Cyber Awareness 2024 Quiz

Questions and Answers

What type of information does this personnel roster represent?

Controlled unclassified information

When emailing this personnel roster, which of the following should you do? (Select all that apply)

• Send without encryption
• Use your government email account (correct)
• Encrypt the PII (correct)
• Digitally sign the email (correct)

What does it mean if your meeting notes are unclassified?

They do not have the potential to damage national security

Which of the following poses a physical security risk?

Posting an access roster in public view

What must you do when using an unclassified laptop in a collateral classified environment? (Select all that apply)

Use government-issued wired peripherals (A), Disable the embedded camera (B)

What must you do when working in a SCIF? (Select all that apply)

Escort uncleared personnel (A), Verify need-to-know for personnel (B), Ensure unobstructed views from monitors (C)

Is this an appropriate use of government-furnished equipment?

False (B)

This is not an appropriate use of GFE. Why?

You should not use government email to sell anything, use unauthorized services, or not use a digital signature when sending hyperlinks.

How can malicious code spread? (Select all that apply)

Downloading files (A), Visiting infected websites (B), Email attachment (C)

How can you prevent the download of malicious code? (Select all that apply)

Scan external files before uploading (A), Research apps before downloading (B)

Which payment method poses the least risk?

Cash

Which method of getting online poses the least risk?

Approved mobile hotspot

Which action will keep DoD data the safest?

Leave the coffee shop

What step should be taken next to securely telework?

Secure the area so others cannot view your monitor

Which of these personally owned computer peripherals may be used with government-furnished equipment? (Select all that apply)

HDMI monitor (A), USB keyboard (D)

Does this action pose a potential security risk?

False (B)

Select an action to take in response to compartmented information.

Call your security point of contact (POC)

DR. Dove printed a classified document and retrieved it promptly from the printer. Does this behavior represent a security concern?

False (B)

COL. Cockatiel worked on an unmarked document on the classified network. Does this behavior represent a security concern?

False (B)

MR. Macaw and a colleague had a conversation about a shared project in the SCIF after verifying no one was nearby. Does this behavior represent a security concern?

False (B)

Which of these individuals demonstrated behavior that could lead to the compromise of SCI?

COL. Cockatiel

You find an unlabeled thumb drive in the parking area outside your workplace. What should you do?

Turn it in to your security officer

True or false? Voice-activated smart devices can collect and share your personal information.

True (A)

True or false? The best way to keep your passport safe is to carry it with you.

False (B)

True or false? You should monitor your credit card statements for unauthorized purchases.

True (A)

Does Bob demonstrate potential insider threat indicators?

False (B)

How should Bob's colleagues respond?

Report Bob

Flashcards

Controlled Unclassified Information (CUI)

Information that is not classified but is still considered sensitive and requires protection.

Personnel Roster

A list of people who work at a specific organization.

Email Security

Email security measures ensure that only authorized individuals can access the information and protect it from unauthorized access.

Personally Identifiable Information (PII)

Data that specifically identifies an individual, such as their name, address, and social security number.

Unclassified Meeting Notes

Notes taken during a meeting that do not contain any information that could potentially harm national security.

Physical Security Risk

A potential risk to the security of a facility or information.

Sensitive Compartmented Information Facility (SCIF)

A space physically protected from unauthorized access, typically used for handling classified information.

Need-to-Know

The need to have a valid reason and authorization to access classified information.

Inappropriate Use of Government Equipment

Using government equipment for personal or unauthorized purposes, which is against regulations.

Email Usage Policies

A set of rules that govern the appropriate use of government email.

Malicious Code

Software designed to harm computer systems or steal data.

Prevention of Malicious Code

Steps to prevent malicious code from harming your computer.

Secure Payment Methods

A method of payment that is considered the safest, as it does not involve any electronic transactions.

Secure Internet Access

Using a mobile hotspot that has been approved for government use to access the internet.

Data Security Best Practices

Best practices to keep sensitive information secure.

Telework

Working from a secure location away from the office.

Personal Peripherals with GFE

It's okay to connect personal peripherals, like monitors and keyboards, to government-furnished equipment.

Potential Security Risks

Actions that may compromise security and should be carefully considered.

Compartmented Information

Sensitive Compartmented Information (SCI) is highly classified information that requires special handling and access controls.

Security Point of Contact (POC)

The person responsible for handling and implementing security protocols at a specific location.

Document Handling

Steps to follow when handling classified documents.

Classified Network

A network specifically designed to handle classified information, where unauthorized access is strictly controlled.

Conversations in a SCIF

Discussing classified information in a secure environment, ensuring that only authorized individuals are present.

Behavior Leading to Security Compromise

Actions that could potentially compromise sensitive information.

USB Drive

A data storage device, usually small and portable, that can be used to transfer data between computers.

Voice-Activated Smart Devices

Devices using voice commands for interaction, like smart speakers.

Passport

A document used for international travel, confirming your identity and nationality.

Monitoring Credit Card Activity

Regularly checking your credit card activity for any suspicious transactions.

Insider Threat Indicators

People who work within an organization and may potentially pose a threat to its security.

Study Notes

Controlled Unclassified Information

• A personnel roster is categorized as controlled unclassified information (CUI).

Email Security

• When emailing a personnel roster, ensure to encrypt personally identifiable information (PII), digitally sign the email, and use a government email account for security.

Unclassified Meeting Notes

• Unclassified meeting notes do not have the potential to harm national security.

Physical Security Risks

• Posting an access roster in public view poses a physical security risk.

Using Unclassified Laptops

• In a collateral classified environment, unclassified laptops require disabling the embedded camera, microphone, and Wi-Fi, and utilizing government-issued wired peripherals.

Working in SCIF

• In a Sensitive Compartmented Information Facility (SCIF), verify personnel have a need-to-know, ensure monitors have obstructed views, and escort uncleared personnel.

Appropriate Use of Government Equipment

• Using government-furnished equipment (GFE) for personal or unauthorized purposes is inappropriate.

Email Usage Policies

• Using government email for selling and unauthorized services, like file-sharing, breaches acceptable GFE conduct. Digital signatures are necessary for hyperlinks.

Spread of Malicious Code

• Malicious code can spread through email attachments, downloading files, and visiting infected websites.

Prevention of Malicious Code

• Safeguard against malicious code by scanning external files before uploading and researching apps for vulnerabilities before downloading.

Secure Payment Methods

• Cash transactions present the least risk when making payments.

Internet Access Risks

• Utilizing an approved mobile hotspot poses the least risk for online access.

Data Security Best Practices

• The safest action to protect DoD data is to leave a public space such as a coffee shop.

Secure Teleworking

• To securely telework, ensure the workspace is private so that others cannot see the monitor.

Personal Peripherals with GFE

• It is acceptable to use HDMI monitors and USB keyboards with government-furnished equipment.

Potential Security Risks

• Certain actions may pose potential security risks, necessitating caution.

Compartmented Information Response

• In response to sensitive compartmented information (SCI), contact your security point of contact (POC).

Security Concerns in Document Handling

• Printing and promptly retrieving a classified document does not typically represent a security issue.

Document Handling on Classified Network

• Working on unmarked documents in classified environments, like COL. Cockatiel's actions, raises security concerns.

Conversations in SCIF

• Discussing shared projects in a SCIF after verifying no one is nearby is not a security concern, as seen with MR. Macaw.

Behavior Leading to Security Compromise

• COL. Cockatiel’s behavior may risk compromising sensitive compartmented information (SCI).

Handling Found USB Drives

• Unlabeled thumb drives found in public areas should be turned in to a security officer for proper handling.

Voice-Activated Smart Devices

• Voice-activated smart devices can collect and share personal information, confirming the need for privacy awareness.

Passport Safety

• Carrying a passport is not the best method for keeping it safe; secure storage is recommended.

Monitoring Credit Card Activity

• Regularly monitoring credit card statements for unauthorized purchases is essential for financial security.

Insider Threat Indicators

• Bob exhibits potential insider threat indicators, requiring vigilance from colleagues.

Reporting Suspicious Behavior

• Bob’s colleagues should report any concerning behavior to maintain security protocols.