Cyber Security 2023 completed 10/26/2023

which of the following is true about telework?

you must have your organizations permission to telework.

what is a common indicator of phishing attempt?

you must update and validate your information.

which of the following is true of the (CAC) or (PIV) card?

you should remove and take you CAC/PIV card whenever you leave your workstation.

which of the following is an example of two- factor authentication?

a common access card and personal identification number.

what is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF?

all of these

how can malicious code cause damage?

all of these.

which of the following is true of protecting classified data?

classified material must be appropriately marked.

what should the employee do differently? Incident#2

decline to let the person in and redirect her to security.

how can you avoid downloading malicious code?

do not access website links in email messages.

how can you protect data on your mobile computing and portable electronics device (PEDS)?

enable automatic screen locking after a period of inactivity.

what action should you take with a compressed uniform resource locator (URL) on a website known to you

investigate the destination by using the preview feature to see where the link actually leads.

which of the following is ture of unclassified information?

it could affect the safety of government personnel, missions, and systems

Which of the following best describes the conditions under which mobile devices and applications can track your location?

it may occur at any time without your knowledge or consent.

what portable electronic device (PEDs) are permitted in SCIF?

only expressed authorized government owned PEDs.

what function do insider threat programs aim to fulfill?

proactively identify potential threats and formulate holistic mitigation response.

what should the employee do differently? Incident#1

remove his CAC and lock his work station.

which of the following is an example of malicious code?

software that installs itself without the users knowledge.

which of the following is a concern when using our government issued laptop in public?

the physical security of the device.

which of the following is true of security classification guides?

the provide guidance on reasons for and duration of classification of information

what must authorized personnel do before permitting another individual to enter a sensitive compartmented information facility? (SCIF)

Confirm the individuals need to know and access.

which of the following is a security best practice for protecting personally identifiable information (PII) ?

Encrypt and digitally sign e-mails containing PII when sending them to non-Government accounts.

what level of damage to national security can you reasonably expect top secret information to cause if disclosed?

Exceptionally grave damage

Which of the following demonstrates proper protection of mobile devices?

Linda encrypts all of the sensitive data on her government-issued mobile device.

you find information that you know to be classified on the internet what should you do?

Note the website URL and report the situation to your security point of contact

which of the following is NOT an example of CUI?

Press release data.

which of the following is true of internet hoaxes?

they can be part of a distributed denial of service (DDoS) attack.

which of the following is true of internet of things (IoT) devices

they can become an attack vector to other devices on your home network.

which of the following is a potential insider threat indicator?

unusual interest in classified information.

based on the description that follows, how many potential insider threat indicator(s) are displayed? a colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases and unusually expensive new car and has unexplained absences from work.

3 or more indicators.

how can you protect your organization on social networking sites?

???actively engage in non professional and non routine contacts with foreign nationals.???

a trusted friend in your social network post a link to a vaccine information on a website known to you. what action should you take?

???actively seek content that confirms the information???

ow can you protect yourself on social networking sites?

???deleting post containing personal information on a regular basis???

which designation marks information that does not have potential to damage national security?

Unclassified.

which of the following is NOT a potential consequence of using removable media unsafely in a sensitive Compartmented information facility? (SCIF)

(THIS IS A POTENTIAL) the one not on this list is the answer -SHUT DOWN OF SYSTEMS -COMPROMISE OF INFORMATION, SYSTEMS, PROGRAMS, AND/OR ASSETS -LOSS OF MISSION -LOSS OF LIFE

which of the following is NOT a permitted way to connect to personally-owned monitor to your goverment furnished equipment? (GFE)?

ANSWER IS NOT - Digital video interface (DVI)

which of the following statement is true of cookies?

ANSWER IS NOT -by accepting cookies, you authorize websites to store your personal data on a web server.

which cyber protection condition (CPCON) establishes a protection priority focus on critical functions only?

CPCON 1

which of the following is NOT a correct way to protect CUI?

CUI may be stored on any password protected system.

when is it ok to charge a personal mobile device using government - furnished equipment (GFE)?

ITS NEVER OK!!!