*Spillage
Which of the following may help to prevent spillage? - ANS Label all files, removable media,
and subject headers with appropriate classification markings.
*Spillage
Which of the following actions is appropriate after finding classified information on the internet? -
ANS Note any identifying information and the website's Uniform Resource Locator (URL)
*Classified Data
Which of the following individuals can access classified data? - ANS Darryl is managing a
project that requires access to classified information. He has the appropriate clearance and a
signed, approved, non-disclosure agreement.
*Insider Threat
Which type of behavior should you report as a potential insider threat? - ANS Hostility and
anger toward the United States and its policies
*Insider Threat
Which of the following practices may reduce your appeal as a target for adversaries seeking to
exploit your insider status? - ANS Remove your security badge after leaving your controlled
area or office building
*Social Networking
Your cousin posted a link to an article with an incendiary headline on social media. What action
should you take? - ANS Research the source of the article to evaluate its credibility and
reliability
*Social Networking
Which of the following is a security best practice when using social networking sites? - ANS
Use only your personal contact information when establishing your account
*Controlled Unclassified Information
Select the information on the data sheet that is personally identifiable information (PII) but not
protected health information (PHI) - ANS Jane Jones
Social Security Number: 123-45-6789
*Controlled Unclassified Information
Select the information on the data sheet that is protected health information (PHI) - ANS
Interview: Dr. Nora Baker
Dr. Baker was Ms. Jones's psychiatrist for three months. Dr. Baker reports that the sessions
addressed Ms. Jones's depression, which poses no national security risk
, *Physical Security
Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical
and essential functions only? - ANS CPCON 2
*Identity Management
What certificates does the Common Access Card (CAC) or Personal Identity Verification (PIV)
card contain? - ANS Identification, encryption, digital signature
*Identity Management
What is the best way to protect your Common Access Card (CAC) or Personal Identity
Verification (PIV) card? - ANS Maintain possession of it at all times
*Sensitive Compartmented Information
When faxing Sensitive Compartmented Information (SCI), what actions should you take? - ANS
Mark SCI documents, appropriately and use an approved SCI fax machine
*Sensitive Compartmented Information
When is it appropriate to have your security badge visible within a Sensitive Compartmented
Information Facility (SCIF)? - ANS At all times while in the facility
*Removable Media in a SCIF
What action should you take when using removable media in a Sensitive Compartmented
Information Facility (SCIF)? - ANS Identify and disclose it with local Configuration/Change
Management Control and Property Management authorities
*Malicious Code
After visiting a website on your Government device, a popup appears on your screen. The
popup asks if you want to run an application. Is this safe? - ANS No, you should only allow
mobile code to run from your organization or your organization's trusted sites
*Malicious Code
Which of the following statements is true of cookies? - ANS You should only accept cookies
from reputable, trusted websites
*Website Use
What action should you take with an e-mail from a friend containing a compressed Uniform
Resource Locator (URL)? - ANS Investigate the link's actual destination using the preview
feature
*Website Use
How can you protect yourself from internet hoaxes? - ANS Use online sites to confirm or
expose potential hoaxes