Podcast
Questions and Answers
FBI CJI data is sensitive information and security shall be afforded to prevent any unauthorized access, use or dissemination of the data.
FBI CJI data is sensitive information and security shall be afforded to prevent any unauthorized access, use or dissemination of the data.
True
FBI CJI data must be safeguarded to prevent:
FBI CJI data must be safeguarded to prevent:
Unauthorized requests, receipts, release, interception, dissemination or discussion of FBI CJI data could result in criminal prosecution and/or termination of employment.
Unauthorized requests, receipts, release, interception, dissemination or discussion of FBI CJI data could result in criminal prosecution and/or termination of employment.
True
A security incident shall be reported to the CJIS Systems Agency's (CSA's) Information Security Officer (ISO).
A security incident shall be reported to the CJIS Systems Agency's (CSA's) Information Security Officer (ISO).
Signup and view all the answers
Training for appropriate personnel would include people who read criminal histories but do not have a NCIC workstation of their own.
Training for appropriate personnel would include people who read criminal histories but do not have a NCIC workstation of their own.
Signup and view all the answers
A security incident is a violation or attempted violation of the FBI CJIS Security Policy.
A security incident is a violation or attempted violation of the FBI CJIS Security Policy.
Signup and view all the answers
FBI CJI data is any data derived from the national CJIS Division Systems.
FBI CJI data is any data derived from the national CJIS Division Systems.
Signup and view all the answers
Electronic media includes, but is not limited to:
Electronic media includes, but is not limited to:
Signup and view all the answers
According to many security experts, which group constitutes the biggest threat?
According to many security experts, which group constitutes the biggest threat?
Signup and view all the answers
Users do not need to log off of the software/system at the end of the shift or when another operator wants to use the software/system.
Users do not need to log off of the software/system at the end of the shift or when another operator wants to use the software/system.
Signup and view all the answers
Training for appropriate personnel would include vendors who develop software for NCIC access.
Training for appropriate personnel would include vendors who develop software for NCIC access.
Signup and view all the answers
You should never email Criminal Justice Information (CJI) unless your agency's email system meets all the requirements outlined in the latest CJIS Security policy.
You should never email Criminal Justice Information (CJI) unless your agency's email system meets all the requirements outlined in the latest CJIS Security policy.
Signup and view all the answers
__________ is sensitive data and unauthorized use could result in criminal prosecution or termination of employment.
__________ is sensitive data and unauthorized use could result in criminal prosecution or termination of employment.
Signup and view all the answers
Sometimes you may only see indicators of a security incident.
Sometimes you may only see indicators of a security incident.
Signup and view all the answers
Custodial workers that access the terminal area must have a fingerprint background check done and training unless they are escorted in these areas.
Custodial workers that access the terminal area must have a fingerprint background check done and training unless they are escorted in these areas.
Signup and view all the answers
Criminal History Record Information (CHRI) includes:
Criminal History Record Information (CHRI) includes:
Signup and view all the answers
All persons who have access to CJI are required to have security training within ___ months of assignment.
All persons who have access to CJI are required to have security training within ___ months of assignment.
Signup and view all the answers
The CJIS Security Policy outlines the minimum requirements.
The CJIS Security Policy outlines the minimum requirements.
Signup and view all the answers
Information obtained from the III is not considered CHRI.
Information obtained from the III is not considered CHRI.
Signup and view all the answers
Social Engineering is an attack based on deceiving users or administrators at the target site.
Social Engineering is an attack based on deceiving users or administrators at the target site.
Signup and view all the answers
The state CJIS Systems Agency (CSA) is responsible for compliance with the FBI CJIS security policy.
The state CJIS Systems Agency (CSA) is responsible for compliance with the FBI CJIS security policy.
Signup and view all the answers
Criminal justice purposes include detection, apprehension, detention, pretrial release, prosecution, adjudication, correctional supervision, or rehabilitation of accused persons or criminal offenders.
Criminal justice purposes include detection, apprehension, detention, pretrial release, prosecution, adjudication, correctional supervision, or rehabilitation of accused persons or criminal offenders.
Signup and view all the answers
Each agency accessing FBI CJI data should have a written policy describing the actions to be taken in the event of a security incident.
Each agency accessing FBI CJI data should have a written policy describing the actions to be taken in the event of a security incident.
Signup and view all the answers
Training records must be kept current by the State, Federal or Local Agency Officer.
Training records must be kept current by the State, Federal or Local Agency Officer.
Signup and view all the answers
Access to and use of FBI CJI is only for:
Access to and use of FBI CJI is only for:
Signup and view all the answers
Study Notes
FBI CJI Data Security
- FBI Criminal Justice Information (CJI) is sensitive and requires strict security measures to prevent unauthorized access, use, or dissemination.
- Unauthorized handling of FBI CJI data may lead to criminal prosecution or termination of employment.
Security Incident Reporting
- Security incidents must be reported to the CJIS Systems Agency's Information Security Officer (ISO) with key details including the date, location, affected systems, detection method, incident nature, description, actions taken, and contact information.
Training Requirements
- Individuals who read criminal histories, even without personal NCIC workstations, require training.
- Vendors creating software for NCIC access also need appropriate security training.
- All personnel with access to CJI must complete security training within 6 months of being assigned.
Access and Use of Data
- FBI CJI data derives from national CJIS Division Systems and must be consistently safeguarded.
- The agency's own personnel pose the most significant threat to data security.
- Access to FBI CJI is restricted to authorized criminal justice or civil purposes only.
Electronic Media and Security Policies
- Electronic media encompasses a wide range of formats, all of which must be secured.
- The CJIS Security Policy defines minimal security requirements; agencies should develop specific internal policies.
Security Awareness and Prevention
- Always log off from systems after use to prevent unauthorized access.
- Sensitive Criminal History Record Information (CHRI) is at risk if improperly accessed; unauthorized use can have severe consequences.
- Indicators of security incidents may sometimes be the only signs present.
Additional Compliance and Responsibilities
- Custodial workers accessing sensitive areas need to undergo fingerprint background checks and receive training unless escorted.
- Training records must be maintained accurately by relevant agency officers.
- Each agency, when accessing FBI CJI data, should have a documented policy for addressing security incidents.
Criminal Justice Processes
- Criminal justice purposes encompass several functions including detection, apprehension, detention, prosecution, and rehabilitation of offenders.
Social Engineering Risks
- Social Engineering exploits deception against users or administrators to breach security.
Information Classification
- Information from the Interstate Identification Index (III) is considered CHRI and is subject to the same protections.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Prepare for the CJIS Security Test with these flashcards that cover critical aspects of FBI Criminal Justice Information (CJI) data handling. Each card presents crucial definitions and scenarios related to data security and unauthorized access. Perfect for law enforcement and related fields.