CJIS Security Test Flashcards
25 Questions
142 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

FBI CJI data is sensitive information and security shall be afforded to prevent any unauthorized access, use or dissemination of the data.

True (A)

FBI CJI data must be safeguarded to prevent:

  • Unauthorized access
  • Use or dissemination
  • All of the Above (correct)
  • None of the Above

Unauthorized requests, receipts, release, interception, dissemination or discussion of FBI CJI data could result in criminal prosecution and/or termination of employment.

True (A)

A security incident shall be reported to the CJIS Systems Agency's (CSA's) Information Security Officer (ISO).

<p>True (A)</p> Signup and view all the answers

Training for appropriate personnel would include people who read criminal histories but do not have a NCIC workstation of their own.

<p>True (A)</p> Signup and view all the answers

A security incident is a violation or attempted violation of the FBI CJIS Security Policy.

<p>True (A)</p> Signup and view all the answers

FBI CJI data is any data derived from the national CJIS Division Systems.

<p>True (A)</p> Signup and view all the answers

Electronic media includes, but is not limited to:

<p>All of the Above (D)</p> Signup and view all the answers

According to many security experts, which group constitutes the biggest threat?

<p>The agency's own personnel</p> Signup and view all the answers

Users do not need to log off of the software/system at the end of the shift or when another operator wants to use the software/system.

<p>False (B)</p> Signup and view all the answers

Training for appropriate personnel would include vendors who develop software for NCIC access.

<p>True (A)</p> Signup and view all the answers

You should never email Criminal Justice Information (CJI) unless your agency's email system meets all the requirements outlined in the latest CJIS Security policy.

<p>True (A)</p> Signup and view all the answers

__________ is sensitive data and unauthorized use could result in criminal prosecution or termination of employment.

<p>CHRI</p> Signup and view all the answers

Sometimes you may only see indicators of a security incident.

<p>True (A)</p> Signup and view all the answers

Custodial workers that access the terminal area must have a fingerprint background check done and training unless they are escorted in these areas.

<p>True (A)</p> Signup and view all the answers

Criminal History Record Information (CHRI) includes:

<p>All of the above (D)</p> Signup and view all the answers

All persons who have access to CJI are required to have security training within ___ months of assignment.

<p>6</p> Signup and view all the answers

The CJIS Security Policy outlines the minimum requirements.

<p>True (A)</p> Signup and view all the answers

Information obtained from the III is not considered CHRI.

<p>False (B)</p> Signup and view all the answers

Social Engineering is an attack based on deceiving users or administrators at the target site.

<p>True (A)</p> Signup and view all the answers

The state CJIS Systems Agency (CSA) is responsible for compliance with the FBI CJIS security policy.

<p>True (A)</p> Signup and view all the answers

Criminal justice purposes include detection, apprehension, detention, pretrial release, prosecution, adjudication, correctional supervision, or rehabilitation of accused persons or criminal offenders.

<p>True (A)</p> Signup and view all the answers

Each agency accessing FBI CJI data should have a written policy describing the actions to be taken in the event of a security incident.

<p>True (A)</p> Signup and view all the answers

Training records must be kept current by the State, Federal or Local Agency Officer.

<p>True (A)</p> Signup and view all the answers

Access to and use of FBI CJI is only for:

<p>Both A and B (C)</p> Signup and view all the answers

Flashcards

FBI CJI Security

Strict security measures to prevent unauthorized access, use, or sharing of sensitive FBI criminal justice information.

Unauthorized CJI Handling

Misusing FBI CJI data, leading to legal action and job termination.

Security Incident Reporting

Reporting security incidents to the CJIS ISO, including detail about the incident.

CJI Training Requirements

Mandatory security training for personnel with access to CJI data within 6 months of assignment.

Signup and view all the flashcards

CJI Data Source

FBI CJI data comes from national CJIS Division Systems.

Signup and view all the flashcards

Internal Data Threat

FBI employees pose the biggest risk to CJI data security.

Signup and view all the flashcards

Restricted Access

Access to FBI CJI limited to authorized purposes only.

Signup and view all the flashcards

Electronic Media Security

All electronic formats, like files and devices, need protection.

Signup and view all the flashcards

Security Policy

Minimum security requirements defined in the CJIS Security Policy, but agencies can have specific internal policies.

Signup and view all the flashcards

Log Off

Prevent unauthorized access by logging off systems when not in use.

Signup and view all the flashcards

CHRI Risks

Improper handling of Criminal History Record Information leads to risks.

Signup and view all the flashcards

Security Incident Indicators

Security issues may be discovered through signs rather than direct events.

Signup and view all the flashcards

Custodial Worker Security

Background checks and training needed for custodial workers accessing sensitive areas.

Signup and view all the flashcards

Training Records

Accurate and detailed records must be kept.

Signup and view all the flashcards

Agency Security Incident Response

Each agency must have a policy and process to handle security incidents.

Signup and view all the flashcards

Criminal Justice Processes

Processes of detection, apprehension, prosecution, etc., for criminal offences.

Signup and view all the flashcards

Social Engineering

Exploiting deception to breach security.

Signup and view all the flashcards

Information Classification

Categorizing information based on sensitivity.

Signup and view all the flashcards

III and CHRI

Information from the Interstate Identification Index (III) is protected as CHRI.

Signup and view all the flashcards

Study Notes

FBI CJI Data Security

  • FBI Criminal Justice Information (CJI) is sensitive and requires strict security measures to prevent unauthorized access, use, or dissemination.
  • Unauthorized handling of FBI CJI data may lead to criminal prosecution or termination of employment.

Security Incident Reporting

  • Security incidents must be reported to the CJIS Systems Agency's Information Security Officer (ISO) with key details including the date, location, affected systems, detection method, incident nature, description, actions taken, and contact information.

Training Requirements

  • Individuals who read criminal histories, even without personal NCIC workstations, require training.
  • Vendors creating software for NCIC access also need appropriate security training.
  • All personnel with access to CJI must complete security training within 6 months of being assigned.

Access and Use of Data

  • FBI CJI data derives from national CJIS Division Systems and must be consistently safeguarded.
  • The agency's own personnel pose the most significant threat to data security.
  • Access to FBI CJI is restricted to authorized criminal justice or civil purposes only.

Electronic Media and Security Policies

  • Electronic media encompasses a wide range of formats, all of which must be secured.
  • The CJIS Security Policy defines minimal security requirements; agencies should develop specific internal policies.

Security Awareness and Prevention

  • Always log off from systems after use to prevent unauthorized access.
  • Sensitive Criminal History Record Information (CHRI) is at risk if improperly accessed; unauthorized use can have severe consequences.
  • Indicators of security incidents may sometimes be the only signs present.

Additional Compliance and Responsibilities

  • Custodial workers accessing sensitive areas need to undergo fingerprint background checks and receive training unless escorted.
  • Training records must be maintained accurately by relevant agency officers.
  • Each agency, when accessing FBI CJI data, should have a documented policy for addressing security incidents.

Criminal Justice Processes

  • Criminal justice purposes encompass several functions including detection, apprehension, detention, prosecution, and rehabilitation of offenders.

Social Engineering Risks

  • Social Engineering exploits deception against users or administrators to breach security.

Information Classification

  • Information from the Interstate Identification Index (III) is considered CHRI and is subject to the same protections.

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Quiz Team

Description

Prepare for the CJIS Security Test with these flashcards that cover critical aspects of FBI Criminal Justice Information (CJI) data handling. Each card presents crucial definitions and scenarios related to data security and unauthorized access. Perfect for law enforcement and related fields.

More Like This

FBI Counterterrorism Investigations Quiz
16 questions
FBI and Aviation Security
40 questions

FBI and Aviation Security

WonChrysoprase4991 avatar
WonChrysoprase4991
Use Quizgecko on...
Browser
Browser