DOD CYBER AWARENESS TRAINING
EXAM QUESTIONS WITH COMPLETE
ANSWERS
Telework - - ANSWER -Do not remove classified documents from your secure
workspace to work offsite! Classified documents, either in hard copy or electronic
format, are strictly prohibited. Be sure to safeguard all DoD data while teleworking.
To telework, you must:
Have permission from your organization
Follow your organization's guidance to telework
Use authorized equipment and software and follow your organization's policies
Employ cybersecurity best practices at all times, including when using a Virtual Private
Network (VPN)
Perform telework in a dedicated area when at home
Position your monitor so that it is not facing windows or easily observed by others when
in use.
Classified Data - ANSWER -Classified data are designated by the original classification
authority as information that could be reasonably be expected to cause a given level of
damage to national security if disclosed:
Confidential - damage to national security
Secret - serious damage to national security
Top Secret - exceptionally grave damage to national security
Classified data:
Must be handled and stored properly based on classification markings and handling
caveats
Can only be accessed by individuals with all of the following:
Appropriate clearance
Signed and approved non-disclosure agreement
Need-to-know
,Protecting Classified Data - ANSWER -To protect classified data:
Only use classified data in areas with security appropriate to classification level
Store classified data appropriately n a GSA-approved vault/container when not in use
Don't assume open storage in a secure facility is authorized
Weigh need-to-share against need-to-know
Ensure proper labeling:
Appropriately mark all classified material and, when required, sensitive material
Report inappropriately marked material
Never transmit classified information using an unapproved method, such as visa an
unsecure fax machine or personal mobile device
Collateral Classified Spaces - ANSWER -Follow your organization's policy on mobile
devices and peripherals within secure spaces where classified information is processed,
handled, or discussed. Mobile devices and peripherals may be hacked or infected with
malware and can be used to track, record, photograph, or videotape the environment
around them. Powering off or putting devices in airplane mode is not sufficient to
mitigate these risks and the threat these devices pose to classified information.
When using unclassified laptops and peripherals in a collateral classified environment:
Ensure that any embedded cameras, microphones, and Wi-Fi are physically disabled
Use authorized external peripherals only:
Government-issued wired headsets and microphones
Government-issued wired webcams in designated areas
Personally-owned wired headsets without a microphone
All wireless headsets, microphones, and webcams are prohibited in DoD classified
spaces, as well as all personally-owned external peripherals other than wired headsets.
In addition to avoiding the temptation of greed to betray his country, what should Alex
do differently? - ANSWER -Avoid talking about work outside of the workplace or with
people without a need-to-know
How many insider threat indicators does Alex demonstrate? - ANSWER -Three or more
What should Alex's colleagues do? - ANSWER -Report the suspicious behavior in
accordance with their organization's insider threat policy
, Insider Threat - - ANSWER -An insider threat uses authorized access, wittingly or
unwittingly, to harm national security through unauthorized disclosure, data
modification, espionage, terrorism, or kinetic actions resulting in loss or degradation of
resources or capabilities.
Insiders are able to do extraordinary damage to their organizations by exploiting their
trusted status and authorized access to government information systems.
In one report on known U.S. spies, these individuals:
• Demonstrated behaviors of security concerns: 80% of the time
• Experienced a life crisis: 25% of the time
• Volunteered: 70% of the time
Although the vast majority of people are loyal and patriotic, the insider threat is real and
we must be vigilant in our efforts to thwart it.
Deterring - - ANSWER -We defend against the damage insider threats can cause by
deterring insiders from becoming threats. DoD and Federal policies require agencies to
establish Insider Threat Programs aimed at deterring, detecting, and mitigating the risks
associated with insider threats. Their activities include:
Proactively identifying insiders who exhibit potential risk indicators through:
o User activity monitoring
o Workplace reporting
Formulating holistic mitigation responses to decrease risk while achieving positive
outcomes for the organization and the individual. For example:
o Referring individuals to counseling or other types of assistance to alleviate personal
stressors
o Requiring training on security protocols
o Developing organization-wide protocols designed to secure information, resources,
and personnel
Detecting - - ANSWER -We detect insider threats by using our powers of observation to
recognize potential insider threat indicators. These include, but are not limited to:
• Difficult life circumstances
o Divorce or death of spouse
o Alcohol or other substance misuse or dependence
o Untreated mental health issues
o Financial difficulties
• Extreme, persistent interpersonal difficulties
• Hostile or vindictive behavior
EXAM QUESTIONS WITH COMPLETE
ANSWERS
Telework - - ANSWER -Do not remove classified documents from your secure
workspace to work offsite! Classified documents, either in hard copy or electronic
format, are strictly prohibited. Be sure to safeguard all DoD data while teleworking.
To telework, you must:
Have permission from your organization
Follow your organization's guidance to telework
Use authorized equipment and software and follow your organization's policies
Employ cybersecurity best practices at all times, including when using a Virtual Private
Network (VPN)
Perform telework in a dedicated area when at home
Position your monitor so that it is not facing windows or easily observed by others when
in use.
Classified Data - ANSWER -Classified data are designated by the original classification
authority as information that could be reasonably be expected to cause a given level of
damage to national security if disclosed:
Confidential - damage to national security
Secret - serious damage to national security
Top Secret - exceptionally grave damage to national security
Classified data:
Must be handled and stored properly based on classification markings and handling
caveats
Can only be accessed by individuals with all of the following:
Appropriate clearance
Signed and approved non-disclosure agreement
Need-to-know
,Protecting Classified Data - ANSWER -To protect classified data:
Only use classified data in areas with security appropriate to classification level
Store classified data appropriately n a GSA-approved vault/container when not in use
Don't assume open storage in a secure facility is authorized
Weigh need-to-share against need-to-know
Ensure proper labeling:
Appropriately mark all classified material and, when required, sensitive material
Report inappropriately marked material
Never transmit classified information using an unapproved method, such as visa an
unsecure fax machine or personal mobile device
Collateral Classified Spaces - ANSWER -Follow your organization's policy on mobile
devices and peripherals within secure spaces where classified information is processed,
handled, or discussed. Mobile devices and peripherals may be hacked or infected with
malware and can be used to track, record, photograph, or videotape the environment
around them. Powering off or putting devices in airplane mode is not sufficient to
mitigate these risks and the threat these devices pose to classified information.
When using unclassified laptops and peripherals in a collateral classified environment:
Ensure that any embedded cameras, microphones, and Wi-Fi are physically disabled
Use authorized external peripherals only:
Government-issued wired headsets and microphones
Government-issued wired webcams in designated areas
Personally-owned wired headsets without a microphone
All wireless headsets, microphones, and webcams are prohibited in DoD classified
spaces, as well as all personally-owned external peripherals other than wired headsets.
In addition to avoiding the temptation of greed to betray his country, what should Alex
do differently? - ANSWER -Avoid talking about work outside of the workplace or with
people without a need-to-know
How many insider threat indicators does Alex demonstrate? - ANSWER -Three or more
What should Alex's colleagues do? - ANSWER -Report the suspicious behavior in
accordance with their organization's insider threat policy
, Insider Threat - - ANSWER -An insider threat uses authorized access, wittingly or
unwittingly, to harm national security through unauthorized disclosure, data
modification, espionage, terrorism, or kinetic actions resulting in loss or degradation of
resources or capabilities.
Insiders are able to do extraordinary damage to their organizations by exploiting their
trusted status and authorized access to government information systems.
In one report on known U.S. spies, these individuals:
• Demonstrated behaviors of security concerns: 80% of the time
• Experienced a life crisis: 25% of the time
• Volunteered: 70% of the time
Although the vast majority of people are loyal and patriotic, the insider threat is real and
we must be vigilant in our efforts to thwart it.
Deterring - - ANSWER -We defend against the damage insider threats can cause by
deterring insiders from becoming threats. DoD and Federal policies require agencies to
establish Insider Threat Programs aimed at deterring, detecting, and mitigating the risks
associated with insider threats. Their activities include:
Proactively identifying insiders who exhibit potential risk indicators through:
o User activity monitoring
o Workplace reporting
Formulating holistic mitigation responses to decrease risk while achieving positive
outcomes for the organization and the individual. For example:
o Referring individuals to counseling or other types of assistance to alleviate personal
stressors
o Requiring training on security protocols
o Developing organization-wide protocols designed to secure information, resources,
and personnel
Detecting - - ANSWER -We detect insider threats by using our powers of observation to
recognize potential insider threat indicators. These include, but are not limited to:
• Difficult life circumstances
o Divorce or death of spouse
o Alcohol or other substance misuse or dependence
o Untreated mental health issues
o Financial difficulties
• Extreme, persistent interpersonal difficulties
• Hostile or vindictive behavior
