DOD Cyber Awareness 2021 Knowledge Check
How many potential insider threat indicators does a person who is playful and charming, consistently wins performance awards, but is occasionally aggressive in trying to access sensitive information display?
1 indicator
How many the Cyberspace Protection Conditions (CPCON) are there?
5
Under which circumstances is permitted to share an unclassified draft document with a non-DoD professional discussion group?
As long as the document is cleared for public release, you may share it outside of DoD.
You receive a call from someone from the help desk who needs your assistance with a problem on your computer. How should you respond?
Ask the caller, "What's your full name and phone number?"
When is it appropriate to have your securing badge visible with a sensitive compartmented information facility?
At all time when is the facility.
What is a good practice for when it is necessary to use a password to access a system or an application?
Avoid using the same password between systems or applications.
What should you do when you are working on an unclassified system and receive an email with a classified attachment?
Call your security point of contact immediately.
Which of the following is true of protecting classified data?
Classified material must be appropriately marked
Upon connecting your government-issued laptop to a public wireless connection, what should you immediately do?
Connect to the Government Virtual Private Network (VPN).
What type of activity or behavior should be reported as a potential insider threat?
Coworker making consistent statements indicative of hostility or anger toward the United States and its policies.
What is a security best practice to employ on your home computer?
Create separate user accounts with strong individual passwords.
What should you do if you receive a game application request that includes permission to access your friends, profile information, cookies, and sites visited?
Decline the request.
A man you do not know is trying to look at your Government-issued phone and has asked to use it. What should you do?
Decline to lend the man your phone.
What are some potential insider threat indicators?
Difficult life circumstances such as substance abuse, divided loyalty or allegiance to the U.S., and extreme, persistent interpersonal difficulties.
Which of the following is an appropriate use of Government e-mail?
Digitally signing e-mails that contain attachments or hyperlinks.
Which of the following is a way to protect against social engineering?
Follow the instructions given only by verified personnel.
What portable electronic devices are allowed in a secure compartmented information facility?
Government owned PEDs if expressed authorized by your agency
Under what circumstances could unclassified information be considered a threat to national security?
If aggregated, the information could become classified.
Under what circumstances is it acceptable to use your Government-furnished computer to check personal e-mail and do other non-work-related activities?
If allowed by organizational policy.
Which of the following terms refers to someone who harms national security through authorized access to information system?
Insider Threat
What must users ensure when using removable media such as a compact disk (CD)?
It displays a label showing maximum classification, date of creation, point of contact, and Change Management (CM Control Number.
When is conducting a private money-making venture using your Government-furnished computer permitted?
It is never permitted
What is the best way to protect your Common Access Card (CAC)?
Maintain possession of it at all times.
What is the best way to protect your common access card?
Maintain possession of it at all times.
What is the best practice while traveling with mobile computing devices?
Maintain possession of your laptop and other government-furnished equipment (GFE) at all times.
Sensitive Information: Which of the following is an example of Protected Health Information (PHI)?
Medical test results
What are some examples of removable media?
Memory sticks, flash drives, or external hard drives.
Which of the following is NOT considered a potential insider threat indicator?
New interest in learning a foreign language
Is it acceptable to take a short break while a coworker monitors your computer while logged on with your Common Access Card (CAC)?
No. Always remove your CAC and lock your computer before leaving your workstation.
Malicious code: After clicking on a link on a website, a box pops up and asks if you want to run an application. Is it ok to run it?
No. Only use you agency trusted websites.
What type of unclassified material should always be marked with a special handling caveat?
Official use only
Which of the following is the best example of Personally Identifiable Information (PII)?
Passport number
Which of the following is NOT a typical means for spreading malicious code?
Patching from a trusted source
Which of the following does a security classification guide provided?
Precise guidance regarding specific elements of information to be classified
Spillage: What should you do if a reporter asks you about potentially classified information on the web?
Refer the reporter to your organization's public affair office
What actions should you take upon hearing a discussion involving Sensitive Compartmented Information (SCI) while seated in a cafeteria with an SCI Facility (SCIF)?
Remind those involved that such a discussion should not take place in common areas within a SCIF.
What is a valid response when identity theft occurs?
Report the crime to local law enforcement.
What actions should you take when printing classified material within a Sensitive Compartmented Information Facility (SCIF)?
Retrieve classified documents promptly from printers.
Which classified level is given to information that could reasonably be expected to cause serious damage to national security?
Secret
Which of the following is NOT a correct way to protect sensitive information?
Sensitive information may be stored on any password-protected system.
What are some actions you can take to try to protect you identity?
Shred personal documents, never share passwords and order a credit history annually.
Which of the following is the best description of two-factor authentication?
Something you possess like a CAC, and a Pin or Password
When classified data is not in use, how can you protect it?
Store classified data appropriately in a GSA-approved vault/container.
Which may be a security issue with compressed URLs?
There is no way to know where the link actually leads.
While you are waiting for your lunch bill, a stranger picks up your Government-issued phone from your table and proceeds to exit the facility with it. What should you do?
Try to observe the direction taken and any other useful information and immediately make a report to your security point of contact.
Which of the following is a best practice for securing your home computer?
Use antivirus software and keep it up to date.
What is a way to prevent the download of viruses and other malicious code when checking your e-mail?
View e-mail in plain text and don't view e-mail in Preview Pane.
What is a way to prevent the download of viruses and other malicious code when checking your email?
View email in plain text and don't view email in Preview Pane.
When is the safest time to post details of your vacation activities on your social networking website?
When your vacation is over, after you have returned home
In setting up your personal social networking service account, what email address should you use?
Your personal email address/addresses
What information posted publicly on your personal social networking profile represents a security risk?
Your place of birth
