Podcast
Questions and Answers
Which of the following is NOT an appropriate way to protect against inadvertent spillage? (Select all that apply)
Which of the following is NOT an appropriate way to protect against inadvertent spillage? (Select all that apply)
Which of the following should you NOT do if you find classified information on the internet? (Select all that apply)
Which of the following should you NOT do if you find classified information on the internet? (Select all that apply)
How can you prevent inadvertent spillage?
How can you prevent inadvertent spillage?
Always check to use the correct network, avoid classified networks for unclassified work, be aware of classification markings, follow procedures for transferring data, and label files with appropriate markings.
What should you do if spillage occurs?
What should you do if spillage occurs?
Signup and view all the answers
What should you do if you find classified government data/information not cleared for public release on the internet?
What should you do if you find classified government data/information not cleared for public release on the internet?
Signup and view all the answers
Which of the following is true about telework? (Select all that apply)
Which of the following is true about telework? (Select all that apply)
Signup and view all the answers
What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed?
What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed?
Signup and view all the answers
Which of the following is true about protecting classified data? (Select all that apply)
Which of the following is true about protecting classified data? (Select all that apply)
Signup and view all the answers
What are the requirements to telework?
What are the requirements to telework?
Signup and view all the answers
Match the level of damage to national security with its classification:
Match the level of damage to national security with its classification:
Signup and view all the answers
What are the key handling requirements for classified data?
What are the key handling requirements for classified data?
Signup and view all the answers
What is an insider threat?
What is an insider threat?
Signup and view all the answers
What percentage of the time is an insider threat linked to demonstrated behaviors of security concerns?
What percentage of the time is an insider threat linked to demonstrated behaviors of security concerns?
Signup and view all the answers
What percentage of insider threats experience a life crisis?
What percentage of insider threats experience a life crisis?
Signup and view all the answers
What percentage of insider threats volunteered?
What percentage of insider threats volunteered?
Signup and view all the answers
What should you do to protect against insider threats?
What should you do to protect against insider threats?
Signup and view all the answers
What steps can you take to protect yourself online?
What steps can you take to protect yourself online?
Signup and view all the answers
What actions should you take to protect your organization online?
What actions should you take to protect your organization online?
Signup and view all the answers
What is online identity?
What is online identity?
Signup and view all the answers
What precautions should you take when transmitting sensitive information?
What precautions should you take when transmitting sensitive information?
Signup and view all the answers
Study Notes
Cyber Security Basics
- Classified networks are not for unclassified work; using them improperly can lead to bandwidth issues and potential spillage.
- Classified information found online should not be downloaded, as it remains classified and could cause additional spillage incidents.
Preventing Inadvertent Spillage
- Verify the network is correct for the data classification level before use.
- Follow strict labeling protocols for files and media to indicate their classification.
- Transfer data only following established procedures to prevent undue exposure.
Actions in Case of Spillage
- Immediate notification of the security Point of Contact (POC) is essential.
- Do not delete or manipulate suspected files; secure the area instead.
Handling Internet Classified Information
- Classified data remains classified regardless of its presence online; downloading it is prohibited.
- Always report discovered classified information on the internet to your security POC.
Teleworking Protocols
- Organizational permission is mandatory for teleworking.
- Use only authorized devices and software in a secure home environment.
- Implement best cybersecurity practices, including VPN usage.
Understanding Security Classifications
-
Damage Levels:
- Confidential: Damage to national security.
- Secret: Serious damage.
- Top Secret: Exceptionally grave damage.
-
Classified materials must be properly marked and cannot be used unsecured, even when held by cleared individuals.
Insider Threat Awareness
- Insider threats arise from authorized access misused intentionally or unintentionally.
- Certain behaviors indicate security concerns 80% of the time, and 25% of insiders may experience life crises prompting security risks.
Reporting Suspicious Activity
- Stay vigilant to potential insider threats and report suspicious behaviors or incidents according to agency policies.
Personal Data Protection
- Utilize privacy settings effectively and create strong, unguessable passwords.
- Avoid sharing location updates or any personally identifiable information (PII) online.
- Confirm friend requests to reduce risks associated with social media.
Organizational Representation Online
- Refrain from speaking on behalf of your organization and ensure no compromising content is posted.
- If using social media, only provide personal contact details, never government information.
Online Identity Management
- Online data aggregators collect personal information; users should be cautious and opt-out when possible.
Secure Transmission of Sensitive Information
- Verify clearance and need-to-know before sending sensitive information.
- Use encryption for email communications that involve PII, Protected Health Information (PHI), or other Controlled Unclassified Information (CUI).
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Test your knowledge of cyber security practices through these flashcards. Each card challenges you with scenarios to reinforce your understanding of appropriate protective measures. This is an essential resource for anyone looking to improve their cyber security awareness.