Cyber Awareness Challenge 2023 Flashcards

Questions and Answers

What portable electronic devices (PEDs) are allowed in a Sensitive Compartmented Information Facility (SCIF)?

Government-owned PEDs when expressly authorized by your agency.

What action should you take when using removable media in a SCIF?

Identify and disclose it with local Configuration/Change Management Control and Property Management authorities.

What are some examples of malicious code?

Spreadsheet formulas

Trojan horses (correct)

Viruses (correct)

Worms (correct)

Which of the following is NOT a way that malicious code spreads?

Legitimate software updates

After visiting a website on your Government device, a popup appears asking if you want to run an application. Is this safe?

False

You should provide your credit card information if a website requires it during registration.

False

How should you respond to the theft of your identity?

Report the crime to local law enforcement.

You should only accept cookies from reputable, trusted websites.

True

Which is a best practice that can prevent viruses and other malicious code from being downloaded when checking your e-mail?

Do not access website links, buttons, or graphics in e-mail.

What is TRUE of a phishing attack?

Phishing can be an email with a hyperlink as bait.

Which of the following is a way to protect against social engineering?

Follow instructions given only by verified personnel

What is whaling?

A type of phishing targeted at senior officials.

What action should you take with an email from a friend containing a compressed Uniform Resource Locator (URL)?

Investigate the link's actual destination using the preview feature.

How can you protect yourself from internet hoaxes?

Use online sites to confirm or expose potential hoaxes.

Which may be a security issue with compressed Uniform Resource Locators (URLs)?

They may be used to mask malicious intent.

What is a best practice while traveling with mobile computing devices?

Maintain possession of your laptop and other government-furnished equipment (GFE) at all times.

It may be compromised as soon as you exit the plane when traveling overseas with a mobile phone.

True

What security risk does a public Wi-Fi connection pose?

It may expose the connected device to malware.

When can you check personal email on your Government-furnished equipment (GFE)?

If allowed by organizational policy.

What is a critical consideration on using cloud-based file sharing and storage applications on your Government-furnished equipment (GFE)?

Determine if the software or service is authorized.

What should you do if asked about a classified security project?

Attempt to change the subject to something non-work related, but neither confirm nor deny the article's authenticity.

Which of the following may help to prevent spillage?

Label files with classification markings.

What best describes an unauthorized transfer of classified data to a lower classification level?

Spillage because classified data was moved to a lower classification level system without authorization.

What should you do upon receiving an email with a classified attachment on an unclassified system?

Call your security point of contact immediately.

What action should you take if a reporter asks about potentially classified information on the web?

Ask for information about the website, including the URL.

What should you refer a reporter to if they ask about classified information?

Your organization's public affairs office.

What is the correct action if you suspect spillage has occurred?

Immediately notify your security point of contact.

Which of the following is a good practice to prevent spillage?

Be aware of classification markings.

What should you do after finding classified information on the Internet?

Note any identifying information and the website's Uniform Resource Locator (URL).

How can you protect classified data when it is not in use?

Store classified data appropriately in a GSA-approved vault/container.

What is required for an individual to access classified data?

Appropriate clearance, a signed and approved non-disclosure agreement, and need-to-know.

Which classification level is associated with serious damage to national security?

Secret.

Which of the following is a good practice for protecting classified information?

Ensure proper labeling of all classified material.

Classified material must be appropriately marked.

True

What damage can unauthorized disclosure of Confidential information cause?

Damage to national security.

You must have permission from your organization to telework.

True

Which type of information could cause serious damage to national security if disclosed without authorization?

Secret.

How should you protect a printed classified document when it is not in use?

Store it in a General Services Administration (GSA)-approved vault or container.

What level of damage can unauthorized disclosure of Top Secret information cause?

Exceptionally grave damage.

How many potential insider threat indicators are displayed by a colleague who vacations yearly, is a father, has poor work quality, but works well with his team?

~0 indicator.

How many potential insider threat indicators does a coworker displaying persistent behavior to obtain classified information, being boisterous about debt, and complaining of anxiety demonstrate?

3 or more

How many potential insider threat indicators are shown by a colleague who is charming, wins performance awards, but is occasionally aggressive about classified information?

1 indicator.

What advantages do insiders have that allow them to cause damage more easily?

Insiders are given a level of trust and have authorized access to government information systems.

What type of behavior should be reported as a potential insider threat?

Coworker making consistent statements indicative of hostility or anger toward the United States in its policies.

Which activity should be reported as a potential security incident?

A coworker removes sensitive information without authorization.

Which scenario might indicate a reportable insider threat?

A coworker uses a personal electronic device in a secure area where their use is prohibited.

How many insider threat indicators are shown by a colleague with persistent efforts to obtain classified project information, vocal about credit card issues, and complaints of anxiety?

3 or more indicators.

Which type of behavior should be reported as a potential insider threat?

Hostility or anger toward the United States and its policies.

Which of the following is NOT considered a potential insider threat indicator?

Interest in learning a foreign language.

What do insiders with authorized access to information pose?

A risk to national security.

When is the safest time to post details of your vacation activities on social media?

After you have returned home following the vacation.

How many potential insider threat indicators does a colleague show who abruptly becomes hostile after positive relationships and has unusual expenses?

3 or more indicators.

What is an insider threat?

Someone who uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure.

Which of the following is a potential insider threat indicator?

Unusual interest in classified information.

Which of the following is a reportable insider threat activity?

Attempting to access sensitive information without need-to-know.

What should Alex do differently to avoid temptation to betray his country?

Avoid talking about work outside of the workplace or with people without a need-to-know.

How many insider threat indicators does Alex demonstrate?

Three or more.

What should Alex's colleagues do if they notice suspicious behavior?

Report the suspicious behavior in accordance with their organization's insider threat policy.

What function do Insider Threat Programs aim to fulfill?

Proactively identify potential threats and formulate holistic mitigation responses.

What should you do if you receive a game application request with permission to access your friends, profile information, cookies, and sites visited?

Decline the request.

Which of the following is a security risk when posted publicly on your social networking profile?

Your personal email address.

Which of the following is a security best practice when using social networking sites?

Understand and use available privacy settings.

When may you face consequences due to online misconduct?

If you participate in or condone it at any time.

Which of the following is a security best practice when using social networking sites?

Use personal contact information when establishing your account.

Which of the following is a security risk when posted publicly on your social networking profile?

Your mother's maiden name.

What should you do if your cousin posts an incendiary article on social media?

Research the source of the article to evaluate its credibility and reliability.

What best describes the sources that contribute to your online identity?

Data about you collected from all sites, apps, and devices can be aggregated to form a profile.

What should you do if contacted by a foreign national seeking classified information?

Inform your security point of contact.

Which piece of information is safest to include on your social media profile?

Photos of your pet.

Which piece of information is safest to include on your social media profile?

Your favorite movie.

Adversaries exploit social networking sites to disseminate fake news.

True

How can you protect your organization on social networking sites?

Ensure no identifiable landmarks are visible in any photos taken in a work setting that you post.

Which of the following is NOT an example of Controlled Unclassified Information (CUI)?

Press release data.

Which of the following is NOT correct regarding the protection of CUI?

CUI can be stored on any password-protected system.

Which describes a way to safely transmit Controlled Unclassified Information (CUI)?

Verify that the information is CUI, include a CUI marking in the subject header, and digitally sign the email.

What is a best practice for protecting CUI?

Store it in a locked desk drawer after working hours.

Which of the following is not Controlled Unclassified Information (CUI)?

Press release data.

Unclassified information doesn't require markings or distribution controls.

True

Which of the following includes Personally Identifiable Information (PII) and Protected Health Information (PHI)?

Not provided in the content.

What is a good practice for physical security?

Challenge people without proper badges.

At which Cyberspace Protection Condition (CPCON) is the priority focus on critical functions only?

CPCON 1.

What should you do within a secure area when encountering someone without a visible badge?

Ask the individual for identification.

When are you permitted to use your PKI token?

On a NIPRNet system while using it for a PKI-required task.

What is the best description of two-factor authentication?

Something you possess, like a CAC, and something you know, like a PIN or password.

Using a common password for all your system and application logons is sufficient for protecting your identity.

False

What is the best way to protect your Common Access Card (CAC)?

Maintain possession of it at all times.

Which is NOT a best practice to preserve the authenticity of your identity?

Write your password down on a device that only you access.

Which of the following is an example of two-factor authentication?

Your password and a code you receive via text message.

Which of the following is an example of a strong password?

eA1xy2!P

What is Sensitive Compartmented Information (SCI)?

A program that segregates various types of classified information into distinct compartments for added protection.

What best describes the compromise of Sensitive Compartmented Information (SCI)?

A person who does not have the required clearance comes into possession of SCI.

When should documents be marked within a Sensitive Compartmented Information Facility (SCIF)?

All documents should be marked, regardless of classification.

What must be approved and signed by a cognizant Original Classification Authority (OCA)?

Security Classification Guide (SCG).

What must the dissemination of information regarding intelligence sources adhere to?

Directives issued by the Director of National Intelligence.

When is it appropriate to have your security badge visible?

At all times when in the facility.

What should you do with printed SCI documents promptly?

Retrieve classified documents promptly from printers.

What should participants in a conversation involving SCI do differently?

Physically assess that everyone within listening distance is cleared and has a need-to-know.

What actions should you take when faxing Sensitive Compartmented Information (SCI)?

Mark SCI documents appropriately and use an approved SCI fax machine.

What must users ensure when using removable media such as compact disks (CDs)?

Not provided in the content.

Study Notes

Spillage

• Spillage occurs when classified data is inadvertently disclosed or accessed by unauthorized individuals or systems.
• To pivot a discussion about a classified project, neither confirm nor deny its authenticity; redirect to unrelated topics.
• Prevent spillage by labeling files and media with appropriate classification markings.
• Unauthorized transfer of classified data to unclassified systems, such as drafting a briefing with Secret details, constitutes spillage.
• Upon receiving a classified email attachment on an unclassified system, immediately contact your security point of contact.
• To handle inquiries about classified information from reporters, gather website details like URLs and refer them to the public affairs office.
• Report any suspicion of spillage to the security point of contact without delay.
• Familiarity with classification markings and handling instructions can help prevent spillage.

Classified Data

• Proper care for classified data involves storing it securely in GSA-approved containers when not in use.
• Access to classified data requires clearance, a signed non-disclosure agreement, and need-to-know status.
• The classification level of 'Secret' indicates information that could cause serious damage to national security if disclosed.
• Ensure proper labeling and handling of classified material, including marking all sensitive material appropriately.
• Unauthorized disclosure of 'Confidential' information may cause damage to national security, while 'Top Secret' designated data could lead to exceptionally grave damage.
• Telework involving classified information requires organizational permission, to mitigate risk.

Insider Threat

• Insider threats exploit authorized access to harm national security, arising from both intentional and unintentional actions.
• Behaviors such as excessive inquiries about classified projects or displaying hostility toward U.S. policies should be reported as potential insider threats.
• Indicators of an insider threat can include aggressive behavior on obtaining classified information or notable lifestyle changes.
• Reportable activities encompass unauthorized removal of sensitive information and using prohibited electronic devices in secure areas.

Social Networking

• Post vacation details only after returning home to safeguard personal security.
• Avoid revealing personal information, like your mother's maiden name or personal email, on social media, as it poses a security risk.
• Vigilance about privacy settings is crucial while using social networking sites; utilize available features to limit exposure.
• Research the credibility of incendiary articles shared on social media before engaging further.
• Adversaries may exploit social platforms to disseminate misinformation, emphasizing the importance of cautious online behavior.
• Ensure that no identifiable landmarks are visible in work-related photos shared online to protect organizational security.

Controlled Unclassified Information (CUI)

• Not all information is classified; Controlled Unclassified Information (CUI) should be handled with care but lacks strict classification protocols.
• Proper transmission of CUI requires correct labeling and marking within correspondence.
• Locking away CUI in a desk drawer after hours is a recommended best practice for its protection.

Physical Security

• Validating the identity of individuals in secure areas is a pivotal aspect of physical security; always challenge unknown personnel without proper identification.
• Cyberspace Protection Condition (CPCON) 1 focuses solely on preserving critical functions and operations.

Identity Management

• Utilizing two-factor authentication enhances security by combining something you have with something you know, such as a CAC with a PIN.
• Maintain possession of your Common Access Card (CAC) at all times to avoid identity theft.
• A strong password, such as 'eA1xy2!P', enhances protection against unauthorized access.

Sensitive Compartmented Information (SCI)

• Sensitive Compartmented Information (SCI) requires strict control measures, including distinct compartmentalization and cybersecurity directives.
• All documents in a Sensitive Compartmented Information Facility (SCIF) must be appropriately marked regardless of their classification.
• Security badges should always be visible in secure areas, ensuring compliance and enhancing physical security measures.

Removable Media in a SCIF

• Removable media used in SCIFs must display proper labeling regarding classification, creation date, and point of contact to ensure compliance and security.

Malicious Code

• Examples of malicious code include viruses, Trojans, and worms, which can compromise systems.
• Accepting unfamiliar pop-ups or applications, particularly from unsecured sites, poses significant risk and should be avoided.

Website Use

• For security, refrain from entering credit card information on websites that do not utilize the 'https' protocol.
• If identity theft occurs, promptly report the incident to law enforcement to initiate recovery actions.

Social Engineering

• Best practices to prevent malicious code downloads include being cautious with email attachments and hyperlinks to enhance cybersecurity.### Social Engineering Concepts
• Phishing attacks often involve emails containing hyperlinks designed to lure victims.
• Protection against social engineering includes following instructions solely from verified personnel.
• Whaling is a sophisticated phishing technique that targets high-ranking officials or senior personnel.
• When receiving a friend's email with a compressed URL, it is important to investigate the link's actual destination using a preview feature before clicking.
• To guard against internet hoaxes, utilize online resources to verify or challenge suspicious claims.
• Compressed URLs can pose security risks as they may disguise malicious intent.

Travel and Mobile Device Security

• Always maintain physical possession of mobile computing devices and government-furnished equipment (GFE) when traveling.
• A mobile phone may be compromised immediately upon exiting the aircraft during overseas travel.
• Public Wi-Fi networks present security risks by exposing connected devices to potential malware threats.

Government-Furnished Equipment (GFE) Usage

• Checking personal emails on GFE is permissible only if aligned with organizational policy guidelines.
• It's crucial to verify the authorization of any cloud-based file sharing or storage services before utilizing them on GFE.

Description

Test your knowledge on cybersecurity concepts with this set of flashcards from the Cyber Awareness Challenge 2023. Each card presents a term or scenario related to cyber awareness, focusing on the appropriate responses to sensitive information. Challenge yourself and stay informed about security best practices.