CYBER AWARENESS CHALLENGE-
EXAM QUESTIONS AND ANSWERS
Which of the following is NOT a best practice for protecting your home wireless network
for telework? - ANSWER -Use your router's pre-set Service Identifier (SSID) and
password
Which of the following is an allowed use of government furnished equipment (GFE)? -
ANSWER -Checking personal e-mail if your organization allows it
What is the goal of an Insider Threat Program? - ANSWER -Deter, detect, and mitigate
the risks associated with insider threats
Which of the following is true of Sensitive Compartmented Information Facilities
(SCIFs)? - ANSWER -Personnel with access to a SCIF have a need-to-know for all
information processed within the SCIF
How can you mitigate the potential risk associated with a compressed URL (e.g.,
TinyURL, goo.gl)? - ANSWER -Use the preview function to see where the link actually
leads
Which of the following is a best practice for managing connection requests on social
networking sites? - ANSWER -Validate connection requests through another source if
possible
Which of the following contributes to your online identity? - ANSWER -All of these
What does a Common Access Card (CAC) contain? - ANSWER -Certificates for
identification, encryption, and digital signature
Which of the following is NOT a best practice for teleworking in an environment where
Internet of Things (IoT) devices are present? - ANSWER -Use the devices' default
security settings
Beth taps her phone at a payment terminal to pay for a purchase. Does this pose a
security risk? - ANSWER -Yes, there is a risk that the signal could be intercepted and
altered
Which of the following is NOT a best practice for protecting data on a mobile device? -
ANSWER -Disable automatic screen locking after a period of inactivity
You receive an e-mail with a link to schedule a time to update software on your
government furnished laptop. Your IT department has not scheduled software updates
like this in the past and has not announced this software update. The e-mail is not
EXAM QUESTIONS AND ANSWERS
Which of the following is NOT a best practice for protecting your home wireless network
for telework? - ANSWER -Use your router's pre-set Service Identifier (SSID) and
password
Which of the following is an allowed use of government furnished equipment (GFE)? -
ANSWER -Checking personal e-mail if your organization allows it
What is the goal of an Insider Threat Program? - ANSWER -Deter, detect, and mitigate
the risks associated with insider threats
Which of the following is true of Sensitive Compartmented Information Facilities
(SCIFs)? - ANSWER -Personnel with access to a SCIF have a need-to-know for all
information processed within the SCIF
How can you mitigate the potential risk associated with a compressed URL (e.g.,
TinyURL, goo.gl)? - ANSWER -Use the preview function to see where the link actually
leads
Which of the following is a best practice for managing connection requests on social
networking sites? - ANSWER -Validate connection requests through another source if
possible
Which of the following contributes to your online identity? - ANSWER -All of these
What does a Common Access Card (CAC) contain? - ANSWER -Certificates for
identification, encryption, and digital signature
Which of the following is NOT a best practice for teleworking in an environment where
Internet of Things (IoT) devices are present? - ANSWER -Use the devices' default
security settings
Beth taps her phone at a payment terminal to pay for a purchase. Does this pose a
security risk? - ANSWER -Yes, there is a risk that the signal could be intercepted and
altered
Which of the following is NOT a best practice for protecting data on a mobile device? -
ANSWER -Disable automatic screen locking after a period of inactivity
You receive an e-mail with a link to schedule a time to update software on your
government furnished laptop. Your IT department has not scheduled software updates
like this in the past and has not announced this software update. The e-mail is not
