Cybersecurity
A security method that protects online accounts with an extra login step
What is Multi-factor authentication?
Information that can be used to distinguish or trace an individual’s identity, such as their name, Social Security Number or biometric records.
What is a personally identifiable information?
Privacy Impact Assessments (PIA's) must be made publicly available through the agency’s website unless the agency determines it would raise security concerns or reveal sensitive information that can damage national interest or law enforcement efforts.
True
What is the most common type of cyber attack?
What is phishing?
A preliminary assessment that determines if a system is privacy sensitive and if additional privacy documentation is needed.
What is a Privacy Threshold Assessment (PTA)?
"Individuals" covered under the Privacy Act of 1974 are U.S citizens and lawful permanent residents?
True
The purpose of this document is to provide a standard for determining the security categorization of an information system.
What is the FIPS 199? (Federal Information Processing Standards)
An analysis of how PII is collected, used, shared and maintained.
What is a Privacy Impact Assessment?
The Authorizing Official adjudicates the PTA and decides whether additional privacy documentation is required.
False. The Departmental Privacy Officer does.
An assessment that reviews how a proposed change to an information system can affect its security and privacy posture.
What is a security impact analysis?
The federal law that governs how agencies should maintain records about individuals.
What is the Privacy Act of 1974?
The government informs the public about record systems covered by the Privacy Act by publishing notices in the Federal Register. These are called OMB Circulars.
False. They are called System of Records Notices (SORNs)
Which popular social media platform experienced a major data breach in 2019 where over 530 million user records were exposed?
What is Facebook?
A group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other unique identifier.
What is a system of records?
After a System of Records Notice (SORN) has been approved by OMB, it must appear in the Federal Register for a 60-day comment period from the public before an agency begins to operate the system.
False. It must appear in the Federal Register for a 30-day comment period.