.png){kind=logo}
DOD CYBER AWARENESS CHALLENGE 2025
FLASHCARDS
EXAM PREPARATION GUIDE | 25 ITEMS
Q:Which of the following is an example of a strong password?
bRobr@791*P
Q:You receive an e-mail marked important from your agency head asking you to
call them using a number you do not recognize. The e-mail was sent from a personal e-mail address that you do not recognize, but it addresses you by name.What action should you take?This may be a spear phishing attempt. Report it to your security POC or help desk.
Q:Which of the following is true of compressed URLs (e.g., TinyURL, goo.gl)?
They may be used to mask malicious intent.
Q:Which of the following is permitted within a Sensitive Compartmented
Information Facility (SCIF)?An authorized Government-owned Portable Electronic Device (PED)
Q:How can you protect a mobile device while traveling?
Connect with a Government VPN Q:You receive a phone call from an unknown person asking for a directory name on your government furnished laptop so that a software update can be made. Which course of action should you take?Document the interaction and contact your security POC or help desk.
Q:Tessa is processing payroll data that includes employees' names, home addresses, and salary. Which of the following is Tessa prohibited from doing with the data?Using her home computer to print the data while working remotely
Q:Which of the following is NOT an appropriate use of your Common Access Card
(CAC)?
Exchanging it for a visitor pass in another building
Q:What is a best practice for creating user accounts for your home computer?
Create separate accounts for each user and have each user create their own password.Q:When allowed, which of the following is an appropriate use of removable media?Labeling media that contains personally identifiable information (PII) Q:You receive a text message from a vendor notifying you that your order is on hold due to needing updated payment information from you. It provides a shortened link for you to provide the needed information. What is the best course of action?Delete the message
Q:Which of the following is a best practice for protecting your home wireless
network for telework or remote work?Implement, as a minimum, Wi-FI Protected Access 2 (WPA2) Personal encryption
Q:Which of the following statements is true of DoD Unclassified data?
Do not have the potential to damage national security.
Q:How can you protect your home computer?
Use legitimate, known antivirus software
Q:Under which Cyberspace Protection Condition (CPCON) is the priority focus
limited to critical functions?
CPCON 1
Q:Based on the description provided, how many insider threat indicators are
present? Edward has worked for a DoD agency for 2 years. He is an analyst who takes a great deal of interest in his work. he occasionally takes a somewhat aggressive interest in others' work as well, including asking for classified details of their projects. he otherwise gets along well with his colleagues.1
Q:Which of these is NOT a potential indicator that your device may be under a
malicious code attack?An operating system update
Q:Which of the following can be used to catalogue information about you?
All of these
Q:Which of the following provides precise, comprehensive guidance regarding
specific program, system, operation, or weapon system elements of information to be classified?Security Classification Guide
Q:Which of the following is an allowed use of government furnished equipment
(GFE)?
E-mailing your supervisor
Q:Which of the following is true of spillage?
It can be either inadvertent or intentional Q:As you scroll through your social media feed, a news headline catches your eye.What should you consider before sharing it with your connections?Whether the source is credible and reliable
Q:How can malicious code do damage?
All of these
Q:Which of the following is true of removable media and portable electronic devices (PEDs)?They cannot be adequately secured, so they are prohibited by the DoD.
Q:As you browse a social media site, you come across photos of information with
classification markings. What should you do?Notify your security point of contact
.png)