DOD CYBER AWARENESS CHALLENGE

• | P a g e

DOD CYBER AWARENESS CHALLENGE /

ACTUAL QUESTIONS AND ANSWER S (A+

GUIDE SOLUTION) NEWEST

• ,Appropriate use of a DoD PKI token?,

*Answer : Only leave it in a system while actively using it for

a PKI-required task* ,Correct., PKI tokens (like a CAC) should only be inserted during active use to minimize exposure risks.

• ,Best practice when browsing the internet?,

*Answer : Look for h-t-t-p-s in the URL name*

,Correct., HTTPS indicates a secure, encrypted connection.

• ,Type of data that could cause damage to national security?,

*Answer : Confidential*

,Correct., Confidential data, by definition, could harm national security if disclosed.

• ,Protect data on a mobile device?,

*Answer : Use two-factor authentication*

,Correct., Two-factor authentication (2FA) adds a strong layer of security.

• | P a g e

• ,What is an insider threat?,

*Answer : Someone who uses authorized access, either

wittingly or unwittingly, to harm national security* ,Correct., This aligns with the standard definition of an insider threat.

• ,Appropriate use of government e-mail?,

*Answer : Using a digital signature when sending hyperlinks*

,Correct., Digital signatures ensure authenticity and integrity, especially with links.

• ,Best practice for creating user accounts on a home

computer?,

*Answer : Create separate accounts for each user and have

each user create their own password* ,Correct., This enhances security by isolating user activities and credentials.

• ,NOT an appropriate use of a CAC?,

*Answer : Exchanging it for a visitor pass in another

building* ,Correct., A CAC is a personal credential and should never be exchanged or surrendered.

• | P a g e

• ,Security risk tapping a smartwatch to pay?,

*Answer : Yes. There is a risk that the signal could be

intercepted and altered* ,Correct., NFC payments can be vulnerable to interception (e.g., relay attacks), though risks are often mitigated by tokenization.

• ,Potential insider threat indicator?,

*Answer : Death of a spouse*

,Correct., Significant life events can increase vulnerability to exploitation or behavioral changes.

• ,Best practice for protecting home wireless network for

telework?,

*Answer : Implement, as a minimum, Wi-Fi Protected Access

• (WPA2) Personal encryption*

,Mostly Correct., WPA2 is a minimum standard, but WPA3 is now preferred where available (as of ). Still, this Answer is technically accurate.

• ,Safest to share on a social networking site?,

*Answer : Your favorite movie*

• | P a g e

,Correct., This is low-risk personal info unlikely to be exploited.

• ,Requirements for access to SCI?,

*Answer : Top Secret clearance and indoctrination into the

SCI program* ,Correct., SCI requires both a TS clearance and specific program access approval.

• ,True of removable media and PEDs?,

*Answer : The risks associated with them may lead to loss of

life* ,Correct., Mishandling can lead to severe consequences, including critical security breaches.

• ,Protect your home computer?,

*Answer : Use legitimate, known antivirus software*

,Correct., This is a fundamental security practice.

• ,Protect a mobile device while traveling?,

*Answer : Connect with a Government VPN*

,Correct., A VPN encrypts traffic, enhancing security on untrusted networks.