00 DON CYBER AWARENESS
CHALLENGE EXAM QUESTIONS AND
ANSWERS
Which of the following is an example of a strong password? - ANSWER -bRobr@79I*P
Who designates whether information is classified and its classification level? - ANSWER
-Original classification authority
Which of the following is an example of behavior that you should report? - ANSWER -
Bringing a phone into a prohibited area
What is insider threat? - ANSWER -Someone who uses authorized access, either
wittingly or unwittingly, to harm national security
How can malicious code do damage? - ANSWER -All of these
Which of the following is an appropriate use of a DoD Public Key Infrastructure (PKI)
token? - ANSWER -Only leave it in a system while actively using it for a PKI-required
task
How can you protect date on a mobile device? - ANSWER -Use two-factor
authentication
Based on description provided, how many insider threat indicators are present? Edward
has worked for a DoD agency for 2 years. He is an analyst who takes a great deal of
interest in his work. He occasionally takes a somewhat aggressive interest in others'
work as well, including asking for classified details of their projects. He otherwise gets
along well with his colleagues. - ANSWER -1
Which of the following can be used to catalogue information about you? - ANSWER -All
of these
You receive an e-mail marked important from you agency head asking you to call them
using a number you do not recognize. This e-mail was sent from a personal e-mail
address that you do not recognize, but it addresses you by name. What action should
you take? - ANSWER -This may be a spear phishing attempt. Report it to your security
POC or help desk.
Matt is a government employee who needs to share a document containing source
selection data with his supervisor. Which of the following describes the most appropriate
way for Matt to do this? - ANSWER -Encrypt it and send it via digitally signed
Government e-mail
CHALLENGE EXAM QUESTIONS AND
ANSWERS
Which of the following is an example of a strong password? - ANSWER -bRobr@79I*P
Who designates whether information is classified and its classification level? - ANSWER
-Original classification authority
Which of the following is an example of behavior that you should report? - ANSWER -
Bringing a phone into a prohibited area
What is insider threat? - ANSWER -Someone who uses authorized access, either
wittingly or unwittingly, to harm national security
How can malicious code do damage? - ANSWER -All of these
Which of the following is an appropriate use of a DoD Public Key Infrastructure (PKI)
token? - ANSWER -Only leave it in a system while actively using it for a PKI-required
task
How can you protect date on a mobile device? - ANSWER -Use two-factor
authentication
Based on description provided, how many insider threat indicators are present? Edward
has worked for a DoD agency for 2 years. He is an analyst who takes a great deal of
interest in his work. He occasionally takes a somewhat aggressive interest in others'
work as well, including asking for classified details of their projects. He otherwise gets
along well with his colleagues. - ANSWER -1
Which of the following can be used to catalogue information about you? - ANSWER -All
of these
You receive an e-mail marked important from you agency head asking you to call them
using a number you do not recognize. This e-mail was sent from a personal e-mail
address that you do not recognize, but it addresses you by name. What action should
you take? - ANSWER -This may be a spear phishing attempt. Report it to your security
POC or help desk.
Matt is a government employee who needs to share a document containing source
selection data with his supervisor. Which of the following describes the most appropriate
way for Matt to do this? - ANSWER -Encrypt it and send it via digitally signed
Government e-mail
