FY24 DOD CYBER AWARENESS CHALLENGE

FY24 DOD CYBER AWARENESS CHALLENGE

KNOWLEDGE CHECK FLASHCARDS

EXAM PREPARATION GUIDE | 39 ITEMS

Q:Yes, there is a risk that signal could be intercepted and altered.

Which of the following is permitted within a Sensitive Compartmented Information Facility

(SCIF)?

Q:When is the safest time to post on social media about your vacation plans?

After the trip.Q:Decline to participate in the survey. This may be a social engineering attempt.What is the goal of an Insider Threat Program?Q:Which of the following is true of Sensitive Compartmented Information Facilities (SCIFs)?Personnel must position monitors so that they do not face windows or close the window blinds.

Q:Annabeth becomes aware that a conversation with a co-worker that involved

Sensitive Compartmented Information (SCI) may have been overheard by someone who does not have the required clearance. What action should Annabeth take?Contact her security POC with detailed information about the incident.

Q:Mabel is a government employee who needs to share a document containing

contractor proprietary information with her supervisor. Which of the following describes the most appropriate way for Mabel to do this?Encrypt it and send it via digitally signed Government e-mail.

Q:You should still treat it as classified even thought it has been compromised.

Which of the following contributes to your online identity?

Q:Report the e-mail to your security POC or help desk

Which of the following describes Sensitive Compartmented Information (SCI)? SCI is a program that ________ various types of classified information for ________ protection and dissemination or distribution control.

Q:Which of the following is true of working within a Sensitive Compartmented

Information Facility (SCIF)?Authorized personnel who permit another individual to enter the SCIF are responsible for confirming the individual's need-to-know and access.

Q:How can you protect your home computer?

Regularly back up your files.

Q:Which of the following is true of transmitting or transporting Sensitive

Compartmented Information (SCI)?Printed SCI must be retrieved promptly from the printer.Q:You receive an e-mail marked important from your boss asking for data that they need immediately for a meeting starting now. The e-mail was sent from a personal e-mail address that you do not recognize, bit it addresses you by name.What concern does the e-mail pose?This may be a spear phishing attempt. Contact your boss using contact information that you know to be legitimate.

Q:Which of the following uses of removable media is allowed?

Government owned removable media that is approved as operationally necessary.Q:Terry sees a post on her social media feed that says there is smoke billowing from the Pentagon. The post includes a video that shows smoke billowing from a building that is not readily identifiable as the Pentagon. Terry is not familiar with the source of the post. Which of the following describes what Terry has likely seen?This is probably disinformation unless Terry can verify it on a legitimate news site.

Q:Which of these is NOT a potential indicator that your device may be under a

malicious code attack?A notification for a system update that has been publicized

Q:Deter, detect, and mitigate the risks associated with insider threats

Which of the following is true of spillage?

Q:Which of the following uses of removable media is appropriate?

Which of the following is permitted when using an unclassified laptop within a collateral classified space?Q:Which best describes an insider threat? Someone who uses ______ access, ______, to harm national security through unauthorized disclosure, data modification, espionage, terrorism, or kinetic actions.authorized; wittingly or unwittingly

Q:Which of the following is NOT an appropriate use of your Common Access Card

(CAC)?

Using it as photo identification with a commercial entity.

Q:Which of the following is a best practice for physical security?

Use your own security badge or key code for facility access.

Q:Which of the following is a best practice to protect your identity?

Order a credit report annually.

Q:Which of the following statements about Portected Health Information (PHI) is

false?It is created or received by a healthcare provider, health plan, or employer or a business associate of these.

Q:Which of the following is NOT a best practice for protecting data on a mobile

device?Disable automatic screen locking after a period of inactivity.

Q:Carl receives an e-mail about a potential health risk caused by a common

ingredient in processed food. Which of the following actions should Carl NOT take with the e-mail?Forward it.

Q:Which of the following is an appropriate use of government e-mail?

Using a digital signature when sending attachments.

Q:All of these

Beth taps her phone at a payment terminal to pay for a purchase. Does this pose a security risk?Q:It refers specially to classified information that becomes publicly available.Which of the following is true of telework?

Q:How can you prevent viruses and malicious code?

Scan all external files before uploading to your computer.

Q:Which of the following is a best practice for managing connection requests on

social networking sites?Validate connection requests through another source if possible Q:Which of the following is NOT a best practice for teleworking in an environment where Internet of Things (IoT) devices are present?Use the devices' default security settings.

Q:Which of the following is a best practice for using government e-mail?

Do not send mass e-mails.