Pages

✅ DOD Cyber Awareness Challenge Answers 1

Question: Which of the following may be helpful to prevent inadvertent spillage?

Which of the following may help to prevent inadvertent spillage? knowledge check
A: Purge the memory of any device removed from a classified network before plugging it into an unclassified network.
B: Label all files, removable media, and subject headers with appropriate classification markings.
C: Use a classified network for all work, especially unclassified processing.
D: Be aware of the network you are using when connecting a personal, unauthorized device.

Show or Reveal the Answer

Label all files, removable media, and subject headers with appropriate classification markings.

Question: 2. What should you do if a reporter asks you about potentially classified information on the web?

A: Confirm the information is classified.
B: Neither confirm nor deny the information is classified.
C: Deny the information is classified.
D: Explain that you are not authorized to discuss this classified project over the phone but could meet in person.

Show or Reveal the Answer

Neither confirm nor deny the information is classified.

Question: What should you do if a reporter asks you about potentially classified information on the web?

A: Provide your official email to the reporter and ask that she send you the information.
B: Ask for information about the website, including the URL.
C: Download the story to validate the details with your classified project notes prior to answering.
D: Shut off your computer.

Show or Reveal the Answer

Ask for information about the website, including the URL.

Question: Which of the following terms refers to harm inflicted on national security through authorized access to information or information systems?

A: Whaling
B: Insider Threat

Show or Reveal the Answer

Insider Threat

DOD Cyber Awareness Challenge, Insider threat awareness Test answers


which of the following does not constitute spillage
ANSWER: Classified information that should be unclassified and is downgraded.

Cyber Awareness Challenge: Malicious Code - Website Use Knowledge Check
What is a valid response when identity theft occurs?
ANSWER: Report the crime to local law enforcement.

Cyber Awareness Challenge: Malicious Code Knowledge Check
What can malicious code do?
ANSWER: It can cause damage by corrupting files, erasing your hard drive, and/or allowing hackers access.

What is an indication that malicious code is running on your system?
ANSWER: File corruption

What is a possible indication of a malicious code attack in progress?
ANSWER: A pop-up window that flashes and warns that your computer is infected with a virus.

Cyber Awareness Challenge: Malicious Code - Social Engineering Knowledge Check
What is a common method used in social engineering?
ANSWER: Telephone surveys

What is a way to prevent the download of viruses and other malicious code when checking your e-mail?
ANSWER: View e-mail in plain text and don't view e-mail in Preview Pane.

What is whaling?
ANSWER: A type of phishing targeted at high-level personnel such as senior officials.

What is a protection against internet hoaxes?
ANSWER: Use online sites to confirm or expose potential hoaxes.

Cyber Awareness Challenge: Malicious Code - Use of GFE Knowledge Check
When is conducting a private money-making venture using your Government-furnished computer permitted?
ANSWER: It is never permitted.

Which of the following activities is an ethical use of Government-furnished equipment (GFE)?
ANSWER: Completing your expense report for your government travel.

Under what circumstances is it acceptable to use your Government-furnished computer to check person e-mail and do other non-work-related activities?
ANSWER: If allowed by organization policy.

Cyber Awareness Challenge: Malicious Code - Travel Knowledge Check
Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do?
ANSWER: Connect to the Government Virtual Private Network (VPN).

Cyber Awareness Challenge: Malicious Code - Home Computer Security Knowledge Check
What is a good practice to protect data on your home wireless systems?
ANSWER: Ensure that the wireless security features are properly configured.

Cyber Awareness Challenge: Malicious Code - Mobile Devices Knowledge Check
What is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems?
ANSWER: Do not use any personally owned/non-organizational removable media on your organization's systems.

What are some examples of removable media?
ANSWER: Memory sticks, flash drives, or external hard drives

Which are examples of portable electronic devices (PEDs)?
ANSWER: Thumb drives, memory sticks, and optical disks

What portable electronic devices (PEDs) are allow in a Secure Compartmented Information Facility (SCIF)?
ANSWER: Government-owned PEDs, if expressly authorized by your agency.

Cyber Awareness Challenge: Spillage - Social Networking Knowledge Check
Under which circumstances may you be subject to criminal, disciplinary, and/or administrative action due to online misconduct?
ANSWER: Any time you participate in or condone misconduct, whether offline or online
What information most likely presents a security risk on your personal social networking profile?
What information posted publicly on your personal social networking profile represents a security risk?
ANSWER: Your place of birth

Cyber Awareness Challenge: Spillage - Classified Data Knowledge Check
Which classification level is given to information that could reasonably be expected to cause serious damage to national security?
what kind of information could reasonably be expected to cause serious damage to national security
ANSWER: Secret.

which is true for protecting classified data cyber awareness 2020
ANSWER: Classified material is stored in a GSA-approved container when not in use.

Cyber Awareness Challenge: Spillage - Insider Threat Knowledge Check
An individual who has attempted to access sensitive information without need-to-know and has made unusual requests for sensitive information is displaying indicators of what?
ANSWER: Potential Insider Threat

How many potential insider threat indicators does a person who is married with two children, vacations at the beach every year, is pleasant to work with, but sometimes has poor work quality display?
ANSWER: 0 indicators

How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display?
ANSWER: 1 indicator

A colleague has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information. How many potential insider threat indicators does this employee display?
ANSWER: 1 indicator

How many potential insider threat indicators does a coworker who often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display?
ANSWER: 3 or more indicators

A colleague complains about anxiety and exhaustion, makes coworkers uncomfortable by asking excessive questions about classified projects, and complains about the credit card bills that his wife runs up. How many potential insider threat indicators does this employee display?
ANSWER: 3 or more indicators

Bob, a coworker, has been going through a divorce, has financial difficulties and is displaying hostile behavior. How many potential insider threat indicators is Bob displaying?
ANSWER: 3

Cyber Awareness Challenge: Sensitive Information Knowledge Check
What is an individual's Personally Identifiable Information (PII) or Protected Health Information (PHI) considered?

ANSWER: Sensitive information.
What is the best example of Personally Identifiable Information (PII)?
ANSWER: Date and place of birth

What does Personally Identifiable Information (PII) include?
ANSWER: Social Security Number; date and place of birth; mother's maiden name

What must you do when e-mailing PII or PHI?
What must you do when e-mailing Personally Identifiable Information (PII) or Protected Health Information (PHI)?
ANSWER: Encrypt the e-mail and use your Government e-mail account.

What must you ensure before transmitting Personally Identifiable Information (PII) or Protected Health Information (PHI) via e-mail?
ANSWER: Transmissions must be between Government e-mail accounts and must be encrypted and digitally signed when possible.

Under what circumstances could unclassified information be considered a threat to national security?
ANSWER: When/If aggregated, the information could become classified.

What is the best example of Protected Health Information (PHI)?
ANSWER: Your health insurance explanation of benefits (EOB)

Cyber Awareness Challenge: Sensitive Information - Physical Security Knowledge Check
What is a good practice for physical security?
ANSWER: Challenge people without the proper badge.

Cyber Awareness Challenge: Sensitive Information - Identity Management Knowledge Check
What is a good practice when it is necessary to use a password to access a system or an application?
ANSWER: Avoid using the same password between systems or applications.

What must you ensure if your work involves the use of different types of smart card security tokens?
ANSWER: Avoid a potential security violation by using the appropriate token for each system.

Cyber Awareness Challenge: Sensitive Compartmented Information Knowledge Check
What describes how Sensitive Compartmented Information is marked?

ANSWER: Approved Security Classification Guide (SCG)
What are the requirements to be granted access to SCI material?
ANSWER: The proper security clearance and indoctrination into the SCI program.

Which must be approved and signed by a cognizant Original Classification Authority (OCA)? ANSWER: Security Classification Guide (SCG)

What describes a Sensitive Compartmented Information (SCI) program?
ANSWER: A program that segregates various type of classified information into distinct compartments for added protection and dissemination for distribution control.

Which term describes an event where a person who does not have the required clearance or access caveats comes into possession of Sensitive Compartmented Information (SCI)
ANSWER: Compromise

Cyber Awareness Challenge: Sensitive Compartmented Information - Removable Media in a SCIF Knowledge Check
Which is a risk associated with removable media?
ANSWER: Spillage of classified information.

What must users do when using removable media within a Sensitive Compartmented Information Facility (SCIF)?
ANSWER: Comply with Configuration/Change Management (CM) policies and procedures

Which of the following is not considered a potential insider threat indicator
ANSWER: Treated mental health issues./New interest in learning a foreign language.

which of the following is true of protecting classified data
ANSWER: Classified material must be appropriately marked.

What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed?
ANSWER: Exceptionally grave damage

Who can be permitted access to classified data?
ANSWER: Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know.

Ellen's Statement: How many insider threat indicators does Alex demonstrate?
How many insider threats does alex demonstrate
ANSWER: Three or more

Mark's Statement: What should Alex's colleagues do?
ANSWER: Report the suspicious behavior in accordance with their organization's insider threat policy

which of the following represents a good physical security practice? cyber awareness
ANSWER: Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIV) card.

Which of the following is true about unclassified data?
ANSWER: When unclassified data is aggregated, its classification level may rise.

Which scenario might indicate a reportable insider threat security incident?
ANSWER: A coworker is observed using a personal electronic device in an area where their use is prohibited.

No comments:

Post a Comment