Cyber Awareness Challenge 2021

Which of the following can an unauthorized disclosure of information...?
damage to national security

A user writes down details from a report stored on a classified system marked as secret and uses those details to draft an unclassified briefing on an unclassified system without authorization...
Spillage because classified data was moved....

What is the proper response if spillage occurs
Immediately notify your security POC

When classified data is not in use, how can you protect it?
Store classified data appropriately in GSA-approved vault/container when not in use.

Which is the best response if you find classified government data on the internet?
Note any identifying information

What is required for an individual to access classified data
Appropriate clearance; signed and approved...

Which of the following practices reduces the chance of becoming a target by adversaries seeking insider information
Don't talk about work outside your workspace unless it is a specifically...

Which of the following terms refers to harm inflicted or national security through authorized...?
insider threat

Which is good practice to protect classified information?
Ensure proper labeling by appropriately marking all classified material.

Which classification level is given to information that could reasonably be expected to cause serious damage to national security?
secret

How many potential insider threat indicators does a person who is playful...?
1

what are some potential insider threat indicators?
Difficult life circumstances such as...

Which scenario might indicate a reportable insider threat security incident?
A coworker is observed using a personal electronic device...

Which of the following is a best practice to protect information about you and your organization on social networking sites and applications?
Use only personal contact information when establishing personal social networking accounts...

AS someone who works with classified information, what should you do if you are contacted by a foreign national seeking information on a research project?
inform your security POC of all bob-professional or non-routine contacts with foreign nationals....

under which circumstances may you be subject..... online misconduct?
Any time you participate in or condone misconduct...

When is the best time to post details of your vacation....
When your vacation is over

what type of unclassified material should always be marked with special handling caveat?
FOUO

what is an individuals PII or PHI considered?
Sensitive information

What is the best example of PII
Date and Place of birth

What is the best example of PHI
your health insurance explanation of benefits (EOB)

What must you ensure before transmitting PII or PHI via email?
Transmissions must be between government e-mail accounts and must be encrypted

what must you do when e-mailing PII or PHI
Encrypt the email and use your government e-mail

What does PII include
Social security, date and place of birth, mothers maiden name

It is acceptable to take a short break while a coworker monitors you computer...
No. Always remove your cac ...

what certificates are contained on the DOD PKI implemented by the CAC/PIV
Identification, Encryption, digital signature

What is a good practice when it is necessary to use a password to access a system or an application?
Avoid using the same password between systems or applications

Which is not sufficient to protect your identity?
use a common password for all your system and application logons.

Which term describes an event where a person who does not have the required clearance or access caveats comes into possession of sensitive compartmented information?
compromise

What are the requirements to be granted access to SCI material?
The proper security clearance and indoctrination into the SCI program

What is a SCI program?
a program that segregates various information....

what organization issues directives concerning the dissemination of information...?
OCA

what portable electronic devices are allowed in a SCIF
Government- owned PEDS

What must users do when using removable media within a SCIF?
User shall comply with site CM polices and procedures

What is an indication that malicious code is running on your system?
File corruption

What can malicious code do?
It can cause damage by corrupting files...

Which is true of cookies?
Text file

What is a valid response when identity theft occurs?
Report the crime to local law enforcement

What are some actions you can take to try to protect your identity?
Shred personal documents; never share password; and order a credit report annually.

What is whaling?
A type of phishing targeted at high level personnel such as senior officials

What is a common method used in social engineering?
Telephone surveys

Which of the following is an appropriate use of government e-mail?
Digitally signing e-mails that contain attachment or hyperlinks.

What is a protection against internet hoaxes?
Use online sites to confirm or expose potential hoaxes.

Which may be a security issue with compressed URLs?
They may be used to mask malicious intent

what is best practice while traveling with mobile computing devices?
Maintain possession of your laptop and other...

upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do?
Connect to the Government Virtual Private Network (VPN)

When conducting a private money- making venture using your government...?
It is never permitted

Which of the following helps protect data on your personal mobile devices?
Secure personal mobile devices to the same level as government issued systems

Which is a wireless technology that enables your electronic devices to establish communications and exchange information when placed next to each other called?
NFC

What are some examples of removable media?
Memory sticks, flash drives, or external hard drives

Which is best practice to protect data on your mobile computing device?
lock your device when not in use and require a password to reactivate

What is a good practice to protect data on your home wireless systems?
Ensure that the wireless security features are properly configured

What is a possible indication of a malicious code attack in progress?
A pop-up window that flashes and warns that your computer is infected with a virus.