2002.14.c - Protecting CUI under the control of an authorized holder

Question 1

Authorized holders must take __________ ___________ to guard against unauthorized disclosure of CUI.

Answer 1

reasonable precautions

Question 2

Reasonable precautions include establishing __________ ____________ in which to protect CUI from unauthorized access or disclosure and make use of those __________ ____________

Answer 2

controlled environments

Question 3

Reasonable precautions include ensuring that unauthorized individuals (a)______ ______ or _______ CUI, or (b)________ _____________ _________ CUI

Answer 3

(a) cannot access or observe

(b) overhear conversations discussing

Question 4

Reasonable precautions include keeping CUI under the authorized holder’s ______ _______ or protect it with at least ___ ________ _______.

Answer 4

(a) direct control

(b) one physical barrier

Question 5

Reasonable precautions include ensuring that the authorized holder or the physical barrier protects the CUI from ____________ ______ or ___________ when outside a controlled environment

Answer 5

unauthorized access or observation

Question 6

Reasonable precautions include protecting the confidentiality of CUI that agencies or authorized holders _______, _____, or ________ on ______ ___________ _______ in accordance with the applicable security requirements and controls established in FIPS PUB 199, FIPS PUB 200, and NIST SP 800–53, (incorporated by reference, see 32 CFR Part 2002.2), and paragraph (g) of CFR Part 2022.14.

Answer 6

process, store, or transmit on Federal information systems