Level 2 CJIS Security Test Questions and Answers

Level 2 CJIS Security Test Questions and Answers The CJIS Security Policy outlines the minimum requirements. Each criminal justice agency is encouraged to develop internal security training that defines local and agency specific policies and procedures. - Ans ️️ -True What agencies should have written policy describing the actions to be taken in the event of a security incident? - Ans ️️ -Every agency accessing CJI Criminal History Record Information (CHRI) is arrest-based data and any derivative information from that record. - Ans ️️ -True During social engineering, someone pretends to be ________ in an attempt to gain illicit access to protected data systems. - Ans ️️ -an authorized user or other trusted source Who should report any suspected security incident? - Ans ️️ -All personnel Hard copies of CJI data should be ________when no longer required. - Ans ️️ -physically destroyed Users do not need to log off of the software/system at the end of the shift or when another operator wants to use the software/system. - Ans ️️ -False Agencies are not required to develop and publish internal information security policies, including penalties for misuse. - Ans ️️ -False Custodial workers that access the terminal area must have a fingerprint background check done and training unless they are escorted in these areas. - Ans ️️ -True Training for appropriate personnel would include people who read criminal histories but do not have a NCIC workstation of their own. - Ans ️️ -True