DoD Cyber Awareness Challenge 2019
35 Questions
100 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What do you do if spillage occurs?

?

Which of the following does NOT constitute spillage?

  • Accidental disclosure of classified information
  • Misplacement of classified documents
  • Classified information that should be unclassified and is downgraded (correct)
  • Unauthorized sharing of classified data
  • Which of the following is NOT an appropriate way to protect against inadvertent spillage?

  • Encrypt sensitive information
  • Limit access to classified information
  • Use the classified network for all work, including unclassified work (correct)
  • Training employees on security policies
  • Which of the following should you NOT do if you find classified information on the internet?

    <p>Download the information</p> Signup and view all the answers

    Which of the following is NOT true concerning a computer labeled SECRET?

    <p>May be used on an unclassified network</p> Signup and view all the answers

    What kind of information could reasonably be expected to cause serious damage to national security in the event of unauthorized disclosure?

    <p>Secret</p> Signup and view all the answers

    What advantages do 'insider threats' have over others that allows them to be able to do extraordinary damage to their organizations?

    <p>They are trusted and have authorized access to Government information systems.</p> Signup and view all the answers

    Which of the following should be reported as a potential security incident?

    <p>A coworker removes sensitive information without authorization.</p> Signup and view all the answers

    How many potential insider threat indicators does this employee display?

    <p>?</p> Signup and view all the answers

    In addition to avoiding the temptation of greed to betray his country, what should Alex do differently?

    <p>Avoid talking about work outside of the workplace or with people without a need-to-know</p> Signup and view all the answers

    How many insider threat indicators does Alex demonstrate?

    <p>Three or more</p> Signup and view all the answers

    What should Alex's colleagues do?

    <p>Report the suspicious behavior in accordance with their organization's insider threat policy</p> Signup and view all the answers

    What information most likely presents a security risk on your personal social networking profile?

    <p>Personal email address</p> Signup and view all the answers

    What information most likely presents a security risk on your personal social networking profile?

    <p>?</p> Signup and view all the answers

    Select all sections of the profile that contain an issue. Then select Submit.[Alex Smith]

    <p>All three sections</p> Signup and view all the answers

    Select the appropriate setting for each item. Then select Save.[Alex Smith/Social Media]

    <p>Name and profile picture = Any (depends on personal preference) Biographical data = Friends Only Status, photos, and posts = Friends Only Family and relationships = Friends Only Birthday = Friends Only Photos and videos you are in = Friends Only Check in location via GPS = Off</p> Signup and view all the answers

    Which of the following is NOT a correct way to protect sensitive information?

    <p>Sensitive information may be stored on any password-protected system</p> Signup and view all the answers

    Is it permitted to share an unclassified draft document with a non-DoD professional discussion group?

    <p>True</p> Signup and view all the answers

    Which type of information includes personal, payroll, medical, and operational information?

    <p>Sensitive</p> Signup and view all the answers

    After clicking on a link on a website, a box pops up and asks if you want to run an application. Is it okay to run it?

    <p>False</p> Signup and view all the answers

    Which of the following represents a good physical security practice?

    <p>Use your own security badge, key code, or Common Access Card (CAC)/Personal Identity Verification (PIC) card.</p> Signup and view all the answers

    Which of the following statements is TRUE about the use of DoD Public Key Infrastructure (PKI) tokens?

    <p>True</p> Signup and view all the answers

    What is the best way to protect your Common Access Card (CAC) or Personal Identity Verification (PIV) card?

    <p>Maintain possession of it at all times.</p> Signup and view all the answers

    Which of the following is a best practice for handling cookies?

    <p>?</p> Signup and view all the answers

    Select all security issues. Then select Submit.[Isabel/Website Use]

    <p>Top and bottom sections only</p> Signup and view all the answers

    You receive an email at your official Government email address from an individual at the Office of Personnel Management (OPM). The email provides a link to a personnel portal where you must enter your personal information as part of an effort to standardize recordkeeping. What action should you take first?

    <p>Look for a digital signature on the email.</p> Signup and view all the answers

    You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. The email provides a website and a toll-free number where you can make payment. What action should you take?

    <p>Contact the IRS using their publicly available, official contact information.</p> Signup and view all the answers

    Which email attachments are generally SAFE to open?

    <p>Attachments contained in a digitally signed email from someone known</p> Signup and view all the answers

    Which of the following is NOT true of traveling overseas with a mobile phone?

    <p>?</p> Signup and view all the answers

    What should Sara do when using publicly available Internet, such as hotel Wi-Fi?

    <p>Only connect with the Government VPN</p> Signup and view all the answers

    What is the danger of using public Wi-Fi connections?

    <p>Exposure to hackers and data breaches</p> Signup and view all the answers

    A coworker has asked if you want to download a programmer's game to play at work. What should be your response?

    <p>I'll pass.</p> Signup and view all the answers

    While you are waiting for your lunch bill, a stranger picks up your Government-issued phone from your table and proceeds to exit the facility with it. What should you do?

    <p>Try to observe the direction taken and any other useful information and immediately make a report to your security point of contact.</p> Signup and view all the answers

    Mobile devices include fitness bands, tablets, smartphones, electronic readers, and Bluetooth-enabled devices.

    <p>True</p> Signup and view all the answers

    Which of the following is a best practice for securing your home computer?

    <p>Use antivirus software and keep it up to date.</p> Signup and view all the answers

    Study Notes

    Cyber Awareness and Information Security

    • Spillage should be reported immediately and proper incident response procedures initiated.
    • Classified information downgraded to unclassified does not constitute spillage.
    • Inappropriate protection against spillage includes using classified networks for unclassified tasks.
    • Downloading classified information from the internet is strictly prohibited.
    • A computer labeled SECRET must not be used on unclassified networks.
    • "Secret" information, when disclosed without authorization, is likely to cause serious damage to national security.
    • Insider threats are dangerous due to their trusted status and authorized access to sensitive information.
    • Unauthorized removal of sensitive information by a coworker should be reported as a potential security incident.
    • Observable behavioral issues in colleagues can indicate insider threats, necessitating attention and reporting.
    • Avoid discussing work-related matters outside authorized spaces to mitigate risks associated with insider threats.
    • Colleagues should adhere to organizational policies and report suspicious behaviors to prevent security breaches.
    • Personal email addresses on social networking sites pose significant security risks.
    • Use privacy settings to limit exposure of sensitive biographical data and personal information.
    • Secure sensitive information by avoiding storage on just any password-protected system; consider the strength of the system.
    • Unclassified drafts may be shared with non-DoD professionals if they have been cleared for public release.
    • Sensitive information includes personal, payroll, medical, and operational data, which requires careful handling.
    • Running applications prompted by unexpected pop-ups is unsafe; only allow trusted sources.
    • Good physical security practices entail using personal access devices such as security badges or CACs.
    • Always use DoD PKI tokens within their designated classification levels to ensure security compliance.
    • Protect CAC or PIV cards by keeping them secured and in personal possession at all times.
    • Best practices for handling cookies and evaluating their safety should be adopted to safeguard personal and sensitive information.
    • Legitimate emails from government entities should be verified for digital signatures before proceeding.
    • Unknown payment requests via email should initiate contact with the agency using verified public contact information.
    • Safety in opening email attachments is generally assured with digitally signed messages from known contacts.
    • Ensure secure practices when traveling with mobile phones, especially regarding data security.
    • Using public Wi-Fi connections poses risks that require familiarity with secure connection methods, like VPNs.
    • Avoid downloading non-work-related applications, such as games, on work devices.
    • Report any security incidents immediately, such as a stranger taking a government phone.
    • Mobile devices encompass a variety of electronics, including smartphones, tablets, and wearables.
    • Securing home computers requires regular updates to antivirus software to fend off threats.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Test your knowledge on the DoD Cyber Awareness Challenge for 2019 with these flashcard questions. This quiz covers important aspects of handling classified information, including spillage and security protocols. Perfect for reinforcing key concepts and preparing for the annual training.

    More Like This

    Use Quizgecko on...
    Browser
    Browser