CJIS SECURITY FINAL REVIEW MANUAL
2026 TESTED QUESTIONS CORRECT
ANSWERS
● Security and Privacy Literacy. Answer: Understanding threats,
vulnerabilities, and risk management.
● Literacy Training Timing. Answer: Required before accessing CJI and
annually thereafter.
● Security Threat. Answer: Potential harm to IT systems or data.
● Natural Threats. Answer: Environmental factors like lightning or water
damage.
● Intentional Threats. Answer: Deliberate actions to cause harm to
systems.
● Unintentional Threats. Answer: Accidental actions leading to data loss
or damage.
● Insider Threat. Answer: Risks posed by agency personnel themselves.
,● Indicators of Insider Threat. Answer: Behaviors like job dissatisfaction
or unexplained access.
● Social Engineering. Answer: Tricking individuals into revealing
sensitive information.
● Social Mining. Answer: Gathering organizational information for
future attacks.
● Phishing. Answer: Emails designed to deceive users into sharing data.
● Spear Phishing. Answer: Targeted phishing aimed at specific
individuals or groups.
● Social Media Exploitation. Answer: Using social media info for
targeted phishing attacks.
● Pretexting. Answer: Creating a false story to obtain private
information.
● Impersonation. Answer: Pretending to be someone else to gain access.
● Fake IT Support Calls. Answer: Impersonating IT staff to extract
sensitive data.
, ● Baiting. Answer: Luring users with false promises to compromise
security.
● Scareware. Answer: False alarms convincing users to install harmful
software.
● Quid Pro Quo. Answer: Exchanging sensitive info for promised
services.
● Tailgating. Answer: Unauthorized entry by following an authorized
individual.
● Thread-jacking. Answer: Inserting into email conversations to gain
trust.
● Shoulder Surfing. Answer: Observing someone's screen to steal
information.
● Vulnerability. Answer: Weaknesses in security that can be exploited.
● Examples of Vulnerabilities. Answer: Include physical, natural,
hardware, and software weaknesses.
2026 TESTED QUESTIONS CORRECT
ANSWERS
● Security and Privacy Literacy. Answer: Understanding threats,
vulnerabilities, and risk management.
● Literacy Training Timing. Answer: Required before accessing CJI and
annually thereafter.
● Security Threat. Answer: Potential harm to IT systems or data.
● Natural Threats. Answer: Environmental factors like lightning or water
damage.
● Intentional Threats. Answer: Deliberate actions to cause harm to
systems.
● Unintentional Threats. Answer: Accidental actions leading to data loss
or damage.
● Insider Threat. Answer: Risks posed by agency personnel themselves.
,● Indicators of Insider Threat. Answer: Behaviors like job dissatisfaction
or unexplained access.
● Social Engineering. Answer: Tricking individuals into revealing
sensitive information.
● Social Mining. Answer: Gathering organizational information for
future attacks.
● Phishing. Answer: Emails designed to deceive users into sharing data.
● Spear Phishing. Answer: Targeted phishing aimed at specific
individuals or groups.
● Social Media Exploitation. Answer: Using social media info for
targeted phishing attacks.
● Pretexting. Answer: Creating a false story to obtain private
information.
● Impersonation. Answer: Pretending to be someone else to gain access.
● Fake IT Support Calls. Answer: Impersonating IT staff to extract
sensitive data.
, ● Baiting. Answer: Luring users with false promises to compromise
security.
● Scareware. Answer: False alarms convincing users to install harmful
software.
● Quid Pro Quo. Answer: Exchanging sensitive info for promised
services.
● Tailgating. Answer: Unauthorized entry by following an authorized
individual.
● Thread-jacking. Answer: Inserting into email conversations to gain
trust.
● Shoulder Surfing. Answer: Observing someone's screen to steal
information.
● Vulnerability. Answer: Weaknesses in security that can be exploited.
● Examples of Vulnerabilities. Answer: Include physical, natural,
hardware, and software weaknesses.
