Information Security Best Practices
24 Questions
100 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which of the following is true of unclassified data?

  • It never requires classification markings.
  • Its classification level may rise when aggregated. (correct)
  • It does not affect the safety of Government missions.
  • It must be released to the public immediately.
  • What type of information includes personal, payroll, medical, and operational information?

    Sensitive

    Sensitive information may be stored on any password-protected system.

    False

    Which of the following is NOT a typical result from running malicious code?

    <p>Disabling cookies</p> Signup and view all the answers

    What level of damage to national security could reasonably be expected if unauthorized disclosure of Top Secret information occurred?

    <p>Exceptionally grave damage</p> Signup and view all the answers

    You must have your organization's permission to telework.

    <p>True</p> Signup and view all the answers

    What is true of protecting classified data?

    <p>Classified material must be appropriately marked.</p> Signup and view all the answers

    Which of the following is NOT considered a potential insider threat indicator?

    <p>New interest in learning another language</p> Signup and view all the answers

    How many indicators does an employee display if they have visited several foreign countries recently, have adequate work quality, speak openly of unhappiness with U.S. foreign policy, and recently had their car repossessed?

    <p>3 or more</p> Signup and view all the answers

    Which of the following is NOT considered a potential insider threat indicator?

    <p>Treated mental health issues</p> Signup and view all the answers

    What would you do if you receive a game application request on your government computer that includes permission to access your friends, profile information, cookies, and sites visited?

    <p>Decline the request</p> Signup and view all the answers

    What information most likely presents a security risk on your personal social networking profile?

    <p>Birthplace</p> Signup and view all the answers

    What should you do before exiting a controlled area?

    <p>Remove your security badge, common access card (CAC), or personal identity verification (PIV) card.</p> Signup and view all the answers

    How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card?

    <p>Store it in a shielded sleeve to avoid chip cloning.</p> Signup and view all the answers

    Always use DoD PKI tokens within their designated classification level.

    <p>True</p> Signup and view all the answers

    What is a best practice for handling cookies?

    <p>If possible, set your browser preferences to prompt you each time a website wants to store a cookie.</p> Signup and view all the answers

    What action should you take if you receive an unexpected email from a friend with a URL?

    <p>Use TinyURL's preview feature to investigate where the link leads.</p> Signup and view all the answers

    What action should you take first if you receive an email from the Office of Personnel Management (OPM) with a link to a personnel portal?

    <p>Look for a digital signature on the email.</p> Signup and view all the answers

    Phishing can be an email with a hyperlink as bait.

    <p>True</p> Signup and view all the answers

    What should you immediately do upon connecting your Government-issued laptop to a public wireless connection?

    <p>Connect to the Government Virtual Private Network (VPN).</p> Signup and view all the answers

    What should be your response if a coworker asks if you want to download a programmer's game to play at work?

    <p>I'll pass.</p> Signup and view all the answers

    What should you do if a coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet?

    <p>Never allow sensitive data on non-Government-issued mobile devices.</p> Signup and view all the answers

    What demonstrates proper protection of mobile devices?

    <p>Linda encrypts all of the sensitive data on her government-issued mobile devices.</p> Signup and view all the answers

    How can you protect your information when using wireless technology?

    <p>Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals.</p> Signup and view all the answers

    Study Notes

    Unclassified and Sensitive Information

    • Unclassified data may require reassessment when aggregated, potentially raising its classification level.
    • Sensitive information includes personal, payroll, medical, and operational details.

    Protecting Sensitive Information

    • Storing sensitive information on any password-protected system is an incorrect practice.
    • Classified materials must be correctly marked to ensure protection.

    Telework and Security Measures

    • Telework requires prior permission from the organization.
    • Security best practices include removing security badges and ID cards when exiting controlled areas.

    Insider Threat Indicators

    • Not all behavioral changes are insider threat indicators; new interests like learning a language are typically not indicators.
    • Potential insider threats may present several indicators, with increasing concern as more signs are observed.

    Handling Requests and Emails

    • Decline any unsolicited game application requests on government computers that seek excessive permissions.
    • Always check for digital signatures on unexpected emails requesting personal data before taking action.

    Phishing and Security Risks

    • Phishing attacks often take the form of emails containing hyperlinks as bait.
    • Investigate unexpected emails with unfamiliar URLs using preview features before clicking.

    Use of Technology and Privacy

    • Ensure the protection of Common Access Cards (CAC) and Personal Identity Verification (PIV) cards by storing them in shielded sleeves.
    • Always connect to the Government Virtual Private Network (VPN) when using government-issued devices on public networks.

    Mobile Device and Wireless Security

    • Encrypt sensitive data on government-issued mobile devices to safeguard information.
    • Avoid using non-Bluetooth-paired or unencrypted wireless peripherals to enhance security while using wireless technology.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    This quiz covers essential practices for protecting sensitive information, including guidelines for telework and recognizing insider threats. Learn how to handle classified materials appropriately and respond to unsolicited requests. Stay informed to ensure data security in your organization.

    More Like This

    Use Quizgecko on...
    Browser
    Browser