Criminal Justice Information Systems Security

Play an AI-generated podcast conversation about this lesson

According to the policy, what standards does the Department use to govern the operation of criminal justice information systems?

National Criminal Investigation Standards

State Criminal Justice Compliance Regulations

Departmental Information Security Directive

Criminal Justice Information Services (CJIS) Security Policy (correct)

What is the role of the Local Agency Security Officer (LASO) according to the directive?

To be the point-of-contact for matters relating to CJIS information access

To administer CJIS systems programs within the local agency

To serve as the security point of contact with the CJIS Systems Agency (CSA) (correct)

To oversee the agency’s compliance with CJIS systems policies

What does FCIC Agency Coordinator (FAC) do within the Department?

Oversees the agency’s compliance with CJIS systems policies

Acts as the National Criminal Information Center coordinator

Administers CJIS systems programs within the local agency (correct)

Serves as the security point of contact with the CJIS Systems Agency (CSA)

Which systems are mentioned in the departmental standards directive as examples of criminal justice information systems that employees may use?

NCIC/FCIC, PALMS, DAVID Signup and view all the answers

Who is the designated CSA for Florida according to the departmental standards directive?

FDLE Signup and view all the answers

What is the requirement for establishing a remote access connection by employees?

Only using Department-issued devices approved by the IT Department Signup and view all the answers

How is vendor remote access granted?

Through specialized software built for secure third-party remote access Signup and view all the answers

What is the procedure for granting vendor access through remote access software?

The vendor is escorted by authorized IT or Department employees until the work is complete Signup and view all the answers

What is the requirement for storing servers containing criminal history information (CHI) data?

Ensuring they are stored within secure locations accessible by key or access card Signup and view all the answers

How should electronic media containing CHI be stored when not in the physical control of the user?

Kept in locked cabinets or offices Signup and view all the answers

Who should be responsible for maintaining documentation of any security incident?

IT personnel Signup and view all the answers

Who is responsible for administering updates and patches to Department computers?

IT personnel Signup and view all the answers

What should employees do in case of any threat to the security of NCIC/FCIC data or systems?

Document and forward any threat or perceived threat to the Department’s FAC or LASO Signup and view all the answers

'Vendor support is necessary to provide updates to software and troubleshoot system problems' - True or False?

True Signup and view all the answers

'Using personal devices for remote access connections is allowed' - True or False?

False Signup and view all the answers

When should Department employees or approved IT personnel accompany all visitors to computer centers and/or workstations?

At all times Signup and view all the answers

Who should complete the IT Security Incident Response Form to document security incidents?

LASO personnel Signup and view all the answers

Who is required to undergo background screening as prescribed in the CJIS Security Policy?

Only Department employees with direct access to criminal justice information Signup and view all the answers

What type of training must Department employees complete to be permitted to operate computers with NCIC/FCIC access?

NCIC/FCIC certification Signup and view all the answers

What action will result from the misuse of the NCIC/FCIC system?

Disciplinary action up to termination and/or prosecution Signup and view all the answers

Where should employees ensure that the computer is being used when accessing NCIC/FCIC data?

Within a marked Department vehicle Signup and view all the answers

What are employees prohibited from doing on VOIP telephones?

All of the above Signup and view all the answers

When should all network and NCIC/FCIC user accounts be deactivated?

Immediately upon an employee's resignation, retirement, or termination Signup and view all the answers

What shall employees supply when attempting to log into a Department-issued laptop?

Both their Department credentials and an alternate form of identification Signup and view all the answers

Which wireless protocols may employees utilize with their Department-issued laptops?

Department’s internal Wi-Fi network, vehicle-based Wi-Fi connection, and cellular data connection Signup and view all the answers

Who may utilize a remote connection to monitor or control a computer with access to NCIC/FCIC?

Only NCIC/FCIC certified users Signup and view all the answers

Who shall complete a Network Authorization Form for all new hires?

Professional Standards Bureau employees Signup and view all the answers

What should be done if an employee is terminated, resigns, transfers, or is reassigned?

IT personnel should review all user accounts within 7 business days. Signup and view all the answers

What should employees do if they suspect suspicious activity related to a VOIP telephone?

Contact IT personnel for further instructions. Signup and view all the answers