Level 2 CJIS Security Test questions with correct answers

Level 2 CJIS Security Test questions with correct answers During social engineering, someone pretends to be ________ in an attempt to gain illicit access to protected data systems. - ANSWER -an authorized user or other trusted source Who should report any suspected security incident? - ANSWER -All personnel Hard copies of CJI data should be ________when no longer required. - ANSWER -physically destroyed Users do not need to log off of the software/system at the end of the shift or when another operator wants to use the software/system. - ANSWER -False Agencies are not required to develop and publish internal information security policies, including penalties for misuse. - ANSWER -False Custodial workers that access the terminal area must have a fingerprint background check done and training unless they are escorted in these areas. - ANSWER -True Training for appropriate personnel would include people who read criminal histories but do not have a NCIC workstation of their own. - ANSWER -True FBI CJI data may be shared with close friends. - ANSWER -False FBI CJI data is any data derived from the national CJIS Division systems. - ANSWER -True You should never email Criminal Justice Information(CJI) unless your agency's email system meets all the requirements outlined in the latest CJIS Security policy. - ANSWER -True FBI CJI data must be safeguarded to prevent: - ANSWER -all of the above A security incident is a violation or attempted violation of the FBI CJIS Security Policy or other security policy that would threaten the confidentiality, integrity or availability of FBI or State CJI data. - ANSWER -True A physically secure location is a facility, a criminal justice conveyance, or an area, a room, or a group of rooms within a facility with both the physical and personnel security controls sufficient to protect CJI and associated information systems. - ANSWER -True Sometimes you may only see indicators of a security incident. - ANSWER -True All persons who have access to CJI are required to have security training within _____ months of assignment. - ANSWER -6 Training for appropriate personnel would include vendors who develop software for NCIC access. - ANSWER -True Interstate Identification Index (III), known as 'Triple I', is a 'pointer' system for the interstate exchange of criminal history record information. - ANSWER -True All persons who have direct access to FBI CJI data and all appropriate Information Technology (IT) personnel (including vendors) shall receive security awareness training on a biennial basis. - ANSWER -True Social engineering is an attack based on deceiving users or administrators at the target site. - ANSWER -True Unauthorized requests, receipt, release, interception, dissemination or discussion of FBI CJI data could result in criminal prosecution and/or termination of employment. - ANSWER -True Access to and use of FBI CJI is only for: - ANSWER -criminal justice or authorized civil purposes only