What Portable Electronic Devices Peds Are Permitted In A Scif

A vendor conducting a pilot program with your organization contacts you for organizational data to use in a prototype. How should you respond?

Refer the vendor to the appropriate personnel.

When classified data is not in use, how can you protect it?

Store classified data appropriately in a GSA-approved vault/container.

What is the basis for handling and storage of classified data?

Classification markings and handling caveats.

Which of the following must you do before using an unclassified laptop and peripherals in a collateral classified environment?

Ensure that any cameras, microphones, and Wi-Fi embedded in the laptop are physically disabled.

What level of damage to national security can you reasonably expect Top secret information to cause if disclosed?

Exceptionally grave damage.

Which of the following is true about telework?

You must have your organization's permission to telework.

Which of the following is true of protecting classified data?

Classified material must be appropriately marked.

Which of the following is a reportable insider threat activity?

Attempting to access sensitive information without need-to-know.

Which scenario might indicate a reportable insider threat?

a colleague removes sensitive information without seeking authorization in order to perform authorized telework.

Which of the following is a potential insider threat indicator?

1) Unusual interest in classified information. 2) Difficult life circumstances, such as death of spouse.

Which piece of information is safest to include on your social media profile?

Your favorite movie.

Which of the following statements is true?

Many apps and smart devices collect and share your personal information and contribute to your online identity.

How can you protect your organization on social networking sites?

Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post.

Which is a best practice for protecting Controlled Unclassified Information (CUI)?

Store it in a locked desk drawer after working hours.

Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)?

Paul verifies that the information is CUI, includes a CUI marking in the subject header, and digitally signs an e-mail containing CUI.

Which designation includes Personally Identifiable Information (PII) and Protected Health Information (PHI)?

Controlled Unclassified Information (CUI)

Which of the following is NOT an example of CUI?

Press release data.

Which of the following is NOT a correct way to protect CUI?

CUI may be stored on any password-protected system.

Which of the following best describes good physical security?

Lionel stops an individual in his secure area who is not wearing a badge.

Which of the following is an example of two-factor authentication?

A Common Access Card and Personal Identification Number.

What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card?

Store it in a shielded sleeve.

What must authorized personnel do before permitting another individual to enter a Sensitive Compartmented Information Facility (SCIF)?

Confirm the individual's need-to-know and access.

Which of the following is true of Sensitive Compartmented Information (SCI)?

Access requires Top Secret clearance and indoctrination into the SCI program.

Which of the following is NOT a potential consequence of using removable media unsafely in a Sensitive Compartmented Information Facility (SCIF)?

Damage to the removable media.

What portable electronic devices (PEDs) are permitted in a SCIF?

Only expressly authorized government-owned PEDs.

What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF?

All of these.

Which of the following is NOT a type of malicious code?

Executables.

Which of the following actions can help tp protect your identity?

Shred personal documents.

Which is an appropriate use of government e-mail?

Use a digital signature when sending attachments or hyperlinks.

What type of social engineering targets particular groups of people?

Spear phishing.

How can you protect yourself from social engineering?

Verify the identity of all individuals.

Which of the following is true of traveling overseas with a mobile phone?

A personally owned device approved under Bring Your Own Approved Device (BYOAD) policy must be unenrolled while out of the country.

What should Sara do when using publicly available Internet, such as hotel Wi-Fi?

Only connect with Government VPN.

What is the danger of using public Wi-Fi connections?

Both of these.

Which of the following personally-owned computer peripherals is permitted for use with Government-furnished equipment?

A headset with a microphone through a Universal Serial Bus (USB) port.

How can you protect data on your mobile computing and portable electronic devices (PEDs)?

Enable automatic screen locking after a period of inactivity.

Which of the following is an example of removable media?

External hard drive.

Which of the following is true of Internet of Things (IoT) devices?

They can become an attack vector to other devices on your home network.

When is it appropriate to have your security badge visible?

At all times when in the facility.

What should the owner of this printed SCI do differently?

Retrieve classified documents promptly from printers.

What should the participants in this conversation involving SCI do differently?

Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed.

Which of the following demonstrates proper protection of mobile devices?

Linda encrypts all of the sensitive data on her government-issued mobile devices.

Which of the following does NOT constitute spillage?

Classified information that should be unclassified and is downgraded.

Which of the following is NOT an appropriate way to protect against inadvertent spillage?

Use the classified network for all work, including unclassified work.

Which of the following should you NOT do if you find classified information on the internet?

Download the information.

Who designates whether information is classified and its classification level?

Which of the following is a good practice to protect classified information?

Which of the following may help to prevent spillage?

Follow procedures for transferring data to and from outside agency and non-government networks.

Donation Page

Support Our Work

Do you appreciate the value this website provides? If so, please consider donating to help keep it running. Your donation will go a long way in helping us continue to provide the same quality of content and services. Every bit helps, and your support is greatly appreciated. Thank you for your generosity.