Which of the following would be classified as spillage and would have to be reported to the Security Manager?

According to CNSSI No. 4009, Spillage is a:

"Security incident that results in the transfer of classified or CUI information onto an information system not accredited (i.e., authorized) for the appropriate security level."

Examples include, but are not limited to:

• Cross connecting an unclassified system with a classified system.
• Taking classified information outside a classified room without proper authority an protection
• Plugging an external drive that has been connected to a classified system into an unclassified system
• Plugging a flash drive that has been connected to a classified system into an unclassified system
• Sending a classified file to an unclassified email account (e.g. former Secretary of State Hillary Clinton)
• Burning a CD with classified data from a SIPRNet machine and inserting it into a NIPRNet machine (it is not necessary for any files to actually be transferred for it to be classified as "spillage"
• Losing control of classified information whether hard copy or soft copy

As per CNSSI No. 1001:

"When there is evidence of a possible spillage of classified national security information, hereinafter "classified information," an immediate notification shall be made to the information owner, the information assurance manager, the activity security manager, and the responsible Incident Response Center (IRC) Responsible personnel shall conduct an immediate preliminary inquiry to determine whether the classified information was subjected to loss, possible compromise, or unauthorized disclosure. "