Cyber Awareness Challenge 2024 Flashcards
47 Questions
100 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What conditions are necessary to be granted access to Sensitive Compartmented Information (SCI)?

Top Secret clearance and indoctrination into the SCI program

Which of the following is permitted when using an unclassified laptop within a collateral classified space?

  • A personal laptop
  • A government-issued wired headset with microphone (correct)
  • Unsecured USB drives
  • Using personal headphones
  • Which of the following is an authoritative source for derivative classification?

    Security Classification Guide

    Which of the following actions should Carl NOT take with the e-mail about a potential health risk?

    <p>Forward it</p> Signup and view all the answers

    How can an adversary use information available in public records to target you?

    <p>Combine it with information from other data sources to learn how best to bait you with a scam</p> Signup and view all the answers

    Which of the following is an appropriate use of government e-mail?

    <p>Using a digital signature when sending attachments</p> Signup and view all the answers

    Which of the following is NOT a best practice for protecting data on a mobile device?

    <p>Disable automatic screen locking after a period of inactivity</p> Signup and view all the answers

    What action should Annabeth take if she believes an SCI conversation was overheard?

    <p>Contact her security POC to report the incident</p> Signup and view all the answers

    On your home computer, how can you best establish passwords when creating separate user accounts?

    <p>Have each user create their own, strong password</p> Signup and view all the answers

    Which of the following is an allowed use of government furnished equipment (GFE)?

    <p>Checking personal e-mail if your organization allows it</p> Signup and view all the answers

    How can you prevent viruses and malicious code?

    <p>Scan all external files before uploading to your computer</p> Signup and view all the answers

    An insider threat is someone who uses __________ access, __________, to harm national security.

    <p>authorized, wittingly or unwittingly</p> Signup and view all the answers

    Which of the following is an example of behavior that you should report?

    <p>Taking sensitive information home for telework without authorization</p> Signup and view all the answers

    Which of the following is true of telework?

    <p>You must have permission from your organization to telework</p> Signup and view all the answers

    After a classified document is leaked online, which statement is true of the leaked information?

    <p>You should still treat it as classified even though it has been compromised</p> Signup and view all the answers

    How should government-owned removable media be stored?

    <p>In a GSA-approved container according to the appropriate security classification</p> Signup and view all the answers

    Which of the following is NOT an example of Personally Identifiable Information (PII)?

    <p>Automobile make and model</p> Signup and view all the answers

    What does the Common Access Card (CAC) contain?

    <p>Certificates for identification, encryption, and digital signature</p> Signup and view all the answers

    Does Sylvia's commuting behavior pose a security concern?

    <p>True</p> Signup and view all the answers

    Does Beth tapping her phone at a payment terminal pose a security risk?

    <p>True</p> Signup and view all the answers

    Which of the following is NOT an appropriate use of your Common Access Card (CAC)?

    <p>Using it as photo identification with a commercial entity</p> Signup and view all the answers

    When is the safest time to post on social media about your vacation plans?

    <p>After the trip</p> Signup and view all the answers

    What is the best course of action if you receive a suspicious text message about delayed package delivery?

    <p>Delete the message</p> Signup and view all the answers

    Which of the following is NOT a best practice for protecting your home wireless network for telework?

    <p>Use your router's pre-set Service Set Identifier (SSID) and password</p> Signup and view all the answers

    Which of the following is a best practice for using government e-mail?

    <p>Do not send mass e-mails</p> Signup and view all the answers

    How can you protect your home computer?

    <p>Turn on the password feature</p> Signup and view all the answers

    Did Carl receive an e-mail about a potential health risk and should forward it?

    <p>False</p> Signup and view all the answers

    Which of the following is true of transmitting or transporting SCI?

    <p>Printed SCI must be retrieved promptly from the printer</p> Signup and view all the answers

    Terry sees a post that says there is smoke billowing from the Pentagon. What is likely true?

    <p>This is probably a post designed to attract her attention to a scam</p> Signup and view all the answers

    Which of the following statements about PHI is false?

    <p>It can be used by anyone for personal gain</p> Signup and view all the answers

    Which of the following is NOT a best practice for protecting your home wireless network for telework?

    <p>Use your router's pre-set SSID and password</p> Signup and view all the answers

    Does Beth tapping her phone at a payment terminal pose a security risk?

    <p>True</p> Signup and view all the answers

    How can you prevent viruses and malicious code?

    <p>Scan all external files before uploading to your computer</p> Signup and view all the answers

    Which of the following is an example of behavior that you should report?

    <p>Taking sensitive information home for telework without authorization</p> Signup and view all the answers

    What is the best course of action if you receive a suspicious text message about delayed package delivery?

    <p>Delete the message</p> Signup and view all the answers

    Which of the following is a permitted use of a DoD PKI token?

    <p>Do not use a token approved for NIPR on SIPR</p> Signup and view all the answers

    Which of the following is a best practice when browsing the internet?

    <p>Only accept cookies from reputable, trusted websites</p> Signup and view all the answers

    Where are you permitted to use classified data?

    <p>Only in areas with security appropriate to the classification level</p> Signup and view all the answers

    Which of the following contributes to your online identity?

    <p>All of these</p> Signup and view all the answers

    How can you protect your home computer?

    <p>Regularly back up your files</p> Signup and view all the answers

    Which of the following statements is true of DoD Unclassified data?

    <p>It may require access and distribution controls</p> Signup and view all the answers

    Which of the following is NOT a way that malicious code can spread?

    <p>Running a virus scan</p> Signup and view all the answers

    What is the goal of an Insider Threat Program?

    <p>Deter, detect, and mitigate</p> Signup and view all the answers

    Which of the following uses of removable media is allowed?

    <p>Government owned removable media that is approved as operationally necessary</p> Signup and view all the answers

    Which of the following is permitted when using an unclassified laptop within a collateral classified space?

    <p>A government-issued wired headset with microphone</p> Signup and view all the answers

    When is the safest time to post on social media about your vacation plans?

    <p>After the trip</p> Signup and view all the answers

    Which of the following is NOT an appropriate use of your CAC?

    <p>Using it as photo identification with a commercial entity</p> Signup and view all the answers

    Study Notes

    Sensitive Compartmented Information (SCI)

    • Access to SCI requires Top Secret clearance and indoctrination into the SCI program.
    • Printed SCI documents must be retrieved promptly from the printer.

    Government Equipment and E-mail Usage

    • Use a digital signature when sending attachments via government e-mail to ensure authenticity.
    • Government-owned removable media should be stored in a GSA-approved container matching the security classification.

    Data Protection Practices

    • Strong passwords should be created by individual users for separate accounts on home computers.
    • To prevent viruses, all external files must be scanned before uploading to personal devices.
    • Best practice for mobile devices includes enabling automatic screen locking and ensuring sensitive information isn’t taken home without authorization.

    Insider Threats

    • An insider threat occurs when someone with authorized access wittingly or unwittingly jeopardizes national security.
    • A primary goal of an Insider Threat Program is to deter, detect, and mitigate potential threats.

    Social Media and Public Information

    • Best to share vacation plans on social media only after returning from the trip to prevent targeting by scammers.
    • Information from public records can be exploited by adversaries to orchestrate scams, especially when combined with other data.

    Handling Communications

    • Avoid forwarding suspicious e-mails regarding health risks or unexpected package notifications; delete such messages instead.
    • While using government-approved devices during public commutes, be cautious of eavesdropping and shoulder surfing.

    Personal Identifiable Information (PII)

    • PII includes data that can identify individuals; however, automobile make and model is not classified as PII when linked to an individual.
    • Common Access Cards (CAC) contain identification, encryption, and digital signature certificates but should not be used as identification for commercial purposes.

    Wireless Network Security

    • Protect home wireless networks by using unique SSIDs and passwords rather than factory presets.
    • Regularly back up files and enable password features on home computers to enhance security.

    Internet Browsing and General Safety Measures

    • Only accept cookies from trustworthy websites during internet browsing to safeguard personal data.
    • Mass e-mails should be avoided when using government e-mail to maintain security protocols.

    Telework Regulations

    • Permission from an organization is mandatory for telework arrangements.
    • Treat any leaked classified information as still classified, even after becoming publicly accessible.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Test your knowledge of cybersecurity protocols with these flashcards from the Cyber Awareness Challenge 2024. Each card covers essential topics like Sensitive Compartmented Information and proper use of devices in classified areas. Perfect for anyone looking to enhance their cyber awareness skills.

    More Like This

    Cybersecurity Awareness
    18 questions

    Cybersecurity Awareness

    AwestruckRetinalite avatar
    AwestruckRetinalite
    Cybersecurity Awareness and Training Quiz
    18 questions
    Cybersecurity Awareness Quiz
    37 questions
    Use Quizgecko on...
    Browser
    Browser