CYBER AWARENESS CHALLENGE 2020

CYBER AWARENESS CHALLENGE 2020

KNOWLEDGE CHECK FLASHCARDS

EXAM PREPARATION GUIDE | 28 ITEMS

Q:What organization issues the directives concerning the dissemination of

information regarding intelligence sources, methods, or activities?The Director of National Intelligence.

Q:What is a valid response when identity theft occurs?

Report the crime to local law enforcement.

Q:which of the following practices reduces the chance of becoming a target by

adversaries seeking information?Don't talk about work outside your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners.

Q:Which is a risk associated with removable media?

Spillage of classified information.

Q:which represents a security best practice when using social networking?

Understanding and using all available privacy settings.Q:Which is a wireless technology that enables your electronic devices to establish communications and exchange information when placed next to each other called?Near field communication (NFC).Q:When is the best time to post details of your vacation activities on your social networking website?When your vacation is over, and you have returned home.

Q:What is required for an individual to access classified data?

Appropriate clearance; signed and approved non-disclosure agreement; and need-to-know

Q:Which may be a security issue with compressed URLs?

They may be used to mask malicious intent.

Q:What is the best example of Protected Health information (PHI)?

Your health insurance explanation of benefits (EOB).

Q:What can malicious code do?

it can cause damage by corrupting files, erasing your hard drive, and/or allowing hackers access.

Q:Whats is the best description of two-factor authentication?

Something you possess, like a CAC, and something you know, like a PIN or password.

Q:Which of the following is a good practice to aid in preventing spillage?

Be aware of classification markings and all handling caveats.

Q:Under what circumstances is it acceptable to use your Government-furnished

computer to check personal e-mail and do other non-work related activities?If allowed by organizational policy.

Q:What is a good practice for physical security?

Challenge people without proper badges.

Q:What is a good practice to protect data on your home wireless systems?

Ensure that the wireless security features are properly configured.Q:Which is a rule for removable media, other portable electronic devices (PEDs), and mobile computing devices to protect Government systems?Do not use any personally owned/non-organizational removable media on your organization's systems.

Q:What is a good practice when it is necessary to use a password to access a system or an application?Avoid using the same password between systems or applications.Q:Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do?Connect to the Government Virtual Private Network (VPN).Q:Why might "insiders' be able to cause damage to their organizations more easily than others?Insiders are given a level of trust and have authorized access to government information systems.

Q:What helps protect from spear phishing?

Be wary of suspicious e-mails that use your name and/or appear to come from inside your organization.

Q:What must you do when e-mailing Personally Identifiable Information (PII) or

Protected Health Information (PHI)?Encrypt the e-mail and use your Government e-mail account.

Q:What is whaling?

A type of phishing targeted at high-end personnel such as senior officials.

Q:Which scenario might indicate a reportable insider threat security incident?

A coworker is observed using a personal electronic device in an area where their use is prohibited.

Q:When classified data is not in use, how can you protect it?

store classified data appropriately in a GSA- approved vault/container when not in use.

Q:What is the best response if you find classified government data on the internet?Note any identifying information, such as the website's URL, and report the situation to your security POC.Q:Under what circumstances could unclassified information be considered a threat to national security?If aggregated, the information could become classified.

Q:What are the requirements to be granted access to SCI material?

The proper security clearance and indoctrination into the SCI program.