Cyber Security Flashcards
20 Questions
100 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which of the following is NOT an appropriate way to protect against inadvertent spillage? (Select all that apply)

  • Use the classified network for all work, including unclassified work (correct)
  • Be aware of classified markings and all handling caveats
  • Label all files, removable media, and subject headers
  • Which of the following should you NOT do if you find classified information on the internet? (Select all that apply)

  • Note the website's URL
  • Download the information (correct)
  • Report it to security
  • How can you prevent inadvertent spillage?

    Always check to use the correct network, avoid classified networks for unclassified work, be aware of classification markings, follow procedures for transferring data, and label files with appropriate markings.

    What should you do if spillage occurs?

    <p>Immediately notify your security POC, do not delete the suspected files, do not forward or manipulate the files, and secure the area.</p> Signup and view all the answers

    What should you do if you find classified government data/information not cleared for public release on the internet?

    <p>Remember that leaked classified information is still classified, do not download it, note identifying info and URL, report to security POC.</p> Signup and view all the answers

    Which of the following is true about telework? (Select all that apply)

    <p>You must have your organization's permission to telework</p> Signup and view all the answers

    What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed?

    <p>Exceptionally grave damage</p> Signup and view all the answers

    Which of the following is true about protecting classified data? (Select all that apply)

    <p>Classified material must be appropriately marked</p> Signup and view all the answers

    What are the requirements to telework?

    <p>Have permission from your organization, follow the organization's guidance, use authorized equipment, and employ cybersecurity best practices.</p> Signup and view all the answers

    Match the level of damage to national security with its classification:

    <p>Confidential = Damage to national security Secret = Serious damage to national security Top Secret = Exceptionally grave damage to national security</p> Signup and view all the answers

    What are the key handling requirements for classified data?

    <p>Must be handled and stored properly based on classifications and caveats and can only be accessed by individuals with appropriate clearance.</p> Signup and view all the answers

    What is an insider threat?

    <p>Uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or modification.</p> Signup and view all the answers

    What percentage of the time is an insider threat linked to demonstrated behaviors of security concerns?

    <p>80%</p> Signup and view all the answers

    What percentage of insider threats experience a life crisis?

    <p>25%</p> Signup and view all the answers

    What percentage of insider threats volunteered?

    <p>70%</p> Signup and view all the answers

    What should you do to protect against insider threats?

    <p>Be alert to and report any suspicious activity or behavior in accordance with the agency's insider threat policy.</p> Signup and view all the answers

    What steps can you take to protect yourself online?

    <p>Understand and use privacy settings, create strong passwords, validate friend requests, and avoid posting PII.</p> Signup and view all the answers

    What actions should you take to protect your organization online?

    <p>Don't speak for your organization, validate friend requests, avoid identifiable pictures in uniform, and use personal contact info for social networking.</p> Signup and view all the answers

    What is online identity?

    <p>Information collected about you by apps and data aggregators, and it's crucial to use these services with caution.</p> Signup and view all the answers

    What precautions should you take when transmitting sensitive information?

    <p>Ensure information receivers have clearance, confirm fax receipt, and use encryption when necessary.</p> Signup and view all the answers

    Study Notes

    Cyber Security Basics

    • Classified networks are not for unclassified work; using them improperly can lead to bandwidth issues and potential spillage.
    • Classified information found online should not be downloaded, as it remains classified and could cause additional spillage incidents.

    Preventing Inadvertent Spillage

    • Verify the network is correct for the data classification level before use.
    • Follow strict labeling protocols for files and media to indicate their classification.
    • Transfer data only following established procedures to prevent undue exposure.

    Actions in Case of Spillage

    • Immediate notification of the security Point of Contact (POC) is essential.
    • Do not delete or manipulate suspected files; secure the area instead.

    Handling Internet Classified Information

    • Classified data remains classified regardless of its presence online; downloading it is prohibited.
    • Always report discovered classified information on the internet to your security POC.

    Teleworking Protocols

    • Organizational permission is mandatory for teleworking.
    • Use only authorized devices and software in a secure home environment.
    • Implement best cybersecurity practices, including VPN usage.

    Understanding Security Classifications

    • Damage Levels:

      • Confidential: Damage to national security.
      • Secret: Serious damage.
      • Top Secret: Exceptionally grave damage.
    • Classified materials must be properly marked and cannot be used unsecured, even when held by cleared individuals.

    Insider Threat Awareness

    • Insider threats arise from authorized access misused intentionally or unintentionally.
    • Certain behaviors indicate security concerns 80% of the time, and 25% of insiders may experience life crises prompting security risks.

    Reporting Suspicious Activity

    • Stay vigilant to potential insider threats and report suspicious behaviors or incidents according to agency policies.

    Personal Data Protection

    • Utilize privacy settings effectively and create strong, unguessable passwords.
    • Avoid sharing location updates or any personally identifiable information (PII) online.
    • Confirm friend requests to reduce risks associated with social media.

    Organizational Representation Online

    • Refrain from speaking on behalf of your organization and ensure no compromising content is posted.
    • If using social media, only provide personal contact details, never government information.

    Online Identity Management

    • Online data aggregators collect personal information; users should be cautious and opt-out when possible.

    Secure Transmission of Sensitive Information

    • Verify clearance and need-to-know before sending sensitive information.
    • Use encryption for email communications that involve PII, Protected Health Information (PHI), or other Controlled Unclassified Information (CUI).

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Test your knowledge of cyber security practices through these flashcards. Each card challenges you with scenarios to reinforce your understanding of appropriate protective measures. This is an essential resource for anyone looking to improve their cyber security awareness.

    More Like This

    Use Quizgecko on...
    Browser
    Browser