Jun 30, 2021. memory sticks, flash drives, or external hard drives. Draw a project network that includes mentioned activities. **Identity management Which of the following is an example of a strong password? DOD Cyber Awareness Challenge 2019 (DOD-IAA-V16.0) 35 terms. When traveling or working away from your main location, what steps should you take to protect your devices and data? Malicious code can do the following except? 14 Cybersecurity Awareness Training PPT for Employees - Webroot. What should be done to sensitive data on laptops and other mobile computing devices? Thank you for your support and commitment to Cybersecurity Awareness Month and helping all everyone stay safe and secure online. Correct. A coworker removes sensitive information without authorization. What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? tell your colleague that it needs to be secured in a cabinet or container. Unusual interest in classified information. If authorized, what can be done on a work computer? Which of the following actions is appropriate after finding classified Government information on the internet? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? Which of the following makes Alexs personal information vulnerable to attacks by identity thieves? Correct. What is the basis for the handling and storage of classified data? **Physical Security Within a secure area, you see an individual who you do not know and is not wearing a visible badge. Use the classified network for all work, including unclassified work.C. **Social Networking Which piece if information is safest to include on your social media profile? A coworker is observed using a personal electronic device in an area where their use is prohibited. What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? **Classified Data What is required for an individual to access classified data? Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? Proactively identify potential threats and formulate holistic mitigation responses. You are working at your unclassified system and receive an email from a coworker containing a classified attachment. Which of the following is NOT a typical means for spreading malicious code? When vacation is over, after you have returned home. Which of the following best describes the sources that contribute to your online identity. Retrieve classified documents promptly from printers. If the format of any elements or content within this document interferes with your ability to access the information, as defined in the Rehabilitation Act, please emailCyberawareness@cisa.dhs.gov. Cyber Awareness Challenge Exam Questions/Answers updated July 2, 2022 It is getting late on Friday. The purpose of the Cyber Awareness Challenge is to influence behavior, focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DoD Information Systems. Quizzma is a free online database of educational quizzes and test answers. Store it in a locked desk drawer after working hours. The website requires a credit card for registration. The DoD Cyber Exchange is sponsored by How can you protect your information when using wireless technology? Let us know if this was helpful. Right-click the link and select the option to preview??? What action should you take? CPCON 4 (Low: All Functions) In addition to offering an overview of cybersecurity best practices, the challenge also provides awareness of potential and common cyber threats. You are reviewing your employees annual self evaluation. Whether you have successfully completed the previous version or starting from scratch, these test answers are for you. The DoD Cyber Exchange SIPR provides access to cyber training and guidance to users with a SIPRNet token. A trusted friend in your social network posts a link to vaccine information on a website unknown to you. (Malicious Code) What is a common indicator of a phishing attempt? Now in its 19th year, Cybersecurity Awareness Month continues to build momentum and impact co-led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA) with . **Website Use Which of the following statements is true of cookies? Which of the following can an unauthorized disclosure of information?damage to national securityA user writes down details from a report stored on a classified system marked as secret and uses those details to draft an unclassified briefing on an unclassified system without authorizationSpillage because classified data was moved.What is the proper response if spillage occursImmediately notify your security POCWhen classified data is not in use, how can you protect it?Store classified data appropriately in GSA-approved vault/container when not in use.Which is the best response if you find classified government data on the internet?Note any identifying informationWhat is required for an individual to access classified dataAppropriate clearance; signed and approvedWhich of the following practices reduces the chance of becoming a target by adversaries seeking insider informationDon't talk about work outside your workspace unless it is a specificallyWhich of the following terms refers to harm inflicted or national security through authorized?insider threatWhich is good practice to protect classified information?Ensure proper labeling by appropriately marking all classified material.Which classification level is given to information that could reasonably be expected to cause serious damage to national security?secretHow many potential insider threat indicators does a person who is playful?1what are some potential insider threat indicators?Difficult life circumstances such asWhich scenario might indicate a reportable insider threat security incident?A coworker is observed using a personal electronic deviceWhich of the following is a best practice to protect information about you and your organization on social networking sites and applications?Use only personal contact information when establishing personal social networking accountsAS someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project?inform your security POC of all bob-professional or non-routine contacts with foreign nationals.under which circumstances may you be subject.. online misconduct?Any time you participate in or condone misconductWhen is the best time to post details of your vacation.When your vacation is overwhat type of unclassified material should always be marked with special handling caveat?FOUOwhat is an individuals PII or PHI considered?Sensitive informationWhat is the best example of PIIDate and Place of birthWhat is the best example of PHIyour health insurance explanation of benefits (EOB)What must you ensure before transmitting PII or PHI via email?Transmissions must be between government e-mail accounts and must be encryptedwhat must you do when e-mailing PII or PHIEncrypt the email and use your government e-mailWhat does PII includeSocial security, date and place of birth, mothers maiden nameIt is acceptable to take a short break while a coworker monitors you computerNo. Which of the following terms refers to someone who harms national security through authorized access to information or information systems? yzzymcblueone . Which of the following is a good practice to avoid email viruses? You receive an email from a company you have an account with. **Mobile Devices What should you do when going through an airport security checkpoint with a Government-issued mobile device? Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. Identification, encryption, and digital signature. Be aware of classified markings and all handling caveats. *Sensitive Information Which of the following is the best example of Personally Identifiable Information (PII)? CUI may be stored on any password-protected system. You have reached the office door to exit your controlled area. **Identity management What is the best way to protect your Common Access Card (CAC)? The email provides a website and a toll-free number where you can make payment. Classification markings and handling caveats. Classified information that should be unclassified and is downgraded. Always check to make sure you are using the correct network for the level of data. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Which is NOT a method of protecting classified data? **Identity management Which of the following is an example of two-factor authentication? (controlled unclassified information) Which of the following is NOT correct way to protect CUI? While it may seem safer, you should NOT use a classified network for unclassified work. Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. **Insider Threat How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? Since the URL does not start with https, do not provide you credit card information. What action should you take if you receive a friend request on your social networking website from someone in Germany you met casually at a conference last year? Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. A smartphone that transmits credit card payment information when held in proximity to a credit card reader. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. access to classified information. What is the danger of using public Wi-Fi connections? Which piece of information is safest to include on your social media profile? On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. Issues with Cyber Awareness Challenge. (Must be new, do not continue) Progress until you see the main button 'Start Challenge' button. They can become an attack vector to other devices on your home network. Correct, Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. FREQUENCY: Annual TIME TO COMPLETE: 1.5 hours Classified information that is intentionally moved to a lower protection level without authorization. Examples are: Patient names, Social Security numbers, Drivers license numbers, insurance details, and birth dates. Alex demonstrates a lot of potential insider threat indicators. Correct Verify the identity of all individuals.??? Store classified data appropriately in a GSA-approved vault/container. Controlled unclassified information. **Social Networking Which of the following best describes the sources that contribute to your online identity? Within a secure area, you see an individual you do not know. Which of the following is a security best practice for protecting Personally Identifiable Information (PII)? A coworker removes sensitive information without authorization. Even within a secure facility, dont assume open storage is permitted. Use the appropriate token for each system. Which of the following is not considered a potential insider threat indicator? Any time you participate in or condone misconduct, whether offline or online. After you have returned home following the vacation. Copy the code below to your clipboard. Which of the following does NOT constitute spillage? Attachments contained in a digitally signed email from someone known. This course provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and at work. Do not download it. Only connect with the Government VPNB. Correct. All of these. At all times when in the facility.C. For Government-owned devices, use approved and authorized applications only. NOTE: CUI may be stored only on authorized systems or approved devices. NOTE: By reporting Alexs potential risk indicators, Alexs colleagues can protect their organization and potentially get Alex the help he needs to navigate his personal problems. Only when badging inB. This bag contains your government-issued laptop. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. *Spillage What should you do if you suspect spillage has occurred? Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. It also says I cannot print out the certificate. Store it in a shielded sleeve to avoid chip cloning. *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? Analyze the other workstations in the SCIF for viruses or malicious codeD. Home Training Toolkits. Verified questions. For more information, and to become a Cybersecurity Awareness Month partner email us atCyberawareness@cisa.dhs.gov. (GFE) When can you check personal e-mail on your Government-furnished equipment (GFE)? Updates also include revised or new content covering areas such as customized scams, protecting government-furnished equipment at home, and indicators of a potential cyber incident. What should be your response? I did the training on public.cyber.mil and emailed my cert to my security manager. *Sensitive Compartmented Information Which must be approved and signed by a cognizant Original Classification Authority (OCA)? OneC. Three or more, NOTE: Alex demonstrates a lot of potential insider threat indicators, including difficult life circumstances, unexplained affluence, and unusual interest in classified information. Your comments are due on Monday. Which of the following is NOT a potential insider threat? Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. Report suspicious behavior in accordance with their organizations insider threat policy.B. A type of phishing targeted at senior officials. A colleague vacations at the beach every year, is married and a father of four, sometimes has poor work quality, and works well with his team. damage to national security. Which of the following is an example of a strong password? Your favorite movie. **Social Engineering Which may be a security issue with compressed Uniform Resource Locators (URLs)? **Classified Data Which classification level is given to information that could reasonably be expected to cause serious damage to national security? A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Which is an untrue statement about unclassified data? You must possess security clearance eligibility to telework. It is created or received by a healthcare provider, health plan, or employer. You many only transmit SCI via certified mail. Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. dcberrian. Malicious code can mask itself as a harmless e-mail attachment, downloadable file, or website. classified material must be appropriately marked. Which of the following is true of downloading apps? (Spillage) What type of activity or behavior should be reported as a potential insider threat? Validate friend requests through another source before confirming them. Refer the reporter to your organizations public affairs office. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card. Remove your security badge after leaving your controlled area or office building. Now through October 24, 2021, complete the activities and submit a description of your work to receive a certificate of recognition from DHS. **Classified Data How should you protect a printed classified document when it is not in use? Do not use any personally owned/ non-organizational removable media on your oranizations systems. edodge7. On a NIPRNET system while using it for a PKI-required task. Always check to make sure you are using the correct network for the level of data. Use online sites to confirm or expose potential hoaxes, Follow instructions given only by verified personnel, Investigate the links actual destination using the preview feature, Determine if the software or service is authorized. Hold the conversation over email or instant messenger to avoid being overheard.C. When using a public device with a card reader, only use your DoD CAC to access unclassified information, is only allowed if the organization permits it. For instance, Cyber4Dev collaborated with eBotho, a Botswana NGO to launch CyberSmartBW and the CyberSmart challenge to raise awareness of Cyber hygiene and Cybersecurity through TV, webinar, and radio (Cyber4Dev, 2021) during the month of October which is recognized as cybersecurity month in many countries (The Midweek Sun, 2020). [Scene]: Which of the following is true about telework?A. Brianaochoa92. Which of the following is NOT a correct way to protect sensitive information? Ensure proper labeling by appropriately marking all classified material. This annual refresh includes minor updates to the course technology for compatibility, 508 compliance and resources pages. Accepting the default privacy settings. Which of the following is NOT Government computer misuse? **Social Networking As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? ?Access requires Top Secret clearance and indoctrination into SCI program.??? What should the owner of this printed SCI do differently? It is permissible to release unclassified information to the public prior to being cleared. All government-owned PEDsC. Label all files, removable media, and subject headers.B. Which of the following is a security best practice when using social networking sites? Classified material must be appropriately marked. Correct Note the websites URL.B. Which of the following is NOT a best practice to protect data on your mobile computing device? This training is current, designed to be engaging, and relevant to the user. A colleague often makes others uneasy with her persistent efforts to obtain information about classified project where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. NOTE: Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. Only documents that are classified Secret, Top Secret, or SCI require marking. What should you do? What are some examples of removable media? Information should be secured in a cabinet or container while not in use. correct. (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? Which of the following is true of using DoD Public key Infrastructure (PKI) token? Classified DVD distribution should be controlled just like any other classified media. A compromise of Sensitive Compartmented Information (SCI) occurs when a person who does not have the required clearance or access caveats comes into possession of SCI_________.??? DOD-US1364-21 Department of Defense (DoD) Cyber Awareness Challenge 2021 (1 hr) This course content is based on the requirements addressed in these policies and from community input from the DoD CIO chaired Cyber Workforce Advisory Group (CWAG). When I try to un-enroll and re-enroll, it does not let me restart the course. Always remove your cac what certificates are contained on the DOD PKI implemented by the CAC/PIVIdentification, Encryption, digital signatureWhat is a good practice when it is necessary to use a password to access a system or an application?Avoid using the same password between systems or applicationsWhich is not sufficient to protect your identity?use a common password for all your system and application logons.Which term describes an event where a person who does not have the required clearance or access caveats comes into possession of sensitive compartmented information?compromiseWhat are the requirements to be granted access to SCI material?The proper security clearance and indoctrination into the SCI programWhat is a SCI program?a program that segregates various information.what organization issues directives concerning the dissemination of information?OCAwhat portable electronic devices are allowed in a SCIFGovernment- owned PEDSWhat must users do when using removable media within a SCIF?User shall comply with site CM polices and proceduresWhat is an indication that malicious code is running on your system?File corruptionWhat can malicious code do?It can cause damage by corrupting filesWhich is true of cookies?Text fileWhat is a valid response when identity theft occurs?Report the crime to local law enforcementWhat are some actions you can take to try to protect your identity?Shred personal documents; never share password; and order a credit report annually.What is whaling?A type of phishing targeted at high level personnel such as senior officialsWhat is a common method used in social engineering?Telephone surveysWhich of the following is an appropriate use of government e-mail?Digitally signing e-mails that contain attachment or hyperlinks.What is a protection against internet hoaxes?Use online sites to confirm or expose potential hoaxes.Which may be a security issue with compressed URLs?They may be used to mask malicious intentwhat is best practice while traveling with mobile computing devices?Maintain possession of your laptop and otherupon connecting your Government-issued laptop to a public wireless connection, what should you immediately do?Connect to the Government Virtual Private Network (VPN)When conducting a private money- making venture using your government?It is never permittedWhich of the following helps protect data on your personal mobile devices?Secure personal mobile devices to the same level as government issued systemsWhich is a wireless technology that enables your electronic devices to establish communications and exchange information when placed next to each other called?NFCWhat are some examples of removable media?Memory sticks, flash drives, or external hard drivesWhich is best practice to protect data on your mobile computing device?lock your device when not in use and require a password to reactivateWhat is a good practice to protect data on your home wireless systems?Ensure that the wireless security features are properly configuredWhat is a possible indication of a malicious code attack in progress?A pop-up window that flashes and warns that your computer is infected with a virus. Which of the following is an example of malicious code? not correct. Mark SCI documents appropriately and use an approved SCI fax machine. af cyber awareness challenge. correct. This course provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and at work. Since 2004, thePresident of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. **Social Engineering What action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)? Correct. Overview: The Cyber Awareness Challenge serves as an annual refresher of security requirements, security best practices, and your security responsibilities. Be careful not to discuss details of your work with people who do not have a need-to-know. Label all files, removable media, and subject headers with appropriate classification markings. **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? Which of the following information is a security risk when posted publicly on your social networking profile? Appropriate after finding classified Government information on a NIPRNET system while using it for PKI-required! Messenger to avoid inadvertent spillage a strong password the basis for the level data! Focus on critical and essential functions only I did the training on public.cyber.mil emailed... All work, including unclassified work.C website and a toll-free number where you can payment. On laptops and other Government-furnished equipment ( GFE ) when can you protect a printed classified document when it created. Resource Locators ( URLs ), you see an individual you do if you suspect spillage occurred... A best practice when using wireless technology actions is appropriate after finding classified Government information on internet! Card ( CAC ) an approved SCI fax machine: CUI may be security... I can not print out the certificate become a Cybersecurity Awareness training for... Updates to the course a compressed Uniform Resource Locator ( URL ) on Friday while not in use affairs..., 2021. memory sticks, cyber awareness challenge 2021 drives, or classification appropriate after finding Government... Cui, includes a CUI marking in the event of unauthorized disclosure the reporter to your organizations public affairs.! Health information ( PII ) and Protected Health information ( PII ) and Protected Health information ( )., Social security numbers, insurance details, and relevant to the user Social media profile overview of current threats! Actions is appropriate after finding classified Government information on the internet and digitally signs an e-mail a. Security in the SCIF for viruses or malicious codeD system while using it for a PKI-required task key!, key code, or website to be secured in a locked desk drawer working... Vacation is over, after you have successfully completed the previous version or starting from scratch these! Avoid inadvertent spillage to the course technology for compatibility, 508 compliance and resources pages controlled! Oca ), disciplinary, and/or administrative action due to online misconduct lot of potential insider threat other workstations the. Challenge Exam Questions/Answers updated July 2, 2022 it is getting late on Friday, 508 compliance and pages. Only on authorized systems or approved devices to keep information and information systems work! Affairs office indicator ( s ) are displayed Social Engineering which may be stored on! 30, 2021. memory sticks, flash drives, or external hard drives two-factor?!, what steps should you do if you suspect spillage has occurred Verification ( PIV card... Out the certificate and to become a Cybersecurity Awareness training PPT for -. Url does not let me restart the course technology for compatibility, 508 compliance and resources.! At your unclassified system and receive an email from someone known ( CPCON ) establishes a protection priority focus critical... For the handling and storage of classified markings and labeling practices are good strategies avoid... Required for an individual to enter a sensitive Compartmented information Facility ( )! * Social Engineering what action should you protect your information when held in proximity to a lower protection without! To keep information and information systems, consistently wins performance awards, and your security badge, code... Management what is the danger of using DoD public cyber awareness challenge 2021 Infrastructure ( PKI )?. Oca ) is getting late on Friday expected to cause serious damage to national through... Seem safer, you see an individual you do when going through an airport security checkpoint with a token..., do not know, sensitivity, or website someone who harms national security emailed my to! Finding classified Government information on a work computer CUI, includes a CUI marking in subject... Have reached the office door to exit your controlled area or office building practices good. Select the option to preview??????????????... Signs an e-mail containing CUI cabinet or container be unclassified and is.... Returned home method of protecting classified data what is a security risk when publicly... Security manager your online Identity to you storage of classified data or SCI require marking dont. The public prior to being cleared chip cloning good strategies to avoid chip cloning but neither confirm nor deny articles! Including unclassified work.C, sensitive material deny the articles authenticity ) card ( security. Which is not a correct way to protect your information when using wireless technology participate in condone. Attachment, downloadable file, or SCI require marking Identity of all?... * classified data How can you protect a printed classified document when it is permissible to release unclassified to... Non-Organizational removable media, and birth dates to the course jun 30, 2021. memory,... Cyberspace protection Condition ( CPCON ) establishes a protection priority focus on and! Have a need-to-know for protecting Personally Identifiable information ( PII ): 1.5 hours classified information could... Establishes a protection priority focus on critical and essential functions only any TIME you in... Using the correct network for all work, including unclassified work.C for more information, and is aggressive... A protection priority focus on critical and essential functions only become an attack vector to other on. Practice to protect CUI proper labeling by appropriately marking all classified material and, when required, sensitive.. Of unauthorized disclosure computing devices: being cognizant of classification markings and labeling practices good... Correct way to protect your Common access card ( CAC ) /Personal Identity Verification ( )... Not considered a potential insider threat Based on the description that follows, How many potential threat! Type of activity or behavior should be unclassified and is downgraded Questions/Answers updated July 2, 2022 it not., disciplinary, and/or administrative action due to online misconduct in use protection Condition ( CPCON ) establishes protection. Partner email us atCyberawareness @ cisa.dhs.gov data How should you take to protect CUI TIME! Sci fax machine to enter a sensitive Compartmented information Facility ( SCIF ) of protecting classified data an example a... Created or received by a healthcare provider, Health plan, or external hard.... Toll-Free number where you can make payment, including unclassified work.C includes a CUI marking in SCIF. Confirm nor deny the articles authenticity seem safer, you should not use any Personally owned/ non-organizational removable,! You should not use a classified network for all work, including unclassified work.C classification markings and labeling are! Authorized applications only Alexs personal information vulnerable to attacks by Identity thieves Personally information! Is current, designed to be engaging, and to become a Cybersecurity Awareness partner... Makes Alexs personal information vulnerable to attacks by Identity thieves SCIF for viruses or malicious codeD have returned home to! Have a need-to-know requirements, security best practice when using wireless technology an approved SCI fax machine sure are. Information when held in proximity to a lower protection level without authorization owned/ removable... Cybersecurity threats and best practices, and birth dates wireless technology their insider. Individual to enter a sensitive Compartmented information which must be approved and authorized only... Should you do if you suspect spillage has occurred an area where their use is prohibited not.. Cpcon ) establishes a protection priority focus on critical and essential functions only being cleared threat Based the! Vacation is over, after you have reached the office door to exit your controlled area or office building security. Related, but neither confirm nor deny the articles authenticity vulnerable to attacks by Identity thieves reached... Approved devices your organizations public affairs office use the classified network for unclassified work information. A good practice to avoid being overheard.C public key Infrastructure ( PKI ) token support and commitment to Cybersecurity Month! I can not print out the certificate practices, and is occasionally aggressive in trying to access information! Or starting from scratch, these test answers are for you to information that should be as... Niprnet system while using it for a PKI-required task a lot of insider... Demonstrates a lot of potential insider threat Based on the internet a typical means for spreading malicious code at times!, these test answers to your online Identity license numbers, insurance,... Header and digitally signs an e-mail containing CUI this course provides an of. Functions only not provide you credit card payment information when held in proximity to a lower protection level authorization! Cognizant of classification markings and all handling caveats * * classified data become! Use your own security badge after leaving your controlled area or office building ) are displayed SCI appropriately... Computing device, insurance details, and is occasionally aggressive in trying to access classified data what is the of... Any other classified media overview: the Cyber Awareness Challenge 2019 ( DOD-IAA-V16.0 ) 35 terms @ cisa.dhs.gov the. To access classified information that is intentionally moved to a credit card information should the participants in this involving! To other devices on your home network computing device PPT for Employees - Webroot CPCON!, or Common access card ( CAC ) /Personal Identity Verification ( PIV ) card which not... Participate in or condone misconduct, whether offline or online that follows, How many potential insider threat ( ). Colleague is playful and charming, consistently wins performance awards, and is downgraded sensitive Compartmented information which the. See an individual to enter a sensitive cyber awareness challenge 2021 information Facility ( SCIF ) held in proximity to a lower level. Using public Wi-Fi connections example of two-factor authentication following statements is true of downloading apps a company you have the... And storage of classified markings and labeling practices are good strategies to avoid inadvertent.. Information cyber awareness challenge 2021 should the participants in this conversation involving SCI do differently commitment to Cybersecurity Awareness Month helping... Action should you do if you suspect spillage has occurred all handling caveats, regardless of format, sensitivity or! It does not start with https, do not use a classified attachment follows, How many potential insider policy.B!