Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

Training Questions &Answers

Rating
-
Sold
-
Pages
9
Grade
A+
Uploaded on
22-09-2024
Written in
2024/2025

The FBI CJIS Security Policy requires that all personnel fitting the 2 following criteria must complete this training: - ANSWER-Before authorizing access to the system, information, or performing assigned duties -Every year after the initial training Security and Privacy training must be completed by whom? - ANSWERAll personnel whose duties require them to have unescorted access to a physically secure location that processes or stores Criminal Justice Information (CJI) All training records must be kept current and be maintained for how long and by whom? - ANSWER-Minimum of 3 years -By: the Federal, State, or Local Agency. What is: Security and Privacy Literacy - ANSWERThe understanding of the threats, vulnerabilities, and risks associated with security and privacy. It is also about the actions necessary for users to maintain security and personal privacy and to respond to suspected incidents. Literacy training must be taken at the following times: - ANSWER-Before accessing CJI -Every year after the initial training -Within 30 days of any security event for all users involved in the event -When required by system changes What is: A Security Threat - ANSWERAny circumstance or event with the potential to cause harm to an IT system in the form of destruction, disclosure, adverse modification of data, or denial of service. 3 Examples of Threats: - ANSWER-Natural: Lightning, Heat, or Water -Intentional: Someone wanting to cause harm on purpose (ex. cyber attack) -Unintentional: A user accidentally erasing a critical file while "playing" on the computer What is one of the greatest threats to an agency's security, whether intentional or unintentional? - ANSWERIt's own personnel Insider Threat - Potential indicators and possible precursors can include behaviors such as: - ANSWER-Inordinate, long-term job dissatisfaction -Attempts to gain access to information not required for job performance -Unexplained access to financial resources -Bullying or harassment of fellow employees -Workplace violence -Other serious violations of policies, procedures, directives, regulations, rules, or practices Define - Social engineering - ANSWERAn attempt to trick an individual into revealing information or taking an action that can be used to attack systems or networks. Define - Social mining - ANSWERAn attempt to gather information about the organization that may be used to support future attacks. Define - Phishing - ANSWERA digital form of social engineering that uses authentic-looking emails to trick users into sharing personal information. -It usually includes a link that takes the user to a fake website. If you cannot verify the source, do not open the link. Report suspicious messages to your IT team. Define - Spear Phishing - ANSWERA type of phishing where a specific user or group of users is targeted because of their position (such as a company's administrators). Define - Social media exploitation - ANSWERIs where the attacker uses information found on a user's social media profiles to create targeted spear phishing attack. What is Pretexting and Impersonation? - ANSWERIs where the attacker creates a fictional backstory that is used to manipulate someone into providing private information or to influence behavior. -Attackers will often impersonate a person of authority, co-worker, or trusted organization to engage in back-and-forth communication prior to launching a targeted spear phishing attack. What is Fake IT Support calls? - ANSWERA common form of impersonation where someone pretends to be an authorized user or administrator in an attempt to gain illicit access to protected data systems. -The person has enough information to sound credible, and they ask the user for some bit of information that allows the attacker to gain access to the desired system. Define - Baiting - ANSWERThe use of a false promise to lure the user into a trap -Including enticing ads that lead to malicious sites or encourage users to download a malware-infected application.

Show more Read less
Institution
Training
Course
Training

Content preview

Training Questions &Answers
The FBI CJIS Security Policy requires that all personnel fitting the 2 following criteria
must complete this training: - ANSWER-Before authorizing access to the system,
information, or performing assigned duties

-Every year after the initial training

Security and Privacy training must be completed by whom? - ANSWERAll personnel
whose duties require them to have unescorted access to a physically secure location
that processes or stores Criminal Justice Information (CJI)

All training records must be kept current and be maintained for how long
and by whom? - ANSWER-Minimum of 3 years
-By: the Federal, State, or Local Agency.

What is: Security and Privacy Literacy - ANSWERThe understanding of the threats,
vulnerabilities, and risks associated with security and privacy. It is also about the actions
necessary for users to maintain security and personal privacy and to respond to
suspected incidents.

Literacy training must be taken at the following times: - ANSWER-Before accessing CJI
-Every year after the initial training
-Within 30 days of any security event for all users involved in the event
-When required by system changes

What is: A Security Threat - ANSWERAny circumstance or event with the potential to
cause harm to an IT system in the form of destruction, disclosure, adverse modification
of data, or denial of service.

3 Examples of Threats: - ANSWER-Natural:
Lightning, Heat, or Water

-Intentional:
Someone wanting to cause harm on purpose (ex. cyber attack)

-Unintentional:
A user accidentally erasing a critical file while "playing" on the computer

What is one of the greatest threats to an agency's security, whether intentional or
unintentional? - ANSWERIt's own personnel

Insider Threat - Potential indicators and possible precursors can include behaviors such
as: - ANSWER-Inordinate, long-term job dissatisfaction

, -Attempts to gain access to information not required for job performance
-Unexplained access to financial resources
-Bullying or harassment of fellow employees
-Workplace violence
-Other serious violations of policies, procedures, directives, regulations, rules, or
practices

Define - Social engineering - ANSWERAn attempt to trick an individual into revealing
information or taking an action that can be used to attack systems or networks.

Define - Social mining - ANSWERAn attempt to gather information about the
organization that may be used to support future attacks.

Define - Phishing - ANSWERA digital form of social engineering that uses authentic-
looking emails to trick users into sharing personal information.

-It usually includes a link that takes the user to a fake website. If you cannot verify the
source, do not open the link. Report suspicious messages to your IT team.

Define - Spear Phishing - ANSWERA type of phishing where a specific user or group of
users is targeted because of their position (such as a company's administrators).

Define - Social media exploitation - ANSWERIs where the attacker uses information
found on a user's social media profiles to create targeted spear phishing attack.

What is Pretexting and Impersonation? - ANSWERIs where the attacker creates a
fictional backstory that is used to manipulate someone into providing private information
or to influence behavior.

-Attackers will often impersonate a person of authority, co-worker, or trusted
organization to engage in back-and-forth communication prior to launching a targeted
spear phishing attack.

What is Fake IT Support calls? - ANSWERA common form of impersonation where
someone pretends to be an authorized user or administrator in an attempt to gain illicit
access to protected data systems.

-The person has enough information to sound credible, and they ask the user for some
bit of information that allows the attacker to gain access to the desired system.

Define - Baiting - ANSWERThe use of a false promise to lure the user into a trap

-Including enticing ads that lead to malicious sites or encourage users to download a
malware-infected application.

Written for

Institution
Training
Course
Training

Document information

Uploaded on
September 22, 2024
Number of pages
9
Written in
2024/2025
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

  • training stuvia
$12.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
Bestgrades2 West Virginia University
View profile
Follow You need to be logged in order to follow users or courses
Sold
34
Member since
1 year
Number of followers
0
Documents
4745
Last sold
1 day ago

3.8

5 reviews

5
2
4
1
3
1
2
1
1
0

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions