Information
Allowing someone to follow you through a door without their badge is an example of what?
What is tailgating?
Why is writing down passwords, PINs, or any other authentication code, and storing them near, on, or around your computer dangerous?
What is defeating the purpose of your PIN or password?
This form of data loss occurs when information that should be controlled is not kept properly and is released beyond who should have it.
What is Spillage?
Data compiled into documents, maps, charts, and other forms of information gives assets a _
What is Value?
A list of all of the computers, laptops, software, equipment owned by an organization.
What is Inventory?
An identifier that uniquely tracks actions to individuals.
What is a login ID or unique ID?
The risk presented to an organization by current or past employees who have knowledge of how the organization works, as well as where the most valuable (damaging) information might reside.
What is an Insider threat?
When using public internet access, what should you always be sure to use?
Any combination of name, home address or phone number, credit card or account numbers, SSN, or other data that can be used to uniquely identify someone.
What is PII? (or Personally Identifiable Information)
The use of personality, knowledge of human nature and social skills to steal passwords, keys, tokens or other credentials to gain access to systems, or to gain access to otherwise confidential information
What is Social Engineering?
Functional managers classify data and grant approval to those whose jobs require access to the information.
Who are Data Managers?
These are well run groups of crooks who methodically look for computer vulnerabilities to steal financial data or credit card accounts for financial profit.
Who are organized crime groups?
This type of information is not classified, however it is still specially controlled, and requires extra precautions compared to regular information.
What is Controlled Unclassified Information? (CUI)
The evidence of daily decisions and operations within DOI and its bureaus/offices.
What are Federal Records?
What are several potential indicators of an insider threat?
What are difficult life circumstances, unexplained affluence, excessive interest in classified info, use of unsanctioned software, interest in data not specific to their role, unusual handling of data (mass downloads, etc.), vindictive behaviors, interpersonal issues, or employee termination?
As a result of the VA breach in 2006, PII of over a million veterans was lost. It is now a requirement to delete all sensitive data on individual computers after this number of days.
What is 90 days?
These are structured groups funded by governments, and are dedicated to finding and attacking computers of potential value to their government.
What is state sponsored hacking or what is nation-state hacking?
What kind of access requires 2 or more of the following: What you have, what you are, what you know?
A legal notification directing you or the office to preserve any documentary material that may be relevant to a pending or future lawsuit or administrative adjudication.
What is Litigation Hold?
A necessary process to limit the kinds of hardware and software which minimizes the number of different vulnerabilities and reduces exposure to security weaknesses.
What is Standardization?
This is a word or phrase that verifies that an individual is the only one with access to an account
What is a Password?
The weakest link in every computer system, this part can cause loss of work products through deletion, corruption or improperly safeguarding data.
Who are a computer's Users?
What is the only kind of personally owned peripherals (Keyboard, Mouse, Monitor, etc.) allowed inside of a DOD Classified Space?
What are wired headphones?