DoD Cyber Awareness Challenge 2024 Flashcards

Questions and Answers

Which of the following is permitted when using an unclassified laptop within a collateral classified space?

An unapproved mobile device

A government issued tablet

A government issued wired headset with microphone (correct)

A personal laptop

Which of the following is a best practice for using government email?

Share your email password with trusted colleagues

Send mass e-mails to all contacts

Use a personal email for official communications

Do not send mass e-mails (correct)

Which of the following personally owned peripherals can you use with government-furnished equipment (GFE)?

A personal printer

A tablet

A smartphone

A USB hub (correct)

Which of the following is NOT a best practice for protecting data on a mobile device?

Disable automatic screen locking after a period of inactivity

You receive a phone call offering you a $50 gift card if you participate in a survey. What course of action should you take?

Decline to participate in the survey.

Which of the following is NOT a way that malicious code can spread?

Running a virus scan

Which of the following is NOT a best practice for protecting your home wireless network for telework?

Use your router's pre-set Service Set Identifier (SSID) and password

What is an example of a strong password?

d+Uf_4RimUz

Which of the following is least likely to pose a risk to share on a social networking site?

Your pet's name

Carl receives an e-mail about a potential health risk caused by a common ingredient in processed food. Which of the following actions should Carl NOT take with the e-mail?

Forward it

Where are you permitted to use classified data?

Only in SCIF.

Which of the following is an appropriate use of DoD Public Key Infrastructure (PKI) token?

Use a token approved for SIPRNet on SIPRNet

How can you protect your home computer?

Regularly back up your files.

Which of the following is true of transmitting or transporting Sensitive Compartmented Information (SCI)?

Printed SCI must be retrieved promptly from the printer

Which of the following is permitted within a Sensitive Compartmented Information SCIF?

An authorized Government-owned Portable Electronic Device (PED)

Does Sylvia pose a security concern while commuting?

Yes.

How can you prevent viruses and malicious code?

Scan all external files before uploading to your computer.

What concern does the email from Carl's boss pose?

This may be a spear phishing attempt.

What conditions are necessary to be granted access to Sensitive Compartmented Information (SCI)?

Top Secret clearance and indoctrination into the SCI program.

When linked to a specific individual, which of the following is NOT an example of Personally Identifiable Information (PII)?

Automobile make and model

Which of the following is best practice to protect your identity?

Order a credit report annually

Which of the following is true of spillage?

It can be either inadvertent or intentional

Which of the following is a risk associated with removable media?

ALL OF THESE

Based on the description provided, how many insider threat indicators are present for Elyse?

0 (Zero).

How can you protect your home computer?

Turn on the password feature.

Study Notes

Cybersecurity Best Practices

• Use a government-issued wired headset with microphone for unclassified laptops in classified spaces to maintain security protocols.
• Avoid sending mass emails from government accounts to prevent information overload and potential security breaches.
• A USB hub is an acceptable personally owned peripheral for use with Government Furnished Equipment (GFE).

Mobile Device Security

• Do not disable automatic screen locking on mobile devices; this feature is essential for data protection.
• Be cautious with unsolicited phone calls offering gifts; they may be attempts at social engineering. Always decline such offers.

Data Protection Strategies

• Regularly scan external files before uploading to your computer to prevent viruses and malicious code.
• Printed Sensitive Compartmented Information (SCI) must be promptly retrieved from printers to maintain document confidentiality.

Handling Sensitive Information

• Access to SCI requires Top Secret clearance and indoctrination into the SCI program, ensuring only authorized personnel handle sensitive data.
• It is inappropriate to forward unverified emails regarding health risks, as they may spread misinformation.

Password Security

• A strong example of a password is "d+Uf_4RimUz," showcasing the importance of complexity in password creation.
• To safeguard online identity, ordering a credit report annually is highly recommended.

Wireless Network Safety

• Avoid using pre-set router SSIDs and passwords for home wireless networks to enhance security against unauthorized access.

Recognizing Phishing Attempts

• Emails from unknown personal addresses requesting urgent information may represent spear phishing attempts; verify with known contact methods.

Removable Media Risks

• Using removable media can introduce malicious code and compromise system integrity, confidentiality, and availability.

Insider Threat Indicators

• Assessing insider threats requires careful observation; in the provided example, Elyse shows no indicators of risk.

Social Engineering Awareness

• Sharing innocuous personal information, like a pet’s name, is typically low-risk, but caution is still advised on social networking sites.

Description

Test your knowledge with these flashcards focused on the DoD Cyber Awareness Challenge 2024. Each card highlights important best practices and guidelines for using government equipment and email. Perfect for anyone preparing for cybersecurity awareness in a military context.