Cyber Awareness Flashcards by Jedi Master (2024)

Spillage: Which of the following does NOT constitute spillage?
a. Classified information that is accidentally moved to a lower classification or protection level. b. Classified information that should be unclassified and is downgraded. c. Classified information that is intentionally moved to a lower protection level without authorization.

b. Classified information that should be unclassified and is downgraded.

Spillage: Which of the following is NOT an appropriate way to protect against inadvertent spillage? a. Label all files, removable media, and subject headers. b. Use the classified network for all work, including unclassified work. c. Be aware of classified markings and all handling caveats.

b. Use the classified network for all work, including unclassified work.

Spillage: Which of the following should you NOT do if you find classified information on the internet? a. Not the website’s URL. b. Download the information. c. Report it to security.

b. Download the information.

Classified Data: (Incident) What level of damage to national security can you reasonably expect Top Secret information to cause if disclosed? a. Damage b. Serious damage c. Exceptionally grave damage

Exceptionally grave damage

Classified data: (Scene) Which of the following is true about telework? a. You may use your personal computer as long as it is in a secure area in your home b. You must have your organization’s permission to telework c. You may use unauthorized software as long as your computer’s antivirus software is up to date.

You must have your organization’s permission to telework

Classified data: (Theory) Which of the following is true of protecting classified data? a. Classified material must be appropriately marked b. Secure facilities allow open storage of classified material c Classified material may be used in unsecured areas as long as it remains in the possession of an individual with the proper clearance and need-to-know.

Classified material must be appropriately marked

Insider threat: (Alex’s statement) In addition to avoiding the temptation of greed to betray his country, what should Alex do differently? a. Avoid attending professional conferences. b. Ask probing questions of potential network contacts to ascertain their true identity c. Avoid talking about work outside of the workplace or with people without need-to-know.

Avoid talking about work outside of the workplace or with people without need-to-know.

Insider threat: (Ellen’s statement) How many insider threat indicators does Alex demonstrate? 0, 1, 2, or 3+

Three or more

Insider threat: (Mark’s statement): What should Alex’s colleagues do? a. Report the suspicious behavior in accordance with their organization’s insider threat policy b. Keep an eye on his behavior to see if it escalates c. Set up a situation to establish concrete proof that Alex is taking classified information.

Report the suspicious behavior in accordance with their organization’s insider threat policy

Social Networking: Select all sections of the profile that contain an issue.

Social Networking: Privacy Settings

Controlled Unclassified Information: (Incident) Which of the following is NOT an example of CUI? a. Proprietary data b. Press release data c. Financial information

Press release data

Controlled Unclassified Information: (Incident) Which of the following is NOT a correct way to protect CUI? a. CUI may be stored on any password-protected system b. CUI may be stored in a locked desk after working hours c. CUI may be emailed if encrypted.

CUI may be stored on any password-protected system

Controlled Unclassified Information: (Victim) Select the information on the data sheet that is personally identifiable information (PII) but not protected health information (PHI).

Controlled Unclassified Information: (Victim) Select the information on the data sheet that is protected health information (PHI).

Interview: Dr. Nora Baker

Physical Security: (Incident #1): What should the employee do differently? a. Nothing. He let his colleague know where he was going, and he was coming right back. b. Skip the coffee break and remain at his workstation. He’s on the clock after all! c. Remove his CAC and lock his workstation.

Remove his CAC and lock his workstation.

Physical Security: (Incident #2): What should the employee do differently? a. Nothing. The person looked familiar, and anyone can forget their badge from time to time. b. Decline to let the person in and redirect her to security c. Let the person in but escort her back t her workstation and verify her badge.

Decline to let the person in and redirect her to security

Identity Management Evidence (Incident): Select all violations at this unattended workstation.

Laptop (Take CAC out), PIN note (Never write your PIN.

Sensitive Compartmented Information (Incident #1): When is it appropriate to have your security badge visible? a. Only when badging in b. At all times when in the facility c. At any time during the workday, including when leaving the facility.

At all times when in the facility

Sensitive Compartmented Information (Incident #2): What should the owner of this printed SCI do differently? a. Never print classified documents b. Label the printout UNCLASSIFIED to avoid drawing attention to it c. Retrieve classified documents promptly from printers.

Retrieve classified documents promptly from printers.

Sensitive Compartmented Information (Incident #3): What should the participants in this conversation involving SCI do differently? a. Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed. b. Hold the conversation over e-mail or instant messenger to avoid being overheard. c. Nothing. It is fair to assume that everyone in the SCIF is properly cleared.

Physically assess that everyone within listening distance is cleared and has a need-to-know for the information being discussed.

Removable Media in a SCIF (Evidence): What portable electronic devices (PEDs) are permitted in a SCIF? a. All PEDs, including personal devices b. All government-owned PEDs c. Only expressly authorized government-owned PEDs.

Only expressly authorized government-owned PEDs.

Removable Media in a SCIF (Incident): What is the response to an incident such as opening an uncontrolled DVD on a computer in a SCIF? a. Notify your security POC b. Analyze the media for viruses or malicious code. c. Analyze the other workstations in the SCIF for viruses or malicious code. d. All of these.

All of these.

Malicious Code (Prevalence): Which of the following is an example of malicious code? a. A system reminder to install security updates b. Software that installs itself without the user’s knowledge c. A firewall that monitors and controls network traffic.

Software that installs itself without the user’s knowledge

Malicious Code (Damage): How can malicious code cause damage? a. Corrupting files b. Erasing your hard drive. c. Allowing hackers access. d. All of these

All of these

Malicious Code (Spread): How can you avoid downloading malicious code: a. Turn on automatic downloading b. Only use a government-issued thumb drive to transfer files between systems. c. Do not access website links in e-mail messages.

Do not access website links in e-mail messages.

Website Use (Incident): Select all security issues.

Social Engineering (Alice Murphy)

Delete (Tiny url)

Social Engineering (Pursuit Bank)

Delete email. “This email is fake. Opening the link would allow the sender to steal Isabel’s information. It would be best to contact the institution using verified contact information to confirm.

Social Engineering (John Anderson)

Report email. This is a spear phishing attempt, and it would be best to report it to security.

Travel (Incident): What should Sara do when using publicly available Internet, such as hotel Wi-Fi? a. Only connect with the Government VPN. b. Only connect via an Ethernet cable. c. Only connect to known networks

Only connect with the Government VPN

Travel (Incident): What is the danger of using public Wi-Fi connections? a. Compromise of data b. Exposure to malware. c. Both of these

Both of these

Use of GFE (Incident): Permitted Uses of Government-Furnished Equipment (GFE)

No to all: Viewing or downloading p*rnography, gambling online, conducting a private money-making venture, using unauthorized software, Illegally downloading copyrighted material, making unauthorized configuration changes.

Mobile Devices (Incident): When is it okay to charge a personal mobile device using government-furnished equipment (GFE)? a. This is always okay. b. Only when there is no other charger available. c. This is never okay.

This is never okay.

Mobile Devices (Incident): Which of the following demonstrates proper protection of mobile devices? a. Sally stored her government-furnished laptop in her checked luggage using a TSA approved luggage lock. b. Linda encrypts all of the sensitive data on her government issued mobile devices. c. Alan uses password protection as required on his government-issued smartphone but prefers the ease of no password on his personal smartphone.

Linda encrypts all of the sensitive data on her government issued mobile devices

Home Computer Security (Evidence): Antivirus alert. Update or Remind me later?

Update

Home Computer Security (Evidence): Update Status: Install or Remind me later

Install

Home Computer Security (Evidence): Firewall Status: Enable or Keep Disabled

Enable

Home Computer Security (Evidence): Virus Alert! Remove Virus or Exit

Exit. Beware of sudden flashing pop-ups that warn your computer is infected with a virus. This may be a malicious code attack. Use your legitimate antivirus software to perform a virus scan instead.

Spillage: Which of the following is a good practice to prevent spillage?

Be aware of classification markings and all handling caveats.

What threat do insiders with authorized access to information or information systems pose?

They may wittingly or unwittingly use their authorized access to perform actions that result in the loss or degradation of resources or capabilities.

Which scenario might indicate a reportable insider threat?

A coworker uses a personal electronic device in a secure area where their use is prohibited.

Which of the following practices may reduce your appeal as a target for adversaries seeking to exploit your insider status?

Remove your security badge after leaving your controlled area or office building

Which of the following information is a security risk when posted publicly on your social networking profile?

Your birthday (?)

Your DOD Common Access Card (CAC) has a Public Key Infrastructure (PKI) token approved for access to the Non-classified Internet Protocol Router Network (NIPRNet). In which situation below are you permitted to use your PKI token?
A. On a computer displaying a notification to update the antivirus software
B. On a NIPRNet system while using it for a PKI-required task
C. On a computer at the public library to check your DOD email.
D. On a system of a higher classification level, such as the Secret Internet Protocol Router Network (SIPRNet)

On a NIPRNet system while using it for a PKI-required task

What guidance is available for marking Sensitive Compartmented Information (SCI)?
A. Sensitive Compartmented Information Guides
B. Original Classification Authority
C. Security Classification Guides

Unknown