Cyber Awareness Challenge 2022
22 Questions
100 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What do you do if spillage occurs?

Immediately notify your security point of contact.

What should you do after you have ended a call from a reporter asking you to confirm potentially classified information found on the web?

Alert your security point of contact.

Which of the following is NOT a requirement for telework?

  • You must work from the office. (correct)
  • You must have a secure computer.
  • You require a stable internet connection.
  • You must possess security clearance eligibility to telework.
  • Who can be permitted access to classified data?

    <p>Only persons with appropriate clearance, a non-disclosure agreement, and need-to-know can access classified data.</p> Signup and view all the answers

    How many potential insider threat indicators does a colleague who has won 10 high-performance awards, can be playful and charming, is not currently in a relationship, and is occasionally aggressive in trying to access sensitive information display?

    <p>1 indicator</p> Signup and view all the answers

    How many potential insider threat indicators does a colleague who has visited several foreign countries recently and speaks openly of unhappiness with U.S. foreign policy display?

    <p>3 or more indicators</p> Signup and view all the answers

    How many potential insider threat indicators does a colleague who complains about anxiety and exhaustion and makes coworkers uncomfortable by asking excessive questions about classified projects display?

    <p>3 or more indicators</p> Signup and view all the answers

    In setting up your personal social networking service account, what email address should you use?

    <p>Your personal email address</p> Signup and view all the answers

    What information most likely presents a security risk on your personal social networking profile?

    <p>Your place of birth</p> Signup and view all the answers

    Which of the following is NOT an example of sensitive information?

    <p>Press release data</p> Signup and view all the answers

    Is it permitted to share an unclassified draft document with a non-DoD professional discussion group?

    <p>True</p> Signup and view all the answers

    Which of the following is an example of Protected Health Information (PHI)?

    <p>Patient names</p> Signup and view all the answers

    Which of the following represents a good physical security practice?

    <p>Using your own security badge</p> Signup and view all the answers

    Which of the following is NOT a good way to protect your identity?

    <p>Share your passwords.</p> Signup and view all the answers

    Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens?

    <p>True</p> Signup and view all the answers

    Which of the following is NOT a typical means for spreading malicious code?

    <p>Patching from a trusted source</p> Signup and view all the answers

    Which of the following is a practice that helps to protect you from identity theft?

    <p>Ordering a credit report annually</p> Signup and view all the answers

    Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email?

    <p>Do not access links or hyperlinked media such as buttons and graphics in email messages.</p> Signup and view all the answers

    You receive an unexpected email from a friend: "I think you'll like this: https://tinyurl.com/2fcbvy." What action should you take?

    <p>Use TinyURL's preview feature to investigate where the link leads.</p> Signup and view all the answers

    You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. What action should you take?

    <p>Contact the IRS.</p> Signup and view all the answers

    When using your government-issued laptop in public environments, with which of the following should you be concerned?

    <p>The potential for unauthorized viewing of work-related information displayed on your screen.</p> Signup and view all the answers

    Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)?

    <p>If your organization allows it.</p> Signup and view all the answers

    Study Notes

    Incident Reporting

    • Notify your security point of contact immediately if a spillage occurs.
    • After receiving inquiries from reporters about classified information, alert your security point of contact.

    Telework and Clearance

    • Security clearance eligibility is a requirement for telework.
    • Access to classified data is limited to individuals with appropriate clearance, non-disclosure agreements, and a need to know.

    Insider Threat Indicators

    • A colleague who won 10 awards, is charming, and occasionally aggressive displays 1 potential insider threat indicator.
    • A colleague who has traveled recently, vocalizes unhappiness with U.S. foreign policy, and had their car repossessed shows 3 or more indicators.
    • A colleague expressing anxiety, excessively questioning coworkers about classified projects, and mentioning financial stress exhibits 3 or more threat indicators.

    Personal Information Security

    • Use your personal email address for personal social networking accounts.
    • The place of birth is a significant security risk if disclosed on social networking profiles.

    Sensitive and Classified Information

    • Press release data is NOT considered sensitive information.
    • Unclassified draft documents may be shared with non-DoD professionals if they are cleared for public release.
    • Protected Health Information (PHI) includes patient names, Social Security numbers, and other personal identifiers.

    Physical Security Practices

    • A good physical security practice includes using your own security badge or access card.
    • Avoid using a single complex password for all logins as it is NOT a good identity protection strategy.

    Cybersecurity Practices

    • Utilize DoD Public Key Infrastructure (PKI) tokens appropriately according to their classification.
    • Risk can arise from untrusted sources, whereas patching from trusted sources is safe.
    • Secure identity theft prevention practices include ordering an annual credit report.
    • To prevent virus downloads while checking emails, refrain from accessing hyperlinks in emails.

    Email Safety

    • Investigate unexpected email links using preview features before clicking.
    • If you receive a suspicious email from the IRS regarding unpaid taxes, contact the IRS directly.

    Government Equipment Usage

    • Always be cautious of unauthorized viewing of information when using government-issued laptops in public spaces.
    • Checking personal email on Government-furnished equipment is acceptable only if organizational policy permits it.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Test your knowledge with flashcards that cover essential protocols for handling security incidents and telework requirements. This quiz is designed for individuals seeking to enhance their cybersecurity awareness. Review your responses and reinforce best practices in cybersecurity.

    More Like This

    Use Quizgecko on...
    Browser
    Browser