permitted uses of government furnished equipment

not correct Which of the following demonstrates proper protection of mobile devices? Which of the following makes Alexs personal information vulnerable to attacks by identity thieves? Incident The last payment, entitled satisfactory completion of all work under the contract, shall be at least 20% of the total quoted firm price. %PDF-1.7 % As long as the document is cleared for public release, you may release it outside of DoD. What level of damage to national security can you reasonably expect Top secret information to cause if disclosed? Illegally downloading copyrighted material - No A Common Access Card and Personal Identification Number. 1082 0 obj <>/Filter/FlateDecode/ID[<6D11769074A68B4F9710B6CBF53B0C2B>]/Index[1068 34]/Info 1067 0 R/Length 76/Prev 82724/Root 1069 0 R/Size 1102/Type/XRef/W[1 2 1]>>stream *Spillage Which of the following may help to prevent spillage? Before we can award a contract, we need each proposed research worker to complete a Form 388 that we will use to perform due diligence and obtain necessary clearances. Which of the following is a security best practice when using social networking sites? PDF Cyber Awareness Challenge 2022 Computer Use Correct. Your DOD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the Non-classified Internet Protocol Router Network (NIPRNet). Then select Submit. Hold the conversation over e-mail or instant messenger to avoid being overheard. Mark SCI documents appropriately and use an approved SCI fax machine. c. Report it to security. Damage b. (Spillage) When classified data is not in use, how can you protect it? (Identity Management) What certificates are contained on the Common Access Card (CAC)? Linda encrypts all of the sensitive data on her government-issued mobile devices. (Malicious Code) Which are examples of portable electronic devices (PEDs)? On Jan. 30, 2023, President Joe Biden announced that the COVID-19 public health emergency (PHE) will end May 11, 2023. You should remove and take your CAC/PIV card whenever you leave your workstation. sensitive but unclassified. Not the websites URL. What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? Report the suspicious behave in accordance with their organization's threat policy. Cyber Awareness Challenge Knowledge Check 2023 Answers, Cyber Awareness Challenge 2022 Knowledge Check Answers. How can you protect your organization on social networking sites? The relevant people will be named in the subsequent contract. Use the classified network for all work, including unclassified work. Lionel stops an individual in his secure area who is not wearing a badge. Under the terms of DEFCON 705 any intellectual property generated under the contract belongs to the contractor. To: All Oregon/Washington Bureau of Land Management Employees. The website requires a credit card for registration. It is releasable to the public without clearance. endstream endobj 1075 0 obj <>stream Mark SCI documents appropriately and use an approved SCI fax machine. Removable Media in a SCIF (Incident): What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF? Share sensitive information only on official, secure websites. Note any identifying information and the websites URL. This is a spear phishing attempt, and it would be best to report it to security. An experiment consists of tossing three fair (not weighted) coins, except that one of the three coins has a head on both sides. Who can be permitted access to classified data? Conducting a private money-making venture - No Its classification level may rise when aggregated. (IRS-defined) Use of Government Furnished Equipment (GFE) phones and GFE MiFi's/Hot-Spots for remote access to IRS IT assets (e.g., networks, systems) shall be provided through an encryption mechanism such as a . When classified data is not in use, how can you protect it? Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. P2P (Peer-to-Peer) software can do the following except: Allow attackers physical access to network assets. You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? Expires: 09/30/2023. Disclaimer: AcqNotes is not an official Department of Defense (DoD), Air Force, Navy, or Army website. Not correct a colleague enjoys playing videos games, regularly uses social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited. Making unauthorized configuration changes. The email states your account has been compromised and you are invited to click on the link in order to reset your password. c. Allowing hackers access. *Sensitive Compartmented Information When faxing Sensitive Compartmented Information (SCI), what actions should you take? *Controlled Unclassified Information Which of the following is NOT an example of CUI? A pop-up window that flashes and warns that your computer is infected with a virus. All of these. Linda encrypts all of the sensitive data on her government issued mobile devices. Break-even units equal 2,000. *Social Networking a. Label all files, removable media, and subject headers. **Social Networking When is the safest time to post details of your vacation activities on your social networking profile? Classified information that should be unclassified and is downgraded. used in telework environments in accordance with reference (b). Government Furnished Equipment: GFE refers to tooling or equipment thats provided to a contractor for use during the project . We also use cookies set by other sites to help us deliver content from their services. Software that installs itself without the users knowledge c. A firewall that monitors and controls network traffic. What does Personally Identifiable information (PII) include? A smartphone that transmits credit card payment information when held in proximity to a credit card reader. An investment in knowledge pays the best interest.. Article - Billing and Coding: Category III Codes (A56902) You should remove and take your CAC/PIV card whenever you leave your workstation. Sensitive information may be stored on any password-protected system. While it may seem safer, you should NOT use a classified network for unclassified work. Exceptionally grave damage to national security. Which of the following is true of Unclassified information? \text{Retained Earnings}&&&\text{Credit}\\ CUI must be handled using safeguarding or dissemination controls. Which of the following best describes good physical security? Mobile devices and applications can track your location without your knowledge or consent. Which of the following does not constitute spillage. Decline to let the person in and redirect her to security. **Identity management Which of the following is an example of two-factor authentication? Do not use any personally owned/non-organizational removable media on your organizations systems. When is it appropriate to have your security badge visible? **Website Use While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Based on the description that follows how many potential insider threat indicators are displayed? Which of the following should be reported as a potential security incident (in accordance with your Agencys insider threat policy)? Which of the following represents an ethical use of your Government 1) Unusual interest in classified information. Note any identifying information, such as the websites URL, and report the situation to your security POC. Effective 01/01/2021. What should you do? (Sensitive Information) What must the dissemination of information regarding intelligence sources, methods, or activities follow? Which of the following is a good practice for telework? a. HUj@}qDk. Which designation marks information that does not have potential to damage national security? **Social Engineering What action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)? Classified information that should be unclassified and is downgraded. *Spillage After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. HHS published the HHS Memorandum: the Use of Government Furnished Equipment during Foreign Travel. endobj Section 26. Wireless and Mobile Device Security Policy No. The person looked familiar, and anyone can forget their badge from time to time. Which of the following is true of Controlled Unclassified information (CUI)? stream Sensitive Compartmented Information (Incident #3): What should the participants in this conversation involving SCI do differently? *Controlled Unclassified Information Which of the following is NOT a correct way to protect CUI? Follow procedures for transferring data to and from outside agency and non-Government networks. Many apps and smart devices collect and share your personal information and contribute to your online identity. Correct. Official websites use .govA Report the suspicious behavior in accordance with their organizations insider threat policy. Who designates whether information is classified and its classification level? It may be compromised as soon as you exit the plane. a. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. All government-owned PEDs c. Only expressly authorized government-owned PEDs. Annual DoD Cyber Awareness Challenge Training, Military Requirements for Petty Officers Thir, EPRC Operator Course JKO (8 hour) Pretest Ans, Elliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson, Operations Management: Sustainability and Supply Chain Management, Anderson's Business Law and the Legal Environment, Comprehensive Volume, David Twomey, Marianne Jennings, Stephanie Greene, John David Jackson, Patricia Meglich, Robert Mathis, Sean Valentine, Chapter 22: Signal Transduction Mechanisms: I, Business Continuation and Succession Planning. Which of the following is NOT a requirement for telework? Which of the following is an example of removable media? Original classification authority Correct. **Social Engineering Which of the following is a way to protect against social engineering? A company assigns overhead cost to completed jobs on the basis of 120% of direct labor cost. What should you do if a reporter asks you about potentially classified information on the web? Only expressly authorized government-owned PEDs. Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, CITI Ethics, Responsible Conduct, RCR, Law, HTH And IRB Answers, Level 1 Antiterrorism Awareness Training Pretest And Post Test Answers, EVERFI Achieve Consumer Financial Education Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Google Analytics Individual Qualification Exam Answers, Everfi Module 4 Credit Scores Quiz Answers, Which Of The Following Is Not Considered A Potential Insider Threat Indicator. Classified Data: (Incident) What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? A Form 388 will be sent to you if youre successful under a DASA competition. Scan external files from only unverifiable sources before uploading to computer. Incident c. This is never okay. Government Furnished Property Compliance Checklist tell your colleague that it needs to be secured in a cabinet or container. No to all: Viewing or downloading pornography, gambling online, conducting a private money-making venture, using unauthorized software, Illegally downloading copyrighted material, making unauthorized configuration changes. 2 0 obj Carrying his Social Security Card with him, DoD employees are prohibited from using a DoD CAC in card-reader-enabled public device, Assigned a classification level by a supervisor. Store classified data appropriately in a GSA-approved vault/container. Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. When teleworking, you should always use authorized and software. The property provided to contractors for repair or overhaul is not subject to the requirements of the paragraph of bullet #2 above in this section. How should you respond? Label all files, removable media, and subject headers with appropriate classification markings. Which of the following attacks target high ranking officials and executives? (Sensitive Compartmented Information) What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)? To help with this, prices in your proposal must be supported by a full cost breakdown. Unclassified documents do not need to be marked as a SCIF. 1101 0 obj <>stream (Spillage) Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? Then select Submit. Which is NOT a way to protect removable media? Download the information. Delete email from senders you do not know. Each Form 388 must be signed and returned with a brief curriculum vitae (CV) of each person by the nominated individual completing the work. Which of the following may be helpful to prevent inadvertent spillage? The Town and Country Planning (Use Classes) Order 1987 ( as amended) puts uses of land and buildings into various categories known as 'Use Classes' which are detailed below. **Classified Data What is a good practice to protect classified information? Who designates whether information is classified and its classification level? You know this project is classified. **Insider Threat What type of activity or behavior should be reported as a potential insider threat? (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? How many potential insider threat indicators does this employee display? **Insider Threat Which of the following should be reported as a potential security incident (in accordance with you Agencys insider threat policy)? *Spillage Which of the following is a good practice to aid in preventing spillage? When operationally necessary, owned by your organization, and approved by the appropriate authority. 31 terms. What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? (Sensitive Information) What should you do if a commercial entity, such as a hotel reception desk, asks to make a photocopy of your Common Access Card (CAC) for proof of Federal Government employment? Consider the various information sources listed previously in developing your answer. Further guidance included in "What DASA does not fund" section. Uploaded new terms and conditions document: DASA Open Call Terms and Conditions July 2022 (Also contains Schedules). Explain why. All prices quoted for DASA proposals are firm (non-variable) and must be exclusive of VAT. *Spillage You find information that you know to be classified on the Internet. Maintain visual or physical control of the device. Y"{+lr)v&e]8OMoUBgT+E G +$f}'@$c(QxE'{=Q[M{Qdf7N*1^1zyti#;@_r+~>(.D$!yn@L3pgA0#Dk(-]+utfoZaF0gyz=l%Ec\'"]e:7i/-L(*#Nw%r0I3Km@ P@Ya5 $ .nlPE*k8]xkh0D!_/~CyVIS The long-run aggregate supply curve (LRAS) curve is ______ with a real output level that _____, a) Upward sloping; varies positively with the price level What is best practice while traveling with mobile computing devices? (Permitted Uses of Government-Furnished Equipment GFE)) Viewing or downloading pornography - No Gambling online - No Conducting a private money-making venture - No Using unauthorized software - No Illegally downloading copyrighted material - No Making unauthorized configuration changes - No Incident Exception. Which of the following is NOT a social engineering tip? Illegal downloading copyrighted materials. [1]. You are working at your unclassified system and receive an email from a coworker containing a classified attachment. When using a public device with a card reader, only use your DoD CAC to access unclassified information, is only allowed if the organization permits it. The Government relies on and requires its contractors to provide effective and efficient stewardship of the . Youll need to register and then activate your account before you can browse the toolkit. The Defence and Security Accelerator. *Spillage What is a proper response if spillage occurs? Which is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF). Correct Use only personal contact information when establishing your personal account. Select the information on the data sheet that is personally identifiable information (PII). Use TinyURLs preview feature to investigate where the link leads. Store it in a locked desk drawer after working hours. **Physical Security What is a good practice for physical security? Which of the following is a clue to recognizing a phishing email? a. PDF Removable Media and Mobile Devices - Cyber (Malicious Code) Which of the following is NOT a way that malicious code spreads? a. Only use Government-furnished or Government-approved equipment to process PII. On a computer displaying a notification to update the antivirus softwareB. A person who does not have the required clearance or assess caveats comes into possession of SCI in any manner. Which of the following is NOT a typical means for spreading malicious code? You must supply a completed Form 388 and CV for any new research workers. Of the following, which is NOT a characteristic of a phishing attempt? Digitally signed e-mails are more secure. *Insider Threat Which of the following is a reportable insider threat activity? Which of the following is an example of two-factor authentication? When can you check personal email on your government furnished equipment? Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. Which of the following is not considered a potential insider threat indicator? When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? Adversaries exploit social networking sites to disseminate fake news Correct. Added link to Current Themed Competitions in the Our Standard Contracts section. It may expose the connected device to malware. When would be a good time to post your vacation location and dates on your social networking website? Of the following, which is NOT an intelligence community mandate for passwords? Government Furnished Information Technology (IT) Equipment for Use Have your permissions from your organization, follow your organization guideline, use authorized equipment and software, employ cyber security best practice, perform telework in dedicated when home. Based on the description that follows, how many potential insider threat indicator(s) are displayed? \text{Expense}&(l)&\text{Credit}&\text{Debit}\\ Where any deliverable is subject to third party intellectual property rights (IPR) you must also describe this in your proposal. Total fixed cost equals $78,000 (includes fixed factory overhead and fixed selling and administrative expense). not correct. (controlled unclassified information) Which of the following is NOT correct way to protect CUI? As long as the document is cleared for public release, you may share it outside of DoD. The annual Cyber Awareness Challenge is a course that helps authorized users learn how to best avoid and reduce threats and vulnerabilities in an organizations system. the whistleblower protection enhancement act relates to reporting. b. a. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive new car, and has unexplained absences from work. What action should you take with a compressed Uniform Resource Locator (URL) on a website known to you? Never allow sensitive data on non-Government-issued mobile devices. In which situation below are you permitted to use your PKI token? When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? Unclassified documents do not need to be marked as a SCIF. We reserve the right to add additional contractual conditions if individual circumstances dictate. Identity Management Evidence (Incident): Select all violations at this unattended workstation. When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? DOD Cyber Awareness 2023 Flashcards | Quizlet Which of the following best describes the sources that contribute to your online identity. See PGI 245.103-72, Government- furnished property (GFP) attachments to solicitations and awards. Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment? (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Never print classified documents b. Label the printout UNCLASSIFIED to avoid drawing attention to it c. Retrieve classified documents promptly from printers. Spread After clicking on a link on a website, a box pops up and asks if you want to run an application. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Only use Government-furnished or Government-approved equipment to process CUI, including PII. requirements to access classified information. Where you specify in your proposal Limited Rights versions of deliverables, you must also specify whether the relevant Background Information has been previously generated under contract using MOD funding. Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. *Sensitive Compartmented Information When is it appropriate to have your security badge visible? c. Remove his CAC and lock his workstation. After being diagnosed with pyrophobia, the client states, "I believe this started at the age of 7 when I was trapped in a house fire." Search for instructions on how to preview where the link actually leads. Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. Only expressly authorized government-owned PEDs. HDMI or DisplayPort may be used if VGA and DVI are unavailable. What should you do? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? **Classified Data Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? **Classified Data When classified data is not in use, how can you protect it? Top Secret information could be expected to cause exceptionally grave damage to national security of disclosed. *Spillage Which of the following is a good practice to prevent spillage? You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware.