DOD CYBER AWARENESS (KNOWLEDGE CHECK) EXAM Q&A

DOD CYBER AWARENESS
(KNOWLEDGE CHECK) EXAM Q&A
(Classified Data)
Who designates whether information is classification level? - ANSWER -Original
classification authority

(Classified Data)
Which of the following must you do before using an unclassified laptop and peripherals
in a collateral classified environment? - ANSWER -Ensure that any cameras,
microphones, and Wi-Fi embedded in the laptop are physically disabled

(Classified Data)
Which of the following is a good practice to protect classified information? - ANSWER -
Don't assume open storage in a secure facility is authorized

(Classified Data)
What is the basis for the handling and storage of classified data? - ANSWER -
Classification markings and handling caveats

(Insider Threat)
Based on the description that follows, how many potential insider threat indicator(s) are
displayed? A colleague abruptly becomes hostile and unpleasant after previously
enjoying positive working relationship with peers, purchases an unusually expensive
new car, and has unexplained absences from work. - ANSWER -3 or more indicators

(Insider Threat)
Which scenario might indicate a reportable insider threat? - ANSWER -A colleague
removes sensitive information without seeking authorization in order to perform
authorized telework.

(Insider Threat)
Which of the following is a reportable insider threat activity? - ANSWER -Attempting to
access sensitive information without need-to-know

(Insider Threat)
Which of the following is a potential insider threat indicator? - ANSWER -Unusual
interest in classified information

(Insider Threat)
What is an insider threat? - ANSWER -Someone who uses authorized access, wittingly
or unwittingly, to harm national security through unauthorized disclosure or other actions
that may cause the loss or degradation of resources or capabilities.

, (Social Networking)
How can you protect your organization on social networking sites? - ANSWER -Ensure
there are no identifiable landmarks visible in any photos taken in a work setting that you
post

(Social Networking)
Which of the following statements is true? - ANSWER -Adversaries exploit social
networking sites to disseminate fake news.

(Social Networking)
When may you be subject to criminal, disciplinary, and/or administrative action due to
online harassment, bullying, stalking, hazing, discrimination, or retaliation? - ANSWER -
If you participate in or condone it at any time

(Controlled Unclassified Information)
Which of the following is true of Protected Health Information (PHI)? - ANSWER -It is
created or received by a healthcare provider, health plan, or employer.

(Controlled Unclassified Information)
Which is a best practice for protecting Controlled Unclassified Information (CUI)? -
ANSWER -Store it in a locked desk drawer after working hours

(Controlled Unclassified Information)
Which designation marks information that does not have potential to damage national
security? - ANSWER -Unclassified

(Controlled Unclassified Information)
Which of the following is NOT an example of Personally Identifiable Information (PII)? -
ANSWER -High school attended

(Controlled Unclassified Information)
Which of the following is true of Controlled Unclassified Information (CUI)? - ANSWER -
CUI must be handled using safeguarding or dissemination controls.

(Controlled Unclassified Information)
Which designation includes Personally Identifiable Information (PlI) and Protected
Health Information (PHI)? - ANSWER -Controlled Unclassified Information (CUI)

(Controlled Unclassified Information)
Which of the following is a security best practice for protecting Personally Identifiable
Information (PII)? - ANSWER -Only use Government-furnished or Government-
approved equipment to process
PIl.

(Spillage)