CYBER AWARENESS CHALLENGE 2024 -

CYBER AWARENESS CHALLENGE 2024 -

STUDY FLASHCARDS FLASHCARDS

EXAM PREPARATION GUIDE | 25 ITEMS

Q:What is the goal of an Insider Threat Program?

Deter, detect, and mitigate the risks associated with insider threats

Q:Which of the following is an appropriate use of government e-mail?

Using a digital signature when sending attachments

Q:Which of the following is NOT a best practice for protecting data on a mobile

device?Disable automatic screen locking after a period of inactivity

Q:Annabeth becomes aware that a conversation with a co-worker that involved

Sensitive Compartmented Information (SCI) may have been overheard by someone who does not have the required clearance. What action should Annabeth take?Contact her security POC with detailed information about the incident

Q:Which of the following is an allowed use of government furnished equipment

(GFE)?

Checking personal e-mail if your organization allows it

Q:Mabel is a government employee who needs to share a document containing

contractor proprietary information with her supervisor. Which of the following describes the most appropriate way for Mabel to do this?Encrypt it and send it via digitally signed Government e-mail.

Q:Which of these is NOT a potential indicator that your device may be under a

malicious code atta?A notification for a system update that has been publicized

Q:Which of the following contributes to your online identity?

All of these

Q:Which of the following statements is true of DoD Unclassified data?

It may require access and distribution controls

Q:What does a Common Access Card (CAC) contain?

Certificates for identification, encryption, and digital signature

Q:Based on the description provided, how many insider threat indicators are

present? Elyse has worked for a DoD agency for more than 10 years. She is a diligent employee who receives excellent performance reviews and is a valued team member. She has two children and takes them on a weeklong beach vacation every summer. She spend a semester abroad in France as a teenager and plans to take her children to visit France when they are older.1

Q:How can you prevent viruses and malicious code?

Scan all external files before uploading to your computer Q:How can you mitigate the potential risk associated with a compressed URL (e.g., TinyURL, goo.gl)?Use the preview function to see where the link actually leads Q:Which of the following is NOT a best practice for teleworking in an environment where Internet of Things (IoT) devices are present?Use the devices' default security settings

Q:Which of the following is NOT a best practice for protecting your home wireless network for telework?Use your router's pre-set Service Identifier (SSID) and password

Q:Which of the following is NOT an appropriate use of your Common Access Card

(CAC)?

Using it as photo identification with commercial entity

Q:Which of the following is a best practice to protect your identity?

Shred credit card and bank statements without opening them Q:Beth taps her phone at a payment terminal to pay for a purchase. Does this pose a security risk?Yes, there is a risk that the signal could be intercepted and altered Q:You receive an e-mail with a link to schedule a time to update software on your government furnished laptop. Your IT department has not scheduled software updates like this in the past and has not announced this software update. The e-mail is not digitally signed. What action should you take?Report the e-mail to your security POC or help desk Q:Which of the following is true of Sensitive Compartmented Information Facilities (SCIFs)?Personnel with access to a SCIF have a need-to-know for all information processed within the SCIF

Q:Which of the following is a best practice for managing connection requests on

social networking sites?Validate connection requests through another source if possible

Q:How can you protect your home computer?

Regularly backup your files

Q:Which of the following uses of removable media is allowed?

Government owned removable media that is approved as operationally necessary

Q:Which type of data could reasonably be expected to cause serious damage to

national security?Top Secret

Q:How should government owned removable media be stored?

Removable media is not permitted in government facilities.