DOD Cyber Awareness Challenge 2019

Questions and Answers

What should you do after you have ended a call from a reporter asking you to confirm potentially classified info found on the web?

Alert your security point of contact.

Which of the following actions is appropriate after finding classified Government information on the internet?

Note any identifying information and the website's URL.

Which of these is true of unclassified data?

Its classification level may rise when aggregated.

What type of information includes personal, payroll, medical, and operational information?

Sensitive.

What is the best protection method for sharing Personally Identifiable Information (PII)?

Digitally sign and encrypt the email.

Which of the following is NOT a typical result from running malicious code?

Disables cookies

Which of the following is a practice that helps to protect you from identity theft?

Ordering a credit report annually.

Which of the following describes an appropriate use of Government email?

Molly uses a digital signature when sending attachments or hyperlinks.

Which of the following is true of Internet hoaxes?

They can be part of a distributed denial-of-service (DDoS) attack.

Which of the following is a practice that helps to prevent the download of viruses and other malicious code when checking your email?

Do not access links or hyperlinked media such as buttons and graphics in email messages.

Which of the following may indicate a malicious code attack?

A flashing pop-up that warns you your computer is infected with a virus.

Upon connecting your Government-issued laptop to a public wireless connection, what should you immediately do?

Connect to the Government Virtual Private Network (VPN).

Under what circumstances is it acceptable to check personal email on Government-furnished equipment (GFE)?

If your organization allows it.

When checking in at the airline counter for a business trip, what should you do?

Decline so that you maintain physical contact of your Government-issued laptop.

A man you do not know is trying to look at your Government-issued phone and has asked to use it. What should you do?

Decline to lend the man your phone.

How can you protect your information when using wireless technology?

Avoid using non-Bluetooth-paired or unencrypted wireless computer peripherals.

What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure?

Top Secret.

Which of the following is NOT considered a potential insider threat indicator?

New interest in learning a foreign language.

A coworker wants to send you a sensitive document to review while you are at lunch and you only have your personal tablet. What should you do?

Never allow sensitive data on a non-Government-issued mobile device.

While you are waiting for your lunch bill, a stranger picks up your Government-issued phone from your table and proceeds to exit the facility with it. What should you do?

Try to observe the direction taken and any other useful information and immediately make a report to your security point of contact.

When would be a good time to post your vacation location and dates on your social networking website?

When you return from your vacation.

Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens?

Always use DoD PKI tokens within their designated classification level.

How should you protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card?

Store it in a shielded sleeve to avoid chip cloning.

Study Notes

Knowledge Check Flashcards Summary

• After a reporter call: Notify your security point of contact if asked to confirm classified information.
• Encountering classified information online: Document any identifying details and the URL of the website.
• Unclassified data: Its classification can increase when combined with other data.
• Information categories: Personal, payroll, medical, and operational details are classified as sensitive information.
• Protecting Personally Identifiable Information (PII): Use digital signatures and encryption for emails containing PII.
• Malicious code effects: Running malicious code typically does not disable cookies.
• Identity theft prevention: Order a credit report annually.
• Government email use: Suitable use includes employing a digital signature for attachments or hyperlinks.
• Internet hoaxes: These can be related to Distributed Denial-of-Service (DDoS) attacks.
• Email virus prevention: Avoid clicking on links or hypermedia buttons in emails to reduce virus exposure.
• Malicious code attack indicators: Warning pop-ups claiming infection can indicate a malicious attack.
• Using public wireless connections: Connect to the Government Virtual Private Network (VPN) immediately when using a Government-issued laptop.
• Personal email check on Government equipment: Checking personal email is allowed if authorized by your organization.
• Business trip security: Maintain physical possession of your Government-issued laptop when checking in at the airline counter.
• Phone security: Do not lend your Government-issued phone to strangers.
• Wireless technology security: Avoid using unencrypted or non-Bluetooth-paired wireless devices.
• Top Secret information: Unauthorized disclosure could seriously harm national security.
• Colleague's travel: Be aware of indicators related to foreign visits, which may raise security concerns.
• Insider threat indicators: A newfound interest in a foreign language is generally not a warning sign.
• Sensitive documents on personal devices: Avoid storing sensitive information on non-Government-issued devices.
• Stolen Government phone: Take note of the thief's direction and details, then report to security.
• Social media precautions: Post vacation details only after returning home for safety.
• DoD PKI tokens: Always use within the specified classification level.
• CAC and PIV card protection: Use shielded sleeves to protect these cards from chip cloning.

Description

Test your knowledge with the DOD Cyber Awareness Challenge 2019 flashcards. This quiz covers essential protocols for handling classified information and responding to inquiries from reporters. Ensure you understand the correct steps to maintain security and confidentiality.