Cyber Awareness Quiz

Questions and Answers

You find information that you know to be classified on the internet. What do you do?

Note the website's URL and report the situation to your security point of contact.

Which of the following may help prevent spillage? (Select all that apply)

• Ignore protocols if the information seems harmless
• Use only personal devices for work
• Follow procedures for transferring data to and from non-Government networks (correct)
• Follow procedures for transferring data to and from outside agencies (correct)

Which of the following is good practice to protect classified information? (Select all that apply)

• Always lock classified documents in secured storage (correct)
• Discuss classified information openly
• Store classified information on open networks
• Don't assume open storage in a secure facility is authorized (correct)

What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed?

Exceptionally grave damage

You must have your organization's permission to telework.

True (A)

Classified material must be appropriately marked.

True (A)

Which of the following is a potential insider threat indicator?

Unusual interest in classified information

What is an insider threat?

Someone who uses authorized access, wittingly or unwittingly to harm national security through unauthorized disclosure or other actions that may cause the loss or degradation of resources or capabilities.

Based on the description that follows, how many potential insider threat indicator(s) are displayed? A colleague abruptly becomes hostile and unpleasant after previously enjoying positive working relationships with peers, purchases an unusually expensive new car and has unexplained absences from work.

3 or more indicators

Which piece of information is safest to include on your social media profile?

Photos of your pet

A trusted friend in your social network posts a link to vaccine information on a website unknown to you. What action should you take?

Research the source to evaluate its credibility and reliability.

Which piece of information is safest to include on your social media profile?

Your favorite movie

Which is a best practice for protecting Controlled Unclassified Information (CUI)?

Store it in a locked desk drawer after working hours.

CUI must be handled using safeguarding or dissemination controls.

True (A)

Which of the following is true of Unclassified Information? (Select all that apply)

Must be clearly marked as Unclassified or CUI if included in a classified document or classified storage area (A), May require application of CUI access and distribution controls (B), Must be cleared before being released to the public (C)

Which of the following is NOT an example of CUI?

Press release data (D)

CUI may be stored on any password protected system.

False (B)

Which Cyber Protection Condition (CPCON) establishes a protection priority focus on critical functions only?

CPCON 1

It offers protection from spyware and malware.

True (A)

If your CAC/PIV card is lost or misplaced, report it immediately to your security POC.

True (A)

You may only transport SCI if you have been courier-briefed for SCI.

True (A)

They provide guidance on reasons for and duration of classification of information.

True (A)

Only connect government-owned PEDs to the same level classification information system when authorized.

True (A)

For government-owned devices, use approved and authorized applications only.

True (A)

Flashcards are hidden until you start studying

Study Notes

Cyber Awareness and Reporting

• Report classified information found online by noting the website URL and alerting the security point of contact.
• Follow established procedures when transferring data to prevent spillage.

Protecting Classified Information

• Open storage in secure facilities should not be assumed as authorized; always verify.
• Top Secret information can cause exceptionally grave damage to national security if disclosed.

Telework and Permissions

• Teleworking is only permitted with the organization’s explicit approval.

Insider Threats

• Indicators of potential insider threats include unusual interest in classified materials.
• An insider threat involves someone misusing authorized access to harm national security, potentially compromising resources.

Identifying Insider Threats

• A colleague showing hostile behavior, acquiring expensive items unexpectedly, and having unexplained absences may display 3 or more threat indicators.

Social Media Safety

• Safest social media content includes personal photos of pets or favorite movies.
• Evaluate the credibility of vaccine information shared by friends through research.

Controlled Unclassified Information (CUI)

• Store CUI in a locked desk drawer after hours for protection.
• CUI must be managed with proper safeguarding controls.

Unclassified Information Guidelines

• Unclassified information must be reviewed before public release and appropriately marked.
• Compromised unclassified information can have safety ramifications for government personnel and operations.

Cyber Protection Conditions

• CPCON 1 prioritizes the protection of critical functions.

Public Key Infrastructure (PKI)

• Using a DoD PKI token provides defense against spyware and malware.

Common Access Card (CAC) and PIV

• Report any lost or misplaced CAC/PIV cards to a security point of contact immediately.

Sensitive Compartmented Information (SCI)

• Transporting SCI requires prior courier briefing to ensure compliance with security protocols.

Security Classification Guides

• These guides clarify the rationale and duration for the classification of information.

Portable Electronic Devices (PEDs)

• Only government-owned PEDs may connect to corresponding classified information systems in a SCIF when authorized.

Application Downloads

• For government devices, only download applications that are pre-approved and authorized.