permitted uses of government furnished equipment

**Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? *Spillage What should you do if a reporter asks you about potentially classified information on the web? Be aware of classification markings and all handling caveats. After work hours, storing sensitive information in unlocked containers, desks, or cabinets if security is not present. Use TinyURLs preview feature to investigate where the link leads. Then select Submit. What type of attack might this be? only connect government-owned PEDs to the same level classification information system when authorized. How many potential insider threat indicators does this employee display? How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? Which of the following is NOT a potential consequence of using removable media unsafely in a Sensitive Compartmented Information Facility (SCIF)? CUI may be stored on any password-protected system. What should you do? After clicking on a link on a website, a box pops up and asks if you want to run an application. In providing Government Property to a Contractor the Contracting Officer must also make sure that a Contractor is not given an unfair competitive advantage over another Contractor who may not have Government Property. endstream endobj 1075 0 obj <>stream spillage definition cyber awareness. Store it in a locked desk drawer after working hours. They broadly describe the overall classification of a program or system. If classified information were released, which classification level would result in Exceptionally grave damage to national security? Which of the following may be helpful to prevent inadvertent spillage? What should the owner of this printed SCI do differently? hVo0W*$E*TG-%V$ %d|#I 1!=#"b$!'1Xr$8vG}z|C/B **Insider Threat How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display? (Spillage) When classified data is not in use, how can you protect it? Please note that this process will take as long as necessary and could take up to 6 weeks in some cases for non-UK nationals. HTMO@[)4T@c4RIhj{v What action is recommended when somebody calls you to inquire about your work environment or specific account information? [1]. correct. c. Alan uses password protection as required on his government-issued smartphone but prefers the ease of no password on his personal smartphone. A coworker has asked if you want to download a programmers game to play at work. Which of the following is an example of removable media? How many potential insider threat indicators does this employee display? *Sensitive Compartmented Information Which must be approved and signed by a cognizant Original Classification Authority (OCA)? GU,}+ Calculate the margin of safety in terms of sales revenue. What is considered ethical use of the Government email system? A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. Attempting to access sensitive information without need-to-know. Report the suspicious behave in accordance with their organization's threat policy. c. Allowing hackers access. The general policy is to have the contractor furnish the equipment needed. End of COVID-19 Emergency: Legal Implications for Healthcare Providers Social Security Number; date and place of birth; mothers maiden name. Which of the following is true of the Common Access Card (CAC)? Report email. c. Classified information that is intentionally moved to a lower protection level without authorization. Create separate user accounts with strong individual passwords. Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. Laptop (Take CAC out), PIN note (Never write your PIN. Do not access website links in e-mail messages. Unusual interest in classified information. Do not download it. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Correct. Which of the following should you NOT do if you find classified information on the internet? Unauthorized Disclosure of Classified Information for DoD, Security Awareness: Derivative Classification Answers, CITI Ethics, Responsible Conduct, RCR, Law, HTH And IRB Answers, Level 1 Antiterrorism Awareness Training Pretest And Post Test Answers, EVERFI Achieve Consumer Financial Education Answers, Security Pro: Chapter 3 (3.1.8) & 4.1 Security Policies Answers, CITI Module #3 Research in Public Elementary and Secondary Schools, Answers to CTS Unit 7 Lab 7-2: Protocols and Services SNMP, Google Analytics Individual Qualification Exam Answers, Everfi Module 4 Credit Scores Quiz Answers, Which Of The Following Is Not Considered A Potential Insider Threat Indicator. (Spillage) What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? Many apps and smart devices collect and share your personal information and contribute to your online identity. Which of the following statements is NOT true about protecting your virtual identity? General Services Administration (GSA) approval. Unless stated otherwise below or in the relevant competition document, all information you provide to us as part of your proposal, that is not already available to us from other sources, will be handled in confidence. What action should you take? PDF Removable Media and Mobile Devices - Cyber b. What are the requirements to be granted access to sensitive compartmented information (SCI)? *Insider Threat Which of the following is a reportable insider threat activity? Delete email. Note That The Integers Should Be Type Cast To Doubles. (Identity Management) What certificates are contained on the Common Access Card (CAC)? Use the classified network for all work, including unclassified work. CUI must be handled using safeguarding or dissemination controls. a. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Ask probing questions of potential network contacts to ascertain their true identity c. Avoid talking about work outside of the workplace or with people without need-to-know. Being cognizant of classification markings and labeling practices are good strategies to avoid inadvertent spillage. New interest in learning another language, Which of the following is a good practice to protect classified information. **Classified Data What is a good practice to protect classified information? The proper security clearance and indoctrination into the SCI program. 2) Difficult life circumstances, such as death of spouse. You receive an email from a company you have an account with. We reserve the right to add additional contractual conditions if individual circumstances dictate. (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Report the crime to local law enforcement. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? correct. You should submit your priced proposal using a staged approach, detailing deliverables and prices for work that can be done before and after getting ethical approval. \text{Liability}&&\text{Debit}&\\ We thoroughly check each answer to a question to provide you with the most correct answers. Travel (Incident): What should Sara do when using publicly available Internet, such as hotel Wi-Fi? Which of the following is NOT true of traveling overseas with a mobile phone? Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical functions only? 0, 1, 2, or 3+. Use only personal contact information when establishing your personal account. Organizational Policy Not correct Validate all friend requests through another source before confirming them. What information sources do you think students on your campus use when acquiring dress clothes? Many apps and smart devices collect and share your personal information and contribute to your online identity. endobj How should you respond? Use your legitimate antivirus software to perform a virus scan instead. x[s~8Rr^/CZl6U)%q3~@v:=dM What information relates to the physical or mental health of an individual? What is a way to prevent the download of viruses and other malicious code when checking your e-mail? **Home Computer Security What should you consider when using a wireless keyboard with your home computer? Within a secure area, you see an individual you do not know. stream Remove Virus or Exit. Is this safe? Government Furnished Equipment (GFE) is the generic term for materiel loaned to a contractor. You must have your organizations permission to telework. What should be done to protect against insider threats? Lock your device screen when not in use and require a password to reactivate. Which of the following is NOT a correct way to protect CUI? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. In which situation below are you permitted to use your PKI token? Unusual interest in classified information. What should you do to protect classified data? all non-redacted elements of your proposal where these are incorporated into the final contract schedules or the terms and conditions. What is a possible indication of a malicious code attack in progress? **Mobile Devices Which of the following helps protect data on your personal mobile devices? Correct It is getting late on Friday. It may prohibit the use of a virtual private network (VPN). The popup asks if you want to run an application. Purpose: This instruction memorandum (IM) provides . Which of the following is true of Protected Health Information (PHI)? Which of the following makes Alexs personal information vulnerable to attacks by identity thieves? The physical security of the device. On a computer displaying a notification to update the antivirus softwareB. Effective 01/01/2021. What should you do? Security Classification Guides (SCGs).??? What is a security best practice to employ on your home computer? T/F. When leaving your work area, what is the first thing you should do? See PGI 245.103-72, Government- furnished property (GFP) attachments to solicitations and awards. correct. Victim A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. You must supply a completed Form 388 and CV for any new research workers. Who designates whether information is classified and its classification level? Avoid talking about work outside of the workplace or with people without a need-to-know. **Insider Threat What type of activity or behavior should be reported as a potential insider threat? Ask the individual to see an identification badge. You are working at your unclassified system and receive an email from a coworker containing a classified attachment. DOD Cyber Awareness 2022 Knowledge Check Flashcards | Quizlet a. CUI may be stored on any password-protected system b. CUI may be stored in a locked desk after working hours c. CUI may be emailed if encrypted. Which of the following is true of protecting classified data? **Home Computer Security Which of the following is a best practice for securing your home computer? Hostility or anger toward the United States and its policies. correct. It is fair to assume that everyone in the SCIF is properly cleared. Which of the following is NOT a criterion used to grant an individual access to classified data? Store classified data in a locked desk drawer when not in use Maybe Of the following, which is NOT a problem or concern of an Internet hoax? A headset with a microphone through a Universal Serial Bus (USB) port. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. Do not access website links in e-mail messages. When is the best time to post details of your vacation activities on your social networking website? c. Only connect to known networks, Travel (Incident): What is the danger of using public Wi-Fi connections? correct. (Malicious Code) Which of the following is true of Internet hoaxes? If you are concerned your project falls in to one of these categories and are unsure if you should submit a full proposal for a competition please submit a Contact DASA Form which will be checked by a member of our team. Employees who require equipment as a reasonable accommodation must contact their reasonable accommodation coordinator in the Office of Human Resources Management or their supervisor for assistance. Ask them to verify their name and office number. When can you check personal e-mail on your Government-furnished \end{array} On a computer at the public library to check your DOD email.D. Which of these is true of unclassified data? Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. The following guidance will help you to understand what these terms and conditions mean. Classified material must be appropriately marked. Which of the following is a reportable insider threat activity? What is the unit product cost for Job 413? **Insider Threat A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. A colleague is playful and charming, consistently wins performance awards, and is occasionally aggressive in trying to access classified information. Prices quoted are not subject to the effects of escalation or exchange-rate variation. Which of the following is true of downloading apps? Digitally signed e-mails are more secure. Select the information on the data sheet that is protected health information (PHI). Which of the following is true of Unclassified information? Which of the following is a good practice to prevent spillage? The information contained in this Website is for informational purposes only and is not intended as a form of direction or advice and should not be relied upon as a complete definitive statement in relation to any specific issue. Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. Ive tried all the answers and it still tells me off. Which of the following is a best practice for using removable media? DASA Standard Terms and Conditions - GOV.UK Which of the following is an example of a strong password? HHS published the HHS Memorandum: the Use of Government Furnished Equipment during Foreign Travel. Based on the description that follows, how many potential insider threat indicator(s) are displayed? means youve safely connected to the .gov website. 0 To: All Oregon/Washington Bureau of Land Management Employees. P2P (Peer-to-Peer) software can do the following except: Allow attackers physical access to network assets. Which of the following is a security best practice when using social networking sites? When teleworking, you should always use authorized and software. Note the websites URL and report the situation to your security point of contact. economics. Secure facilities allow open storage of classified material c Classified material may be used in unsecured areas as long as it remains in the possession of an individual with the proper clearance and need-to-know. Which of the following is an example of two-factor authentication? Not the websites URL. % Which may be a security issue with compressed Uniform Resource Locators (URLs)? In your proposal to us, you must describe the deliverables from your project; in other words, what will be produced and delivered as a result of the project. The Government relies on and requires its contractors to provide effective and efficient stewardship of the . What should you do? \text{Retained Earnings}&&&\text{Credit}\\ What action should you take? Government Furnished Assets (GFA) could be equipment, information or resources that are government-owned and loaned (on a free-of-charge basis) to a contractor to . **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? All PEDs, including personal devices b. CUI may be stored only on authorized systems or approved devices. Never allow sensitive data on non-Government-issued mobile devices. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. Classified information that should be unclassified and is downgraded. Which of the following does NOT constitute spillage? **Identity management What is the best way to protect your Common Access Card (CAC)? sensitive but unclassified. DOD CYBER AWARENESS. Limited Rights Versions of deliverables wont be released by us outside of Government. GFE is normally specified in a Request for Proposal (RFP) or contract. When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? We expect our suppliers to maintain the highest standards of integrity and professionalism in their business dealings and adhere to the laws of the countries where they operate. Research the source of the article to evaluate its credibility and reliability. Update now? The person looked familiar, and anyone can forget their badge from time to time. Select all sections of the profile that contain an issue. No more than 6 interim payments are to be proposed. Cyber Awareness Challenge Complete Questions and Answers Government Furnished Equipment for Telework and Remote Employees How can you protect data on your mobile computing and portable electronic devices (PEDs)? Incident Which of the following does NOT constitute spillage? Original classification authority Correct. Edited/new version of DASA Short form contract uploaded to documents, Update to text from 'All competitions will use the new' to 'Many competitions, especially Phase 1 earlier TRL competitions, will use the new', Please note we have updated our short form contract template. Paul verifies that the information is CUI, includes a CUI marking in the subject header and digitally signs an e-mail containing CUI. The property provided to contractors for repair or overhaul is not subject to the requirements of the paragraph of bullet #2 above in this section. They can become an attack vector to other devices on your home network. What is the basis for handling and storage of classified data? *Sensitive Compartmented Information What should the participants in this conversation involving SCI do differently? Badges must be visible and displayed above the waist at all times when in the facility. Of the following, which is NOT a characteristic of a phishing attempt? Which of the following is a good practice to protect classified information? 1082 0 obj <>/Filter/FlateDecode/ID[<6D11769074A68B4F9710B6CBF53B0C2B>]/Index[1068 34]/Info 1067 0 R/Length 76/Prev 82724/Root 1069 0 R/Size 1102/Type/XRef/W[1 2 1]>>stream Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. **Insider Threat Which scenario might indicate a reportable insider threat? Which of the following is NOT a security best practice when saving cookies to a hard drive? 0-`*0r+u,1+~p]"WC0`=0uG!o8zGkv57?8/ssmZ]bw>V3^aiKPH(pUcWqR)u KmPy (TL2 Illegally downloading copyrighted material - No Government Furnished Equipment (GFE) - AcqNotes In setting up your personal social networking service account, what email address should you use? Enable automatic screen locking after a period of inactivity. Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical functions only? Your cousin posted a link to an article with an incendiary headline on social media. What should you do? | cpLo' ;8?NfW\\T| (Wrong). Which of the following is true of Unclassified Information? You should remove and take your CAC/PIV card whenever you leave your workstation. What is the best response if you find classified government data on the internet? (Permitted Uses of Government-Furnished Equipment GFE)), Viewing or downloading pornography - No How can you protect your information when using wireless technology? Use the classified network for all work, including unclassified work. What level of damage can the unauthorized disclosure of information classified as confidential reasonably be expected to cause? a. Label all files, removable media, and subject headers. Official websites use .govA A headset with a microphone through a Universal Serial Bus (USB) port. . **Social Networking When is the safest time to post details of your vacation activities on your social networking website? **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? The relevant people will be named in the subsequent contract. (Sensitive Compartmented Information) What describes how Sensitive Compartmented Information is marked? In return, the funding Authority obtains a set of rights to use the delivered technical information and associated intellectual property for specified purposes. Which of the following is true of Security Classification Guides? Sensitive Compartmented Information GuidesB. You receive a call on your work phone and youre asked to participate in a phone survey. When is it appropriate to have your security badge visible? tell your colleague that it needs to be secured in a cabinet or container. Use the classified network for all work, including unclassified work. Which of the following is NOT a typical result from running malicious code? There are many travel tips for mobile computing. What should be your response? **Classified Data Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? As well as the technical aspects, value for money will also be taken into consideration during the assessment of your proposal. **Classified Data How should you protect a printed classified document when it is not in use? A Common Access Card and Personal Identification Number. **Insider Threat What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? (Spillage) What advantages do insider threats have over others that allows them to cause damage to their organizations more easily? How can you protect yourself on social networking sites? Access requires Top Secret clearance and indoctrination into the SCI program. Since the URL does not start with https, do not provide your credit card information. A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. Social Networking: Select all sections of the profile that contain an issue. Photos of your pet Correct. Identification, encryption, and digital signature. all non-redacted elements of the final terms and conditions, all non-redacted elements of the contract schedules. Which of the following is true about URLs? What portable electronic devices (PEDs) are permitted in a SCIF? Exceptionally grave damage to national security. IRS employees are permitted to utilize secure Public Wi-Fi access (e.g., hospital, Internet caf, coffee shop, public library). DASA reserves the right to disclose on a confidential basis any information it receives from you during the procurement process to any third party engaged by DASA for the specific purpose of evaluating or assisting DASA in the evaluation of your proposal. Your password and a code you receive via text message. For Government-owned devices, use approved and authorized applications only. CPCON 3 (Medium: Critical, Essential, and Support Functions) (Spillage) What should you do if a reporter asks you about potentially classified information on the web? This is a spear phishing attempt, and it would be best to report it to security. Mobile Devices (Incident): When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? You are having lunch at a local restaurant outside the installation, and you find a cd labeled favorite song. Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. Which of the following best describes the sources that contribute to your online identity. (Spillage) Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? Which of the following is true of the Common Access Card (CAC) or Personal Identity Verification (PIV) card? What should the owner of this printed SCI do differently? **Mobile Devices What should you do when going through an airport security checkpoint with a Government-issued mobile device? Of the following, which is NOT a security awareness tip? a. GFA is not provided lightly and only where there are substantial and pressing reasons (e.g. In which situation below are you permitted to use your PKI token?A. b. Download the information. \text{Asset}&&&\text{Debit}\\ What portable electronic devices (PEDs) are permitted in a SCIF? Which of the following should be done to keep your home computer secure? A trusted friend in your social network posts a link to vaccine information on a website unknown to you. What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? **Insider Threat Which type of behavior should you report as a potential insider threat? Delete email from senders you do not know. Classified information that should be unclassified and is downgraded. As a security best practice, what should you do before exiting? You must provide us with a Full Rights Version of all deliverables, ensuring that it is coherent on its own. correct. Media containing Privacy Act information, PII, and PHI is not required to be labeled. Which of the following is NOT a home security best practice?