Podcast
Questions and Answers
Mabel is a government employee who needs to share a document containing contractor proprietary information with his supervisor. What is the most appropriate way for Mabel to do this?
Mabel is a government employee who needs to share a document containing contractor proprietary information with his supervisor. What is the most appropriate way for Mabel to do this?
What is an authoritative source for a derivative classification?
What is an authoritative source for a derivative classification?
Security classification guide
What is an example of behavior that should be reported?
What is an example of behavior that should be reported?
Taking sensitive information home for telework without authorization
What might Terri have seen on her social media feed related to a smoke billowing from the Pentagon?
What might Terri have seen on her social media feed related to a smoke billowing from the Pentagon?
Signup and view all the answers
Which of the following is not an appropriate use for your Common Access Card?
Which of the following is not an appropriate use for your Common Access Card?
Signup and view all the answers
Spillage refers to the unauthorized disclosure of classified information.
Spillage refers to the unauthorized disclosure of classified information.
Signup and view all the answers
Which of the following is not a best practice for protecting data on a mobile device?
Which of the following is not a best practice for protecting data on a mobile device?
Signup and view all the answers
What is the best course of action if you receive a suspicious text message about a delayed package delivery?
What is the best course of action if you receive a suspicious text message about a delayed package delivery?
Signup and view all the answers
How can you protect your home computer?
How can you protect your home computer?
Signup and view all the answers
Printed Sensitive Compartmented Information (SCI) must be retrieved properly from the printer.
Printed Sensitive Compartmented Information (SCI) must be retrieved properly from the printer.
Signup and view all the answers
What is the best practice for physical security?
What is the best practice for physical security?
Signup and view all the answers
Which of the following is a step you should not take to protect against spillage?
Which of the following is a step you should not take to protect against spillage?
Signup and view all the answers
Unclassified DoD data may require access and distribution controls.
Unclassified DoD data may require access and distribution controls.
Signup and view all the answers
Which of the following is not a best practice for protecting your home wireless network?
Which of the following is not a best practice for protecting your home wireless network?
Signup and view all the answers
Where are you permitted to use classified data?
Where are you permitted to use classified data?
Signup and view all the answers
What action should Annabeth take if she believes a sensitive compartmented information conversation was overheard?
What action should Annabeth take if she believes a sensitive compartmented information conversation was overheard?
Signup and view all the answers
Which of these is not a potential indicator that your device may be under a malicious code attack?
Which of these is not a potential indicator that your device may be under a malicious code attack?
Signup and view all the answers
How should government-owned removable media be stored?
How should government-owned removable media be stored?
Signup and view all the answers
What is the best practice for using a government email?
What is the best practice for using a government email?
Signup and view all the answers
Which of the following uses of removable media is appropriate?
Which of the following uses of removable media is appropriate?
Signup and view all the answers
Which of the following is a risk associated with removable media?
Which of the following is a risk associated with removable media?
Signup and view all the answers
Protected Health Information (PHI) is a type of controlled unclassified information.
Protected Health Information (PHI) is a type of controlled unclassified information.
Signup and view all the answers
Which of the following contributes to your online identity?
Which of the following contributes to your online identity?
Signup and view all the answers
What is the best practice when browsing the Internet?
What is the best practice when browsing the Internet?
Signup and view all the answers
Study Notes
Document Sharing Procedures
- Government employees must securely share documents containing sensitive information with appropriate clearance only.
- Best practices involve approved methods as per security guidelines.
Derivative Classification
- Security classification guides serve as authoritative sources for derivative classification.
Reporting Sensitive Behavior
- Unauthorized handling or transfer of sensitive information, such as taking it home for telework, should be reported immediately.
Social Media Caution
- Posts featuring alarming content (e.g., smoke at the Pentagon) may be phishing attempts designed to steal personal information.
Common Access Card (CAC) Usage
- CAC is not appropriate for photo identification in commercial settings; it is exclusive to government purposes.
Data Protection Practices
- Automatic screen locking on mobile devices is essential for protecting sensitive data.
Suspicious Communications
- If you receive unexpected messages about package deliveries, especially with links, it is safest to delete the message to avoid phishing attempts.
Home Computer Security
- Enabling password protection on home computers is critical for security against unauthorized access.
Handling Sensitive Information
- Sensitive Compartmented Information (SCI) must be retrieved properly from printers to prevent unauthorized access.
Physical Security Protocols
- Best physical security practice includes using personal security badges or access codes to enter facilities.
Preventing Data Spillage
- Never purge device memory before connecting to a classified network; this can lead to data spillage and unauthorized access.
Unclassified Data Controls
- DoD unclassified data may still require specific access and distribution controls to maintain security.
Home Wireless Network Security
- Avoid using preset router service set identifiers (SSIDs) and passwords; create unique ones for enhanced security.
Use of Classified Data
- Classified data is permitted only in a Secure Compartmented Information Facility (SCIF).
Response to Potential Security Breaches
- If sensitive information is potentially overheard, contact a security Point of Contact (POC) immediately with details.
Indicators of Malicious Code
- Standard notifications for system updates are not indicators of a malicious code attack.
Insider Threat Indicators
- Prolonged good performance does not necessarily indicate insider threat but requires vigilance in monitoring unusual behaviors.
Storing Government Media
- Removable media should be stored in GSA-approved containers based on their security classification for protection.
Best Practice for Government Emails
- Mass emails should be avoided to protect sensitive information and maintain communication integrity.
Appropriate Use of Removable Media
- Encrypting data when using removable media is a best practice to prevent unauthorized access.
Risks of Removable Media
- Many risks are associated with removable media usage, including potential data breaches if not handled securely.
Protected Health Information (PHI)
- PHI is not classified as controlled unclassified information but is instead protected under health privacy laws.
Online Identity Formation
- Online identity is shaped by various factors, including social media use, browsing habits, and personal disclosures.
Internet Browsing Safety
- Accept cookies only from reputable and trusted websites to minimize security risks while browsing online.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Test your knowledge with these flashcards designed for the DoD Cyber Awareness Challenge 2024. Each card presents scenarios and definitions related to cybersecurity practices crucial for government employees. Enhance your understanding of secure information sharing and classification standards.
