CJIS Recertification Test
1. An example of a security incident indicator is: - answersSudden high activity on an
account that has had little or no activity for months
Any incidents or unusual activity should be reported to your agency contact, LASO, or
Information Security Officer immediately - answersTrue
Access to and use of CJI and CHRI is for: - answersCriminal justice purposes and
authorized noncriminal justice functions only
1. Organizational policy does not have to cover the posting of information on personal
social media pages. - answersFalse
Which of the following should be included in a Security Incident Report? - answersAll of
these are correct
The security principle of _______ is the division of roles and responsibilities so that
different individuals perform each function related to administrative duties. -
answersSeparation of duties
Which of the following contains CHRI and is considered to be a restricted file? -
answersNational Sex Offender Registry Files
Malicious code, also known as _______, refers to a program that is covertly inserted
into another program with the intent to compromise the confidentiality, integrity, or
availability of the data - answersMalware
Visitors should be escorted and monitored at all times within the physically secure
location. - answersTrue
Information obtained from the III system must be used for the SAME authorized purpose
for which it was requested - answersTrue
Only personnel who work in law enforcement have to complete Security and Privacy
Training. - answersFalse
Social engineering is an attempt to trick an individual into revealing information or taking
an action that can be used to attack systems or networks. - answersTrue
Only members of the management team are responsible for ensuring that physically
secure areas stay secure. - answersFalse
1. An example of a security incident indicator is: - answersSudden high activity on an
account that has had little or no activity for months
Any incidents or unusual activity should be reported to your agency contact, LASO, or
Information Security Officer immediately - answersTrue
Access to and use of CJI and CHRI is for: - answersCriminal justice purposes and
authorized noncriminal justice functions only
1. Organizational policy does not have to cover the posting of information on personal
social media pages. - answersFalse
Which of the following should be included in a Security Incident Report? - answersAll of
these are correct
The security principle of _______ is the division of roles and responsibilities so that
different individuals perform each function related to administrative duties. -
answersSeparation of duties
Which of the following contains CHRI and is considered to be a restricted file? -
answersNational Sex Offender Registry Files
Malicious code, also known as _______, refers to a program that is covertly inserted
into another program with the intent to compromise the confidentiality, integrity, or
availability of the data - answersMalware
Visitors should be escorted and monitored at all times within the physically secure
location. - answersTrue
Information obtained from the III system must be used for the SAME authorized purpose
for which it was requested - answersTrue
Only personnel who work in law enforcement have to complete Security and Privacy
Training. - answersFalse
Social engineering is an attempt to trick an individual into revealing information or taking
an action that can be used to attack systems or networks. - answersTrue
Only members of the management team are responsible for ensuring that physically
secure areas stay secure. - answersFalse
