Cyber Awareness Flashcards
26 Questions
100 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What should be your response when asked to comment on a classified project?

  • Deny any knowledge of the project
  • Change the subject to non-work related talk (correct)
  • Provide details about the project
  • Confirm the article's authenticity
  • Which of the following may help prevent inadvertent spillage?

  • Discuss classified information in public areas
  • Label all files with appropriate markings (correct)
  • Store classified data in unsecured locations
  • Keep sensitive information in electronic format only
  • What is the best choice to describe when classified data is moved to a lower classification level system without authorization?

  • Information leak
  • Spillage (correct)
  • Data breach
  • Unauthorized access
  • What should you do when you receive an email with a classified attachment while working on an unclassified system?

    <p>Call your security point of contact immediately.</p> Signup and view all the answers

    What should you do if a reporter asks about potentially classified information on the web?

    <p>Ask for information about the website, including the URL.</p> Signup and view all the answers

    What is a proper response if spillage occurs?

    <p>Immediately notify your security POC.</p> Signup and view all the answers

    Which of the following is a good practice to aid in preventing spillage?

    <p>Be aware of classification markings</p> Signup and view all the answers

    How can you protect classified data when it is not in use?

    <p>Store classified data appropriately in a GSA-approved vault/container.</p> Signup and view all the answers

    What is required for an individual to access classified data?

    <p>Appropriate clearance and need-to-know</p> Signup and view all the answers

    Which classification level is given to information that could reasonably be expected to cause serious damage to national security?

    <p>Secret</p> Signup and view all the answers

    What is a good practice to protect classified information?

    <p>Ensure proper labeling by appropriately marking all classified material.</p> Signup and view all the answers

    Which of the following is true regarding protecting classified data?

    <p>Classified material must be appropriately marked.</p> Signup and view all the answers

    Which can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause?

    <p>Damage to national security</p> Signup and view all the answers

    Which of the following is NOT considered a potential insider threat indicator?

    <p>New interest in learning a foreign language</p> Signup and view all the answers

    How many potential insider threat indicators does a colleague who shows several concerning behaviors display?

    <p>3 or more indicators.</p> Signup and view all the answers

    What advantages do insider threats have that allow them to cause damage to their organizations?

    <p>Insiders are given a level of trust and have authorized access to Government information systems.</p> Signup and view all the answers

    What should be reported as a potential insider threat?

    <p>Coworker making consistent statements indicative of hostility or anger toward the United States.</p> Signup and view all the answers

    What is the safest time to post details of your vacation activities on social networking sites?

    <p>When vacation is over</p> Signup and view all the answers

    What should you do if you receive a game application request that includes permission to access your friends and profile information?

    <p>Decline the request</p> Signup and view all the answers

    What is the best example of Personally Identifiable Information (PII)?

    <p>Date and place of birth.</p> Signup and view all the answers

    What is an example of Protected Health Information (PHI)?

    <p>Medical test results</p> Signup and view all the answers

    What must users ensure when using removable media such as compact disks?

    <p>They display a label showing maximum classification</p> Signup and view all the answers

    What are some examples of malicious code?

    <p>Viruses, Trojan horses, or worms.</p> Signup and view all the answers

    What is a risk associated with removable media?

    <p>Spillage of classified information.</p> Signup and view all the answers

    What is a valid response when identity theft occurs?

    <p>Report the crime to local law enforcement.</p> Signup and view all the answers

    What is a best practice to protect data on your mobile computing device?

    <p>Lock your device screen when not in use.</p> Signup and view all the answers

    Study Notes

    Spillage

    • Spillage refers to the unauthorized movement of classified information to a lower classification level system.
    • To prevent inadvertent spillage, label all files and removable media with appropriate classification markings.
    • If you receive a classified email attachment while on an unclassified system, notify your security point of contact immediately.
    • Report any spillage occurrences to your security point of contact without delay.
    • Avoid confirming or denying the authenticity of classified information when asked by unauthorized individuals, such as reporters.

    Classified Data

    • Classified data must be stored in a GSA-approved vault/container when not in use.
    • Required for access to classified data: appropriate clearance, signed non-disclosure agreement, and a need-to-know.
    • Information classified as "Secret" can cause serious damage to national security if disclosed.
    • Proper labeling of classified materials is crucial to protect classified information.
    • Unauthorized disclosure of information classified as "Confidential" can lead to national security damage.

    Insider Threat

    • Insider threats are dangerous because insiders have trusted access to government systems.
    • Potential indicators of insider threats include hostility toward U.S. policies or unusual behavior around classified information.
    • A vacationing colleague with poor work quality may show signs of an insider threat but may have fewer indicators compared to more concerning behaviors.
    • Report coworkers making hostile statements about the U.S. as potential insider threats.
    • Actions like unauthorized removal of sensitive information or bringing personal devices into secure areas should also be reported.

    Social Networking

    • Delay posting vacation details on social networks until after returning home to protect privacy and security.
    • Decline game application requests that ask for excessive personal information.
    • Publicly shared personal information, such as place of birth, can pose a security risk.

    Sensitive Information

    • Personally Identifiable Information (PII) includes data like Social Security numbers, birth dates, and mother's maiden names.
    • Protected Health Information (PHI) encompasses health-related data, including medical test results and insurance information.
    • Unclassified documents should be marked with a special handling caveat if they contain sensitive information.

    Physical Security

    • Practice physical security by challenging individuals without proper identification and maintaining vigilance.
    • Understand Cyberspace Protection Condition (CPCON) levels, with CPCON 1 focusing only on critical functions.

    Identity Management

    • Two-factor authentication involves something you possess (e.g., a CAC) and something you know (e.g., a PIN).
    • Safeguarding your Common Access Card (CAC) by keeping it in your possession at all times enhances security.

    Malicious Code and Cybersecurity

    • Examples of malicious code include viruses, Trojan horses, and worms.
    • Protect against social engineering by verifying instructions come from trusted personnel.
    • Lock mobile devices and set strong passwords to secure sensitive data.

    Removable Media and Devices

    • Removable media must be properly labeled to indicate classification and point of contact.
    • Avoid using personal media on government systems to prevent security breaches.

    General Cybersecurity Practices

    • Report any instances of identity theft to local law enforcement immediately.
    • Indications of malicious code may include unexpected file corruption or warning pop-ups.
    • Whaling refers to phishing attacks aimed at high-ranking officials or sensitive positions within organizations.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Test your knowledge on cyber awareness concepts with this set of flashcards. Each card presents a key term associated with security protocols and the proper responses to classified information. Enhance your understanding and application of security measures in sensitive environments.

    More Like This

    Use Quizgecko on...
    Browser
    Browser