DOD Cyber Awareness 2022 Knowledge Check
Questions and Answers
1. How many potential insider threat indicators does a person who is married with
two children, vacations at the beach every year, is pleasant to work with, but
sometimes has poor work quality display?
- 0 indicators
2. What is the best response if you find classified government data on the internet?
- Note any identifying information, such as the website's URL, and report the
situation to your security POC.
3. After reading an online story about a new security project being developed on the
military installation where you work, your neighbor asks you to comment about the
article. You know this project is classified. What should be your response?
- Attempt to change the subject to something non-work related, but neither confirm
nor deny the article's authenticity.
4. What is a proper response if spillage occurs?
- Immediately notify your security POC.
5. What should you do if a reporter asks you about potentially classified information
on the web?
- Ask for information about the website, including the URL.
6. A user writes down details from a report stored on a classified system marked as
Secret and uses those details to draft an unclassified briefing on an unclassified
system without authorization. What is the best choice to describe what has
occurred?
- Spillage because classified data was moved to a lower classification level system
without authorization.
7. How many potential insider threat indicators does a coworker who often makes
others uneasy by being persistent in trying to obtain information about classified
projects to which he has no access, is boisterous about his wife putting them in
credit card debt, and often complains about anxiety and exhaustion display?
- 3 or more indicators
8. Which of the following can an unauthorized disclosure of information classified as
Confidential reasonably be expected to cause? - Damage to national security
, 9. Which classification level is given to information that could reasonably be expected
to cause serious damage to national security?
- Secret
10. When classified data is not in use, how can you protect it?
- Store classified data appropriately in a GSA-approved vault/container when not in
use.
11. Which is a good practice to protect classified information?
- Ensure proper labeling by appropriately marking all classified material and, when
required, sensitive material.
12. Which of the following is a good practice to aid in preventing spillage?
- Be aware of classification markings and all handling caveats.
13. What is required for an individual to access classified data?
- Appropriate clearance; signed and approved non-disclosure agreement; and need-
to-know.
14. What type of activity or behavior should be reported as a potential insider threat?
- Coworker making consistent statements indicative of hostility or anger toward the
United States and its policies.
15. Which of the following practices reduces the chance of becoming a target by
adversaries seeking insider information?
- Don't talk about work outside your workspace unless it is a specifically designated
public meeting environment and is controlled by the event planners.
16. Which scenario might indicate a reportable insider threat security incident?
- A coworker is observed using a personal electronic device in an area where their
use is prohibited.
17. Why might "insiders" be able to cause damage to their organizations more easily
than others?
- Insiders are given a level of trust and have authorized access to Government
information systems.
Questions and Answers
1. How many potential insider threat indicators does a person who is married with
two children, vacations at the beach every year, is pleasant to work with, but
sometimes has poor work quality display?
- 0 indicators
2. What is the best response if you find classified government data on the internet?
- Note any identifying information, such as the website's URL, and report the
situation to your security POC.
3. After reading an online story about a new security project being developed on the
military installation where you work, your neighbor asks you to comment about the
article. You know this project is classified. What should be your response?
- Attempt to change the subject to something non-work related, but neither confirm
nor deny the article's authenticity.
4. What is a proper response if spillage occurs?
- Immediately notify your security POC.
5. What should you do if a reporter asks you about potentially classified information
on the web?
- Ask for information about the website, including the URL.
6. A user writes down details from a report stored on a classified system marked as
Secret and uses those details to draft an unclassified briefing on an unclassified
system without authorization. What is the best choice to describe what has
occurred?
- Spillage because classified data was moved to a lower classification level system
without authorization.
7. How many potential insider threat indicators does a coworker who often makes
others uneasy by being persistent in trying to obtain information about classified
projects to which he has no access, is boisterous about his wife putting them in
credit card debt, and often complains about anxiety and exhaustion display?
- 3 or more indicators
8. Which of the following can an unauthorized disclosure of information classified as
Confidential reasonably be expected to cause? - Damage to national security
, 9. Which classification level is given to information that could reasonably be expected
to cause serious damage to national security?
- Secret
10. When classified data is not in use, how can you protect it?
- Store classified data appropriately in a GSA-approved vault/container when not in
use.
11. Which is a good practice to protect classified information?
- Ensure proper labeling by appropriately marking all classified material and, when
required, sensitive material.
12. Which of the following is a good practice to aid in preventing spillage?
- Be aware of classification markings and all handling caveats.
13. What is required for an individual to access classified data?
- Appropriate clearance; signed and approved non-disclosure agreement; and need-
to-know.
14. What type of activity or behavior should be reported as a potential insider threat?
- Coworker making consistent statements indicative of hostility or anger toward the
United States and its policies.
15. Which of the following practices reduces the chance of becoming a target by
adversaries seeking insider information?
- Don't talk about work outside your workspace unless it is a specifically designated
public meeting environment and is controlled by the event planners.
16. Which scenario might indicate a reportable insider threat security incident?
- A coworker is observed using a personal electronic device in an area where their
use is prohibited.
17. Why might "insiders" be able to cause damage to their organizations more easily
than others?
- Insiders are given a level of trust and have authorized access to Government
information systems.
