CYBER AWARENESS 2025 KNOWLEDGE

CYBER AWARENESS 2025 KNOWLEDGE

CHECK ANSWERS FLASHCARDS

EXAM PREPARATION GUIDE | 64 ITEMS

Q:Which of the following describes Sensitive Compartmented Information (SCI)?

SCI introduces an overlay of security to Top Secret, Secret, and Confidential information.

Q:You receive an e-mail marked important from your agency head asking you to

call them using a number you do not recognize. The e-mail was sent from a personal e-mail address that you do not recognize, but it addresses you by name.What action should you take?This may be a spear phishing attempt. Report it to your security POC or help desk.

Q:Which of the following is true of compressed URLs (e.g. TinyURL, goo.gl)?

They may be used to mask malicious intent.

Q:How can you protect a mobile device while traveling?

Connect with a Government VPN Q:You receive a phone call from an unknown person asking for a directory name on your government furnished laptop so that a software update can be made. Which course of action should you take?Document the interaction and contact your security POC or help desk.

Q:Which of the following is a way to protect classified data?

Store it in a GSA-approved container

Q:Which of the following is true of Controlled Unclassified Information (CUI)?

It belongs to a defined category established in the DoD CUI Registry.

Q:You receive an e-mail with a link to run an anti-virus scan. Your IT department has not sent links like this in the past. The e-mail is not digitally signed. What action should you take?Report the e-mail to your security POC or help desk

Q:Which of the following is a best practice when browsing the internet?

Look for h-t-t-p-s in the URL name

Q:Which of the following uses of removable media is allowed?

Sam uses approved Government owned removable media to transfer files between government systems as authorized.

Q:Which of the following is true of transmitting or transporting Sensitive

Compartmented Information (SCI)?You must be courier-briefed for SCI to transport it.

Q:Which of the following is a best practice to protect your identity?

Ask how information will be used before giving it out

Q:Matt is a government employee who needs to share a document containing source

selection data with his supervisor. Which of the following describes the most appropriate way for Matt to do this?Encrypt it and send it via digitally signed Government e-mail.

Q:Which of the following is a best practice for physical security?

Report suspicious activity Q:Tessa is processing payroll data that includes employees' names, home addresses, and salary. Which of the following is Tessa prohibited from doing with the data?Using her home computer to print the data while working remotely

Q:Who designates whether information is classified and its classification level?Original classification authority

Q:What is an insider threat?

Someone who uses authorized access, either wittingly or unwittingly, to harm national security.Q:Which of the following statements about Public Health Information (PHI) is true?It is health information that identifies the individual.Q:Which of the following is true of removable media and portable electronic devices (PEDs)?The risks associated with them may lead to loss of life.Q:Does it pose a security risk to tap your smartwatch to pay for a purchase at a store?Yes. There is a risk that the signal could be intercepted and altered.

Q:Which of the following is a best practice for telework and remote work?

Connect to your Government Virtual Private Network (VPN)

Q:Which of the following is NOT an appropriate use of your Common Access Card

(CAC)?

Exchanging it for a visitor pass in another building Q:When linked to a specific individual, which of the following is NOT an example of Personally Identifiable Information (PII)?Smartphone brand and model

Q:Which of the following would working in combination for two-factor

authentication?Common Access Card (CAC) and Personal Identification Number (PIN)

Q:Based on the description provided, how many insider threat indicators are

present?Edward has worked for a DoD agency for 2 years. He is an analyst who takes a great deal of interest in his work. He occasionally takes a somewhat aggressive interest in others' work as well, including asking for classified details of their projects. He otherwise gets along well with his colleagues.2

Q:Which of the following is an example of a strong password?

bRobr@79l*P

Q:What is a best practice for creating user accounts for your home computer?

Create separate accounts for each user and have each user create their own password

Q:Which of the following is the safest to share on a social networking site?

Your favorite movie

Q:Which of the following is a best practice for protecting your home wireless

network for telework or remote work?Implement, as a minimum, Wi-Fi Protected Access 2 (WPA2) Personal encryption

Q:How can you protect yourself on social networking sites?

Validate connection requests through another source if possible

Q:Which type of data could reasonably be expected to cause damage to national

security?Confidential

Q:Which of the following is a potential insider threat indicator?

Death of a spouse Q:When allowed, which of the following is an appropriate use of removable media?Labeling media that contains personally identifiable information (PII)