Insider Threat Awareness Final Exam
Q&A (2025/2026) – 100+ Verified
Answers PLUS RATIONALES | Behavioral
Indicators, Sabotage, Media Contact,
Classified Info, Technology Risks – DoD
& Contractor Compliance
1. What is an insider threat?
A. Only foreign hackers
B. Any person with authorized access who may harm an organization
C. Only IT staff errors
D. External cyber attacks only
Answer: B
Rationale: Insider threats involve trusted individuals misusing access, intentionally or
unintentionally.
2. Which is a common insider threat indicator?
A. Following security policies
B. Sudden financial distress
C. Taking vacation
D. Completing training
Answer: B
Rationale: Financial stress can increase vulnerability to malicious activity.
3. Insider threats can be:
A. Only intentional
B. Only accidental
C. Intentional or unintentional
D. Only criminal organizations
,Answer: C
Rationale: Insider threats include malicious and negligent behavior.
4. What is the FIRST action if you suspect insider threat activity?
A. Confront the person
B. Ignore it
C. Report through proper channels
D. Post online
Answer: C
Rationale: Reporting ensures proper investigation and safety.
5. Which is NOT a typical insider threat behavior?
A. Unauthorized data access
B. Policy compliance
C. Data hoarding
D. Attempts to bypass security
Answer: B
Rationale: Compliance is not a threat indicator.
6. What is social engineering?
A. System upgrade
B. Manipulating people to gain access to information
C. Hardware repair
D. Software installation
Answer: B
Rationale: Social engineering exploits human behavior to gain access.
7. Why are insiders dangerous?
A. They lack access
B. They have authorized access and knowledge
C. They are always hackers
D. They are external users
Answer: B
Rationale: Insiders already have access to sensitive systems.
, 8. Which is a security best practice?
A. Sharing passwords
B. Locking devices when unattended
C. Ignoring updates
D. Using personal email for work
Answer: B
Rationale: Physical and digital security practices reduce risk.
9. What should you do if approached for classified information improperly?
A. Share it
B. Refuse and report it
C. Ignore it
D. Discuss later
Answer: B
Rationale: Unauthorized requests must be denied and reported.
10. Which behavior may indicate espionage risk?
A. Policy training attendance
B. Unauthorized information downloads
C. Regular system use
D. Reporting issues
Answer: B
Rationale: Unapproved data access can signal espionage.
11. A coworker expresses extreme dissatisfaction and resentment. This is:
A. Always a threat
B. A possible behavioral indicator
C. Irrelevant
D. Positive behavior
Answer: B
Rationale: Emotional distress can be an insider risk factor.
Q&A (2025/2026) – 100+ Verified
Answers PLUS RATIONALES | Behavioral
Indicators, Sabotage, Media Contact,
Classified Info, Technology Risks – DoD
& Contractor Compliance
1. What is an insider threat?
A. Only foreign hackers
B. Any person with authorized access who may harm an organization
C. Only IT staff errors
D. External cyber attacks only
Answer: B
Rationale: Insider threats involve trusted individuals misusing access, intentionally or
unintentionally.
2. Which is a common insider threat indicator?
A. Following security policies
B. Sudden financial distress
C. Taking vacation
D. Completing training
Answer: B
Rationale: Financial stress can increase vulnerability to malicious activity.
3. Insider threats can be:
A. Only intentional
B. Only accidental
C. Intentional or unintentional
D. Only criminal organizations
,Answer: C
Rationale: Insider threats include malicious and negligent behavior.
4. What is the FIRST action if you suspect insider threat activity?
A. Confront the person
B. Ignore it
C. Report through proper channels
D. Post online
Answer: C
Rationale: Reporting ensures proper investigation and safety.
5. Which is NOT a typical insider threat behavior?
A. Unauthorized data access
B. Policy compliance
C. Data hoarding
D. Attempts to bypass security
Answer: B
Rationale: Compliance is not a threat indicator.
6. What is social engineering?
A. System upgrade
B. Manipulating people to gain access to information
C. Hardware repair
D. Software installation
Answer: B
Rationale: Social engineering exploits human behavior to gain access.
7. Why are insiders dangerous?
A. They lack access
B. They have authorized access and knowledge
C. They are always hackers
D. They are external users
Answer: B
Rationale: Insiders already have access to sensitive systems.
, 8. Which is a security best practice?
A. Sharing passwords
B. Locking devices when unattended
C. Ignoring updates
D. Using personal email for work
Answer: B
Rationale: Physical and digital security practices reduce risk.
9. What should you do if approached for classified information improperly?
A. Share it
B. Refuse and report it
C. Ignore it
D. Discuss later
Answer: B
Rationale: Unauthorized requests must be denied and reported.
10. Which behavior may indicate espionage risk?
A. Policy training attendance
B. Unauthorized information downloads
C. Regular system use
D. Reporting issues
Answer: B
Rationale: Unapproved data access can signal espionage.
11. A coworker expresses extreme dissatisfaction and resentment. This is:
A. Always a threat
B. A possible behavioral indicator
C. Irrelevant
D. Positive behavior
Answer: B
Rationale: Emotional distress can be an insider risk factor.
