1. How many potential insider threat indicators does a person who is married with two children, vacations at the beach every year, is pleasant to work with, but sometimes has poor work quality display? - 0 indicators 2. What is the best response if you find classified government data on the internet? - Note any identifying information, such as the website's URL, and report the situation to your security POC. 3. After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. You know this project is classified. What should be your response? - Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. 4. What is a proper response if spillage occurs? - Immediately notify your security POC. 5. What should you do if a reporter asks you about potentially classified information on the web? - Ask for information about the website, including the URL. 6. A user writes down details from a report stored on a classified system marked as Secret and uses those details to draft an unclassified briefing on an unclassified system without authorization. What is the best choice to describe what has occurred? - Spillage because classified data was moved to a lower classification level system without authorization. 7. How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? - 3 or more indicators 8. Which of the following can an unauthorized disclosure of information classified as Confidential reasonably be expected to cause? - Damage to national security 9. Which classification level is given to information that could reasonably be expected to cause serious damage to national security? - Secret 10. When classified data is not in use, how can you protect it? - Store classified data appropriately in a GSA-approved vault/container when not in use. 11. Which is a good practice to protect classified information? - Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. 12. Which of the following is a good practice to aid in preventing spillage? - Be aware of classification markings and all handling caveats. 13. What is required for an individual to access classified data? - Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. 14. What type of activity or behavior should be reported as a potential insider threat? - Coworker making consistent statements indicative of hostility or anger toward the United States and its policies. 15. Which of the following practices reduces the chance of becoming a target by adversaries seeking insider information? - Don't talk about work outside your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners. 16. Which scenario might indicate a reportable insider threat security incident? - A coworker is observed using a personal electronic device in an area where their use is prohibited. 17. Why might "insiders" be able to cause damage to their organizations more easily than others? - Insiders are given a level of trust and have authorized access to Government information systems. 18. Which of the following is a best practice to protect information about you and your organization on social networking sites and applications? - Use only personal contact information when establishing personal social networking accounts, never use Government contact information. 19. What should you do if an individual asks you to let her follow you into your controlled space, stating that she left her security badge at her desk? - Don't allow her access into secure areas and report suspicious activity. 20. Which represents a security best practice when using social networking? - Understanding and using available privacy settings. 21. Which is NOT a sufficient way to protect your identity? - Use a common password for all your system and application logons.
Category | exam bundles |
Comments | 0 |
Rating | |
Sales | 0 |