Cyber Awareness 2022 Knowledge
Check
(Spillage) What should you do if a reporter asks you about potentially classified
information on the web? - Answer Refer the reporter to your organization's public affairs
office.
(Spillage) Which of the following is a good practice to aid in preventing spillage? -
Answer Be aware of classification markings and all handling caveats.
(Spillage) After reading an online story about a new security project being developed on
the military installation where you work, your neighbor asks you to comment about the
article. You know this project is classified. What should be your response? - Answer
Attempt to change the subject to something non-work related, but neither confirm nor
deny the article's authenticity.
(Spillage) What should you do when you are working on an unclassified system and
receive an email with a classified attachment? - Answer Call your security point of
contact immediately.
(Spillage) What is required for an individual to access classified data? - Answer
Appropriate clearance; signed and approved non-disclosure agreement; and need-to-
know.
(Spillage) When classified data is not in use, how can you protect it? - Answer Store
classified data appropriately in a GSA-approved vault/container.
(Insider Threat) A colleague vacations at the beach every year, is married and a father
of four, his work quality is sometimes poor, and he is pleasant to work with. How many
potential insider threat indicators does this employee display? - Answer 0 indicators
(Insider Threat) Based on the description that follows, how many potential insider threat
indicator(s) are displayed? A colleague is playful and charming, consistently wins
performance awards, and is occasionally aggressive in trying to access classified
information. - Answer 1 indicators
(Spillage) What type of activity or behavior should be reported as a potential insider
threat? - Answer Coworker making consistent statements indicative of hostility or anger
toward the United States and its policies.
(Spillage) What advantages do "insider threats" have over others that allows them to
cause damage to their organizations more easily? - Answer Insiders are given a level of
trust and have authorized access to Government information systems.
(Spillage) Which of the following is a best practice to protect information about you and
your organization on social networking sites and applications? - Answer Use only
, Cyber Awareness 2022 Knowledge
Check
personal contact information when establishing personal social networking accounts,
never use Government contact information.
(Spillage) When is the safest time to post details of your vacation activities on your
social networking website? - Answer When your vacation is over, after you have
returned home
(social networking) When is the safest time to post details of your vacation activities on
your social networking profile? - Answer After you have returned home following the
vacation
(Spillage) What level of damage can the unauthorized disclosure of information
classified as confidential reasonably be expected to cause? - Answer Damage to
national security
(Spillage) Which type of information could reasonably be expected to cause serious
damage to national security if disclosed without authorization? - Answer Secret
(Spillage) Which of the following practices may reduce your appeal as a target for
adversaries seeking to exploit your insider status? - Answer Remove your security
badge after leaving your controlled area or office building.
(Sensitive Information) What type of unclassified material should always be marked with
a special handling caveat? - Answer For Official Use Only (FOUO)
(Sensitive Information) Which of the following is NOT an example of sensitive
information? - Answer Press release data
(Sensitive Information) Which of the following is true about unclassified data? - Answer
When unclassified data is aggregated, its classification level may rise.
(Sensitive Information) Which of the following represents a good physical security
practice? - Answer Use your own security badge, key code, or Common Access Card
(CAC)/Personal Identity Verification (PIV) card.
(Sensitive Information) What certificates are contained on the Common Access Card
(CAC)? - Answer Identification, encryption, and digital signature
(Sensitive Information) What should you do if a commercial entity, such as a hotel
reception desk, asks to make a photocopy of your Common Access Card (CAC) for
proof of Federal Government employment? - Answer Do not allow your CAC to be
photocopied.
Check
(Spillage) What should you do if a reporter asks you about potentially classified
information on the web? - Answer Refer the reporter to your organization's public affairs
office.
(Spillage) Which of the following is a good practice to aid in preventing spillage? -
Answer Be aware of classification markings and all handling caveats.
(Spillage) After reading an online story about a new security project being developed on
the military installation where you work, your neighbor asks you to comment about the
article. You know this project is classified. What should be your response? - Answer
Attempt to change the subject to something non-work related, but neither confirm nor
deny the article's authenticity.
(Spillage) What should you do when you are working on an unclassified system and
receive an email with a classified attachment? - Answer Call your security point of
contact immediately.
(Spillage) What is required for an individual to access classified data? - Answer
Appropriate clearance; signed and approved non-disclosure agreement; and need-to-
know.
(Spillage) When classified data is not in use, how can you protect it? - Answer Store
classified data appropriately in a GSA-approved vault/container.
(Insider Threat) A colleague vacations at the beach every year, is married and a father
of four, his work quality is sometimes poor, and he is pleasant to work with. How many
potential insider threat indicators does this employee display? - Answer 0 indicators
(Insider Threat) Based on the description that follows, how many potential insider threat
indicator(s) are displayed? A colleague is playful and charming, consistently wins
performance awards, and is occasionally aggressive in trying to access classified
information. - Answer 1 indicators
(Spillage) What type of activity or behavior should be reported as a potential insider
threat? - Answer Coworker making consistent statements indicative of hostility or anger
toward the United States and its policies.
(Spillage) What advantages do "insider threats" have over others that allows them to
cause damage to their organizations more easily? - Answer Insiders are given a level of
trust and have authorized access to Government information systems.
(Spillage) Which of the following is a best practice to protect information about you and
your organization on social networking sites and applications? - Answer Use only
, Cyber Awareness 2022 Knowledge
Check
personal contact information when establishing personal social networking accounts,
never use Government contact information.
(Spillage) When is the safest time to post details of your vacation activities on your
social networking website? - Answer When your vacation is over, after you have
returned home
(social networking) When is the safest time to post details of your vacation activities on
your social networking profile? - Answer After you have returned home following the
vacation
(Spillage) What level of damage can the unauthorized disclosure of information
classified as confidential reasonably be expected to cause? - Answer Damage to
national security
(Spillage) Which type of information could reasonably be expected to cause serious
damage to national security if disclosed without authorization? - Answer Secret
(Spillage) Which of the following practices may reduce your appeal as a target for
adversaries seeking to exploit your insider status? - Answer Remove your security
badge after leaving your controlled area or office building.
(Sensitive Information) What type of unclassified material should always be marked with
a special handling caveat? - Answer For Official Use Only (FOUO)
(Sensitive Information) Which of the following is NOT an example of sensitive
information? - Answer Press release data
(Sensitive Information) Which of the following is true about unclassified data? - Answer
When unclassified data is aggregated, its classification level may rise.
(Sensitive Information) Which of the following represents a good physical security
practice? - Answer Use your own security badge, key code, or Common Access Card
(CAC)/Personal Identity Verification (PIV) card.
(Sensitive Information) What certificates are contained on the Common Access Card
(CAC)? - Answer Identification, encryption, and digital signature
(Sensitive Information) What should you do if a commercial entity, such as a hotel
reception desk, asks to make a photocopy of your Common Access Card (CAC) for
proof of Federal Government employment? - Answer Do not allow your CAC to be
photocopied.
