Podcast
Questions and Answers
FBI CJI data is sensitive information and security shall be afforded to prevent any unauthorized access, use or dissemination of the data.
FBI CJI data is sensitive information and security shall be afforded to prevent any unauthorized access, use or dissemination of the data.
True (A)
FBI CJI data must be safeguarded to prevent:
FBI CJI data must be safeguarded to prevent:
- Unauthorized access
- Use or dissemination
- All of the Above (correct)
- None of the Above
Unauthorized requests, receipts, release, interception, dissemination or discussion of FBI CJI data could result in criminal prosecution and/or termination of employment.
Unauthorized requests, receipts, release, interception, dissemination or discussion of FBI CJI data could result in criminal prosecution and/or termination of employment.
True (A)
A security incident shall be reported to the CJIS Systems Agency's (CSA's) Information Security Officer (ISO).
A security incident shall be reported to the CJIS Systems Agency's (CSA's) Information Security Officer (ISO).
Training for appropriate personnel would include people who read criminal histories but do not have a NCIC workstation of their own.
Training for appropriate personnel would include people who read criminal histories but do not have a NCIC workstation of their own.
A security incident is a violation or attempted violation of the FBI CJIS Security Policy.
A security incident is a violation or attempted violation of the FBI CJIS Security Policy.
FBI CJI data is any data derived from the national CJIS Division Systems.
FBI CJI data is any data derived from the national CJIS Division Systems.
Electronic media includes, but is not limited to:
Electronic media includes, but is not limited to:
According to many security experts, which group constitutes the biggest threat?
According to many security experts, which group constitutes the biggest threat?
Users do not need to log off of the software/system at the end of the shift or when another operator wants to use the software/system.
Users do not need to log off of the software/system at the end of the shift or when another operator wants to use the software/system.
Training for appropriate personnel would include vendors who develop software for NCIC access.
Training for appropriate personnel would include vendors who develop software for NCIC access.
You should never email Criminal Justice Information (CJI) unless your agency's email system meets all the requirements outlined in the latest CJIS Security policy.
You should never email Criminal Justice Information (CJI) unless your agency's email system meets all the requirements outlined in the latest CJIS Security policy.
__________ is sensitive data and unauthorized use could result in criminal prosecution or termination of employment.
__________ is sensitive data and unauthorized use could result in criminal prosecution or termination of employment.
Sometimes you may only see indicators of a security incident.
Sometimes you may only see indicators of a security incident.
Custodial workers that access the terminal area must have a fingerprint background check done and training unless they are escorted in these areas.
Custodial workers that access the terminal area must have a fingerprint background check done and training unless they are escorted in these areas.
Criminal History Record Information (CHRI) includes:
Criminal History Record Information (CHRI) includes:
All persons who have access to CJI are required to have security training within ___ months of assignment.
All persons who have access to CJI are required to have security training within ___ months of assignment.
The CJIS Security Policy outlines the minimum requirements.
The CJIS Security Policy outlines the minimum requirements.
Information obtained from the III is not considered CHRI.
Information obtained from the III is not considered CHRI.
Social Engineering is an attack based on deceiving users or administrators at the target site.
Social Engineering is an attack based on deceiving users or administrators at the target site.
The state CJIS Systems Agency (CSA) is responsible for compliance with the FBI CJIS security policy.
The state CJIS Systems Agency (CSA) is responsible for compliance with the FBI CJIS security policy.
Criminal justice purposes include detection, apprehension, detention, pretrial release, prosecution, adjudication, correctional supervision, or rehabilitation of accused persons or criminal offenders.
Criminal justice purposes include detection, apprehension, detention, pretrial release, prosecution, adjudication, correctional supervision, or rehabilitation of accused persons or criminal offenders.
Each agency accessing FBI CJI data should have a written policy describing the actions to be taken in the event of a security incident.
Each agency accessing FBI CJI data should have a written policy describing the actions to be taken in the event of a security incident.
Training records must be kept current by the State, Federal or Local Agency Officer.
Training records must be kept current by the State, Federal or Local Agency Officer.
Access to and use of FBI CJI is only for:
Access to and use of FBI CJI is only for:
Flashcards
FBI CJI Security
FBI CJI Security
Strict security measures to prevent unauthorized access, use, or sharing of sensitive FBI criminal justice information.
Unauthorized CJI Handling
Unauthorized CJI Handling
Misusing FBI CJI data, leading to legal action and job termination.
Security Incident Reporting
Security Incident Reporting
Reporting security incidents to the CJIS ISO, including detail about the incident.
CJI Training Requirements
CJI Training Requirements
Signup and view all the flashcards
CJI Data Source
CJI Data Source
Signup and view all the flashcards
Internal Data Threat
Internal Data Threat
Signup and view all the flashcards
Restricted Access
Restricted Access
Signup and view all the flashcards
Electronic Media Security
Electronic Media Security
Signup and view all the flashcards
Security Policy
Security Policy
Signup and view all the flashcards
Log Off
Log Off
Signup and view all the flashcards
CHRI Risks
CHRI Risks
Signup and view all the flashcards
Security Incident Indicators
Security Incident Indicators
Signup and view all the flashcards
Custodial Worker Security
Custodial Worker Security
Signup and view all the flashcards
Training Records
Training Records
Signup and view all the flashcards
Agency Security Incident Response
Agency Security Incident Response
Signup and view all the flashcards
Criminal Justice Processes
Criminal Justice Processes
Signup and view all the flashcards
Social Engineering
Social Engineering
Signup and view all the flashcards
Information Classification
Information Classification
Signup and view all the flashcards
III and CHRI
III and CHRI
Signup and view all the flashcards
Study Notes
FBI CJI Data Security
- FBI Criminal Justice Information (CJI) is sensitive and requires strict security measures to prevent unauthorized access, use, or dissemination.
- Unauthorized handling of FBI CJI data may lead to criminal prosecution or termination of employment.
Security Incident Reporting
- Security incidents must be reported to the CJIS Systems Agency's Information Security Officer (ISO) with key details including the date, location, affected systems, detection method, incident nature, description, actions taken, and contact information.
Training Requirements
- Individuals who read criminal histories, even without personal NCIC workstations, require training.
- Vendors creating software for NCIC access also need appropriate security training.
- All personnel with access to CJI must complete security training within 6 months of being assigned.
Access and Use of Data
- FBI CJI data derives from national CJIS Division Systems and must be consistently safeguarded.
- The agency's own personnel pose the most significant threat to data security.
- Access to FBI CJI is restricted to authorized criminal justice or civil purposes only.
Electronic Media and Security Policies
- Electronic media encompasses a wide range of formats, all of which must be secured.
- The CJIS Security Policy defines minimal security requirements; agencies should develop specific internal policies.
Security Awareness and Prevention
- Always log off from systems after use to prevent unauthorized access.
- Sensitive Criminal History Record Information (CHRI) is at risk if improperly accessed; unauthorized use can have severe consequences.
- Indicators of security incidents may sometimes be the only signs present.
Additional Compliance and Responsibilities
- Custodial workers accessing sensitive areas need to undergo fingerprint background checks and receive training unless escorted.
- Training records must be maintained accurately by relevant agency officers.
- Each agency, when accessing FBI CJI data, should have a documented policy for addressing security incidents.
Criminal Justice Processes
- Criminal justice purposes encompass several functions including detection, apprehension, detention, prosecution, and rehabilitation of offenders.
Social Engineering Risks
- Social Engineering exploits deception against users or administrators to breach security.
Information Classification
- Information from the Interstate Identification Index (III) is considered CHRI and is subject to the same protections.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Prepare for the CJIS Security Test with these flashcards that cover critical aspects of FBI Criminal Justice Information (CJI) data handling. Each card presents crucial definitions and scenarios related to data security and unauthorized access. Perfect for law enforcement and related fields.