CYBER AWARENESS PRACTICE TEST
PAPER 2026 TESTED QUESTIONS WITH
FULL SOLUTION GRADED A+
⩥ What is the best response if you find classified government data on
the internet?
Answer: Note any identifying information, such as the website's URL,
and report the situation to your security POC.
⩥ After reading an online story about a new security project being
developed on the military installation where you work, your neighbor
asks you to comment about the article. You know this project is
classified. What should be your response?
Answer: Attempt to change the subject to something non-work related,
but neither confirm nor deny the article's authenticity.
⩥ What is a proper response if spillage occurs?
Answer: Immediately notify your security POC.
⩥ What should you do if a reporter asks you about potentially classified
information on the web?
Answer: Ask for information about the website, including the URL.
, ⩥ A user writes down details from a report stored on a classified system
marked as Secret and uses those details to draft an unclassified briefing
on an unclassified system without authorization. What is the best choice
to describe what has occurred?
Answer: Spillage because classified data was moved to a lower
classification level system without authorization.
⩥ How many potential insider threat indicators does a coworker who
often makes others uneasy by being persistent in trying to obtain
information about classified projects to which he has no access, is
boisterous about his wife putting them in credit card debt, and often
complains about anxiety and exhaustion display?
Answer: 3 or more indicators
⩥ Which of the following can an unauthorized disclosure of information
classified as Confidential reasonably be expected to cause?
Answer: Damage to national security
⩥ Which classification level is given to information that could
reasonably be expected to cause serious damage to national security?
Answer: Secret
⩥ When classified data is not in use, how can you protect it?
Answer: Store classified data appropriately in a GSA-approved
vault/container when not in use.
PAPER 2026 TESTED QUESTIONS WITH
FULL SOLUTION GRADED A+
⩥ What is the best response if you find classified government data on
the internet?
Answer: Note any identifying information, such as the website's URL,
and report the situation to your security POC.
⩥ After reading an online story about a new security project being
developed on the military installation where you work, your neighbor
asks you to comment about the article. You know this project is
classified. What should be your response?
Answer: Attempt to change the subject to something non-work related,
but neither confirm nor deny the article's authenticity.
⩥ What is a proper response if spillage occurs?
Answer: Immediately notify your security POC.
⩥ What should you do if a reporter asks you about potentially classified
information on the web?
Answer: Ask for information about the website, including the URL.
, ⩥ A user writes down details from a report stored on a classified system
marked as Secret and uses those details to draft an unclassified briefing
on an unclassified system without authorization. What is the best choice
to describe what has occurred?
Answer: Spillage because classified data was moved to a lower
classification level system without authorization.
⩥ How many potential insider threat indicators does a coworker who
often makes others uneasy by being persistent in trying to obtain
information about classified projects to which he has no access, is
boisterous about his wife putting them in credit card debt, and often
complains about anxiety and exhaustion display?
Answer: 3 or more indicators
⩥ Which of the following can an unauthorized disclosure of information
classified as Confidential reasonably be expected to cause?
Answer: Damage to national security
⩥ Which classification level is given to information that could
reasonably be expected to cause serious damage to national security?
Answer: Secret
⩥ When classified data is not in use, how can you protect it?
Answer: Store classified data appropriately in a GSA-approved
vault/container when not in use.
