DOD Cyber Awareness Challenge
Knowledge Check Questions & Answers
1.Which of the following is true of compressed URLs (e.g., TinyURL, goo.gl)?
: They may be used to mask malicious intent. (
Answer)
Ref: Cyber Awareness Challenge 2025 / Compressed URLs
2.What is a best practice for creating user accounts for your home comput-
er?: Create separate accounts for each user and have each user create
their own password. (
Answer)
Ref: Cyber Awareness Challenge 2025 / Best Practices for Home Compute
Security
3.Which of the following is a best practice to protect your identity?: Ask
how information will be used before giving it out. (
Answer)
Ref: Cyber Awareness Challenge 2025 / Identity Protection
1/
17
,4.John receives an e-mail about a potential shutdown of a major social
service unless a petition receives enough signatures. Which of the following
actions should John NOT take with the e-mail?: Forward it (
Answer)
Ref: Cyber Awareness Challenge 2025 / Phishing
5.Which of the following is an appropriate use of government e-mail?:
Using a digital signature when sending hyperlinks (
Answer)
Ref: Cyber Awareness Challenge 2025 / Use of Government E-mail
6.Steve occasionally runs errands during virtual meetings. He joins the
meetings using his approved government device. Does this pose a security
concern?: Yes. Eavesdroppers may be listening to Steve's conversation
(
Answer)
Ref: Common Sense
7.How can you prevent viruses and malicious code?: Scan all e-mail
attach- ments (
Answer)
2/
17
, Ref: Cyber Awareness Challenge 2025 / Protecting Against Malicious Cod
8.Matt is a government employee who needs to share a document
containing source selection data with his supervisor. Which of the following
describes the most appropriate way for Matt to do this?: Encrypt it and
send it via digitally signed Government e-mail. (
Answer)
Ref: Cyber Awareness Challenge 2025 / Protecting PII/PHI
9.You receive an e-mail with a link to run an anti-virus scan.Your IT
department has not sent links like this in the past. The e-mail is not digitally
signed. What
action should you take?: Report the e-mail to your security POC or help
desk. (
Answer)
Ref: Cyber Awareness Challenge 2025 / Phishing
10.Which of the following is a way to protect classified data?: Store it in
a GSA-approved container. (
Answer)
Ref: Cyber Awareness Challenge 2025 / Protecting Classified Data
3/
17
Knowledge Check Questions & Answers
1.Which of the following is true of compressed URLs (e.g., TinyURL, goo.gl)?
: They may be used to mask malicious intent. (
Answer)
Ref: Cyber Awareness Challenge 2025 / Compressed URLs
2.What is a best practice for creating user accounts for your home comput-
er?: Create separate accounts for each user and have each user create
their own password. (
Answer)
Ref: Cyber Awareness Challenge 2025 / Best Practices for Home Compute
Security
3.Which of the following is a best practice to protect your identity?: Ask
how information will be used before giving it out. (
Answer)
Ref: Cyber Awareness Challenge 2025 / Identity Protection
1/
17
,4.John receives an e-mail about a potential shutdown of a major social
service unless a petition receives enough signatures. Which of the following
actions should John NOT take with the e-mail?: Forward it (
Answer)
Ref: Cyber Awareness Challenge 2025 / Phishing
5.Which of the following is an appropriate use of government e-mail?:
Using a digital signature when sending hyperlinks (
Answer)
Ref: Cyber Awareness Challenge 2025 / Use of Government E-mail
6.Steve occasionally runs errands during virtual meetings. He joins the
meetings using his approved government device. Does this pose a security
concern?: Yes. Eavesdroppers may be listening to Steve's conversation
(
Answer)
Ref: Common Sense
7.How can you prevent viruses and malicious code?: Scan all e-mail
attach- ments (
Answer)
2/
17
, Ref: Cyber Awareness Challenge 2025 / Protecting Against Malicious Cod
8.Matt is a government employee who needs to share a document
containing source selection data with his supervisor. Which of the following
describes the most appropriate way for Matt to do this?: Encrypt it and
send it via digitally signed Government e-mail. (
Answer)
Ref: Cyber Awareness Challenge 2025 / Protecting PII/PHI
9.You receive an e-mail with a link to run an anti-virus scan.Your IT
department has not sent links like this in the past. The e-mail is not digitally
signed. What
action should you take?: Report the e-mail to your security POC or help
desk. (
Answer)
Ref: Cyber Awareness Challenge 2025 / Phishing
10.Which of the following is a way to protect classified data?: Store it in
a GSA-approved container. (
Answer)
Ref: Cyber Awareness Challenge 2025 / Protecting Classified Data
3/
17
