CYBER AWARENESS CHALLENGE 2022

CYBER AWARENESS CHALLENGE 2022

KNOWLEDGE CHECK FLASHCARDS

EXAM PREPARATION GUIDE | 30 ITEMS

Q:TRAVELWhich of the following is a concern when using your

Government-issued laptop in public?Others may be able to view your screen.

Q:IDENTITY MANAGEMENTWhat certificates does the Common Access Card

(CAC) or Personal Identity Verification (PIV) card contain?Identification, encryption, and digital signature

Q:PHYSICAL SECURITYWithin a secure area, you see an individual who you do

not know and is not wearing a visible badge Ask the individual to see an identification badge.

Q:INSIDER THREATBased on the description below how many potential insider

threat indicators are present? A colleague often makes others uneasy by being persistent in trying to obtain information about classified projects to which he has no access, is boisterous about his wife putting them in credit card debt, and often complains about anxiety and exhaustion display?

• or more indicators

Q:USE OF GFEWhat is a critical consideration on using cloud-based file sharing

and storage applications on your Government-furnished equipment (GFE)?Determine if the software or service is authorized

Q:REMOVABLE MEDIA IN A SCIFWhat action should you take when using

removable media in a Sensitive Compartmented Information Facility (SCIF)?Identify and disclose it with local Configuration/Change Management Control and Property Management authorities

Q:SENSITIVE COMPARTMENTED INFORMATIONWhen is it appropriate to

have your security badge visible within a sensitive compartmented information facility (SCIF)?At all times while in the facility.

Q:SOCIAL NETWORKINGWhich of the following is a security best practice when

using social networking sites?Understanding and using the available privacy settings.

Q:UNCONTROLLED CLASSIFIED INFORMATIONWhich of the following is

NOT an example of CUI?Press release data

Q:INSIDER THREATWhat threat do insiders with authorized access to

information or information systems pose?They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities.

Q:HOME COMPUTER SECURITYWhich of the following is a best practice for

securing your home computer?Create separate accounts for each user.

Q:SOCIAL ENGINEERINGHow can you protect yourself from social engineering?

Follow instructions given only by verified personnel Q:Select the information on the data sheet that is personally identifiable information (PII) But not protected health information (PHI)

Jane JonesSocial security number: 123-45-6789

Q:UNCONTROLLED CLASSIFIED INFORMATIONWhich of the following is

NOT a correct way to protect CUI?Sensitive information may be stored on any password-protected system.

Q:SENSITIVE COMPARTMENTED INFORMATIONWhen faxing Sensitive

Compartmented Information (SCI), what actions should you take?Mark SCI documents appropriately and use an approved SCI fax machine.

Q:SOCIAL ENGINEERINGHow can you protect yourself from internet hoaxes?

Use online sites to confirm or expose potential hoaxes

Q:SOCIAL ENGINEERINGWhat action should you take with an e-mail from a

friend containing a compressed Uniform Resource Locator (URL)?Investigate the link's actual destination using the preview feature

Q:CLASSIFIED DATAWhich type of information could reasonably be expected to

cause serious damage to national security if disclosed without authorization?Secret

Q:WEBSITE USEWhich of the following statements is true of cookies?

You should only accept cookies from reputable, trusted websites.

Q:MOBILE DEVICESWhich of the following is an example of near field

communication (NFC)?A smartphone that transmits credit card payment information when held in proximity to a credit card reader.

Q:SPILLAGEWhich of the following may be helpful to prevent spillage?

Be aware of classification markings and all handling caveats.

Q:CLASSIFIED DATAWhat is a good practice to protect classified information?

Ensure proper labeling by appropriately marking all classified material and, when required, sensitive material.

Q:INSIDER THREATWhich of the following is NOT considered a potential insider

threat indicator?New interest in learning a foregin language.

Q:SOCIAL NETWORKINGWhen is the safest time to post details of your vacation

activities on your social networking profile?After you have returned home following the vacation.

Q:MOBILE DEVICESWhich of the following is an example of removable media?

Flash Drive

Q:MALICIOUS CODEWhich of the following is NOT a way malicious code

spreads?Legitimate software updates

Q:SPILLAGEWhich of the following may be helpful to prevent spillage?

Label all files, removable media, and subject headers with appropriate classification markings.

Q:IDENTITY MANAGEMENTWhich of the following is an example of a strong

password?eA1xy2!P

Q:SOCIAL NETWORKINGWhen may you be subject to criminal, disciplinary,

and/or administrative action due to online misconduct?If you participate in or condone it at any time.

Q:Select the information on the data sheet that is protected health information

(PHI) Jane has been Dr...ect patient..ect.