NEWEST CYBER AWARENESS CHALLENGE – COMPLETE STUDY GUIDE WITH CORRECT ANSWERS AND RATIONALES

CYBER AWARENESS CHALLENGE –
COMPLETE STUDY GUIDE WITH
CORRECT ANSWERS AND
RATIONALES

Spillage (10 Questions)


1. **What do you do if spillage occurs?**
- A) Delete the data and continue working
- B) Immediately notify your security point of contact
- C) Report it to your supervisor at the end of the day
- D) Ignore it if it was accidental
- **Correct Answer: B**
- *Rationale:* The correct procedure is to
immediately notify your security point of contact.


2. **After reading an online story about a new
security project being developed on the military
installation where you work, your neighbor asks you
to comment about the article. You know that this
project is classified. How should you respond?**

,- A) Confirm the article's authenticity since it's
already public
- B) Deny the article's authenticity completely
- C) Attempt to change the subject to something non-
work related, but neither confirm nor deny the
article's authenticity
- D) Discuss only unclassified aspects of the project
- **Correct Answer: C**
- *Rationale:* You should neither confirm nor deny the
article's authenticity. Attempt to change the subject.


3. **Which of the following may help to prevent
spillage?**
- A) Store all files on a personal USB drive
- B) Label all files, removable media, and subject
headers with appropriate classification markings
- C) Use automatic classification software only
- D) Share files without markings to save time
- **Correct Answer: B**
- *Rationale:* Proper labeling of files, removable
media, and subject headers with appropriate
classification markings helps prevent spillage.

,4. **What should you do when you are working on an
unclassified system and receive an email with a
classified attachment?**
- A) Forward it to your supervisor
- B) Open the attachment to verify its classification
- C) Call your security point of contact immediately
- D) Delete the email
- **Correct Answer: C**
- *Rationale:* You should call your security point of
contact immediately.


5. **What should you do if a reporter asks you about
potentially classified information on the web?**
- A) Answer their questions directly
- B) Provide the information if it's already online
- C) Refer the reporter to your organization's public
affairs office
- D) Ask them to keep the information off the record
- **Correct Answer: C**
- *Rationale:* You should refer the reporter to your
organization's public affairs office.

, 6. **A user writes down details marked as Secret
from a report stored on a classified system and uses
those details to draft a briefing on an unclassified
system without authorization. What is the best choice
to describe what has occurred?**
- A) Unauthorized disclosure
- B) Security violation
- C) Spillage because classified data was moved to a
lower classification level system without
authorization
- D) Data breach
- **Correct Answer: C**
- *Rationale:* This is spillage because classified data
was moved to a lower classification level system
without authorization.


7. **What should you do if you suspect spillage has
occurred?**
- A) Investigate it yourself
- B) Wait to see if it happens again
- C) Immediately notify your security point of contact
- D) Document it and report at the end of the week
- **Correct Answer: C**