CYBER AWARENESS CHALLENGE 2025

CYBER AWARENESS CHALLENGE 2025

(INCOMPLETE) FLASHCARDS

EXAM PREPARATION GUIDE | 97 ITEMS

Q:Which of these is NOT a potential indicator that your device may be under a

malicious code attack?-The device slows down-Loss of control of the mouse or keyboard-A strange pop-up during system startup-An operating system update An operating system update

Q:Which of the following is true of transmitting or transporting Sensitive

Compartmented Information (SCI)?-You must be courier-briefed for SCI to transport it.-SCI does not require a coversheet in an open storage environment.-You may only transmit SCI via certified mail.-You must never print SCI.You must be courier-briefed for SCI to transport it.

Q:*Unclassified InformationYour meeting notes are unclassified. This means that

your notes:-May be released to the public.-Do not have the potential to damage

national security.-Do not have the potential to affect the safety of personnel, missions, or systems.-Do not require any markings Do not have the potential to damage national security.

Q:*Physical FacilitiesSensitive Compartmented Information Facility (SCIF)Which

of the following must you do when working in a SCIF?-Verify that all personnel in listening distance have a need-to-know-Ensure that monitors do not provide unobstructed views-Escort uncleared personnel and warn others in the SCIF -Verify that all personnel in listening distance have a need-to-know-Ensure that monitors do not provide unobstructed views-Escort uncleared personnel and warn others in the SCIF

Q:*Identity AuthenticationAlexHow do you secure your account?I receive a text

message code when logging in with a password.-Yes-Maybe-No Yes

Q:Which type of data could reasonably be expected to cause damage to national

security?-Secret-Confidential-Controlled Unclassified Information (CUI)-Top Secret Confidential

Q:Matt is a government employee who needs to share a document containing source

selection data with his supervisor. Which of the following describes the most appropriate way for Matt to do this?-Sent it via chat in a collaboration app.-Leave a printed copy on his supervisor's desk after working hours.-Encrypt it and send it via digitally signed Government e-mail.-Save it to a shared folder accessible to their team.Encrypt it and send it via digitally signed Government e-mail.

Q:How can you protect your home computer?-Turn off antivirus software

scans-Install spyware protection software-Disable firewall protection-Accept all mobile code Install spyware protection software Q:*Physical FacilitiesCollateral Classified SpaceWhich of the following must you do when using an unclassified laptop in a collateral classified environment?-Use a wireless headset-Disable the embedded camera, microphone, and Wi-Fi-Use government-issued wired peripherals -Disable the embedded camera, microphone, and Wi-Fi-Use government-issued wired peripherals

Q:*Mobile DevicesWhich action will keep DoD data the safest?-Change seats-Leave

the coffee shop Leave the coffee shop

Q:*Government ResourcesIs this an appropriate use of government-furnished

equipment (GFE)?-Yes-No No

Q:Which of the following personally owned peripherals can you use with

government furnished equipment (GFE)?-A wired keyboard connected via USB-A wired webcam that requires installed drivers-A Bluetooth headset-A monitor connected via USB A wired keyboard connected via USB Q:Which of the following poses a security risk while teleworking in an environment where Internet of Things (IoT) devices are present?-Voice-enabled listening recording-Default IoT device passwords-Unknown devices connected via Bluetooth-All of these All of these Q:*Identity AuthenticationSelect the individual who securely authenticates their identity.-Alex-Bailey-Charlie Alex

Q:Which of the following is best practice when browsing the Internet?-Set your

browser to accept all cookies-Look for the h-t-t-p-s in the URL name-Confirm that the site uses an unencrypted link-Save your credit card information on e-commerce sites Look for the h-t-t-p-s in the URL name

Q:*Sensitive Compartmented InformationPrinterDr. Dove printed a classified

document and retrieved it promptly from the printer.Does this behavior represent a security concern?-Yes-No No Q:Which of the following is a best practice for physical security?-Only hold the door for coworkers that you know work in the facility-Post access rosters in a visible area outside the facility-Lock your security badges away and avoid wearing it while in the facility-Report suspicious activity Report suspicious activity

Q:Does it pose a security risk to tap your smartwatch to pay for a purchase at a store?-Only if you do not have the data on your linked phone encrypted.-No, there is no security risk associated with this.-Only if you do not have two-factor authentication enabled on your linked phone.-Yes, there is a risk that the signal could be intercepted and altered.Yes, there is a risk that the signal could be intercepted and altered.

Q:*Identity ManagementTrue or false? You should monitor your credit card

statements for unauthorized purchases?-True-False True Q:Which of the following is true of compressed URLs (e.g., Tiny URL, goo.gl)?-You must open the link to find out where it leads.-You can hover your cursor over it to preview where it actually leads.-They pose no risk.-They may be used to mask malicious intent They may be used to mask malicious intent Q:Which of the following is true of removable media and portable electronic devices (PEDs)?-The risk associated with them may lead to loss of life.-They cannot be adequately secured, so they are prohibited by the DoD.-Removable media pose more risk than PEDs and are not permitted in government facilities.-Their utility outweighs any risk associated with them.The risk associated with them may lead to loss of life.Q:What is an insider threat?-The risk that information systems and networks will fail due to inadequate internal maintenance.-Someone who proactively identifies persons with authorized access to explain to gain access to U.S. government data.-The risk posed by the loss of organizational knowledge when trusted personnel resign or retire.-Someone who uses authorized access, either wittingly or unwittingly, to harm national security.Someone who uses authorized access, either wittingly or unwittingly, to harm national security.