How can you protect your home computer?
Turn on the password feature
Carl receives an e-mail about a potential health risk caused by a common ingredient in processed food. Which of the following actions should Carl NOT take with the e-mail?
Forward it
Which of the following is an appropriate use of government e-mail?
Using a digital signature when sending attachments
Sylvia commutes to work via public transportation. She often uses...
Yes. Eavesdroppers may be listening to Sylvia’s phone calls, and shoulder surfers may be looking at her screen.
Which of the following is true of transmitting or transporting Sensitive Compartmented Information (SCI)?
Printed SCI must be retrieved promptly from the printer
What conditions are necessary to be granted access to SCI?
Top Secret clearance and indoctrination into the SCI program
Terry sees a post on her social media feed that says there is smoke billowing from the Pentagon...
This is probably a post designed to attract Terr’s attention to click on a link and steal her information
Which of the following statements about PHI is false?
It is created or received by a healthcare provider, health plan, or employer of a business associate of these.
Which of the following is NOT a best practice for protecting your home wireless network for telework?
Use your router’s pre-set SSID and password
Beth taps her phone at a payment terminal to pay for a purchase. Does this pose a security risk?
Yes, there is a risk that the signal could be intercepted and altered
How can you prevent viruses and malicious code?
Scan all external files before uploading to your computer
Which of the following is an example of behavior that you should report?
Taking sensitive information home for telework without authorization
You receive a text message from a package shipper notifying you that your package delivery is delayed due to needing updated delivery instructions from you.
Delete the message
Which of the following is an appropriate use of DoD Public Key Infrastructure (PKI) token?
Do not use a token approved for NIPR on SIPR
Which of the following is a best practice when browsing the internet?
Only accept cookies from reputable, trusted websites
Where are you permitted to use classified data?
Only in areas with security appropriate to the classification level
Which of the following contributes to your online identity?
All of these
How can you protect your home computer?
Regularly back up your files
Which of the following statements is true of DoD Unclassified data?
It may require access and distribution controls
Which of the following is NOT a way that malicious code can spread?
Running a virus scan
What is the goal of an Insider Threat Program?
Deter, detect, and mitigate
Which of the following uses of removable media is allowed?
Government owned removable media that is approved as operationally necessary
Which of the following is permitted when using an unclassified laptop within a collateral classified space?
A government-issued WIRED headset with microphone
When is the safest time to post on social media about your vacation plans?
After the trip
Which of the following is NOT an appropriate use of your CAC?
Using it as photo identification with a commercial entity
Which of the following is true of spillage?
It refers specifically to classified information that becomes publicly available.
Which of the following is permitted within a Sensitive Compartmented Information Facility (SCIF)?
An authorized Government-owned Portable Electronic Device (PED)
You receive a phone call offering you a $50 gift card if you participate in a survey. Which course of action should you take?
Decline to participate in the survey. This may be a social engineering attempt.
How should government owned removable media be stored?
In a GSA-approved container according to the appropriate security classification.
Which of the following is a best practice for using government email?
Do not send mass e-mails.
Which of the following is a best practice for physical security?
Use your own security badge or key code for facility access.
Which of the following is least likely to pose a risk to share on a social networking site?
Your pet’s name
How can you protect your home computer?
Regularly back up your files.
Which of the following describes Sensitive Compartmented Information (SCI)? SCI is a program that ______________various types of classified information for _______________ protection and dissemination or distribution control.
segregates, added
Which of the following is true of telework?
You must have permission from your organization to telework.
Which of the following is true Sensitive Compartmented Information Facilities (SCIFs)?
Due to the physical security measures in place within a SCIF, open storage is allowed.
Which of the following is NOT a best practice for teleworking in an environment where Internet of Things (IoT) devices are present?
Use the devices’ default security settings.
Based on the description provided, how many insider threat indicators are present? Elyse has worked for a DoD agency for more than 10 years. She is a diligent employee who receives excellent performance reviews and is a valued team member. She has two children and takes them on a weeklong beach vacation every summer. She spent a semester abroad in France as a teenager and plans to take her children to visit France when they are older.
0
Tom is working on a report that contains employees' names, home addresses, and salary. Which of the following is Tom prohibited from doing with the report?
E-mailing it to a colleague who needs to provide missing data
Which of these is NOT a potential indicator that your device may be under a malicious code attack?
A notification for a system update that has been publicized.
Which of the following is a best practice to protect your identity?
Order a credit report annually
Which of the following is not a best practice for traveling overseas with a mobile device?
Do not travel with a mobile device if you can avoid it
Which of the following personally owned peripherals can you use with government furnished equipment (GFE)?
A USB hub.
Which of the following is NOT a best practice for protecting data on a mobile device?
Disable automatic screen locking after a period of inactivity.
Which of the following is an example of a strong password?
d+Uf_4RimUz
You receive an e-mail marked important from your boss asking for data that they need immediately for a meeting starting now. The e-mail was sent from a personal e-mail address that you do not recognize, but it addresses you by name. What concern does this e-mail pose?
This may be a spear phishing attempt. Contact your boss using contact information that you know to be legitimate.
When linked to a specific individual, which of the following is NOT an example of Personally Identifiable Information (PII)?
Automobile make and model.
Which of the following is a risk associated with removable media?
ALL OF THESE: Introduction of malicious codes; compromise of systems’ confidentiality, availability, or integrity; spillage of classified documents.
