Back to AI Flashcard MakerInformation Technology /FY24 Cyber Awareness Challenge Part 1
FY24 Cyber Awareness Challenge Part 1
This deck covers key concepts and best practices from the FY24 Cyber Awareness Challenge, including handling sensitive information, protecting devices, and recognizing security threats.
Which of the following is true of working with a Sensitive Compartmented Information Facility (SCIF)?
Authorized personnel who permit another individual to enter the SCIF are responsible for confirming the individual's need-to-know and access.
Tap or swipe ↕ to flip
Swipe ←→Navigate
1/27
Key Terms
Term
Definition
Which of the following is true of working with a Sensitive Compartmented Information Facility (SCIF)?
Authorized personnel who permit another individual to enter the SCIF are responsible for confirming the individual's need-to-know and access.
Which of the following is NOT a best practice for travelling overseas with a mobile device?
Store the device in a hotel safe when sightseeing
How should government owned removable media be stored?
In a GSA-approved container according to the appropriate security classification
Which of the following is NOT a way that malicious code can spread?
Running a virus scan
How can you protect your home computer?
Turn on the password feature, regularly back up your files
Carl receives an e-mail about a potential health risk caused by a common ingredient in processed food. Which of the following actions should Carl NOT take with the e-mail?
Forward it
Related Flashcard Decks
Study Tips
- Press F to enter focus mode for distraction-free studying
- Review cards regularly to improve retention
- Try to recall the answer before flipping the card
- Share this deck with friends to study together
| Term | Definition |
|---|---|
Which of the following is true of working with a Sensitive Compartmented Information Facility (SCIF)? | Authorized personnel who permit another individual to enter the SCIF are responsible for confirming the individual's need-to-know and access. |
Which of the following is NOT a best practice for travelling overseas with a mobile device? | Store the device in a hotel safe when sightseeing |
How should government owned removable media be stored? | In a GSA-approved container according to the appropriate security classification |
Which of the following is NOT a way that malicious code can spread? | Running a virus scan |
How can you protect your home computer? | Turn on the password feature, regularly back up your files |
Carl receives an e-mail about a potential health risk caused by a common ingredient in processed food. Which of the following actions should Carl NOT take with the e-mail? | Forward it |
Which of the following is an appropriate use of a DoD Public Key Infrastructure (PKI) token? | Do not use a token approved for NIPRNet on SIPRNet |
Which of the following is NOT a best practice for protecting data on a mobile device? | Disable automatic screen locking after a period of inactivity |
Under which Cyberspace Protection Condition (CPCON) is the priority focus limited to critical and essential functions? | CPCON 2 |
When is the safest time to post on social media about your vacation plans? | After the trip |
Which of the following statements about Protected Health Information (PHI) is false? | PHI only refers to electronic health records and does not include verbal or written information. |
You receive a phone call offering you a $50 gift card if you participate in a survey. Which course of action should you take? | Decline to participate in the survey. This may be a social engineering attempt. |
Tom is working on a report that contains employees' names, home addresses, and salary. Which of the following is Tom prohibited from doing with the report? | E-mailing it to a colleague who needs to provide missing data |
How can you protect your home computer? | Regularly back up your files |
Which of the following is a best practice to protect your identity? | Order a credit report annually. |
Annabeth becomes aware that a conversation with a co-worker that involved Sensitive Compartmented Information (SCI) may have been overheard by someone who does not have the required clearance. What action should Annabeth take? | Annabeth should immediately report the potential security incident to her security officer or designated security authority. |
Sylvia commutes to work via public transportation. She often uses the time to get a head start on work by making phone calls or responding to e-mails on her government approved mobile device. Does this pose a security concern? | Yes. Eavesdroppers may be listening to Sylvia's phone calls, and shoulder surfers may be looking at her screen. Sylvia should be aware of these risks. |
You receive an e-mail with a link to schedule a time to update software on your government furnished laptop. Your IT department has not scheduled software updates like this in the past and has not announced this software update. the -mail is not digitally signed. What action should you take? | Report the e-mail to your security POC or help desk |
Which of the following is permitted within a Sensitive Compartmented Information Facility (SCIF)? | Only government-approved, authorized equipment and personnel with proper clearance are permitted within a SCIF. |
Which of the following is a best practice for managing connection requests on social networking sites? | Validate connection requests through another source if possible |
Which of the following personally owned peripherals can you use with government furnished equipment (GFE)? | USB Hub |
Which of the following is true of telework? | You must have permission from your organization to telework. |
Where are you permitted to use classified data? | Only in areas within security appropriate to the classification level |
Which of the following describes Sensitive Compartmented Information (SCI)? SCI is a program that __________ various types of classified information for __________ protection and dissemination or distribution control. | segregates; added |
Which of the following is an example of behavior that you should report? | Taking sensitive information home for telework without authorization |
Your meeting notes are unclassified. This means that your notes | Do not have the potential to damage national security |
Identification numbers are what type of information? | Personally Identifiable Information (PII), which is a type of CUI |