.png){kind=logo}
CYBER AWARENESS 2023 FLASHCARDS
EXAM PREPARATION GUIDE | 29 ITEMS
Q:Controlled Unclass Info: best way to transmit CUI?Make sure recipients are clear and need to know then send via encrypted email Q:Identity Management: strong password?@rF+13gtK5!Q:Identify Management: whats true about CACs?It contains certificates for ID, encryption, and digital signature Q:Insider threats: what is a reportable insider threat?A colleague removes sensitive info w/o seeking authorization in order to perform authorized telework Q:SCI: what's true for transmitting SCI?Only transmit SCI if you're courier briefed for SCI Q:Mobile Devices: which is a best practice for using removable media?Avoid inserting removable media with unknown content into your computer Q:Social engineering: what security issue is associated with compressed URLs?Can be used to mask malicious intent Q:Classified data: what is the basis for handling classified data?Classification level and handling caveats
Q:Social Networking: which of the following is a security best practice when using social networking sites?Avoid posting pii (mothers maiden name) Q:Travel: problems w/ public wifi?May expose information sent to theft Q:SCI: what's true of sharing info in a SCIF?Avoid referencing derivitavely classified reports classified higher than the recipient Q:Social engineering: common indicator of phishng attempt?Claim that you update or validate information Q:GFE: what is personally owned monitor you shouldn't connect to your GFE?
USB Q:Malicious Code: what's true for downloading apps?For government devices, use approved and authorized apps only Q:Mobile devices: how can you protect data on your mobile computing and portable e-devices (PEDs)?Auto screen locking Q:Classified data: who designates classified data?Original Classification Authority Q:Controlled Unclass Info: which Desi marks information that does not have the potential to damage national security Unclassified
Q:Insider Threat: which is the following of a potential insider threat?Difficult life circumstances Q:Spillage: what will help prevent spillage?Follow procedures for transfering data to and from outside agency and networks.Q:Removable media in SCIF: what's true of PEDs in a SCIF?Only connect government-owned PEDs to the same level classification information system when authorized Q:Home Computer: best practice for securing home computer?Install system security patches Q:Social Networking: Protect yourself on social networking sites?Delete posts containing Personal information on a regular basis Q:Social Networking: when might you be subject to criminal, disciplinary, or administrative action due to online harassment, bullying, stalking, etc?If you participate/condone it in anyway Q:Controlled Unclass Info: What's true for CUI?CUI must have diseminating controls Q:Insider threat: what function do insider threat programs aim to fulfill?Proactively identify future threats and formulate wholistic mitigation responses Q:Spillage: how should uou respond if you receive an inquiry for info not clear for public release?Refer your order to PAO.
Q:Website use: how should you respond to theft of identity?Contact reporting agencies, financial institutions, monitor credit card statements and report crime to law enforcement Q:Social engineering: how to protect from social engineering?Verify identity of individuals Q:Physical security: which CPCON establishes a protection policy focus critical functions only
.png)