u W} @;%m[=jo#UzAk/^)-weH+fX*miP\h6x~0%Agmzw@ 8p2=x"?|ON(K\4n#ikux>mKN|7+>e{yd( 3*aH l+m,t~$ =gP}HN)/xO?y^m\.G!$;\tOE :Q What should you do if a reporter asks you about potentially classified information on the web? What should the employee do differently? In providing such information you consent to such disclosure. wR7 l. The following table summarizes the rules of debit and credit. International and Domestic Use Of FSIS Government-Furnished Equipment Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. Social Security Number, date and place of birth, mothers maiden name. Which of the following is NOT a typical result from running malicious code? Which of the following is true of Unclassified Information? What type of data must be handled and stored properly based on classification markings and handling caveats? Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? CUI may be stored only on authorized systems or approved devices. Which designation marks information that does not have potential to damage national security? a. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Which of the following is a good practice to protect classified information? To help with this, prices in your proposal must be supported by a full cost breakdown. Identify and disclose it with local Configuration/Change Management Control and Property Management authorities. They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. Refer the reporter to your organizations public affairs office. Which of the following actions can help tp protect your identity? Create separate user accounts with strong individual passwords. \text{Retained Earnings}&&&\text{Credit}\\ Thats the only way we can improve. Only paper documents that are in open storage need to be marked. What action should you take? urpnUTGD. a. Corrupting files b. Erasing your hard drive. Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. *Insider Threat Which of the following is a potential insider threat indicator? Which of the following is a good practice to prevent spillage. Government-owned PEDs when expressly authorized by your agency. Balancesheetaccounts:AssetLiabilityStockholdersEquity:CapitalStockRetainedEarningsDividendsIncomestatementaccounts:RevenueExpenseIncreasCreditCredit(l)DecreaseDebitCreditCreditNormalBalanceDebitCreditCreditDebit. Which of the following is a practice that helps to protect you from identity theft? He has the appropriate clearance and a signed, approved, non-disclosure agreement. (Sensitive Information) What certificates are contained on the Common Access Card (CAC)? https:// Download the information. Proactively identify potential threats and formulate holistic mitigation responses. *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. (social networking) Which of the following is a security best practice when using social networking sites? What should be done to sensitive data on laptops and other mobile computing devices? Illegally downloading copyrighted material - No Then select Submit. The physical security of the device. Which of the following is a good practice to avoid email viruses? DOD Cyber Awareness 2023 Flashcards | Quizlet Call your security point of contact immediately. DASA submissions are welcome from the private sector, academia, individuals (i.e. Correct. Explain why. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Always take your CAC when you leave your workstation. Illegal downloading copyrighted materials. (Malicious Code) Which of the following is true of Internet hoaxes? correct. You should remove and take your CAC/PIV card whenever you leave your workstation. Based on the description that follows, how many potential insider threat indicator(s) are displayed? Assuming open storage is always authorized in a secure facility. An investment in knowledge pays the best interest.. Which of the following best describes good physical security? a. (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? *Sensitive Information What is the best example of Personally Identifiable Information (PII)? Which of the following represents an ethical use of your Government-furnished equipment (GFE)? GFE is normally specified in a Request for Proposal (RFP) or contract. Home Computer Security (Evidence): Update Status: Install or Remind me later, Home Computer Security (Evidence): Firewall Status: Enable or Keep Disabled, Home Computer Security (Evidence): Virus Alert! Connect to the Government Virtual Private Network (VPN). correct. 0-`*0r+u,1+~p]"WC0`=0uG!o8zGkv57?8/ssmZ]bw>V3^aiKPH(pUcWqR)u KmPy (TL2 The billing and coding information in this article is dependent on the coverage indications, limitations and/or medical necessity described in the associated LCD L35490 Category III Codes with the exception of the following CPT codes: 2021 CPT/HCPCS Annual code update: 0295T, 0296T, 0297T, and 0298T deleted. What is a way to prevent the download of viruses and other malicious code when checking your e-mail? Which of the following is true of the Common Access Card (CAC)? \text{Expense}&(l)&\text{Credit}&\text{Debit}\\ used in telework environments in accordance with reference (b). How should you protect a printed classified document when it is not in use? A colleague enjoys playing video games online, regularly use social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited. **Use of GFE Under what circumstances is it acceptable to use your Government-furnished computer to check personal e-mail and do other non-work-related activities? What should you do? Classified material must be appropriately marked. Memory sticks, flash drives, or external hard drives. Transmit classified information via fax machine only Not correct lock **Physical Security Within a secure area, you see an individual who you do not know and is not wearing a visible badge. Spread Which of the following is NOT a potential insider threat? In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? How can you protect data on your mobile computing and portable electronic devices (PEDs)? correct. A colleague saves money for an overseas vacation every year, is a single father, and occasionally consumes alcohol. Maybe *Sensitive Compartmented Information When is it appropriate to have your security badge visible? In providing Government Property to a Contractor the Contracting Officer must also make sure that a Contractor is not given an unfair competitive advantage over another Contractor who may not have Government Property. *Sensitive Information What type of unclassified material should always be marked with a special handling caveat? What type of social engineering targets particular individuals, groups of people, or organizations? A colleague removes sensitive information without seeking authorization in order to perform authorized telework. Which of the following is true of Controlled Unclassified Information (CUI)? A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. GO1 Government Furnished Equipment (GFE) ( FAR Part 45) is equipment that is owned by the government and delivered to or made available to a contractor. In addition to the guidance on this page you must refer to the relevant competition document for the competition specific terms and conditions, including the specific contract. Government Furnished Resources (GFR) is personnel, most commonly Service Personnel on long-term loan or secondment. Update now? Unclassified documents do not need to be marked as a SCIF. Correct. What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Store it in a locked desk drawer after working hours. You must have your organizations permission to telework. Purpose: This instruction memorandum (IM) provides . Confirm the individual's need-to-know and access. This email is fake. endobj What type of attack might this be? Follow policy for using personally-owned computer peripherals with government furnished equipment (GFE): Permitted Monitors, with the following conditions: Connected via Visual Graphic Array (VGA), Digital Video Interface (DVI), High Definition Multimedia Interface (HDMI), or DisplayPort No other devices connected to the monitor Select all sections of the profile that contain an issue. You must have your organization's permission to telework. T/F. **Travel What is a best practice while traveling with mobile computing devices? (Mobile Devices) When can you use removable media on a Government system? **Mobile Devices What should you do when going through an airport security checkpoint with a Government-issued mobile device? DASA will examine the legal status of organisations prior to placement of any contract. The Government Contracting Officer will ultimately determine whether or not Government Property should be provided to a Contractor based on the FAR 45. Linda encrypts all of the sensitive data on her government issued mobile devices. CUI may be stored on any password-protected system. When using a public device with a card reader, only use your DoD CAC to access unclassified information, is only allowed if the organization permits it. Connect to the Government Virtual Private Network (VPN). Correct. 1.4.6. End of COVID-19 Emergency: Legal Implications for Healthcare Providers A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. Porton Down Correct. Immediately notify your security point of contact. Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. GOVERNMENT-FURNISHED PROPERTY may only use U.S. Forest Service property furnished under this agreement for performing tasks assigned in this agreement. Based on the description that follows how many potential insider threat indicators are displayed? Social Security Number; date and place of birth; mothers maiden name. **Social Networking When is the safest time to post details of your vacation activities on your social networking profile? Be aware of classification markings and all handling caveats. a colleague removes sensitive information without seeking authorization in order to perform authorized telework. the whistleblower protection enhancement act relates to reporting. Which is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF). We use some essential cookies to make this website work. Before we can award a contract, we need each proposed research worker to complete a Form 388 that we will use to perform due diligence and obtain necessary clearances. This must include the overall price, but not a breakdown of the pricing structure if that detailed information can be redacted under the Freedom of Information Act. They provide guidance on reasons for and duration of classification of information. Update or Remind me later? b. CUI must be handled using safeguarding or dissemination controls. Which of the following is a proper way to secure your CAC/PIV? lock What should you do? It is fair to assume that everyone in the SCIF is properly cleared. **Social Engineering Which may be a security issue with compressed Uniform Resource Locators (URLs)? Contact the IRS using their publicly available, official contact information. In most cases there are no nationality restrictions, however DASA individual competition documents will detail any necessary restrictions. This directive provides FSIS Federal and non-Federal employees (e.g., contractors) with instructions regarding the acceptable and unacceptable use of FSIS government-furnished equipment (GFE) (e.g., telecommunications resources, computers, laptops, and smartphones) and Government-issued e-mail addresses when conducting government business both Which of the following is NOT an example of sensitive information? Remove and take it with you whenever you leave your workstation. Do not access website links in e-mail messages. *Sensitive Compartmented Information What should the owner of this printed SCI do differently? c. Do not access website links in e-mail messages. To access this memo please visit: *Spillage What should you do if a reporter asks you about potentially classified information on the web? 1 0 obj a. Label all files, removable media, and subject headers. What information relates to the physical or mental health of an individual? Classified information that should be unclassified and is downgraded. **Classified Data What is required for an individual to access classified data?
permitted uses of government furnished equipment