Information Security Best Practices Quiz
23 Questions
100 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

When linked to a specific individual, which of the following is NOT an example of Personally Identifiable Information (PII)?

  • Social Security Number
  • Email address
  • Automobile make and model (correct)
  • Phone number
  • How can you mitigate the potential risk associated with a compressed URL (e.g., TinyURL, goo.gl)?

    Use the preview function to see where the link actually leads.

    What is the goal of an Insider Threat Program?

    Deter, Detect, and Mitigate the risks associated with insider threats.

    Mabel needs to share a document with her supervisor. What is appropriate?

    <p>Encrypt it and send digitally.</p> Signup and view all the answers

    Which of the following is NOT a best practice for protecting data on a mobile device?

    <p>Disable automatic screen locking after a period of inactivity</p> Signup and view all the answers

    Which of these is NOT a potential indicator that your device may be under a malicious code attack?

    <p>A notification for a system update that has been publicized</p> Signup and view all the answers

    When is the safest time to post on social media about your vacation plans?

    <p>After the trip.</p> Signup and view all the answers

    You receive an email with a link to update software on a government laptop. What should you do if the IT department hasn't done this before nor announced it?

    <p>Report the email to your security POC or help desk.</p> Signup and view all the answers

    After a classified document is leaked online and makes headlines, which of the following is true?

    <p>You should still treat it as classified even though it has been compromised.</p> Signup and view all the answers

    Where are you permitted to use classified materials?

    <p>Only in areas with security appropriate to the classification level.</p> Signup and view all the answers

    Which of the following is a risk associated with removable media?

    <p>All of these</p> Signup and view all the answers

    Which of the following is a best practice for physical security?

    <p>Use your own security badge or key code for facility access.</p> Signup and view all the answers

    Which of the following is a best practice to protect your identity?

    <p>Order a credit report annually.</p> Signup and view all the answers

    Which of the following is NOT an appropriate use of your Common Access Card (CAC)?

    <p>Using it as photo identification with a commercial entity</p> Signup and view all the answers

    How should government-owned removable media be stored?

    <p>In GSA approved safe with appropriate classification level.</p> Signup and view all the answers

    Which of the following is an allowed use of government-furnished equipment?

    <p>Checking personal email if organization allows it.</p> Signup and view all the answers

    Which of the following is true of Controlled Unclassified Information?

    <p>It must be handled using safeguarding or dissemination controls.</p> Signup and view all the answers

    How can you protect your home computer?

    <p>Turn on the password feature.</p> Signup and view all the answers

    Which of the following is an appropriate use of government email?

    <p>Using a digital signature when sending attachments.</p> Signup and view all the answers

    Which of the following is true of working within a sensitive compartmented information facility (SCIF)?

    <p>A designated individual is responsible for securing the entrance and exit points.</p> Signup and view all the answers

    Which of the following is true of spillage?

    <p>It can be either inadvertent or intentional.</p> Signup and view all the answers

    What is the best course of action if you receive a text message from a package shipper saying delivery is delayed and you are not expecting a package?

    <p>Delete the message.</p> Signup and view all the answers

    Which of the following personally owned peripherals can you use with government-furnished equipment?

    <p>Keyboard and USB hub</p> Signup and view all the answers

    Study Notes

    Personally Identifiable Information (PII)

    • Automobile make and model is NOT considered PII when not linked to an individual.

    URL Safety

    • Mitigate risks of compressed URLs by using the preview function to view the destination before clicking.

    Insider Threat Program

    • The primary aim is to Deter, Detect, and Mitigate insider-related risks.

    Document Sharing

    • For sharing documents, encrypt and send them digitally for security.

    Mobile Device Security Practices

    • Disabling automatic screen locking after inactivity is NOT a recommended practice.

    Malicious Code Indicators

    • A publicized system update notification is NOT a credible indicator of a malicious attack.

    Social Media Safety

    • Safest to post vacation plans on social media after returning from the trip.

    Suspicious Emails

    • Report unsolicited emails about software updates to your security point of contact or help desk when lacking proper authentication.

    Classified Document Handling

    • Leaked classified documents should still be treated as classified despite their exposure.

    Classified Materials Usage

    • Classified materials should only be used in secure areas suitable for their classification level.

    Risks of Removable Media

    • Risks associated with removable media include various security vulnerabilities.

    Physical Security Best Practices

    • Always use your own security badge or key code for facility access.

    Identity Protection

    • Protect identity by ordering a credit report annually.

    Common Access Card (CAC) Usage

    • Using your CAC as photo identification with commercial entities is NOT appropriate.

    Controlled Unclassified Information (CUI)

    • CUI must be handled with specific safeguarding or dissemination controls.

    Home Computer Protection

    • Enable the password feature on your home computer for better security.

    Government Email Usage

    • When using government email, attach a digital signature for verifying messages.

    Sensitive Compartmented Information Facility (SCIF)

    • A designated person is responsible for securing entrance and exit points in a SCIF.

    Spillage Definition

    • Spillage can occur unintentionally or intentionally, indicating security breaches.

    Phishing Alert

    • If you receive unexpected text about a delayed package, the best action is to delete the message.

    Use of Personal Peripherals

    • Keyboard and USB hub are acceptable personal peripherals to use with government-furnished equipment.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Test your knowledge on key information security practices such as handling Personally Identifiable Information (PII), recognizing suspicious emails, and securing document sharing. This quiz covers various aspects of mobile device security, insider threats, and social media safety. Improve your understanding to better protect yourself and your organization from potential risks.

    More Like This

    Use Quizgecko on...
    Browser
    Browser