DOD Cyber Awareness Challenge 2023

DOD Cyber Awareness Challenge 2023 *Spillage Which of the following may help to prevent spillage? - ANS Label all files, removable media, and subject headers with appropriate classification markings. *Spillage Which of the following actions is appropriate after finding classified information on the internet? - ANS Note any identifying information and the website's Uniform Resource Locator (URL) *Classified Data Which of the following individuals can access classified data? - ANS Darryl is managing a project that requires access to classified information. He has the appropriate clearance and a signed, approved, non-disclosure agreement. *Insider Threat Which type of behavior should you report as a potential insider threat? - ANS Hostility and anger toward the United States and its policies *Insider Threat Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status? - ANS Remove your security badge after leaving your controlled area or office building *Social Networking Your cousin posted a link to an article with an incendiary headline on social media. What action should you take? - ANS Research the source of the article to evaluate its credibility and reliability *Social Networking Which of the following is a security best practice when using social networking sites? - ANS Use only your personal contact information when establishing your account *Controlled Unclassified Information Select the information on the data sheet that is personally identifiable information (PII) but not protected health information (PHI) - ANS Jane Jones Social Security Number: *Controlled Unclassified Information Select the information on the data sheet that is protected health information (PHI) - ANS Interview: Dr. Nora Baker Dr. Baker was Ms. Jones's psychiatrist for three months. Dr. Baker reports that the sessions addressed Ms. Jones's depression, which poses no national security risk *Physical Security Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical and essential functions only? - ANS CPCON 2 *Identity Management What certificates does the Common Access Card (CAC) or Personal Identity Verification (PIV) card contain? - ANS Identification, encryption, digital signature *Identity Management What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card? - ANS Maintain possession of it at all times *Sensitive Compartmented Information When faxing Sensitive Compartmented Information (SCI), what actions should you take? - ANS Mark SCI documents, appropriately and use an approved SCI fax machine *Sensitive Compartmented Information When is it appropriate to have your security badge visible within a Sensitive Compartmented Information Facility (SCIF)? - ANS At all times while in the facility *Removable Media in a SCIF What action should you take when using removable media in a Sensitive Compartmented Information Facility (SCIF)? - ANS Identify and disclose it with local Configuration/Change Management Control and Property Management authorities *Malicious Code After visiting a website on your Government device, a popup appears on your screen. The popup asks if you want to run an application. Is this safe? - ANS No, you should only allow mobile code to run from your organization or your organization's trusted sites *Malicious Code Which of the following statements is true of cookies? - ANS You should only accept cookies from reputable, trusted websites *Website Use What action should you take with an e-mail from a friend containing a compressed Uniform Resource Locator (URL)? - ANS Investigate the link's actual destination using the preview feature *Website Use How can you protect yourself from internet hoaxes? - ANS Use online sites to confirm or expose potential hoaxes *Social Engineering What is a common indicator of a phishing attempt? - ANS A threat of dire consequences *Travel What security risk does a public Wi-Fi connection pose? - ANS It may expose the connected device to malware *Use of GFE Which of the following represents an ethical use of your Government-furnished equipment (GFE)? - ANS E-mailing your co-workers to let them know you are taking a sick day *Mobile Devices What can help to protect the data on your personal mobile device? - ANS Secure it to the same level as Government-issued systems *Mobile Devices Which of the following is an example of removable media? - ANS Flash drive *Home Computer Security Which of the following statements is true of using Internet of Things (IoT) devices in your home? - ANS An unsecured IoT device can become an attack vector to any other device on your home network, including your Government laptop