[25 Test Answers] 2024 Cyber Awareness Challenge – Test Pinoy (2024)

Overview: The Cyber Awareness Challenge serves as an annual refresher of security requirements, security best practices, and your security responsibilities. It provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and work.

2024 Cyber Awareness Challenge test answers

Question 1. Which of the following statements about Protected Health Information (PHI) is false?
A. It requires more protection than Personally Identifiable Information (PII).
B. It includes information related to the physical or mental health of an individual, regardless of whether the individual is identified.✅
C. It is created or received by a healthcare provider, health plan, employer, or a business associate of these.
D. It is a type of Controlled Unclassified Information (CUI).

NOTE:CUI includes, but is not limited to, Controlled Technical Information (CUI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data, and operational information.

Question 2. Which of these is NOT a potential indicator that your device may be under a malicious code attack?
A. Loss of control of the mouse or keyboard.
B. The device slows down.
C. A notification for a system update that has been publicized.✅
D. Appearance of new extensions or tabs in your Web browser.

Note: System updates, especially those that are widely publicized, are typically legitimate efforts by software providers to improve security, fix bugs, or add new features. These updates are usually not indicators of a malicious code attack. In contrast, loss of control of the mouse or keyboard, slowdown of the device, and the appearance of new extensions or tabs in your web browser are common symptoms of a potential malicious code attack.

Question 3. Which of the following describes Sensitive Compartmented Information (SCI)? SCI is a program that _____ various types of classified information for _____ protection and dissemination or distribution control.
A. categorizes; reduced
B. describes; defining
C. segregates; added✅
D. combines; shared

NOTE:Remember that leaked classified or controlled information is still classified or controlled even if it has already been compromised. Do NOT download it or you may create a new case of spillage.

Question 4. How can you protect your home computer?
A. Regularly back up your files.✅
B. Disable firewall protection.
C. Accept all mobile code.
D. Use the default operating system password.

Question 5. Which of the following is NOT a best practice for protecting your home wireless network for telework?
A. Use your router’s pre-set Service Set Identifier (SSID) and password.✅
B. Use a Virtual Private Network (VPN) as soon as you connect.
C. Limit access, allowing access only to specific devices.
C. Implement, as a minimum, Wi-Fi Protected Access 2 (WPAC2) Personal encryption.

NOTE:You must have permission from your organization to telework. When teleworking, you should always use authorized equipment and software.

Question 6. Sylvia commutes to work via public transportation. She often uses the time to get a head start on work by making phone calls or responding to emails on her government-approved mobile device. Does this pose a security concern?
A. Yes, but only the phone calls. Sylvia should speak softly and only make calls when no one is sitting next to her.
B. Yes. Eavesdroppers may be listening to Sylvia’s phone calls, and shoulder surfers may be looking at her screen. Sylvia should be aware of these risks.✅
C. No, because Sylvia is using a government-approved device.
D. No. No one else is going to be paying attention to what Sylvia is doing, as they will be focused on their own business.

Question 7. Which of the following is NOT a best practice for traveling overseas with a mobile device?
A. Avoid using public Wi-Fi.
B. Store the device in a hotel safe when sightseeing.✅
C. Do not travel with a mobile device if you can avoid it.
D. Assume that any voice or data transmission is monitored.

Question 8. Where are you permitted to use classified data?
A. Only in areas with security appropriate to the classification level
B. Anywhere you have a reasonable expectation of privacy, including while teleworking
C. Within a government facility in an area where you have a reasonable expectation of privacy, like a closed office
D. Only in a SCIF✅

Question 9. Which of the following is an appropriate use of government e-mail?
A. Sending e-mails to personal contacts
B. Using a digital signature when sending attachments✅
C. Sharing an order form for your child’s school fundraiser
D. Forwarding DoD-related memes or jokes

Question 10. Which of the following contributes to your online identity?
A. Social networking sites
B. Audio-enabled digital assistants(e.g., Siri, Alexa)
C. Fitness trackers
D. All of these✅

Question 11. Which best describes an insider threat? Someone who uses ____ access, _____, to harm national security through unauthorized disclosure, data modification, espionage, terrorism, or kinetic actions.
A. unauthorized; undetected
B. unauthorized; detected; undetected
C. authorized; wittingly or unwittingly✅
D. authorized; with good intentions

Question 12. How can you mitigate the potential risk associated with a compressed URL (e.g., TinyURL, goo.gl)?
A. Open the link in a new tab or window.
B. Open the link in your browser’s incognito mode.
C. Select the link to see where it leads.
D. Use the preview function to see where the link actually leads.✅

NOTE:Malicious code can cause damage by corrupting files, erasing your hard drive, and/or allowing hackers access.

Question 13. How should government-owned removable media be stored?
A. Removable media is not permitted in government facilities.
B. In a GSA-approved container according to the appropriate security classification.✅
C. With your organization’s IT department.
D. In any type of container where it is not visible, such as a desk drawer.

Question 14. Which of the following is permitted when using an unclassified laptop within a collateral classified space?
A. A personally-owned wired headset with a microphone.
B. A Government-issued wired headset with a microphone.✅
C. A Government-issued wireless headset without a microphone.
D. Wi-Fi

NOTE:Use caution when connecting laptops to hotel Internet connections. Use public for free Wi-Fi only with the Government VPN.

Question 15. How can you protect your home computer?
A. Disable any pre-installed antivirus software.
B. Turn on the password feature.✅
C. Decline security updates.
D. Use the administrator account for all users.

Question 16. Which of the following is an example of a strong password?
A. 123Maple
B. 1970June30!
C. p@55w0rd
D. d+Uf_4RimUz✅

Question 17. Which of the following personally owned peripherals can you use with government-furnished equipment (GFE)?
A. A Bluetooth headset
B. A wired keyboard that requires installed drivers
C. A monitor connected via USB
D. A USB hub✅

Question 18. You receive a text message from a package shipper notifying you that your package delivery is delayed due to needing updated delivery instructions from you. It provides a shortened link for you to provide the needed information. You are not expecting a package. What is the best course of action?
A. Delete message✅
B. Open the link to provide the information
C. Open the link to inspect the website
D. Reply to the message and ask for more information

Question 19. Terry sees a post on her social media feed that says there is smoke billowing from the Pentagon. The post includes a video that shows smoke billowing from a building that is not readily identifiable as the Pentagon. Terry is not familiar with the source of the post. Which of the following describes what Terry has likely seen?
A. This is probably sensationalism, which is harmless.
B. This is probably a post designed to attract Terry’s attention to click on a link and steal her information.
C. This is probably breaking news because video cannot be faked.
D. This is probably disinformation unless Terry can verify it on a legitimate news site.✅

Question 20. Under which Cyberspace Protection Condition (CPCON) is the priority focus limited to critical and essential functions?
A. CPCON 1
B. CPCON 2
C. CPCON 3
D. CPCON 4✅

Question 21. Which of the following uses of removable media is allowed?
A. Unclassified government-owned removable media on a personal laptop.
B. Government-owned removable media that is approved as operationally necessary.✅
C. Connecting a personal phone to an Unclassified government laptop to charge only.
D. Personally owned removable media on Unclassified government laptops.

NOTE:No personal PEDs are allowed in a SCIF. Government-owned PEDs must be expressly authorized by your agency.

Question 22. Which of the following is true of transmitting or transporting Sensitive Compartmented Information (SCI)?
A. Anyone with eligibility to access SCI may hand-courier SCI.
B. SCI does not require a cover sheet in an open storage environment.
C. A collateral classified fax machine may be used to fax SCI with the appropriate cover sheet.
D. Printed SCI must be retrieved promptly from the printer.✅

Question 23. How can you prevent viruses and malicious code?
A. Download apps from your device’s official app store because these are guaranteed to have no vulnerabilities.
B. Allow mobile code to run on all websites.
C. Scan all external files before uploading to your computer.✅
D. View email using the Preview Pane rather than opening it.

NOTE:Malicious code can mask itself as a harmless email attachment, downloadable file, or website. In reality, once you select one of these, it typically installs itself without your knowledge.

Question 24. You receive a phone call offering you a $50 gift card if you participate in a survey. Which course of action should you take?
A. Participate in the survey, as phone surveys pose no risk.
B. Participate in the survey and take detailed notes about the interaction.
C. Participate in the survey and provide your address to receive the gift card.
D. Decline to participate in the survey. This may be a social engineering attempt.✅

Question 25. Which of the following is NOT a best practice for teleworking in an environment where Internet of Things (IoT) devices are present?
A. Check the devices periodically for Bluetooth connections.
B. Set strong passwords for the devices.
C. Use the devices’ default security settings.✅
D. Remove any voice-enabled device.

[25 Test Answers] 2024 Cyber Awareness Challenge – Test Pinoy (2024)

FAQs

What does the common access card contain in the Cyber Awareness Challenge 2024? ›

The microchip contains a digital image of the cardholder's face, two digital fingerprints, organizational affiliation, Social Security number, agency, card expiration date, and PKI certificate.

Which of the following is true of telework cyber awareness 2024? ›

Which of the following is true of telework? You must have permission from your organization to telework.

Which best describes an insider threat cyber awareness 2024? ›

CISA defines insider threat as the threat that an insider will use their authorized access, wittingly or unwittingly, to do harm to the department's mission, resources, personnel, facilities, information, equipment, networks, or systems.

How can you prevent viruses and malicious code cyber awareness 2024? ›

Final answer: To prevent viruses and malicious code, you should install and update antivirus software, be cautious of phishing attempts, use strong passwords and enable two-factor authentication, keep your software updated, and avoid clicking on suspicious links or downloading files.

How can you protect your home computer cyber awareness 2024 answers? ›

Expert-Verified Answer

To protect your home computer's cybersecurity in 2024, install and update antivirus software, use strong and unique passwords, enable two-factor authentication, and regularly update your operating systems and software.

Which of the following is true of spillage cyber awareness 2024? ›

Spillage can be either inadvertent or intentional. Never cross classification boundaries! Do not remove equipment, including mobile devices, from a classified network for use on an unclassified network or a classified network of lower classification, or vice-versa, even if the device's memory has been purged.

What is the insider threat Awareness Training 2024? ›

The course delves into various aspects related to the insider threat, equipping participants with a deep understanding of its nature, potential consequences, and the importance of proactive mitigation.

Which of the following describes sensitive compartmented information cyber awareness 2024? ›

Final answer: Sensitive Compartmented Information (SCI) is a program that categorizes classified information for protection and dissemination control. It segregates different types of classified information to ensure only authorized individuals have access to it.

What are the four types of threats? ›

Threats can be classified in four categories: direct, indirect, veiled, or conditional.

What are 3 things we can do to prevent cyber attacks? ›

4 Things to Keep You Cyber Safe
  • Turn on Multifactor Authentication. Implement multifactor authentication on your accounts and make it significantly less likely you'll get hacked.
  • Update Your Software. Update your software. ...
  • Think Before You Click. Think before you click. ...
  • Use Strong Passwords.
Dec 18, 2022

What are the top 5 ways you can protect yourself from cyber attacks? ›

5 easy tips to protect yourself - today
  • Check if you've already been involved in a data breach. Visit haveibeenpwned.com and change those passwords for any accounts that it suggests may have been compromised.
  • Check the strength of your passwords. ...
  • Avoid these passwords. ...
  • Trust no one (on emails) ...
  • Secure your device.

Which of the following is true of controlled unclassified information in 2024? ›

The true statement is c. CUI is a category of sensitive but unclassified information requiring safeguarding and dissemination controls.

What does the CAC contain in the cyber awareness challenge? ›

Explanation: The Common Access Card (CAC) contains certificates that serve as tools for identification, encryption, and digital signatures. These certificates verify the user's identity to gain access to protected systems and information.

What certificates are contained on the common access card? ›

The access to computers, online systems and networks is based on a PKI certificate and an associated private key that are stored on the chip of the CAC card. The certificate is presented to the server, while the private key remains on the card (and only on the card).

Which of the following is true of working within a SCIF cyber awareness 2024? ›

Answer. Final answer: Working within a Sensitive Compartmented Information Facility (SCIF) requires strict security measures, including individual badging, designated individuals securing entrance and exit points, and confirmation of need-to-know and access.

What does cyber security awareness include? ›

Ensure cybersecurity awareness training addresses best practices like trusting websites with secure HTTPS connections, not downloading files or software from untrusted sources, and being mindful of what information employees share on social media or networking platforms like LinkedIn.

References

Top Articles
2024 Rust Programming for Beginners - (Free Course) - Course Joiner
Thanksgiving Leftover Recipes: Sweet Potato Biscuits Recipe
Tears Of The Fallen Moon Bdo
Munsif Epaper Urdu Daily Online Today
24 Hour Lock Up Knoxville Tn
Eggy Car Unblocked - Chrome Web Store
Peraton Sso
Pip Calculator | Myfxbook
Who Is Denise Richards' Husband? All About Aaron Phypers
888-490-1703
Nalo Winds
Ice Crates Terraria
High school football: Photos from the top Week 3 games Friday
Garagesalefinder Com
Seattle Clipper Vacations Ferry Terminal Amtrak
2012 Buick Lacrosse Serpentine Belt Diagram
Diablo 3 Legendary Reforge
Kp Scheduling
Oscillates Like A Ship
My Fico Forums
The History Of Fujoshi, Male Shippers, And How Its Changed
How Old Am I 1981
What Does Spd2 Mean On Whirlpool Microwave
Dez Juggs
Mmastreams.com
Mtvkay21
No hard feelings: cómo decir "no" en inglés educadamente y sin herir sensibilidades
Megan Montaner Feet
Prot Pally Wrath Pre Patch
Lehigh Wheelmen Meetup
Ontpress Fresh Updates
Venezuela: un juez ordena la detención del candidato opositor Edmundo González Urrutia - BBC News Mundo
How Much Is 10000 Nickels
Top Compact Cars for 2025: Consumer Reports, Safety, and Overall Value Ratings
Amarillos (FRIED SWEET PLANTAINS) Recipe – Taste Of Cochin
Recharging Iban Staff
Drugst0Recowgirl Leaks
Texas Longhorns Soccer Schedule
Flixtor The Meg
Ma Scratch Tickets Codes
Erie Pa Craigslist
Bob Wright Yukon Accident
Jeld Wen Okta Com Login
A1.35.3 Spanish short story: Tending the Garden
Pre-Order Apple Watch Series 10 – Best Prices in Dubai, UAE
Apartments for Rent in Atlanta, GA - Home Rentals | realtor.com®
Craigslist Free Stuff Columbus Ga
Bella Poarch Husband: A Deep Dive Into Her Relationship And Personal Life
Watermelon Cucumber Basil Lemonade - Wine a Little, Cook a Lot
What Time Does The Chase Bank Close On Saturday
Ap Bio Unit 2 Progress Check Mcq
Southwest Airlines Departures Atlanta
Latest Posts
Article information

Author: Edmund Hettinger DC

Last Updated:

Views: 6770

Rating: 4.8 / 5 (58 voted)

Reviews: 89% of readers found this page helpful

Author information

Name: Edmund Hettinger DC

Birthday: 1994-08-17

Address: 2033 Gerhold Pine, Port Jocelyn, VA 12101-5654

Phone: +8524399971620

Job: Central Manufacturing Supervisor

Hobby: Jogging, Metalworking, Tai chi, Shopping, Puzzles, Rock climbing, Crocheting

Introduction: My name is Edmund Hettinger DC, I am a adventurous, colorful, gifted, determined, precious, open, colorful person who loves writing and wants to share my knowledge and understanding with you.