Accounting /DoD Cyber Awareness Part 1
DoD Cyber Awareness Part 1
This deck covers key concepts and practices related to preventing data spillage, handling classified data, recognizing insider threats, and protecting information on social networking sites.
Which of the following is a good practice to prevent spillage?
Always check to make sure you are using the correct network for the level of data
Tap or swipe ↕ to flip
Swipe ←→Navigate
SSpeak
FFocus
1/25
Key Terms
Term
Definition
Which of the following is a good practice to prevent spillage?
Always check to make sure you are using the correct network for the level of data
What does 'spillage' refer to?
Information improperly moved from a higher protection level to a lower protection level
Which of the following may help to prevent spillage?
Follow procedures for transferring data to and from outside agency and non-Government networks
A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. How should you respond?
Refer the vendor to the appropriate personnel
You receive an inquiry from a reporter about government information not cleared for public release. How should you respond?
Refer to reporter to your organization's public affairs office
You find information that you know to be classified on the Internet. What should you do?
Note the website's URL and report the situation to your security point of contact
Related Flashcard Decks
Study Tips
- Press F to enter focus mode for distraction-free studying
- Review cards regularly to improve retention
- Try to recall the answer before flipping the card
- Share this deck with friends to study together
| Term | Definition |
|---|---|
Which of the following is a good practice to prevent spillage? | Always check to make sure you are using the correct network for the level of data |
What does 'spillage' refer to? | Information improperly moved from a higher protection level to a lower protection level |
Which of the following may help to prevent spillage? | Follow procedures for transferring data to and from outside agency and non-Government networks |
A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. How should you respond? | Refer the vendor to the appropriate personnel |
You receive an inquiry from a reporter about government information not cleared for public release. How should you respond? | Refer to reporter to your organization's public affairs office |
You find information that you know to be classified on the Internet. What should you do? | Note the website's URL and report the situation to your security point of contact |
Who designates whether information is classification level? | Original classification authority |
Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment? | Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled |
Which of the following is a good practice to protect classified information? | Don't assume open storage in a secure facility is authorized |
What is the basis for the handling and storage of classified data? | Classification markings and handling caveats |
Based on the description that follows, how many potential insider threat indicator(s) are displayed? A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationship with peers, purchases an unusually expensive new car, and has unexplained absences from work. | 3 or more indicators |
Which scenario might indicate a reportable insider threat? | A colleague removes sensitive information without seeking authorization in order to perform authorized telework. |
Which of the following is a reportable insider threat activity? | Attempting to access sensitive information without need-to-know |
Which of the following is a potential insider threat indicator? | Unusual interest in classified information |
What is an insider threat? | Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities. |
How can you protect your organization on social networking sites? | Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post |
Which of the following statements is true? | Adversaries exploit social networking sites to disseminate fake news. |
When may you be subject to criminal, disciplinary, and/or administrative action due to online harassment, bullying, stalking, hazing, discrimination, or retaliation? | If you participate in or condone it at any time |
Which of the following is true of Protected Health Information (PHI)? | It is created or received by a healthcare provider, health plan, or employer. |
Which is a best practice for protecting Controlled Unclassified Information (CUI)? | Store it in a locked desk drawer after working hours |
Which designation marks information that does not have potential to damage national security? | Unclassified |
Which of the following is NOT an example of Personally Identifiable Information (PII)? | High school attended |
Which of the following is true of Controlled Unclassified Information (CUI)? | CUI must be handled using safeguarding or dissemination controls. |
Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)? | Controlled Unclassified Information (CUI) |
Which of the following is a good practice to prevent spillage? | Always check to make sure you are using the correct network for the level of data |