Cyber Awareness Challenge 2024 (Incomplete)
How should government owned removable media be stored? -In a GSA-approved container according to the appropriate security classification -With your organization's IT department -Removable media is not permitted in government facilities -In any type of container where it is not visible, such as a desk drawer
In a GSA-approved container according to the appropriate security classification
Terry sees a post on her social media feed that says there is smoke billowing from the Pentagon. The post includes a video that shows smoke billowing from a building that is not readily identifiable as the Pentagon. Terry is not familiar with the source of the post. Which of the following describes what Terry has likely seen? -This is probably sensationalism, which is harmless. -This is probably a post designed to attract Terry's attention to click on a link and steal her information. -This is probably breaking news because video cannot be faked. -This is probably disinformation unless Terry can verify it on a legitimate news site.
This is probably a post designed to attract Terry's attention to click on a link and steal her information.
Which of the following is NOT an appropriate use of your Common Access Card (CAC)? -Maintain possession of it at all times -Reporting it immediately if lost or misplaced -Removing from your computer and taking it with you when you leave your workstation -Using it as photo identification with a commercial entity
Using it as photo identification with a commercial entity
Which type of date could reasonably be expected to cause serious damage to national security? -Confidential -Secret -Controlled Unclassified Information (CUI) -Top Secret
~Secret
Sylvia commutes to work via public transportation. She often uses the time to get a head start on work by making phone calls or responding to e-mails on her government approved mobile device. Does this pose a security concern? -Yes, but only the phone calls. Sylvia should speak softly and only make calls when no one is sitting next to her. -No. No one else is going to be paying attention to what Sylvia is doing, as they will be focused on their own business. -Yes. Eavesdroppers may be listening to Sylvia's phone calls, and shoulder surfers may be looking at her screen. Sylvia should be aware of these risks. -No, because Sylvia is using a government approved device.
~Yes. Eavesdroppers may be listening to Sylvia's phone calls, and shoulder surfers may be looking at her screen. Sylvia should be aware of these risks.
Which of the following is an example of behavior that you should report? -Accessing sensitive information in accordance with job duties -Expressing dislike of a recent Presidential action -Taking sensitive information home for telework without authorization -Purchasing a used vehicle
~Taking sensitive information home for telework without authorization
Which of the following in NOT a best practice for teleworking in an environment where Internet of Things (IoT) devices are present? -Set strong passwords for the devices -Use the devices' default security settings -Check the devices periodically for Bluetooth connections -Remove any voice-enabled device
~Use the devices' default security settings
How can you mitigate the potential risk associated with a compressed URL (e.g., TinyURL, goo.gl)? -Open the link in a new tab or window -Select the link to see where it leads -Open the link in your browser's incognito mode -Use the preview function to see where the link actually leads
~Use the preview function to see where the link actually leads
Which of the following is an appropriate use of government e-mail? -Sharing an order form for your child's school fundraiser -Using a digital signature when sending attachments -Sending e-mails to personal contacts -Forwarding DoD-related memes or jokes
~Using a digital signature when sending attachments
Beth taps her phone at a payment terminal to pay for a purchase. Does this pose a security risk? -No, there is no security risk associated with this. -Only if Beth does not have the data on her phone encrypted. -Yes, there is a risk that the signal could be intercepted and altered. -Only if Beth does not have two-factor authentication enabled on her phone.
~Yes, there is a risk that the signal could be intercepted and altered.
Which of the following is least likely to pose a risk to share on a social networking site? -Your mother's maiden name -Your current location -Your birthdate -Your pet's name
~Your pet's name
When is the safest time to post on social media about your vacation plans? -Before the trip -During the trip -After the trip
~After the trip
Which of the following uses of removable media is allowed? -Government owned removable media that is approved as operationally necessary -Connecting a personal phone to a Unclassified government laptop to cahrge only -Unclassified government owned removable media on a personal laptop -Personally owned removable media on Unclassified government laptop
~Government owned removable media that is approved as operationally necessary
Which of the following is true of Sensitive Compartmented Information Facilities (SCIFs)? -Phone conversations within a SCIF are inherently secure and require no further protection. -Personnel with access to a SCIF have a need-to-know for all information processed within the SCIF. -Personnel must position monitors so that they do not face windows or close to window blinds. -Due to the physical security measure in place within a SCIF, open storage is allowed.
~Personnel must position monitors so that they do not face windows or close to window blinds.
Which of the following is NOT a best practice for traveling overseas with a mobile device? -Avoid using public Wi-Fi -Do not travel with a mobile device if you can avoid it -Store the device in a hotel safe when sightseeing -Assume that any voice or data transmission you make is monitored
~Store the device in a hotel safe when sightseeing
You receive a text message from a package shipper notifying you that your package delivery is delayed due to needing updated delivery instructions from you. It provides a shortened link for you to provide the needed information. You are not expecting a package. What is the best course of action? -Reply to the message and ask for more information -Delete the message -Open the link to provide the information -Open the link to inspect the website
~Delete the message
Which of the following is NOT a best practice for protecting data on a mobile device? -Use two-factor authentication -Maintain visual or physical control of your device at all times -Lock your device when not in use -Disable automatic screen locking after a period of inactivity
~Disable automatic screen locking after a period of inactivity
Mabel is a government employee who needs to share a document containing contractor proprietary information with her supervisor. Which of the following describes the most appropriate way for Mabel to do this? -E-mail it using her personal e-mail account. -Save it to a shared folder accessible to their team. -Leave a printed copy on her supervisor's desk after working hours. -Encrypt it and send it via digitally signed Government e-mail.
~Encrypt it and send it via digitally signed Government e-mail.
Carl receives an e-mail about a potential health risk caused by a common ingredient in processed food. Which of the following actions should Carl NOT take with the e-mail? -Forward it -Mark it as junk -Delete it -Research the claim
~Forward it
Which of the following is true of transmitting or transporting of Sensitive Compartmented Information (SCI)? -A collateral classified fax machine may be used to fac SCI with the appropriate coversheet. -SCI does not require a coversheet in an open storage environment. -Anyone with eligibility to access the SCI may hand-courier SCI. -Printed SCI must be retrieved promptly from the printer.
~Printed SCI must be retrieved promptly from the printer.
How can you protect your home computer? -Accept all mobile code -Use the default operating system password -Regularly back up your files -Disable firewall protection
~Regularly back up your files
Which of the follwing is NOT a way that malicious code can be spread? -Downloading files -Visiting infected websites -E-mail attachments -Running a virus scan
~Running a virus scan
How can you prevent viruses and malicious codes? -Download apps from your device's official app store because these are guaranteed to have no vulnerabilities -Allow mobile code to run on all websites -Scan all external files before uploading to your computer -View e-mail using the Preview Pane rather than opening it
~Scan all external files before uploading to your computer
Which of the following is permitted when using an unclassified laptop within a collateral classified space? -Wi-Fi -A Government-issued wireless headset without microphone -A personally-owned wired headset with microphone -A Government-issued wired headset with microphone
~A Government-issued wired headset with microphone
When is the safest time to post on social media about your vacation plans? -During the trip -Before the trip -After the trip
~After the trip
How can adversary use information available in public records to target you? -Combine it with information from other data sources to learn how best to bait you with a scam -Information in public records cannot be used to target you, as any sensitive information must be redacted -Sign you up for junk mail to make you less critical in your evaluation of communications -Take verifiable information stolen from others to establish bona fides with you
~Combine it with information from other data sources to learn how best to bait you with a scam
