DOD CYBER AWARENESS CHALLENGE
KNOWLEDGE CHECK TEST QUIDE
QUESTIONS AND ANSWERS
Matt is a government employee who needs to share a document containing source
selection data with his supervisor. Which of the following describes the most appropriate
way for Matt to do this? - ANSWER -Encrypt it and send it via digitally signed
Government e-mail. (Correct)
Ref: Cyber Awareness Challenge 2025 / Protecting PII/PHI
You receive an e-mail with a link to run an anti-virus scan. Your IT department has not
sent links like this in the past. The e-mail is not digitally signed. What action should you
take? - ANSWER -Report the e-mail to your security POC or help desk. (Correct)
Ref: Cyber Awareness Challenge 2025 / Phishing
Which of the following is a way to protect classified data? - ANSWER -Store it in a GSA-
approved container
How can you protect yourself from identity theft? - ANSWER -Review your credit report
annually
How can you protect your home computer? - ANSWER -Use legitimate, known antivirus
software (Correct)
Install spyware protection software. (Correct)
Ref: Cyber Awareness Challenge 2025 / Best Practices for Home Computer Security
Which of the following poses a security risk while teleworking in an environment where
Internet of Things (IoT) devices are present? - ANSWER -All of these.
Which of these is NOT a potential indicator that your device may be under a malicious
code attack? - ANSWER -An operating system update (Correct)
Ref: Cyber Awareness Challenge 2025 / Incident Indicators
What are the requirements for access to Sensitive Compartmented Information (SCI)? -
ANSWER -Top Secret clearance and indoctrination into the SCI program
Which of the following is an example of removable media? - ANSWER -Compact disc
, Which of the following is an example of behavior that you should report? - ANSWER -
Bringing a phone into a prohibited area
Which of the following is NOT an appropriate use of your Common Access Card (CAC)?
- ANSWER -Exchanging it for a visitor pass in another building. (Correct)
Ref: Cyber Awareness Challenge 2025 / CAC/PIV Card Protection
You receive a phone call from an unknown person asking for a directory name on your
government furnished laptop so that a software update can be made. Which course of
action should you take? - ANSWER -Document the interaction and contact your security
POC or help desk
How can you protect your home computer? - ANSWER -Install spyware protection
software
Which of the following is an appropriate use of a DoD Public Key Infrastructure (PKI)
token? - ANSWER -Only leave it in a system while actively using it for a PKI-required
task
Which of the following is true of compressed URLs (e.g., TinyURL, goo.gl)? - ANSWER
-They may be used to mask malicious intent
What is a best practice for creating user accounts for your home computer? - ANSWER
-Create separate accounts for each user and have each user create their own
password.
Which of the following is a best practice to protect your identity? - ANSWER -Ask how
information will be used before giving it out. (Correct)
Ref: Cyber Awareness Challenge 2025 / Identity Protection
John receives an e-mail about a potential shutdown of a major social service unless a
petition receives enough signatures. Which of the following actions should John NOT
take with the e-mail? - ANSWER -Forward it (Correct)
Ref: Cyber Awareness Challenge 2025 / Phishing
Which of the following is an appropriate use of government e-mail? - ANSWER -Using a
digital signature when sending hyperlinks
Steve occasionally runs errands during virtual meetings. He joins the meetings using his
approved government device. Does this pose a security concern? - ANSWER -Yes.
Eavesdroppers may be listening to Steve's conversation
KNOWLEDGE CHECK TEST QUIDE
QUESTIONS AND ANSWERS
Matt is a government employee who needs to share a document containing source
selection data with his supervisor. Which of the following describes the most appropriate
way for Matt to do this? - ANSWER -Encrypt it and send it via digitally signed
Government e-mail. (Correct)
Ref: Cyber Awareness Challenge 2025 / Protecting PII/PHI
You receive an e-mail with a link to run an anti-virus scan. Your IT department has not
sent links like this in the past. The e-mail is not digitally signed. What action should you
take? - ANSWER -Report the e-mail to your security POC or help desk. (Correct)
Ref: Cyber Awareness Challenge 2025 / Phishing
Which of the following is a way to protect classified data? - ANSWER -Store it in a GSA-
approved container
How can you protect yourself from identity theft? - ANSWER -Review your credit report
annually
How can you protect your home computer? - ANSWER -Use legitimate, known antivirus
software (Correct)
Install spyware protection software. (Correct)
Ref: Cyber Awareness Challenge 2025 / Best Practices for Home Computer Security
Which of the following poses a security risk while teleworking in an environment where
Internet of Things (IoT) devices are present? - ANSWER -All of these.
Which of these is NOT a potential indicator that your device may be under a malicious
code attack? - ANSWER -An operating system update (Correct)
Ref: Cyber Awareness Challenge 2025 / Incident Indicators
What are the requirements for access to Sensitive Compartmented Information (SCI)? -
ANSWER -Top Secret clearance and indoctrination into the SCI program
Which of the following is an example of removable media? - ANSWER -Compact disc
, Which of the following is an example of behavior that you should report? - ANSWER -
Bringing a phone into a prohibited area
Which of the following is NOT an appropriate use of your Common Access Card (CAC)?
- ANSWER -Exchanging it for a visitor pass in another building. (Correct)
Ref: Cyber Awareness Challenge 2025 / CAC/PIV Card Protection
You receive a phone call from an unknown person asking for a directory name on your
government furnished laptop so that a software update can be made. Which course of
action should you take? - ANSWER -Document the interaction and contact your security
POC or help desk
How can you protect your home computer? - ANSWER -Install spyware protection
software
Which of the following is an appropriate use of a DoD Public Key Infrastructure (PKI)
token? - ANSWER -Only leave it in a system while actively using it for a PKI-required
task
Which of the following is true of compressed URLs (e.g., TinyURL, goo.gl)? - ANSWER
-They may be used to mask malicious intent
What is a best practice for creating user accounts for your home computer? - ANSWER
-Create separate accounts for each user and have each user create their own
password.
Which of the following is a best practice to protect your identity? - ANSWER -Ask how
information will be used before giving it out. (Correct)
Ref: Cyber Awareness Challenge 2025 / Identity Protection
John receives an e-mail about a potential shutdown of a major social service unless a
petition receives enough signatures. Which of the following actions should John NOT
take with the e-mail? - ANSWER -Forward it (Correct)
Ref: Cyber Awareness Challenge 2025 / Phishing
Which of the following is an appropriate use of government e-mail? - ANSWER -Using a
digital signature when sending hyperlinks
Steve occasionally runs errands during virtual meetings. He joins the meetings using his
approved government device. Does this pose a security concern? - ANSWER -Yes.
Eavesdroppers may be listening to Steve's conversation
