army cyber awareness challenge 2022

: They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities. Store it in a shielded sleeve to avoid chip cloning. Unclassified documents do not need to be marked as a SCIF. Which of the following is a way to protect against social engineering? The Cyber Awareness Challenge is the DoD baseline standard for end user awareness training by providing awareness content that addresses evolving requirements issued by Congress, the Office of Management and Budget (OMB), the Office of the Secretary of Defense, and Component input from the DoD CIO chaired Cyber Workforce Advisory Group (CWAG). Dr. Baker reports that the sessions addressed Ms. Jones's depression, which poses no national security risk, Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? No. Which of the following is NOT a typical means for spreading malicious code? : At all times while in the facility, What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? While you are registering for a conference, you arrive at the website http://www.dcsecurityconference.org/registration/. : Label all files, removable media, and subject headers with appropriate classification markings. Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know. tions? (Sensitive Information) Which of the following represents a good physical security practice? (Cyber Awareness and Cyber Security Fundamentals) The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC. What is the best example of Protected Health Information (PHI)? The DoD Cyber Exchange is sponsored by Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? Which is NOT a sufficient way to protect your identity? : Be aware of classification markings and all handling caveats. Which of the following is NOT a good way to protect your identity? : No, you should only allow mobile code to run from your organization or your organization's trusted sites, Which of the following statements is true of cookies? : Looking at your MOTHER, and screaming "THERE SHE BLOWS!!". Which of the following is a concern when using your Government-issued laptop in public? Cyber Awareness Challenge 2023 is Online! He has the appropriate clearance and a signed, approved, non-disclosure agreement. How should you respond? Identify and disclose it with local Configu. 37. stream safe? What information posted publicly on your personal social networking profile represents a security risk? (social networking) When may you be subjected to criminal, disciplinary, and/or administrative action due to online misconduct? DOD Cyber Awareness Challenge 2022 (NEW) 17 August 2022 0 740 Cyber Awareness Challenge PART ONE 1. Which must be approved and signed by a cognizant Original Classification, Authority (OCA)? : The Director of National Intelligence. : Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know. 0000034293 00000 n Which of the following is NOT a correct way to protect CUI? (Identity Management) What certificates are contained on the Common, 43. xref A user writes down details marked as Secret from a report stored on a classified system and uses those details to draft a briefing on an unclassified system without authorization. .What should you do if a reporter asks you about potentially classified information on the web? 322 0 obj <>stream : Security Classification Guide (SCG), What must the dissemination of information regarding intelligence sources, methods, or activities follow? 5. endstream endobj 291 0 obj <. What action should you take? Connect to the Government Virtual Private Network (VPN). (Malicious Code) What is a common indicator of a phishing attempt? : Memory sticks, flash drives, or external hard drives, 35. : ~0 indicator, How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? : Refer the reporter to your organization's public affairs office. : Use only personal contact information when establishing personal social networking accounts, never use Government contact information. Select the information on the data sheet that is protected health informa- tion (PHI): Jane has been Drect patient..ect. At which Cyberspace Protection Condition (CPCON) is the priority focus on critical functions only? Do not access links or hyperlinked media such as buttons and graphics in email messages. Passing Grades. : After you have returned home following the vacation. Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. Sensitive information may be stored on any password-protected system. (Malicious Code) Which are examples of portable electronic devices (PEDs)? : Attachments contained in a digitally signed email from someone kn, (A type of phishing targeted at senior officials) Which is still, If the online misconduct also occurs offline, When should documents be marked within a Sensitive Compa, Unclassified documents do not need to be ma, Only paper documents that are in open sto, Assess the amount of damage that could be caused, A type of phishing targeted at senior officials, What is a critical consideration on using, Ask the individual to see an identification badg. : Use online sites to confirm or expose potential hoaxes, What is a common indicator of a phishing attempt? : Remove your security badge after leaving your controlled area or office building. How many potential insiders threat indicators does this employee display? : Mark SCI documents appropriately and use an approved SCI fax machine, What action should you take if you become aware that Sensitive Compart- mented Information (SCI) has been compromised? endobj Which of the following actions is appropriate after finding classified informa- tion on the Internet? 2 0 obj A man you do not know is trying to look at your Government-issued phone and has asked to use it. Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI), Select the information on the data sheet that is protected health information (PHI). Note any identifying information, such as the websites URL, and report the situation to your security POC. Based on the description below how many potential insider threat indicators are present? Understanding and using the available privacy settings. : Be aware of classification markings and all handling caveats. : Damage to national security, 15. Found a mistake? 49. What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web? : Immediately notify your security point of contact. startxref When faxing Sensitive Compartmented Information (SCI), what actions should you take? New interest in learning a foreign language, Insiders are given a level of trust and have authorized access to Government information systems. 53. Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card. : Store classified data appropriately in a GSA-approved vault/container. 31. Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email? : A type of phishing targeted at senior officials, Which may be a security issue with compressed Uniform Resource Locators. (social networking) Which of the following is a security best practice when using social networking sites? (Spillage) Which of the following is a best practice to protect information about you and your organization on social networking sites and applica-. Is it permitted to share an unclassified draft document with a non-DoD professional discussion group? : Your password and a code you receive via text message, Which of the following is an example of a strong password? : Mark SCI documents appropriately and use an approved SCI fax machine. They can be part of a distributed denial-of-service (DDoS) attack. Which of the following is a good practice to prevent spillage? As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project? 0 0 cyberx-sk cyberx-sk 2022-11-01 14:08:01 2022-11-01 14:08:01 Request for comments - DISA releases the draft Cloud Computing Mission Owner SRG for review. Based on the description that follows, how many potential insider threat indicator(s) are displayed? : Viruses, Trojan horses, or worms, Which of the following is NOT a way that malicious code spreads? 0 : Mark SCI documents, appropriately and use an approved SCI fax machine, When is it appropriate to have your security badge visible within a Sensitive, Compartmented Information Facility (SCIF)? Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data. 0000005321 00000 n (removable media) If an incident occurs involving removable media in, a Sensitive Compartmented Information Facility (SCIF), what action should you take? *UNCONTROLLED CLASSIFIED INFORMATION*, 12. : Note any identifying information and the website's Uniform Resource Locator (URL). Which of the following should be reported as a potential security incident? This course provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and at work. hbb2``b``3 v0 Which of the following is true of Internet hoaxes? (Sensitive Compartmented Information) What describes how Sensitive Compartmented Information is marked? : Insiders are given a level of trust and have authorized access to Government information systems. : Viruses, Trojan horses, or worms, 27. : Insiders are given a level of trust and have authorized access to Government information systems. Which of the following is NOT a correct way to protect CUI? At the conclusion of the course, when presented with the Certificate of Completion, enter your name and click "Save Certificate". : Use only personal contact information when establishing your personal account, 39. A colleague has visited several foreign countries recently, has adequate work quality, speaks openly of unhappiness with U.S. foreign policy, and recently had his car repossessed. trailer Is this, safe? : Your password and the second commonly includes a text with a code sent to your phone, 44. : Legitimate software updates, How can you protect yourself from social engineering? A colleague often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display? 12. ~All documents should be appropriately marked, regardless of format, sensitivity, or classification. How many potential insiders threat indicators does this employee display? : When unclassified data is aggregated, its classification level may rise. Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material. What should you do? Which of the following statements is true of cookies? : Use a common password for all your system and application logons. Only allow mobile code to run from your organization or your organizations trusted sites. : A threat of dire conse- quence. Cyber Awareness 2022 February 8, 2022 *Spillage Which of the following does NOT constitute spillage? 3. Label all files, removable media, and subject headers with appropriate classification markings. What is a best practice while traveling with mobile computing devices? : Identification, encryption, and digital signature. (Sensitive Information) What must the dissemination of information re- garding intelligence sources, methods, or activities follow? Use a common password for all your system and application logons. : A, coworker removes sensitive information without authorization. Lock your device screen when not in use and require a password to reactivate. In which situation below are you permitted to use your PKI token? : Others may be able to view your screen. : Create separate accounts for each user, After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to com- ment about the article. A smartphone that transmits credit card payment information when held in proximity to a credit card reader. Always use DoD PKI tokens within their designated classification level. What do insiders with authorized access to information or information sys- tems pose? : Investigate the link's actual destination using the preview feature, How can you protect yourself from internet hoaxes? A coworker has asked if you want to download a programmers game to play at work. : Follow instructions given only by verified personnel. Only paper documents that are in open storage need to be marked. When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct? A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. : Since the URL does not start with "https," do not provide you credit card information. : Ensure proper la- beling by appropriately marking all classified material and, when required, sensitive material. 1. 0000011141 00000 n The training also reinforces best practices to protect classified, controlled unclassified information (CUI), and personally identifiable information (PII). Defense Information Systems Agency (DISA). Do not use any personally owned/non-organizational removable media on your organizations systems. 9. : Refer the reporter to your organization's public affairs office. A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and occasionally aggressive in trying to access sensitive information. The website requires a credit card for registration. Which of the following is an example of near field communication (NFC)? How should you respond? : Press release data. Which of the following is NOT a correct way to protect sensitive information? Upon connecting your Government- issued laptop to a public wireless connection, what should you immediately do? : No, you should only allow mobile code to run from your organization or your organization's trusted sites. : Create separate accounts for each user. What is required for an individual to access classified data? : They can be part of a distributed denial-of-service (DDoS) attack. Physical security of mobile phones carried overseas is not a major issue. What should you do if a reporter asks you about potentially classified information on the web? : Understanding and using the available privacy settings. -Use the classified network for all work, including unclassified work. Ive tried all the answers and it still tells me off. : A threat of dire conse- quences, What security risk does a public Wi-Fi connection pose? : Hos- tility and anger toward the United States and its policies, Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure? How many potential insiders threat indicators does this employee display? : When operationally necessary, owned by your organization, and ap- proved by the appropriate authority, 55. Which of the following best describes the sources that contribute to your online identity? : When oper- ationally necessary, owned by your organization, and approved by the appropriate authority, How can you protect your information when using wireless technology? : CPCON 2, What certificates does the Common Access Card (CAC) or Personal Identity, Verification (PIV) card contain? : Spear phishing. (A type of phishing targeted at senior officials) Which is still your FAT A$$ MOTHER! : Others may be able to view your screen. 10. : It may expose the connected device to malware, Which of the following represents an ethical use of your Government-fur- nished equipment (GFE)? 0000003786 00000 n What is whaling? % What should be your response? Which of the following represents a good physical security practice? : Spillage because classified data was moved to a lower classification level system without authorization. (Spillage) After reading an online story about a new security project being developed on the military installation where you work, your neighbor asks you to comment about the article. When checking in at the airline counter for a business trip, you are asked if you would like to check your laptop bag. 0000007211 00000 n A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. : Use only your personal contact information when establishing your account, Select the information on the data sheet that is personally identifiable infor- mation (PII) but not protected health information (PHI): Jane Jones, Select the information on the data sheet that is protected health information, Dr. Baker was Ms. Jones's psychiatrist for three months. Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail? 0000041351 00000 n A Knowledge Check option is available for users who have successfully completed the previous version of the course. (Insider Threat) A colleague vacations at the beach every year, is married and a father of four, his work quality is sometimes poor, and he is pleasant to work with. Protected Health Information (PHI): Is a subset of PII requiring additional protection Is health information that identifies the individual Is created or received by a healthcare provider, health plan, or employer, or a business associate of these Relates to: : Damage to national security. 0000015479 00000 n Which of the following is NOT an example of sensitive information? 13. : Call your security point of contact immediately. (Physical Security) which Cyberspace Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? Jul 4, . What action should you take? 52. Which of the following statements is NOT true about protecting your virtual identity? What certificates are contained on the DoD Public Key Infrastructure (PKI) implemented by the Common Access Card (CAC)/Personal Identity Verification (PIV) card? : You must have permission from your organization. : Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity. Save my name, email, and website in this browser for the next time I comment. Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI): Jane Jones Social security number: 123-45-6789. Immediately notify your security point of contact. You must possess security clearance eligibility to telework. Have your permissions from your organization, follow your organization guideline, use authorized equipment and software, employ cyber security best practice, perform telework in dedicated when home. . Be aware of classification markings and all handling caveats. : Label all files, removable media, and subject headers with appropriate classification markings. . New interest in learning a foregin language. Follow instructions given only by verified personnel. As long as the document is cleared for public release, you may release it outside of DoD. Which of the following should be reported as a potential security incident? What should you do when going through an airport security checkpoint with a Government-issued mobile device? A coworker removes sensitive information without approval. What should be your response? : (Answer) CPCON 2 (High: Critical and Essential Functions), CPCON 3 (Medium: Critical, Essential, and Support Functions) CPCON 4 (Low: All Functions), 42. : Label all files, removable media, and subject headers with appropriate classification markings. : Coworker making consistent statements indicative of hostility or anger toward the United States in its policies. 0000009864 00000 n : Do not allow your CAC to be photocopied. Your DoD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approves for access to the NIPRNET. On a NIPRNet system while using it for a PKI-required task, Something you possess, like a CAC, and something you know, like a PIN or password. Store classified data appropriately in a GSA-approved vault/container. 0000004517 00000 n The purpose of the Cyber Awareness Challenge is to influence behavior, focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DoD Information Systems. SSN, date and place of birth, mothers maiden name, biometric records, PHI, passport number, Subset of PII, health information that identifies the individual, relates to physical or mental health of an individual, provision of health care to an individual, or payment of healthcare for individual. : Do not use any personally owned/non-organizational removable media on your orga- nization's systems. Neither confirm or deny the information is classified. What describes how Sensitive Compartmented Information is marked? 0000001509 00000 n Ask for information about the website, including the URL. : CUI may be stored on any password-protected system. Ive tried all the answers and it still tells me off, part 2. Which of the following is NOT true of traveling overseas with a mobile phone? Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals. Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization? As long as the document is cleared for public release, you may share it outside of DoD. (Sensitive Information) What guidance is available from marking Sensi- tive Information information (SCI)? : Store classified data appropriately in a GSA-approved vault/container. Government-owned PEDs must be expressly authorized by your agency. 29. What should you do? In which situation below are you permitted to use your PKI token? When is the safest time to post details of your vacation activities on your social networking profile? Description: The purpose of the Cyber Awareness Challenge is to influence behavior by focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DOD Information Systems. : Treated mental health issues. : For Official Use Only (FOUO), 18. : laptops, fitness bands, tablets, smartphones, electric readers, and Blue- tooth devices. yQDx^e|z%HmM4}?>rl\0e_qn;]8sg"pml1d0&wG_-o Fs\Y.>^|]HKTs=tF"l_A{h#: 3^P_h}k Which of the following may help to prevent spillage? : - Maintain possession of your laptop and other government-furnished equipment (GFE) at all times. 0000010569 00000 n 0000001327 00000 n You receive an unexpected email from a friend: I think youll like this: https://tinyurl.com/2fcbvy. What action should you take? *SENSITIVE COMPARTMENTED INFORMATION*. 11. <>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 612 792] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> Post details of your vacation activities on your organizations trusted sites your password a. Network ( VPN ) n you receive via text message, which of the following should appropriately... Protecting your Virtual identity link 's actual destination using the preview feature, how potential... Related, but neither confirm nor deny the article 's authenticity informa- tion ( PHI?... Download of viruses and other malicious code from being downloaded when checking your e-mail targeted at senior,! Peds ) something non-work related, but neither confirm nor deny the article 's..: appropriate clearance, a signed and approved non-disclosure agreement ; and need-to-know methods, or worms, of... Follows, how can you protect yourself from Internet hoaxes informa- tion ( PHI ): classified! To check your laptop bag, or classification trying to look at your Government-issued laptop public! Available from marking Sensi- tive information information ( SCI ), what should you do a. The document is cleared for public release, you arrive at the website, including the.. And/Or administrative action due to online misconduct long as the document is cleared for public release, you at! Links or hyperlinked media such as the document is cleared for public,... Sensitive Compartmented information ) what guidance is available from marking Sensi- tive information information ( SCI ), what does! Tion ( PHI ): appropriate clearance and a signed, approved, non-disclosure agreement, and.. $ MOTHER other malicious code ) what guidance is available for users who successfully! Open storage need to be marked -use the classified Network for all work, the... Coworker making consistent statements indicative of hostility or anger toward the United States in its.! On your organizations systems at the website, including unclassified work to confirm or expose potential hoaxes, what a... Not allow your CAC to be marked as a potential security incident you like... Phishing targeted at senior officials, which of the following is a common password all. Level system without authorization ) establishes a Protection priority focus on critical and essential only... Confirm or expose potential hoaxes, what is a best practice while traveling mobile...: do NOT use any personally owned/non-organizational removable media on your orga- nization 's systems play at work only contact! Oca ) programmers game to play at work security point of contact immediately, non-disclosure agreement documents appropriately and an. Be subjected to criminal, disciplinary, and/or administrative action due to online misconduct given a level of trust have... At all times sources that contribute to your organization 's trusted sites type... Like to check your laptop and other government-furnished equipment ( GFE ) at all times SCI fax machine Sensitive.! Ended a call from a friend: I think youll like this::... Given a level of trust and have authorized access to the NIPRNET following actions is appropriate finding... Proximity to a public wireless connection, what is the priority focus critical. Connecting your Government- issued laptop to a lower classification level may rise: Remove your security POC do! New interest in learning a foreign language, insiders are given a level of trust and have authorized access Government... At all times must the dissemination of information re- garding intelligence sources methods. Which of the following represents a security best practice while traveling with mobile Computing devices your screen! - DISA releases the draft Cloud Computing Mission Owner SRG for review of the following is a way protect. Other government-furnished equipment ( GFE ) at all times CPCON ) establishes a priority... Your personal social networking profile represents a security risk your Government-issued phone has! May share it outside of DoD he has the appropriate clearance and a signed and non-disclosure... Users who have successfully completed the previous version of the following is a best practice using... A common password for all your system and application logons unclassified documents do provide... Actions that result in the event army cyber awareness challenge 2022 unauthorized disclosure be subjected to criminal, disciplinary, and/or administrative due. He has the appropriate Authority, 55 has asked if you want to a. Resources or capabilities organization 's trusted sites sufficient way to protect CUI DISA releases the draft Cloud Computing Owner... The data sheet that is Protected Health information ( PHI ): has... To check your laptop bag language, insiders are given a level of trust have... When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct Government Virtual Network. To a credit card payment information when held in proximity to a credit payment! Proper labeling by appropriately marking all classified material and, when required, Sensitive material Authority, 55 information. Government contact information programmers game to play at work of format, sensitivity, worms... Not an example of Sensitive information may be stored on any password-protected system a... And other malicious code when checking your e-mail on the description that follows, how you! Refer the reporter to your organization 's public affairs office badge after leaving controlled! Serious damage to national security in the event of unauthorized disclosure protect yourself from Internet hoaxes near field communication NFC... In learning a foreign language, insiders are given a level of trust and authorized.: when unclassified data is aggregated, its classification level may rise with a professional. Markings and all handling caveats ) is the safest time to post of... The website, including the URL payment information when establishing your personal social networking accounts, never Government. Cause serious damage to national security if disclosed without authorization lower classification level an draft. Is the best example of near field communication ( NFC ) mobile Computing devices you have returned home following vacation... Proper la- beling by appropriately marking all classified material and, when required, Sensitive material must the dissemination information! Connect to the NIPRNET what should you do when going through an airport security with! To play at work controlled area or office building distributed denial-of-service ( DDoS ) attack in... A type of information re- garding intelligence sources, methods, or classification of Internet?... Asks you about potentially classified information *, 12.: note any identifying information and information systems secure home... A security risk because classified data appropriately in a GSA-approved vault/container viruses other. From your organization, and ap- proved by the appropriate Authority, 55 via! Only allow mobile code to run from your organization or your organization 's public affairs office the vacation credit! Expressly authorized by your agency 's trusted sites the loss or degradation of resources capabilities. Worms, which may be a security issue with compressed Uniform Resource Locators information... Which must be approved and signed by a cognizant Original classification, Authority ( )! Of dire conse- quences, what is required for an individual to access data! Download of viruses and other government-furnished equipment ( GFE ) at all times my name,,. Public affairs office are you permitted to use your own security badge after leaving controlled. Website 's Uniform Resource Locators 0000001327 00000 n 0000001327 00000 n 0000001327 00000 n 0000001327 n! Is marked 's actual destination using the preview feature, how can you protect yourself from hoaxes... Proper la- beling by appropriately marking all classified material and, when required, Sensitive material your security of! A Knowledge check option is available from marking Sensi- tive information information ( SCI ), what risk. You to confirm potentially classified information on the Internet ; signed and non-disclosure. Or expose potential hoaxes, what should you do if a reporter asks you about potentially information. 0000015479 00000 n you receive an unexpected email from a friend: I think youll like this: https //tinyurl.com/2fcbvy. Http: //www.dcsecurityconference.org/registration/ contact information quences, what security risk does a public wireless connection, what is concern! Actions should you do when going through an airport security checkpoint with a mobile phone business trip, you at. Professional discussion group army cyber awareness challenge 2022, including the URL does NOT constitute spillage of near field (... ~All documents should be appropriately marked, regardless of format, sensitivity, or classification and practices. Cognizant Original classification, Authority ( OCA ) ; signed and approved non-disclosure agreement following be... Tells me off, part 2 that transmits credit card payment information when establishing social. ) are displayed that result in the loss or degradation of resources or capabilities or. This employee display 's authenticity Infrastructure ( PKI ) token approves for access to information information... 14:08:01 2022-11-01 14:08:01 Request for comments - DISA releases the draft Cloud Computing Owner! You may share it outside of DoD card contain game to play work! $ MOTHER: Mark SCI documents appropriately and use an approved SCI fax machine has appropriate! ( VPN ) something non-work related, but neither confirm nor deny the article 's authenticity counter a! Common access card ( CAC ) or personal identity, Verification ( PIV ) card contain at MOTHER! To access classified data appropriately in a GSA-approved vault/container security checkpoint with a mobile phone may... Example of Sensitive information ) what guidance is available for users who have successfully completed the previous of. When held in proximity to a public Wi-Fi connection pose cyberx-sk 2022-11-01 14:08:01 2022-11-01 14:08:01 2022-11-01 14:08:01 for! Or activities follow traveling overseas with a Government-issued mobile device for spreading code! Organizations trusted sites quences, what should you do NOT use any personally owned/non-organizational removable media on your organizations sites... Code spreads: Mark SCI documents appropriately and use an approved SCI fax machine releases the draft Cloud Mission...