Cyber Awareness Challenge 2023

Cyber Awareness Challenge 2023 SPILLAGE: Which of the following is a good practice to prevent spillage? - ANS TBD SPILLAGE: You receive an inquiry from a reporter about government information not cleared for public release. How should you respond? - ANS Refer to PA CLASSIFIED DATA: Which of the following is a good practice for telework? - ANS use VPN CLASSIFIED DATA: What level of damage can the unauthorized disclosure of information classified as Top Secret reasonably be expected to cause? - ANS exceptionally grave damage INSIDER THREAT: Which of the following is a potential insider threat indicator? - ANS Interest in learning a foreign language (maybe) INSIDER THREAT: What is an insider threat? - ANS Someone who uses authorized access, wittingly or unwittingly, to harm...... (maybe) **Insider Threat Based on the description that follows, how many potential insider threat indicator(s) are displayed? A colleague saves money for an overseas vacation every year, is a single father, and occasionally consumes alcohol. - ANS 1 (maybe) SOCIAL NETWORKING: Which of the following is a security best practice when using social networking sites? - ANS Avoiding posting your mother's maiden name SOCIAL NETWORKING: Which of the following statements is true? - ANS Adversaries exploit social networking sites to disseminate fake news. SOCIAL NETWORKING: Which of the following statements is true? - ANS Many apps and smart devices collect and share your personal information and contribute to your online identity CUI: Which of the following best describes a way to safely transmit Controlled Unclassified Information (CUI)? - ANS TBD CUI: Which of the following is true of Protected Health Information (PHI)? - ANS TBD CUI: Which designation includes PII and PHI? - ANS Sensitive information PHYSICAL SECURITY: Which of the following best describes good physical security? - ANS Lionel stops an individual in his secure area who is not wearing a badge IDENTITY MANAGEMENT: Which of the following is true of the CAC or PIV card? - ANS You should remove and take your CAC/PIV card whenever you leave your workstation IDENTITY MANAGEMENT: Which of the following is true of using a DoD PKI token? - ANS It should only be in a system while actively using it for a PKI-required task SENSITIVE COMPARTMENTED INFORMATION: Which of the following is true of transmitting sensitive compartmented information (SCI)? - ANS You many only transport SCI if you have been courier-briefed for SCI. SENSITIVE COMPARTMENTED INFORMATION: Which of the following is true of Sensitive Compartmented Information (SCI)? - ANS Access requires Top Secret clearance and indoctrination into the SCI program. REMOVABLE MEDIA IN A SCIF: Which of the following is true of portable electronic devices (PEDs) in a Sensitive Compartmented Information Facility (SCIF)? - ANS All personal and government-owned PEDs are prohibited in a SCIF (NOPE), only authorized govt PEDS (??) MALICIOUS CODE: Which of the following is NOT a type of malicious code? - ANS Executables WEBSITE USE: Which of the following actions can help to protect your identity? - ANS Shred personal documents SOCIAL ENGINEERING: What action should you take with a compressed Uniform Resource Locator (URL) on a website known to you? - ANS investigate the destination by using the preview feature to see where the link goes SOCIAL ENGINEERING: How can you protect yourself from social engineering? - ANS Verify the identity of all individuals. SOCIAL ENGINEERING: what is a common indicator of a phishing attempt? - ANS a claim that you must update or validate information TRAVEL: What security risk does a public Wi-Fi connection pose? - ANS It may prohibit the use of a VPN (NOPE), It may expose the information sent to theft (??), USE OF GFE: Which of the following is NOT a permitted way to connect a personally-owned monitor to your GFE? - ANS USB MOBILE DEVICES: Which of the following best describes the conditions under which mobile devices and applications can track your location? - ANS It may occur at any time without your knowledge or consent. MOBILE DEVICES: How can you protect data on your mobile computing and portable electronic devices (PEDs)? - ANS Enable automatic screen locking after a period of inactivity. SPILLAGE: You find information that you know to be classified on the Internet. What should you do? - ANS Note the website's URL and report the situation to your security point of contact HOME COMPUTER SECURITY: How should you secure your home wireless network for teleworking? - ANS Implement Wi-Fi Protected Access 2 (WPA2) Personal encryption at a minimum. SPILLAGE: Which of the following may help to prevent spillage? - ANS Follow procedures for transferring data to and from outside agency and non-government networks. CLASSIFIED DATA: Who designates whether information is classified and its classification level? - ANS Original classification authority (??)