Podcast
Questions and Answers
How can an adversary use information available in public records to target you?
How can an adversary use information available in public records to target you?
Combine it with info from other data sources to learn how to best bait you with a scam
Which of the following is an example of a strong password?
Which of the following is an example of a strong password?
Where are you permitted to use classified data?
Where are you permitted to use classified data?
Only in areas with security appropriate to the classification level
What conditions are necessary to be granted access to SCI?
What conditions are necessary to be granted access to SCI?
Signup and view all the answers
Which of the following is NOT a best practice for traveling overseas with a mobile device?
Which of the following is NOT a best practice for traveling overseas with a mobile device?
Signup and view all the answers
Under which Cyberspace Protection Condition (CPCON) is the priority focus limited to critical and essential functions?
Under which Cyberspace Protection Condition (CPCON) is the priority focus limited to critical and essential functions?
Signup and view all the answers
Which of the following is prohibited for Tom while working on a report that contains employee names and sensitive information?
Which of the following is prohibited for Tom while working on a report that contains employee names and sensitive information?
Signup and view all the answers
Which of the following uses of removable media is appropriate?
Which of the following uses of removable media is appropriate?
Signup and view all the answers
Which of the following is NOT a best practice for protecting data on a mobile device?
Which of the following is NOT a best practice for protecting data on a mobile device?
Signup and view all the answers
Which of the following is a best practice to protect your identity?
Which of the following is a best practice to protect your identity?
Signup and view all the answers
Which of the following is permitted within a SCIF?
Which of the following is permitted within a SCIF?
Signup and view all the answers
Which of the following is a best practice when browsing the internet?
Which of the following is a best practice when browsing the internet?
Signup and view all the answers
Which of the following is a risk associated with removable media?
Which of the following is a risk associated with removable media?
Signup and view all the answers
Which of these is NOT a potential indicator that your device may be under a malicious code attack?
Which of these is NOT a potential indicator that your device may be under a malicious code attack?
Signup and view all the answers
What is the best course of action if you receive a suspicious text message about a package delivery?
What is the best course of action if you receive a suspicious text message about a package delivery?
Signup and view all the answers
What does the CAC contain?
What does the CAC contain?
Signup and view all the answers
How can you prevent viruses and malicious code?
How can you prevent viruses and malicious code?
Signup and view all the answers
Which type of data could reasonably be expected to cause serious damage to national security?
Which type of data could reasonably be expected to cause serious damage to national security?
Signup and view all the answers
Which of the following is true of telework?
Which of the following is true of telework?
Signup and view all the answers
Which of the following is an example of behavior that you should report?
Which of the following is an example of behavior that you should report?
Signup and view all the answers
Which of the following is least likely to pose a risk to share on a social networking site?
Which of the following is least likely to pose a risk to share on a social networking site?
Signup and view all the answers
Does Sylvia's use of a government-approved mobile device for calls during her commute pose a security concern?
Does Sylvia's use of a government-approved mobile device for calls during her commute pose a security concern?
Signup and view all the answers
How can you mitigate the potential risk associated with a compressed URL?
How can you mitigate the potential risk associated with a compressed URL?
Signup and view all the answers
How can you protect your home computer?
How can you protect your home computer?
Signup and view all the answers
Which best describes an insider threat? Someone who uses __________ access, ______________, to harm national security through unauthorized disclosure, data modification, espionage, terrorism, or kinetic actions.
Which best describes an insider threat? Someone who uses __________ access, ______________, to harm national security through unauthorized disclosure, data modification, espionage, terrorism, or kinetic actions.
Signup and view all the answers
Study Notes
Cybersecurity Awareness and Best Practices
- Public records can be combined with data from other sources by adversaries to target individuals for scams.
- Strong passwords are complex; an example is d+Uf_4RimUz.
- Classified data should only be handled in security areas appropriate for its classification level.
- Access to Sensitive Compartmented Information (SCI) requires special access authorization and indoctrination into the SCI program.
- Avoid traveling with mobile devices when possible as a cybersecurity best practice.
Cyber Protection Conditions and Data Handling
- Cyberspace Protection Condition (CPCON) 2 limits priority focus to critical and essential functions.
- Using a home computer for printing sensitive reports while teleworking is prohibited, especially when it contains personal employee details.
- Appropriate use of removable media includes encrypting data stored on it.
Mobile Device Security and Internet Safety
- Disabling auto screen locking on mobile devices is not a recommended practice for protecting data.
- Best practices for identity protection include ordering a credit report annually.
- A Government-owned Portable Electronic Device (PED) is permitted in a Sensitive Compartmented Information Facility (SCIF).
- When browsing the internet, only accept cookies from reputable websites.
Risks and Indicators of Cyber Attacks
- Removable media poses various risks, which include unauthorized access or malware.
- Notifications of system updates that have been publicized are not indicators of malicious attacks.
- Receiving unsolicited messages, such as package delivery delays from unknown sources with shortened links, should be approached with caution; the best action is to delete such messages.
Common Security Practices
- Common Access Card (CAC) includes certificates for identification, encryption, and digital signatures.
- To prevent viruses and malicious code, always scan external files before uploading them to your devices.
- Data classified as Secret could cause serious damage to national security if disclosed.
Telework and Reporting Security Issues
- Teleworking requires prior permission from your organization.
- Reporting is essential for behaviors like taking home sensitive information without authorization.
- Sharing innocuous information, such as your pet's name, is less likely to pose security risks on social media.
Transportation Security Considerations
- Using public transport for work-related calls poses security concerns due to eavesdropping and shoulder surfing.
- To safely manage risks associated with compressed URLs, utilize the preview function to verify destination links.
Home Computer Protection
- Activate password protection on home computers to enhance security.
- Insider threats involve individuals misusing their authorized access, whether knowingly or unknowingly, to compromise national security.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Test your knowledge on cybersecurity with the Department of Defense Cyber Awareness Challenge 2024 pre-test flashcards. This quiz covers key concepts on information security, strong passwords, and the regulations governing classified data usage. Perfect for individuals preparing for cybersecurity training or assessments.
