US NAVY CYBER AWARENESS
CHALLENGE EXAM QUESTIONS AND
ANSWERS
Which of these is NOT a potential indicator that your device may be under a malicious
code attack?
-The device slows down
-Loss of control of the mouse or keyboard
-A strange pop-up during system startup
-An operating system update - ANSWER -An operating system update
What is a best practice for creating user accounts for your home computer?
-Do not share your home computer with any other user
-Create separate accounts for each user and tailor each password wo what will be easy
for the individual user to remember
-Set up a generic user account with no password for general user functions
-Create separate accounts for each user and have each user create their own password
- ANSWER -Create separate accounts for each user and have each user create their
own password
Which of the following is permitted when using an unclassified laptop within a collateral
classified space?
-A Government-issued wireless headset with a microphone
-A microphone embedded in the laptop
-A personally-owned wired headset without a microphone
-A Government-issued wireless headset without microphone - ANSWER -A personally-
owned wired headset without a microphone
Which of the following is an allowed use of government furnished equipment (GFE)?
-Conducting transactions on your side business
-Viewing family photos from your shared DropBox
-Lending it to your spouse to watcha movie
-E-mailing your supervisor - ANSWER -E-mailing your supervisor
Which of the following is true of removable media and portable electronic devices
(PEDs)?
-The risk associated with them may lead to loss of life.
-They cannot be adequately secured, so they are prohibited by the DoD.
,-Removable media pose more risk than PEDs and are not permitted in government
facilities.
-Their utility outweighs any risk associated with them. - ANSWER -The risk associated
with them may lead to loss of life.
Which of the following provides precise, comprehensive guidance regarding specific
program, system, operation, or weapon system elements of information to be classified?
-Classification Management Tool
-Local Security Official
-Security Classification Guide
-Classification Registry - ANSWER -Security Classification Guide
How can you protect data on a mobile device?
-Use two-factor authentication
-Store your data on a commercial cloud application
-Disable automatic screen locking after a period of inactivity
-Turn over your device as requested by authority figures - ANSWER -Use two-factor
authentication
Which of the following is true of compressed URLs (e.g., Tiny URL, goo.gl)?
-You must open the link to find out where it leads.
-You can hover your cursor over it to preview where it actually leads.
-They pose no risk.
-They may be used to mask malicious intent - ANSWER -They may be used to mask
malicious intent
Which of the following is an example of behavior that you should report?
-Planning an overseas vacation
-Drinking alcohol socially
-Expressing dislike of a recent Presidential action
-Bringing a phone into a prohibited area - ANSWER -Bringing a phone into a prohibited
area
You receive an e-mail with a link to run an anti-virus scan. Your IT department has not
sent links like this in the past. The e-mail is not digitally signed. What action should you
take?
-Select the link to run the anti-virus scan.
-Look for a phone number in the e-mail to call for more information.
-Report the e-mail to your security POC or help desk.
-Reply to the e-mail to request more information. - ANSWER -Report the e-mail to your
security POC or help desk.
, Which of the following is an example of a strong password?
-bRobr@79I*P
-Fluffy&Spot
-Password12345
-1965May31! - ANSWER -bRobr@79I*P
Which of the following can be used to catalogue information about you?
-Social networking sites
-Audio-enabled digital assistants (e.g., Siri, Alexa)
-Fitness trackers
-All of these - ANSWER -All of these
Which of the following is a best practice to protect your identity?
-Throw credit card and bank statement in the trash
-Carry your passport with you at all times
-Enable data aggregation on sites when possible
-Ask how information will be used before giving it out - ANSWER -Ask how information
will be used before giving it out
Which of the following describes Sensitive Compartmented Information (SCI)?
-The requirement for access to SCI material are security clearance eligibility and need-
to-know
-SCI introduces an overlay of security to Top Secret, Secret, and Confidential
information.
-The determination that a piece of information is SCI is made at the organizational level.
-SCI is a type of Controlled Unclassified Information (CUI). - ANSWER -SCI introduces
an overlay of security to Top Secret, Secret, and Confidential information.
Which of the following is the safest to share on a social media networking site?
-Your birthdate
-Your mother's maiden name
-Your favorite movie
-Your current location - ANSWER -Your favorite movie
You receive a text message from a vendor notifying you that your order is on hold due
to needing updated payment information from you. It provides a shortened link for you
to provide the needed information. What is the best course of action?
-Open the link to provide information
-Reply to the message and ask for more information
CHALLENGE EXAM QUESTIONS AND
ANSWERS
Which of these is NOT a potential indicator that your device may be under a malicious
code attack?
-The device slows down
-Loss of control of the mouse or keyboard
-A strange pop-up during system startup
-An operating system update - ANSWER -An operating system update
What is a best practice for creating user accounts for your home computer?
-Do not share your home computer with any other user
-Create separate accounts for each user and tailor each password wo what will be easy
for the individual user to remember
-Set up a generic user account with no password for general user functions
-Create separate accounts for each user and have each user create their own password
- ANSWER -Create separate accounts for each user and have each user create their
own password
Which of the following is permitted when using an unclassified laptop within a collateral
classified space?
-A Government-issued wireless headset with a microphone
-A microphone embedded in the laptop
-A personally-owned wired headset without a microphone
-A Government-issued wireless headset without microphone - ANSWER -A personally-
owned wired headset without a microphone
Which of the following is an allowed use of government furnished equipment (GFE)?
-Conducting transactions on your side business
-Viewing family photos from your shared DropBox
-Lending it to your spouse to watcha movie
-E-mailing your supervisor - ANSWER -E-mailing your supervisor
Which of the following is true of removable media and portable electronic devices
(PEDs)?
-The risk associated with them may lead to loss of life.
-They cannot be adequately secured, so they are prohibited by the DoD.
,-Removable media pose more risk than PEDs and are not permitted in government
facilities.
-Their utility outweighs any risk associated with them. - ANSWER -The risk associated
with them may lead to loss of life.
Which of the following provides precise, comprehensive guidance regarding specific
program, system, operation, or weapon system elements of information to be classified?
-Classification Management Tool
-Local Security Official
-Security Classification Guide
-Classification Registry - ANSWER -Security Classification Guide
How can you protect data on a mobile device?
-Use two-factor authentication
-Store your data on a commercial cloud application
-Disable automatic screen locking after a period of inactivity
-Turn over your device as requested by authority figures - ANSWER -Use two-factor
authentication
Which of the following is true of compressed URLs (e.g., Tiny URL, goo.gl)?
-You must open the link to find out where it leads.
-You can hover your cursor over it to preview where it actually leads.
-They pose no risk.
-They may be used to mask malicious intent - ANSWER -They may be used to mask
malicious intent
Which of the following is an example of behavior that you should report?
-Planning an overseas vacation
-Drinking alcohol socially
-Expressing dislike of a recent Presidential action
-Bringing a phone into a prohibited area - ANSWER -Bringing a phone into a prohibited
area
You receive an e-mail with a link to run an anti-virus scan. Your IT department has not
sent links like this in the past. The e-mail is not digitally signed. What action should you
take?
-Select the link to run the anti-virus scan.
-Look for a phone number in the e-mail to call for more information.
-Report the e-mail to your security POC or help desk.
-Reply to the e-mail to request more information. - ANSWER -Report the e-mail to your
security POC or help desk.
, Which of the following is an example of a strong password?
-bRobr@79I*P
-Fluffy&Spot
-Password12345
-1965May31! - ANSWER -bRobr@79I*P
Which of the following can be used to catalogue information about you?
-Social networking sites
-Audio-enabled digital assistants (e.g., Siri, Alexa)
-Fitness trackers
-All of these - ANSWER -All of these
Which of the following is a best practice to protect your identity?
-Throw credit card and bank statement in the trash
-Carry your passport with you at all times
-Enable data aggregation on sites when possible
-Ask how information will be used before giving it out - ANSWER -Ask how information
will be used before giving it out
Which of the following describes Sensitive Compartmented Information (SCI)?
-The requirement for access to SCI material are security clearance eligibility and need-
to-know
-SCI introduces an overlay of security to Top Secret, Secret, and Confidential
information.
-The determination that a piece of information is SCI is made at the organizational level.
-SCI is a type of Controlled Unclassified Information (CUI). - ANSWER -SCI introduces
an overlay of security to Top Secret, Secret, and Confidential information.
Which of the following is the safest to share on a social media networking site?
-Your birthdate
-Your mother's maiden name
-Your favorite movie
-Your current location - ANSWER -Your favorite movie
You receive a text message from a vendor notifying you that your order is on hold due
to needing updated payment information from you. It provides a shortened link for you
to provide the needed information. What is the best course of action?
-Open the link to provide information
-Reply to the message and ask for more information
