CYBER AWARENESS 2024 FLASHCARDS

CYBER AWARENESS 2024 FLASHCARDS

EXAM PREPARATION GUIDE | 49 ITEMS

Q:Based on the description provided, how many insider threat indicators are

present? Edward has worked for a DoD agency for 2 years. He is an analyst who takes a great deal of interest in his work. He occasionally takes a somewhat aggressive interest in others' work as well, including asking for classified details of their projects. He otherwise gets along well with his colleagues 1

Q:Which of the following is an example of behavior that you should report?

Taking sensitive information home for telework without authorization

Q:What is the goal of an Insider Threat Program?

Deter, detect, and mitigate the risks associated with insider threats

Q:Which of the following is true of compressed URLs (e.g., TinyURL, goo.gl)?

They may be used to mask malicious intent.

Q:Which of the following is NOT a best practice for protecting data on a mobile

device?Disable automatic screen locking after a period of inactivity

Q:Which of the following is true of Controlled Unclassified Information (CUI)?

It belongs to a defined category established in the DoD CUI Registry.

Q:Which of the following is NOT an appropriate use of your Common Access Card

(CAC)?

Using it as photo identification with a commercial entity

Q:You receive an e-mail with a link to run an anti-virus scan. Your IT department has not sent links like this in the past. The e-mail is not digitally signed. What action should you take?Report the e-mail to your security POC or help desk.

Q:How can you protect a mobile device while traveling?

Store the device in a hotel safe when sightseeing

Q:Which of the following is true of transmitting or transporting Sensitive

Compartmented Information (SCI)?You must be courier-briefed for SCI to transport it.

Q:Which of the following is true of spillage?

It can be either inadvertent or intentional.

Q:You receive a text message from a package shipper notifying you that your

package delivery is delayed due to needing updated delivery instructions from you. It provides a shortened link for you to provide the needed information. You are not expecting a package. What is the best course of action?Delete the message

Q:Which of the following is a best practice to protect your identity?

Ask how information will be used before giving it out

Q:Which of these is NOT a potential indicator that your device may be under a

malicious code attack?A notification for a system update that has been publicized

Q:How should government owned removable media be stored?

In a GSA-approved container according to the appropriate security classification

Q:Which of the following is a best practice for telework and remote work?

Connect to your Government Virtual Private Network (VPN)

Q:Which of the following is NOT an appropriate use of your Common Access Card

(CAC)?

Exchanging it for a visitor pass in another building

Q:Which of the following personally owned peripherals can you use with

government furnished equipment (GFE)?A wired keyboard connected via USB

Q:Which of the following is an example of a strong password?

d+Uf_4RimUz Q:Sylvia commutes to work via public transportation. She often uses the time to get a head start on work by making phone calls or responding to e-mails on her government approved mobile device. Does this pose a security concern?Yes. Eavesdroppers may be listening to Sylvia's phone calls, and shoulder surfers may be looking at her screen. Sylvia should be aware of these risks.

Q:How can you prevent viruses and malicious code?

Scan all external files before uploading to your computer

Q:Matt is a government employee who needs to share a dcoument containing source

selection data with his supervisor. Which of the following describes the most appropriate way for Matt to do this?Encrypt it and send it via digitally singed government e-mail.Q:When allowed, which of the following is an appropriate use of removable media?Labeling media that contains personally identifiable information (PII)

Q:How can you mitigate the potential risk associated with a compressed URL (e.g., TinyURL, goo.gl)?Use the preview function to see where the link actually leads

Q:Which of the following statements about Protected Health Information (PHI) is

false?It is a type of Controlled Unclassified Information (CUI)

Q:What conditions are necessary to be granted access to Sensitive Compartmented

Information (SCI)?The appropriate level of security clearance eligibility and a need-to-know Q:Which of the following is permitted when using an unclassified laptop within a collateral classified space?A personally-owned wired headset without a microphone

Q:Which of the following is a best practice for protecting your home wireless

network for telework or remote work?Implement, as a minimum, Wi-Fi Protected Access 2 (WPA2) Personal encryption

Q:What does the Common Access Card (CAC) contain?

Certificates for identification, encryption, and digital signature

Q:Which of the following statements is true of DoD Unclassified data?

It may require access and distribution controls.

Q:Which of the following describes Sensitive Compartmented Information?

SCI introduces an overlay of security to Top Secret, Secret, and Confidential information.

Q:Which of the following is an appropriate use of government e-mail?

Using a digital signature when sending hyperlinks