permitted uses of government furnished equipmentpermitted uses of government furnished equipment

Government Furnished Equipment: GFE refers to tooling or equipment thats provided to a contractor for use during the project . If aggregated, the information could become classified. DASA will examine the legal status of organisations prior to placement of any contract. The website requires a credit card for registration. How many potential insiders threat indicators does this employee display? What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? Follow procedures for transferring data to and from outside agency and non-Government networks. Mark SCI documents appropriately and use an approved SCI fax machine. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. A colleague often makes others uneasy with her persistent efforts to obtain information about classified project where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion. UNCLASSIFIED is a designation to mark information that does not have potential to damage national security. HTKo1[05R4I)RJU=,erh"swJ-k{fo^f^``rf@g]8/u W} @;%m[=jo#UzAk/^)-weH+fX*miP\h6x~0%Agmzw@ 8p2=x"?|ON(K\4n#ikux>mKN|7+>e{yd( 3*aH l+m,t~$ =gP}HN)/xO?y^m\.G!$;\tOE :Q Be aware of classification markings and all handling caveats. DOD Cyber Awareness 2022 Knowledge Check Flashcards | Quizlet Someone calls from an unknown number and says they are from IT and need some information about your computer. correct. ;A- fKpe'xfX@na=lzt Qh|(j@SYG}~1BY/6:{HqMvD` KNZ/)t\+b*"gO1s Carrying his Social Security Card with him, DoD employees are prohibited from using a DoD CAC in card-reader-enabled public device, Assigned a classification level by a supervisor. Hes on the clock after all! Have your permissions from your organization, follow your organization guideline, use authorized equipment and software, employ cyber security best practice, perform telework in dedicated when home. Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical functions only? Updated DASA Terms and Conditions - including new contract and intellectual property guidance. Unclassified information cleared for public release. Lionel stops an individual in his secure area who is not wearing a badge. Government-furnished assets. Looking at your MOTHER, and screaming THERE SHE BLOWS! **Identity management Which is NOT a sufficient way to protect your identity? How should you secure your home wireless network for teleworking? Which of the following best describes good physical security? How many potential insider threat indicators does this employee display? elsieteel. 870 Summit Park Avenue Auburn Hills, MI 48057. Which of the following does not constitute spillage. Not the websites URL. (social networking) When is the safest time to post details of your vacation activities on your social networking profile? *Spillage A user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. Which of these is true of unclassified data? correct. Army OPSEC level 1 (Newcomers & Refresher) 29 terms. What certificates are contained on the Common Access Card (CAC)? https://intranet.hhs.gov/about-hhs/national-security/policy/gfe-foreign-travel-2018. Which is NOT a wireless security practice? Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. Press release data c. Financial information. Secure it to the same level as Government-issued systems. - Updated Terms and conditions. a. CUI may be stored on any password-protected system b. CUI may be stored in a locked desk after working hours c. CUI may be emailed if encrypted. Cyber Awareness Challenge 2022 Knowledge Check, DoD Mandatory Controlled Unclassified Informa, Headlight 4 Unit 4 p. 222,3 theme 3,story, Cyber Awareness Challenge 2023 (Incomplete). What information sources do you think students on your campus use when acquiring dress clothes? In which situation below are you permitted to use your PKI token?A. How can you avoid downloading malicious code? The website requires a credit card for registration. \text{Balance sheet accounts:}\\ CUI includes, but is not limited to Controlled Technical Information (CTI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data and operational information. A separate document, Form AD-107, must be completed to document the loan of U.S. Forest Service property. What should the owner of this printed SCI do differently? What action is recommended when somebody calls you to inquire about your work environment or specific account information? Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Damage Three or more. How can you protect yourself from social engineering? You may also provide to us a Limited Rights Version where we agree it is useful to include background information relevant to the evaluation/understanding of the deliverables. Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. It is created or received by a healthcare provider, health plan, or employer. It includes a threat of dire circumstances. Spillage occurs when information is spilled from a higher classification or protection level to a lower classification or protection level. endstream endobj 1075 0 obj <>stream As long as the document is cleared for public release, you may share it outside of DoD. To help with this, prices in your proposal must be supported by a full cost breakdown. For Government-owned devices, use approved and authorized applications only. **Use of GFE Under what circumstances is it acceptable to use your Government-furnished computer to check personal e-mail and do other non-work-related activities? PDF Cyber Awareness Challenge 2022 Information Security How are Trojan horses, worms, and malicious scripts spread? Many apps and smart devices collect and share your personal information and contribute to your online identity. !vk\I* 2ziCB&9pFX[SdW'9$v 0P0 E 572 /P)FP#?:6A,$yB$jut42>]|5Q:|%C}F|::r=5GrI!y+fO)MJ)a*'os}OzAPTTHHfu tell your colleague that it needs to be secured in a cabinet or container. Only connect via an Ethernet cable. Attempt to change the subject to something non-work related, but neither confirm nor deny the articles authenticity. Sanitized information gathered from personnel records. On Jan. 30, 2023, President Joe Biden announced that the COVID-19 public health emergency (PHE) will end May 11, 2023. Government furnished property is a bit of an umbrella term. Do not access website links, buttons, or graphics in e-mail. What should you do? t { Opening the link would allow the sender to steal Isabels information. The guidance below will help you to understand who can apply for funding, the sort of projects the Defence and Security Accelerator (DASA) funds, and the terms and conditions of DASA contracts. We use a number of safeguards to protect the information you provide to us in your proposals, whilst allowing proper scrutiny of your submissions by our expert assessors, facilitating effective collaboration, and achieving appropriate transparency of how public money is being spent. Retrieve classified documents promptly from printers. Correct **Social Networking Which of the following statements is true? Linda encrypts all of the sensitive data on her government issued mobile devices. Balancesheetaccounts:AssetLiabilityStockholdersEquity:CapitalStockRetainedEarningsDividendsIncomestatementaccounts:RevenueExpenseIncreasCreditCredit(l)DecreaseDebitCreditCreditNormalBalanceDebitCreditCreditDebit. When traveling or working away from your main location, what steps should you take to protect your devices and data? (Spillage) When classified data is not in use, how can you protect it? How should you respond? They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. The popup asks if you want to run an application. Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. OR-2020-013. When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? Follow policy for using personally-owned computer peripherals with government furnished equipment (GFE): Permitted Monitors, with the following conditions: Connected via Visual Graphic Array (VGA), Digital Video Interface (DVI), High Definition Multimedia Interface (HDMI), or DisplayPort No other devices connected to the monitor Only expressly authorized government-owned PEDs. PII, PHI, and financial information is classified as what type of information? Which of the following is a good practice to avoid email viruses? Let us know if this was helpful. Only use a government-issued thumb drive to transfer files between systems. Its a condition of the contract that, as certain work must be justified ethically as well as scientifically, we reserve the right to terminate the work with immediate effect if you dont gain the relevant approval. The physical security of the device. What should you do if a reporter asks you about potentially classified information on the web? Is this safe? NON-MEDICAL NECESSITY COVERAGE AND PAYMENT RULES. They can be part of a distributed denial-of-service (DDoS) attack. As detailed in the ISC, you must mark your deliverables in accordance with the document marking scheme detailed therein. What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)? They can be part of a distributed denial-of-service (DDoS) attack. Website Use (Incident): Select all security issues. **Social Networking When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? It should only be in a system while actively using it for a PKI-required task. After you have returned home following the vacation. The MOD commercial toolkit is accessible on the MOD internet site and contains details on MOD contract conditions. *Controlled Unclassified Information Which of the following is NOT an example of CUI? Validate friend requests through another source before confirming them. Sign up to get the latest information about your choice of CMS topics. When is the best time to post details of your vacation activities on your social networking website? a. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. Which of the following is a reportable insider threat activity? (Sensitive Compartmented Information) What describes how Sensitive Compartmented Information is marked? Remove your security badge after leaving your controlled area or office building. After clicking on a link on a website, a box pops up and asks if you want to run an application. Which of the following should you do immediately? Connect to the Government Virtual Private Network (VPN). Which of the following is NOT true of traveling overseas with a mobile phone? Which of the following is NOT a correct way to protect sensitive information? *Classified Data Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. The watermark names the person who will assess the proposal, along with the date and time it was downloaded. Select all violations at this unattended workstation. Which scenario might indicate a reportable insider threat security incident? Office of Management Assessment - NIH Policy Manual 10.8.27 Personal Use of Government Furnished Information Technology *Spillage Which of the following is a good practice to aid in preventing spillage? As a best practice, labeling all classified removable media and considering all unlabeled removable media as unclassified. We expect our suppliers to maintain the highest standards of integrity and professionalism in their business dealings and adhere to the laws of the countries where they operate. Press release data. The proper security clearance and indoctrination into the SCI program. This HHS Policy supersedes the CMS ARS 3.0 CM-2 Enhancement 7 Configure Systems or Components for High Risk Areas control. A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive car, and has unexplained absences from work. Remove and take it with you whenever you leave your workstation. Following instructions from verified personnel. 2 0 obj **Insider Threat What is an insider threat? Dont allow other access or to piggyback into secure areas. Hold the conversation over e-mail or instant messenger to avoid being overheard. Which of the following demonstrates proper protection of mobile devices? (Malicious Code) What are some examples of malicious code? (Spillage) Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? The relevant people will be named in the subsequent contract. Which of the following actions can help tp protect your identity? \text{Expense}&(l)&\text{Credit}&\text{Debit}\\ Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? Classified information that should be unclassified and is downgraded. Which of the following best describes the conditions under which mobile devices and applications can track your location? The determination of GFE is usually made by the government Program Manager (PM) and Contracting Officer. When operationally necessary, owned by your organization, and approved by the appropriate authority. Store classified data in a locked desk drawer when not in use Maybe What action should you take? Even within a secure facility, dont assume open storage is permitted. Many apps and smart devices collect and share your personal information and contribute to your online identity. For proposals that we fund, in accordance with the Governments Transparency Agenda, we are required to publish information in respect of Contract documents, comprising: In addition to the above, for proposals that we fund we will publish on DASA website your organisation name and type; DASA reference (ACCxxxxxx) and project title; and contract value. A medium secure password has at least 15 characters and one of the following. **Insider Threat What do insiders with authorized access to information or information systems pose? It may be compromised as soon as you exit the plane. Classified information that should be unclassified and is downgraded. How can you protect data on your mobile computing and portable electronic devices (PEDs)? Make note of any identifying information and the website URL and report it to your security office. **Mobile Devices Which of the following helps protect data on your personal mobile devices? c. Both of these, Use of GFE (Incident): Permitted Uses of Government-Furnished Equipment (GFE). The following guidance will help you to understand what these terms and conditions mean. What is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems? A colleague saves money for an overseas vacation every year, is a single father, and occasionally consumes alcohol. CUI may be stored on any password-protected system. All open opportunities are listed on the Apply for Funding page. A program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. Refer the reporter to your organizations public affairs office. How can you guard yourself against Identity theft? (Identity Management) What certificates are contained on the Common Access Card (CAC)? Government-Furnished and Privately-Owned Equipment It may prohibit the use of a virtual private network (VPN). cyber-awareness email government organisation permission equipment 1 answer Under what circumstances is it acceptable to use your Government-furnished computer to check person e-mail asked in Internet by voice (263k points) internet internet-quiz cyber cyber-awareness government computer email personal policy 1 answer lock What is the unit product cost for Job 413? Which of the following is true of telework? th Xe>_ In return, the funding Authority obtains a set of rights to use the delivered technical information and associated intellectual property for specified purposes. (Malicious Code) What is a good practice to protect data on your home wireless systems? Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI. A colleague asks to leave a report containing protected health information (PHI) on his desk overnight so he can continue working on it the next day. Only expressly authorized government-owned PEDs. **Home Computer Security Which of the following is a best practice for securing your home computer? Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post. What should be done to protect against insider threats? Which of the following is a best practice for using removable media? 1 0 obj Avoid attending professional conferences. (Mobile Devices) Which of the following statements is true? PDF DEPARTMENT OF DEFENSE - Cyber urpnUTGD. Which of the following is an example of two-factor authentication? Remove your security badge, common access card (CAC), or personal identity verification (PIV) card. correct. <>/Metadata 317 0 R/ViewerPreferences 318 0 R>> **Social Engineering Which may be a security issue with compressed Uniform Resource Locators (URLs)? Which of the following may be helpful to prevent inadvertent spillage? It displays a label showing maximum classification, date of creation, point of contact, and Change Management 9CM) Control Number. Ive tried all the answers and it still tells me off, part 2. business math. Secure personal mobile devices to the same level as Government-issued systems. In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? a. What should be your response? They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. How was one of the weaknesses of a free enterprise economy illustrated by the Great Depression? Lock your device screen when not in use and require a password to reactivate. information generated under previous private venture funding. Use only personal contact information when establishing your personal account. You can decide how often to receive updates. Turn on automatic downloading b. You must have your organizations permission to telework c. You may use unauthorized software as long as your computers antivirus software is up to date. Who is responsible for information/data security? Adversaries exploit social networking sites to disseminate fake news Correct. If you receive a phone call from a stranger asking for information about your invoice payment process, you should: Crucial information about a user or organization can be gained through. DOD CYBER AWARENESS Flashcards | Quizlet We thoroughly check each answer to a question to provide you with the most correct answers. Which of the following is a good practice to protest classified information? All https sites are legitimate and there is no risk to entering your personal info online. Government Furnished Equipment (GFE) (FAR Part 45) is equipment that is owned by the government and delivered to or made available to a contractor. Which of the following is NOT Protected Health Information (PHI)? Then select Submit. Classified information that is accidentally moved to a lower classification or protection level. Ask for information about the website, including the URL. (Spillage) Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? A type of phishing targeted at high-level personnel such as senior officials. When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? Report the crime to local law enforcement. The Government Contracting Officer will ultimately determine whether or not Government Property should be provided to a Contractor based on the FAR 45. Which of the following is true of Internet of Things (IoT) devices? (Sensitive Compartmented Information) Which of the following best describes the compromise of Sensitive Compartmented Information (SCI)? Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? **Classified Data What is a good practice to protect classified information? **Social Networking What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited? Badges must be visible and displayed above the waist at all times when in the facility. **Classified Data When classified data is not in use, how can you protect it? In providing such information you consent to such disclosure. When examining theories of phobia etiology, this situation would be reflective of ____________ theory. Malicious code can do damage by corrupting files, erasing your hard drive, and/or allowing hackers access. Is it okay to run it? endstream endobj 1072 0 obj <>stream Which of the following is an example of removable media? Firewall disabled. (Malicious Code) Which of the following is NOT a way that malicious code spreads? How can you protect yourself from social engineering? (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? **Website Use While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. Looking for https in the URL. They may be used to mask malicious intent. What should you consider when using a wireless keyboard with your home computer?