CYBER AWARENESS CHALLENGE 2023

CYBER AWARENESS CHALLENGE 2023 What conditions are necessary to be granted access to Sensitive Compartmented Information (SCI)? - ANS Top Secret clearance and indoctrination into the SCI program Which of the following is permitted when using an unclassified laptop within a collateral classified space? - ANS A Government-issued wired headset with microphone Which of the following is an authoritative source for derivative classification? - ANS Security Classification Guide Carl receives an e-mail about a potential health risk caused by a common ingredient in processed food. Which of the following actions should Carl NOT take with the e-mail? - ANS Forward it How can an adversary use information available in public records to target you? - ANS Combine it with information from other data sources to learn how best to bait you with a scam Which of the following is an appropriate use of government e-mail? - ANS Using a digital signature when sending attachments Which of the following is NOT a best practice for protecting data on a mobile device? - ANS Disable automatic screen locking after a period of inactivity Annabeth becomes aware that a conversation with a co-worker that involved Sensitive Compartmented Information (SCI) may have been overheard by someone who does not have the required clearance. What action should Annabeth take? - ANS Contact her security POC to report the incident. On your home computer, how can you best establish passwords when creating separate user accounts? - ANS Have each user create their own, strong password Which of the following is an allowed use of government furnished equipment (GFE)? - ANS Checking personal e-mail if your organization allows it How can you prevent viruses and malicious code? - ANS Scan all external files before uploading to your computer Which best describes an insider threat? Someone who uses __________ access, ___________, to harm national security through unauthorized disclosure, data modification, espionage, terrorism, or kinetic actions. - ANS authorized, wittingly or unwittingly Which of the following is an example of behavior that you should report? - ANS Taking sensitive information home for telework without authorization Which of the following is true of telework? - ANS You must have permission from your organization to telework. After a classified document is leaked online, it makes national headlines. Which of the following statements is true of the leaked information that is now accessible by the public? - ANS You should still treat it as classified even though it has been compromised. How should government owned removable media be stored? - ANS In a GSA-approved container according to the appropriate security classification When linked to a specific individual, which of the following is NOT an example of Personally Identifiable Information (PII)? - ANS Automobile make and model What does the Common Access Card (CAC) contain? - ANS Certificates for identification, encryption, and digital signature Sylvia commutes to work via public transportation. She often uses the time to get a head start on work by making phone calls or responding to e-mails on her government approved mobile device. Does this pose a security concern? - ANS Yes. Eavesdroppers may be listening to Sylvia's phone calls, and shoulder surfers may be looking at her screen. Sylvia should be aware of these risks. Beth taps her phone at a payment terminal to pay for a purchase. Does this pose a security risk? - ANS Yes, there is a risk that the signal could be intercepted and altered. Which of the following is NOT an appropriate use of your Common Access Card (CAC)? - ANS Using it as photo identification with a commercial entity When is the safest time to post on social media about your vacation plans? - ANS After the trip You receive a text message from a package shipper notifying you that your package delivery is delayed due to needing updated delivery instructions from you. It provides a shortened link for you to provide the needed information. You are not expecting a package. What is the best course of action? - ANS Delete the message Which of the following is NOT a best practice for protecting your home wireless network for telework? - ANS Use your router's pre-set Service Set Identifier (SSID) and password Which of the following is a best practice for using government e-mail? - ANS Do not send mass e-mails How can you protect your home computer? - ANS Turn on the password feature Carl receives an e-mail about a potential health risk... - ANS Forward it Which of the following is an appropriate use of government e-mail? - ANS Using a digital signature when sending attachments Sylvia commutes to work via public transportation. She often uses... - ANS Yes. Eavesdroppers may be listening to Sylvia's phone calls, and shoulder surfers may be looking at her screen. Which of the following is true of transmitting or transporting SCI? - ANS Printed SCI must be retrieved promptly from the printer What conditions are necessary to be granted access to SCI? - ANS Top Secret clearance and indoctrination into the SCI program Terry sees a post on her social media feed that says there is smoke billowing from the Pentagon... - ANS This is probably a post designed to attract Terr's attention to click on a link and steal her information Which of the following statements about PHI is false? - ANS It is created or received by a healthcare provider, health plan, or employer of a business associate of these. Which of the following is NOT a best practice for protecting your home wireless network for telework? - ANS Use your router's pre-set SSID and password Beth taps her phone at a payment terminal to pay for a purchase. Does this pose a security risk? - ANS Yes, there is a risk that the signal could be intercepted and altered How can you prevent viruses and malicious code? - ANS Scan all external files before uploading to your computer Which of the following is an example of behavior that you should report? - ANS Taking sensitive information home for telework without authorization You receive a text message from a package shipper notifying you that your package delivery is delayed due to needing updated delivery instructions from you. - ANS Delete the message Which of the following is an appropriate use of a DoD PKI token? - ANS Do not use a token approved for NIPR on SIPR Which of the following is a best practice when browsing the internet? - ANS Only accept cookies from reputable, trusted websites Where are you permitted to use classified data? - ANS Only in areas with security appropriate to the classification level Which of the following contributes to your online identity? - ANS All of these How can you protect your home computer? - ANS Regularly back up your files Which of the following statements is true of DoD Unclassified data? - ANS It may require access and distribution controls Which of the following is NOT a way that malicious code can spread? - ANS Running a virus scan What is the goal of an Insider Threat Program? - ANS Deter, detect, and mitigate Which of the following uses of removable media is allowed? - ANS Government owned removable media that is approved as operationally necessary Which of the following is permitted when using an unclassified laptop within a collateral classified space? - ANS A government-issued WIRED headset with microphone When is the safest time to post on social media about your vacation plans? - ANS After the trip Which of the following is NOT an appropriate use of your CAC? - ANS Using it as photo identification with a commercial entity