CYBER AWARENESS CHALLENGE-
EXAM SET Q&A
**Classified Data
What is required for an individual to access classified data? - ANSWER -Appropriate
clearance, a signed and approved non-disclosure agreement, and need-to-know
**Classified Data
Which classification level is given to information that could reasonably be expected to
cause serious damage to national security? - ANSWER -Secret
**Classified Data
Which of the following is a good practice to protect classified information? - ANSWER -
Ensure proper labeling by appropriately marking all classified material and, when
required, sensitive material
**Classified Data
Which of the following is true of protecting classified data? - ANSWER -Classified
material must be appropriately marked.
**Classified Data
What level of damage can the unauthorized disclosure of information classified as
Confidential reasonably be expected to cause? - ANSWER -Damage to national
security
**Classified Data
Which of the following is true of telework? - ANSWER -You must have permission from
your organization.
**Classified Data
Which type of information could reasonably be expected to cause serious damage to
national security if disclosed without authorization? - ANSWER -Secret
**Classified Data
How should you protect a printed classified document when it is not in use? - ANSWER
-Store it in a General Services Administration (GSA)-approved vault or container
What level of damage to national security could reasonably be expected if unauthorized
disclosure of Top Secret information occurred? - ANSWER -Exceptionally grave
Damage
**Insider Threat
Based on the description that follows, how many potential insider threat indicator(s) are
displayed? A colleague vacations at the beach every year, is married and a father of
,four, sometimes has poor work quality, and works well with his team. - ANSWER -~0
indicator
**Insider Threat
How many potential insider threat indicators does a coworker who often makes others
uneasy by being persistent in trying to obtain information about classified projects to
which he has no access, is boisterous about his wife putting them in credit card debt,
and often complains about anxiety and exhaustion display? - ANSWER -3 or more
indicators
*Spillage
After reading an online story about a new security project being developed on the
military installation where you work, your neighbor asks you to comment about the
article. You know that this project is classified. How should you respond? - ANSWER -
Attempt to change the subject to something non-work related, but neither confirm nor
deny the article's authenticity
*Spillage
Which of the following may help to prevent spillage? - ANSWER -Label all files,
removable media, and subject headers with appropriate classification markings.
*Spillage
A user writes down details marked as Secret from a report stored on a classified system
and uses those details to draft a briefing on an unclassified system without
authorization. What is the best choice to describe what has occurred? - ANSWER -
Spillage because classified data was moved to a lower classification level system
without authorization.
*Spillage
What should you do when you are working on an unclassified system and receive an
email with a classified attachment? - ANSWER -Call your security point of contact
immediately
*Spillage
What should you do if a reporter asks you about potentially classified information on the
web? - ANSWER -Ask for information about the website, including the URL.
*Spillage
.What should you do if a reporter asks you about potentially classified information on the
web? - ANSWER -Refer the reporter to your organization's public affairs office.
*Spillage
What should you do if you suspect spillage has occurred? - ANSWER -Immediately
notify your security point of contact
*Spillage
, Which of the following is a good practice to prevent spillage? - ANSWER -Be aware of
classification markings and all handling caveats.
*Spillage
Which of the following actions is appropriate after finding classified information on the
Internet? - ANSWER -Note any identifying information and the website's Uniform
Resource Locator (URL)
**Classified Data
When classified data is not in use, how can you protect it? - ANSWER -Store classified
data appropriately in a GSA-approved vault/container.
**Insider Threat
Based on the description that follows, how many potential insider threat indicator(s) are
displayed? A colleague is playful and charming, consistently wins performance awards,
and is occasionally aggressive in trying to access classified information. - ANSWER -1
indicator
**Insider Threat
What advantages do "insider threats" have over others that allows them to cause
damage to their organizations more easily? - ANSWER -Insiders are given a level of
trust and have authorized access to Government information systems
**Insider Threat
What type of activity or behavior should be reported as a potential insider threat? -
ANSWER -Coworker making consistent statements indicative of hostility or anger
toward the United States in its policies.
**Insider Threat
Which of the following should be reported as a potential security incident? - ANSWER -
A coworker removes sensitive information without authorization
**Insider Threat
Which scenario might indicate a reportable insider threat? - ANSWER -A coworker uses
a personal electronic device in a secure area where their use is prohibited.
**Insider Threat
Based on the description that follows, how many potential insider threat indicator(s) are
displayed? A colleague often makes others uneasy with her persistent efforts to obtain
information about classified project where she has no need-to-know, is vocal about her
husband overspending on credit cards, and complains about anxiety and exhaustion. -
ANSWER -3 or more indicators
**Insider Threat
Which type of behavior should you report as a potential insider threat? - ANSWER -
Hostility or anger toward the United States and its policies
EXAM SET Q&A
**Classified Data
What is required for an individual to access classified data? - ANSWER -Appropriate
clearance, a signed and approved non-disclosure agreement, and need-to-know
**Classified Data
Which classification level is given to information that could reasonably be expected to
cause serious damage to national security? - ANSWER -Secret
**Classified Data
Which of the following is a good practice to protect classified information? - ANSWER -
Ensure proper labeling by appropriately marking all classified material and, when
required, sensitive material
**Classified Data
Which of the following is true of protecting classified data? - ANSWER -Classified
material must be appropriately marked.
**Classified Data
What level of damage can the unauthorized disclosure of information classified as
Confidential reasonably be expected to cause? - ANSWER -Damage to national
security
**Classified Data
Which of the following is true of telework? - ANSWER -You must have permission from
your organization.
**Classified Data
Which type of information could reasonably be expected to cause serious damage to
national security if disclosed without authorization? - ANSWER -Secret
**Classified Data
How should you protect a printed classified document when it is not in use? - ANSWER
-Store it in a General Services Administration (GSA)-approved vault or container
What level of damage to national security could reasonably be expected if unauthorized
disclosure of Top Secret information occurred? - ANSWER -Exceptionally grave
Damage
**Insider Threat
Based on the description that follows, how many potential insider threat indicator(s) are
displayed? A colleague vacations at the beach every year, is married and a father of
,four, sometimes has poor work quality, and works well with his team. - ANSWER -~0
indicator
**Insider Threat
How many potential insider threat indicators does a coworker who often makes others
uneasy by being persistent in trying to obtain information about classified projects to
which he has no access, is boisterous about his wife putting them in credit card debt,
and often complains about anxiety and exhaustion display? - ANSWER -3 or more
indicators
*Spillage
After reading an online story about a new security project being developed on the
military installation where you work, your neighbor asks you to comment about the
article. You know that this project is classified. How should you respond? - ANSWER -
Attempt to change the subject to something non-work related, but neither confirm nor
deny the article's authenticity
*Spillage
Which of the following may help to prevent spillage? - ANSWER -Label all files,
removable media, and subject headers with appropriate classification markings.
*Spillage
A user writes down details marked as Secret from a report stored on a classified system
and uses those details to draft a briefing on an unclassified system without
authorization. What is the best choice to describe what has occurred? - ANSWER -
Spillage because classified data was moved to a lower classification level system
without authorization.
*Spillage
What should you do when you are working on an unclassified system and receive an
email with a classified attachment? - ANSWER -Call your security point of contact
immediately
*Spillage
What should you do if a reporter asks you about potentially classified information on the
web? - ANSWER -Ask for information about the website, including the URL.
*Spillage
.What should you do if a reporter asks you about potentially classified information on the
web? - ANSWER -Refer the reporter to your organization's public affairs office.
*Spillage
What should you do if you suspect spillage has occurred? - ANSWER -Immediately
notify your security point of contact
*Spillage
, Which of the following is a good practice to prevent spillage? - ANSWER -Be aware of
classification markings and all handling caveats.
*Spillage
Which of the following actions is appropriate after finding classified information on the
Internet? - ANSWER -Note any identifying information and the website's Uniform
Resource Locator (URL)
**Classified Data
When classified data is not in use, how can you protect it? - ANSWER -Store classified
data appropriately in a GSA-approved vault/container.
**Insider Threat
Based on the description that follows, how many potential insider threat indicator(s) are
displayed? A colleague is playful and charming, consistently wins performance awards,
and is occasionally aggressive in trying to access classified information. - ANSWER -1
indicator
**Insider Threat
What advantages do "insider threats" have over others that allows them to cause
damage to their organizations more easily? - ANSWER -Insiders are given a level of
trust and have authorized access to Government information systems
**Insider Threat
What type of activity or behavior should be reported as a potential insider threat? -
ANSWER -Coworker making consistent statements indicative of hostility or anger
toward the United States in its policies.
**Insider Threat
Which of the following should be reported as a potential security incident? - ANSWER -
A coworker removes sensitive information without authorization
**Insider Threat
Which scenario might indicate a reportable insider threat? - ANSWER -A coworker uses
a personal electronic device in a secure area where their use is prohibited.
**Insider Threat
Based on the description that follows, how many potential insider threat indicator(s) are
displayed? A colleague often makes others uneasy with her persistent efforts to obtain
information about classified project where she has no need-to-know, is vocal about her
husband overspending on credit cards, and complains about anxiety and exhaustion. -
ANSWER -3 or more indicators
**Insider Threat
Which type of behavior should you report as a potential insider threat? - ANSWER -
Hostility or anger toward the United States and its policies
