Module 01

Safe Use of Generative AI at Work

Generative AI tools such as large language models (LLMs) and image generators offer massive productivity enhancements. However, in a public sector context, typing text into a commercial chat interface is fundamentally different from using a private offline program.

The Primary Risk: Public generative AI models retain users' input history. When you submit text, prompts, or attachments, that data is transmitted to third-party servers and may be used to retrain the model. If you paste restricted agency text, it could emerge in future answers delivered to other users (even citizens or foreign adversaries).

Module 1 Standards

Never paste non-public text or documentation into unauthorized AI interfaces.
Treat every text prompt input as if you were publishing it to a public forum.
Scrub personal information (PII) and system names before interacting.

🔬 Scenario Lab 1: Prompt Sanitizer Interactive

Instructions: Click on the sensitive, unclassified words in the prompt box below to redact them. Once all sensitive data points are masked, click "Submit Safe Prompt" to complete this module.

"Summarize this database entry: Database user admin has reported that user records containing Citizen SSN list are stored in the server located at our main facilities. Also, the active private password is currently set to 'Secret2026' for testing internal project code 'Aegis'."

Module 02

Avoiding Sensitive Data Exposure

Public sector professionals regularly handle information with varying levels of sensitivity. Standard data handling mandates that Controlled Unclassified Information (CUI), personally identifiable information (PII), and draft policy papers are safeguarded from unauthorized disclosure.

Commercial AI platforms often claim compliance, but free consumer tiers typically do not satisfy government security protocols. Uploading files for summarization, translation, or analysis represents a high risk of accidental data leakage.

Data Rules for AI

FedRAMP Authorization: Only input sensitive data into AI systems that have been granted FedRAMP authorization for the appropriate impact level.
API Tiers vs. Free Consumer Tiers: Free consumer services retain data. Developer API access often disables training reuse but still requires procurement approval.

🔬 Scenario Lab 2: Data Classification Lab Interactive

Instructions: Categorize the following datasets by clicking a card on the left, then clicking either the "Safe for Public AI" or "Sensitive / CUI - Do Not Upload" bucket on the right.

Draft Public Agency FAQ document

Citizen Health Records Spreadsheet

Publicly released annual statistics

Internal system firewall configurations

Safe for Public AI

Sensitive / CUI - Do Not Upload

Module 03

Recognizing AI-Generated Phishing

Historically, phishing emails were relatively easy to spot due to spelling errors, awkward grammar, and generic greetings. With the emergence of advanced large language models, bad actors can instantly generate perfectly written, hyper-personalized spear-phishing messages.

AI tools can ingest publicly available information (such as public staff directories, LinkedIn profiles, or agency procurement announcements) to construct highly convincing, contextual emails designed to compromise credentials or distribute malware.

Detecting AI-Generated Phishing

Zero Language Barriers: Perfect spelling and grammar are no longer indicators of safe emails.
Excessive Specificity: Be suspicious of emails mentioning niche agency projects or internal project names that are not public knowledge.
Out-of-Band Verification: Always verify unexpected requests via phone directories or primary agency communication lines.

🔬 Scenario Lab 3: Email Phishing Flags Interactive

Instructions: Below is a highly targeted email received by an employee. Click on the 3 critical suspicious areas in the email template.

From: d.boss@dep-energy-gov.org

To: j.doe@agency.gov

Subject: URGENT: Action required for system verification

Hello John,

As part of our database security audit, we need you to immediately verify your login token. I noticed you are working on the restricted Project Aegis system integrations. We must avoid downtime.

Please click the link below to enter your agency credentials and update your database access node.

System Verification Portal (Admin Override Redirect Node)

Thanks,
Department Database Director

Flags Found: 0 / 3

Module 04

Understanding Deepfakes & Impersonation

Generative AI has advanced far beyond text generation. Today, "deepfakes" allow threat actors to clone a person's voice using as little as 3 seconds of reference audio. This audio is often harvested from public speeches, government webinars, or media appearances.

An attacker can call a public sector employee pretending to be their director, senator, or senior leader, demanding immediate wire transfers, confidential data summaries, or Multi-Factor Authentication (MFA) tokens.

Deepfake Defenses

Do Not Rely on Voice: Voice recognition alone is no longer sufficient authentication for high-risk requests.
Identify Visual/Acoustic Artifacts: Digital jitter, metallic sounding voices, unnatural pauses, or missing ambient noise can indicate deepfakes.
Establish Verification Passphrases: For remote mission-critical teams, agree on off-channel verification methods or phrases.

🔬 Scenario Lab 4: Voice Verification Interactive

Instructions: Click "Play Voice Clip" to simulate a suspicious call. Read the transcript, analyze the request, and choose your action.

Incoming Audio Transcript: "Hey, this is Director Henderson. I am currently attending a federal panel and can't log into my portal. I need you to read me the temporary MFA token that was just sent to your phone so I can access the system dashboard. Do it right now, it's urgent."

Module 05

AI Tool Approval & Data Handling

As public sector agencies deploy internal AI products, employees must understand the clear boundaries between approved systems and "shadow AI" (unauthorized tools downloaded or accessed via employee browsers).

A tool should only be utilized if it has been evaluated through the official agency procurement and IT security lifecycle. A core criterion is verifying where data resides and whether the vendor has rights to use your data for proprietary model development.

Standard Procurement Flow

FedRAMP Checklist: Ensure Cloud-based AI systems meet Federal Risk and Authorization Management Program (FedRAMP) baselines.
Data Retention Opt-Out: Confirm that the tool has a certified zero-retention policy for prompt inputs.

🔬 Scenario Lab 5: Tool Approval Policy Tree Interactive

Instructions: Follow the policy decision path for an AI writing tool that processes Controlled Unclassified Information (CUI) but has NOT received FedRAMP authorization.

Q1: Does the tool process citizen data, CUI, or non-public agency records?

Q2: Given it is not FedRAMP approved, how should the request be treated?

Module 06

Reporting Suspicious AI Activity

When data is leaked, or when you receive a message that you suspect was generated by an AI adversary, immediate notification is critical. Threat mitigation teams can only block domains, reset credentials, or report incidents to central bodies (like CISA) if they receive detailed information promptly.

If you realize you pasted sensitive unclassified data into a public chatbot, do not try to cover it up. The session must be closed, and your local IT Security Officer must be notified so they can contact the vendor or isolate the system tokens.

Incident Reporting Checklist

Record the Details: Note the exact time, the name of the AI tool used, and the text prompt submitted.
No Retaliation: Prompt reporting of accidental leakages protects the agency. Cybersecurity divisions prioritize containment over blame.

🔬 Scenario Lab 6: Suspected Leakage Reporting Form Interactive

Instructions: Complete this mock internal Incident Report for an employee who accidentally pasted a citizen's address registry into an unauthorized public translator tool.

Assessment

Academy Knowledge Check

Complete this final assessment to verify your understanding of public-sector AI safety standards. A passing score of 5/6 (80%) is required to unlock your Certificate of Completion.

Credential

Course Certificate

Congratulations! You have completed the training and passed the Knowledge Check. Below is your Certificate of Completion. You may print or save this document for your records.

FederalShield LLC

Certificate of Completion

This security credential is proud to be presented to:

Student Name

For successfully demonstrating proficiency in:
AI Security Awareness for Public Sector Professionals

VERIFICATION ID: FS-0000-0000

FederalShield LLC is an independent private company and is not affiliated with, endorsed by, or sponsored by any U.S. government agency. This course does not represent official government training or policy.

Get the Public-Sector AI Security Checklist

Download our printable quick-reference checklist to distribute to your public sector team.

Download Checklist 🗎