FY24 Cyber Awareness Challenge
When is the safest time to post on social media about your vacation plans?
After the trip
Which method of getting online poses the least risk?
Approved mobile hotspot.
Which of the following is true of working with a Sensitive Compartmented Information Facility (SCIF)?
Authorized personnel who permit another individual to enter the SCIF are responsible for confirming the individual's need-to-know and access.
Which of these is true of working within a Sensitive Compartmented Information Facility (SCIF)?
Authorized personnel who permit another individual to enter the SCIF are responsible for confirming the individual's need-to-know and access.
When linked to a specific individual, which of the following is NOT an example of Personally Identifiable Information (PII)?
Automobile make and model
Under which Cyberspace Protection Condition (CPCON) is the priority focus limited to critical and essential functions?
CPCON 2
What actions should you take in response to compromised Sensitive Compartmented Information (SCI)?
Call your security point of contact (POC)
Which payment method poses the least risk?
Cash
What does the Common Access Card (CAC) contain?
Certificates for identification, encryption, and digital signature
Which of the following is an allowed use of government furnished equipment (GFE)?
Checking personal e-mail if your organization allows it
You receive a phone call offering you a $50 gift card if you participate in a survey. Which course of action should you take?
Decline to participate in the survey. This may be a social engineering attempt.
You receive a text message from a package shipper notifying you that your package delivery is delayed due to needing updated delivery instructions from you. It provides a shortened link for you to provide the needed information. You are not expecting a package. What is the best course of action?
Delete the message.
Which of the following is NOT a best practice for protecting data on a mobile device?
Disable automatic screen locking after a period of inactivity
Which of the following must you do when using an unclassified laptop in a collateral classified environment?
Disable the embedded camera, microphone, and wifi Use government-issued wired peripherals
Your meeting notes are unclassified. This means that your notes
Do not have the potential to damage national security
Which of the following is an appropriate use of a DoD Public Key Infrastructure (PKI) token?
Do not use a token approved for NIPRNet on SIPRNet
Tom is working on a report that contains employees' names, home addresses, and salary. Which of the following is Tom prohibited from doing with the report?
E-mailing it to a colleague who needs to provide missing data
When e-mailing PII, which of the following should you do?
Encrypt the PII, Digitally sign the e-mail, Use your Government e-mail account
Which of the following uses of removeable media is appropriate?
Encrypting data stored on removable media.
Carl receives an e-mail about a potential health risk caused by a common ingredient in processed food. Which of the following actions should Carl NOT take with the e-mail?
Forward it
Which of these personally-owned computer peripherals may be used with government-furnished equipment (GFE)?
HDMI monitor, USB keyboard
How should government owned removable media be stored?
In a GSA-approved container according to the appropriate security classification
Which of the following statements is true of DoD Unclassified data?
It may require access and distribution controls
Which action will keep DoD data the safest when asked about what you are working on in public?
Leave the place
Where are you permitted to use classified data?
Only in areas within security appropriate to the classification level
Which of the following is a best practice to protect your identity?
Order a credit report annually.
Identification numbers are what type of information?
Personally Identifiable Information (PII), which is a type of CUI
Which of the following poses a physical security risk?
Posting an access roster in public view
Which of the following is true of transmitting or transporting Sensitive Compartmented Information (SCI)?
Printed SCI must be retrieved promptly from the printer.
Which of the following is a step you should NOT take to protect against spillage?
Purge any device's memory before connecting it to a classified network
How can you protect your home computer?
Regularly back up your files
You receive an e-mail with a link to schedule a time to update software on your government furnished laptop. Your IT department has not scheduled software updates like this in the past and has not announced this software update. the -mail is not digitally signed. What action should you take?
Report the e-mail to your security POC or help desk
Which of the following is NOT a way that malicious code can spread?
Running a virus scan
What step should be taken to securely telework?
Secure the area so others cannot view your monitor
Which of the following is NOT a best practice for travelling overseas with a mobile device?
Store the device in a hotel safe when sightseeing
Which of the following is an example of behavior that you should report?
Taking sensitive information home for telework without authorization
What conditions are necessary to be granted access to Sensitive Compartmented Information (SCI)?
Top Secret clearance and indoctrination into the SCI program
How can you protect your home computer?
Turn on the password feature, regularly back up your files
Which of the following personally owned peripherals can you use with government furnished equipment (GFE)?
USB Hub
How can you mitigate the potential risk associated with a compressed URL?
Use the preview function to see where the link actually leads
Which of the following is a best practice for managing connection requests on social networking sites?
Validate connection requests through another source if possible
Which of the following must you do when working in a SCIF?
Verify that all personnel in listening distance have a need-to-know. Ensure that monitors do not provide unobstructed views. Escort uncleared personnel and warn others in the SCIF.
Which behavior represents a security concern?
Working on an unmarked document on the classified network
Beth taps her phone at a payment terminal to pay for a purchase. Does this pose a security risk?
Yes, there is a risk that the signal could be intercepted and altered.
Sylvia commutes to work via public transportation. She often uses the time to get a head start on work by making phone calls or responding to e-mails on her government approved mobile device. Does this pose a security concern?
Yes. Eavesdroppers may be listening to Sylvia's phone calls, and shoulder surfers may be looking at her screen. Sylvia should be aware of these risks.
Which of the following is true of telework?
You must have permission from your organization to telework.
Which of the following is least likely to pose a risk to share on a social networking site?
Your pet's name
Which of these is NOT a potential indicator that your device may be under a malicious code attack?
a notification for a system update that has been publicized
Which best describes an insider threat? Someone who uses ___________ access, _____________, to harm national security through unauthorized disclosure, data modification, espionage, terrorism, or kinetic actions.
authorized; wittingly or unwittingly
Which of the following is an example of a strong password?
d+Uf_4RimUz
Which of the following describes Sensitive Compartmented Information (SCI)? SCI is a program that __________ various types of classified information for __________ protection and dissemination or distribution control.
segregates; added
