Which scenario might indicate a reportable insider threat?
- A colleague removes sensitive information without seeking authorization in order to perform authorized telework.
Explanation: Removing sensitive information without proper authorization, even if for authorized telework, is a potential insider threat. It violates security protocols and should be reported to prevent unauthorized disclosure.
Which of the following is a reportable insider threat activity?
- Attempting to access sensitive information without need-to-know
Explanation: Attempting to access sensitive information without the need-to-know is a clear indicator of potential insider threat activity. Unauthorized attempts to access sensitive data should be reported for investigation.
Based on the description that follows, how many potential insider threat indicator(s) are displayed? A colleague enjoys playing video games online, regularly uses social media, and frequently forgets to secure her smartphone elsewhere before entering areas where it is prohibited.
- 1 indicator
Explanation: The description mentions only one potential insider threat indicator—frequently forgetting to secure her smartphone in prohibited areas. While online activities are mentioned, they are not inherently indicative of insider threats.
Based on the description that follows, how many potential insider threat indicator(s) are displayed? A colleague often makes others uneasy with her persistent efforts to obtain information about classified projects where she has no need-to-know, is vocal about her husband overspending on credit cards, and complains about anxiety and exhaustion.
- 3 or more indicators
Explanation: The colleague displays three potential insider threat indicators: persistent efforts to obtain classified information without need-to-know, financial stress indicated by overspending on credit cards, and expressing anxiety and exhaustion. Multiple indicators raise concerns.
Which type of behavior should you report as a potential insider threat?
- Hostility or anger toward the United States and its policies
Explanation: Consistent expressions of hostility or anger toward the United States and its policies should be reported as a potential insider threat. This behavior may indicate a security risk.
Which of the following is NOT considered a potential insider threat indicator?
- Treated mental health issues
Explanation: Treated mental health issues, when appropriately addressed, are not considered a potential insider threat indicator. Insider threat concerns typically involve unaddressed or unreported issues that may impact an individual’s reliability or trustworthiness.
What function do Insider Threat Programs aim to fulfill?
- Proactively identify potential threats and formulate holistic mitigation responses
Explanation: Insider Threat Programs aim to proactively identify potential threats within an organization and develop comprehensive mitigation responses. This involves monitoring, analysis, and response strategies to prevent insider threats.
Which of the following is a potential insider threat indicator?
- Unusual interest in classified information
Explanation: An unusual interest in classified information can be considered a potential insider threat indicator. It may suggest motives that go beyond normal work responsibilities and raise security concerns.
Social Networking
When is the safest time to post details of your vacation activities on your social networking profile?
- After you have returned home following the vacation
Explanation: Posting details of your vacation activities after returning home is the safest time. This minimizes the risk of advertising that your home is currently vacant, reducing the likelihood of security issues.
What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited?
- Decline the request
Explanation: Granting permission for a game application to access friends, profile information, cookies, and sites visited poses a security risk. It’s best to decline such requests to protect your personal information.
Which of the following information is a security risk when posted publicly on your social networking profile?
- Your personal e-mail address
Explanation: Posting your personal e-mail address publicly on a social networking profile is a security risk. It can be exploited by malicious actors for phishing attempts or unauthorized access.
Which of the following is a security best practice when using social networking sites?
- Understanding and using the available privacy settings
Explanation: Understanding and using privacy settings is a security best practice when using social networking sites. Adjusting settings to control who can see your information helps protect your privacy.
When may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct?
- If you participate in or condone it at any time
Explanation: Engaging in or condoning online misconduct at any time can subject you to criminal, disciplinary, and/or administrative action. Misconduct is not limited to online activities and can have consequences in various contexts.
Which of the following is a security best practice when using social networking sites?
- Validate friend request through another source before confirming them
Explanation: Validating friend requests through another source before confirming them is a security best practice. This helps ensure that you connect with legitimate individuals and reduces the risk of accepting requests from potentially malicious actors.
Which of the following information is a security risk when posted publicly on your social networking profile?
- Your mother’s maiden name
Explanation: Posting your mother’s maiden name publicly on a social networking profile is a security risk. This information is often used as a security question and can be exploited for identity-related attacks.
Your cousin posted a link to an article with an incendiary headline on social media. What action should you take?
- Research the source of the article to evaluate its credibility and reliability
Explanation: To ensure the credibility and reliability of the article, it’s advisable to research the source. Incendiary headlines may be associated with fake news or biased sources, so fact-checking is essential.
Which of the following best describes the sources that contribute to your online identity?
- Data about you collected from all sites, apps, and devices that you use can be aggregated to form a profile of you.
Explanation: Your online identity is formed by aggregating data collected from all the sites, apps, and devices you use. This aggregated information contributes to the creation of a profile that reflects aspects of your online presence.
As someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project?
- Inform your security point of contact
Explanation: If contacted by a foreign national seeking information on a research project, it’s crucial to inform your security point of contact. Sharing classified information with unauthorized individuals, especially foreign nationals, is a serious security breach.
How can you protect your organization on social networking sites?
- Ensure there are no identifiable landmarks visible in any photos taken in a work setting that you post
Explanation: Ensuring that there are no identifiable landmarks visible in photos taken in a work setting posted on social networking sites helps protect the organization’s security. This minimizes the risk of disclosing sensitive information inadvertently.
When may you be subject to criminal, disciplinary, and/or administrative action due to online harassment, bullying, stalking, hazing, discrimination, or retaliation?
- If you participate in or condone it at any time
Explanation: Participating in or condoning online harassment, bullying, stalking, hazing, discrimination, or retaliation at any time may subject an individual to criminal, disciplinary, and/or administrative action. Such behaviors are unacceptable and can have serious consequences.
Which of the following statements is true?
- Adversaries exploit social networking sites to disseminate fake news
Explanation: Adversaries often exploit social networking sites to disseminate fake news as part of information warfare. Social media platforms can be used to spread misinformation and manipulate public opinion.
How can you protect yourself on social networking sites?
- Validate friend request through another source before confirming them
Explanation: Validating friend requests through another source before confirming them is a security best practice to protect yourself on social networking sites. It helps ensure that you connect with legitimate individuals and avoid potential security risks.