[25 Test Answers] 2024 Cyber Awareness Challenge – Test Pinoy (2024)

Overview: The Cyber Awareness Challenge serves as an annual refresher of security requirements, security best practices, and your security responsibilities. It provides an overview of current cybersecurity threats and best practices to keep information and information systems secure at home and work.

2024 Cyber Awareness Challenge test answers

Question 1. Which of the following statements about Protected Health Information (PHI) is false?
A. It requires more protection than Personally Identifiable Information (PII).
B. It includes information related to the physical or mental health of an individual, regardless of whether the individual is identified.✅
C. It is created or received by a healthcare provider, health plan, employer, or a business associate of these.
D. It is a type of Controlled Unclassified Information (CUI).

NOTE:CUI includes, but is not limited to, Controlled Technical Information (CUI), Personally Identifiable Information (PII), Protected Health Information (PHI), financial information, personal or payroll information, proprietary data, and operational information.

Question 2. Which of these is NOT a potential indicator that your device may be under a malicious code attack?
A. Loss of control of the mouse or keyboard.
B. The device slows down.
C. A notification for a system update that has been publicized.✅
D. Appearance of new extensions or tabs in your Web browser.

Note: System updates, especially those that are widely publicized, are typically legitimate efforts by software providers to improve security, fix bugs, or add new features. These updates are usually not indicators of a malicious code attack. In contrast, loss of control of the mouse or keyboard, slowdown of the device, and the appearance of new extensions or tabs in your web browser are common symptoms of a potential malicious code attack.

Question 3. Which of the following describes Sensitive Compartmented Information (SCI)? SCI is a program that _____ various types of classified information for _____ protection and dissemination or distribution control.
A. categorizes; reduced
B. describes; defining
C. segregates; added✅
D. combines; shared

NOTE:Remember that leaked classified or controlled information is still classified or controlled even if it has already been compromised. Do NOT download it or you may create a new case of spillage.

Question 4. How can you protect your home computer?
A. Regularly back up your files.✅
B. Disable firewall protection.
C. Accept all mobile code.
D. Use the default operating system password.

Question 5. Which of the following is NOT a best practice for protecting your home wireless network for telework?
A. Use your router’s pre-set Service Set Identifier (SSID) and password.✅
B. Use a Virtual Private Network (VPN) as soon as you connect.
C. Limit access, allowing access only to specific devices.
C. Implement, as a minimum, Wi-Fi Protected Access 2 (WPAC2) Personal encryption.

NOTE:You must have permission from your organization to telework. When teleworking, you should always use authorized equipment and software.

Question 6. Sylvia commutes to work via public transportation. She often uses the time to get a head start on work by making phone calls or responding to emails on her government-approved mobile device. Does this pose a security concern?
A. Yes, but only the phone calls. Sylvia should speak softly and only make calls when no one is sitting next to her.
B. Yes. Eavesdroppers may be listening to Sylvia’s phone calls, and shoulder surfers may be looking at her screen. Sylvia should be aware of these risks.✅
C. No, because Sylvia is using a government-approved device.
D. No. No one else is going to be paying attention to what Sylvia is doing, as they will be focused on their own business.

Question 7. Which of the following is NOT a best practice for traveling overseas with a mobile device?
A. Avoid using public Wi-Fi.
B. Store the device in a hotel safe when sightseeing.✅
C. Do not travel with a mobile device if you can avoid it.
D. Assume that any voice or data transmission is monitored.

Question 8. Where are you permitted to use classified data?
A. Only in areas with security appropriate to the classification level
B. Anywhere you have a reasonable expectation of privacy, including while teleworking
C. Within a government facility in an area where you have a reasonable expectation of privacy, like a closed office
D. Only in a SCIF✅

Question 9. Which of the following is an appropriate use of government e-mail?
A. Sending e-mails to personal contacts
B. Using a digital signature when sending attachments✅
C. Sharing an order form for your child’s school fundraiser
D. Forwarding DoD-related memes or jokes

Question 10. Which of the following contributes to your online identity?
A. Social networking sites
B. Audio-enabled digital assistants(e.g., Siri, Alexa)
C. Fitness trackers
D. All of these✅

Question 11. Which best describes an insider threat? Someone who uses ____ access, _____, to harm national security through unauthorized disclosure, data modification, espionage, terrorism, or kinetic actions.
A. unauthorized; undetected
B. unauthorized; detected; undetected
C. authorized; wittingly or unwittingly✅
D. authorized; with good intentions

Question 12. How can you mitigate the potential risk associated with a compressed URL (e.g., TinyURL, goo.gl)?
A. Open the link in a new tab or window.
B. Open the link in your browser’s incognito mode.
C. Select the link to see where it leads.
D. Use the preview function to see where the link actually leads.✅

NOTE:Malicious code can cause damage by corrupting files, erasing your hard drive, and/or allowing hackers access.

Question 13. How should government-owned removable media be stored?
A. Removable media is not permitted in government facilities.
B. In a GSA-approved container according to the appropriate security classification.✅
C. With your organization’s IT department.
D. In any type of container where it is not visible, such as a desk drawer.

Question 14. Which of the following is permitted when using an unclassified laptop within a collateral classified space?
A. A personally-owned wired headset with a microphone.
B. A Government-issued wired headset with a microphone.✅
C. A Government-issued wireless headset without a microphone.
D. Wi-Fi

NOTE:Use caution when connecting laptops to hotel Internet connections. Use public for free Wi-Fi only with the Government VPN.

Question 15. How can you protect your home computer?
A. Disable any pre-installed antivirus software.
B. Turn on the password feature.✅
C. Decline security updates.
D. Use the administrator account for all users.

Question 16. Which of the following is an example of a strong password?
A. 123Maple
B. 1970June30!
C. p@55w0rd
D. d+Uf_4RimUz✅

Question 17. Which of the following personally owned peripherals can you use with government-furnished equipment (GFE)?
A. A Bluetooth headset
B. A wired keyboard that requires installed drivers
C. A monitor connected via USB
D. A USB hub✅

Question 18. You receive a text message from a package shipper notifying you that your package delivery is delayed due to needing updated delivery instructions from you. It provides a shortened link for you to provide the needed information. You are not expecting a package. What is the best course of action?
A. Delete message✅
B. Open the link to provide the information
C. Open the link to inspect the website
D. Reply to the message and ask for more information

Question 19. Terry sees a post on her social media feed that says there is smoke billowing from the Pentagon. The post includes a video that shows smoke billowing from a building that is not readily identifiable as the Pentagon. Terry is not familiar with the source of the post. Which of the following describes what Terry has likely seen?
A. This is probably sensationalism, which is harmless.
B. This is probably a post designed to attract Terry’s attention to click on a link and steal her information.
C. This is probably breaking news because video cannot be faked.
D. This is probably disinformation unless Terry can verify it on a legitimate news site.✅

Question 20. Under which Cyberspace Protection Condition (CPCON) is the priority focus limited to critical and essential functions?
A. CPCON 1
B. CPCON 2
C. CPCON 3
D. CPCON 4✅

Question 21. Which of the following uses of removable media is allowed?
A. Unclassified government-owned removable media on a personal laptop.
B. Government-owned removable media that is approved as operationally necessary.✅
C. Connecting a personal phone to an Unclassified government laptop to charge only.
D. Personally owned removable media on Unclassified government laptops.

NOTE:No personal PEDs are allowed in a SCIF. Government-owned PEDs must be expressly authorized by your agency.

Question 22. Which of the following is true of transmitting or transporting Sensitive Compartmented Information (SCI)?
A. Anyone with eligibility to access SCI may hand-courier SCI.
B. SCI does not require a cover sheet in an open storage environment.
C. A collateral classified fax machine may be used to fax SCI with the appropriate cover sheet.
D. Printed SCI must be retrieved promptly from the printer.✅

Question 23. How can you prevent viruses and malicious code?
A. Download apps from your device’s official app store because these are guaranteed to have no vulnerabilities.
B. Allow mobile code to run on all websites.
C. Scan all external files before uploading to your computer.✅
D. View email using the Preview Pane rather than opening it.

NOTE:Malicious code can mask itself as a harmless email attachment, downloadable file, or website. In reality, once you select one of these, it typically installs itself without your knowledge.

Question 24. You receive a phone call offering you a $50 gift card if you participate in a survey. Which course of action should you take?
A. Participate in the survey, as phone surveys pose no risk.
B. Participate in the survey and take detailed notes about the interaction.
C. Participate in the survey and provide your address to receive the gift card.
D. Decline to participate in the survey. This may be a social engineering attempt.✅

Question 25. Which of the following is NOT a best practice for teleworking in an environment where Internet of Things (IoT) devices are present?
A. Check the devices periodically for Bluetooth connections.
B. Set strong passwords for the devices.
C. Use the devices’ default security settings.✅
D. Remove any voice-enabled device.

[25 Test Answers] 2024 Cyber Awareness Challenge – Test Pinoy (2024)

FAQs

How can you prevent viruses and malicious code cyber awareness 2024 answers? ›

Final answer:

To prevent viruses and malicious code, you should install and update antivirus software, be cautious of phishing attempts, use strong passwords and enable two-factor authentication, keep your software updated, and avoid clicking on suspicious links or downloading files.

What does the common access card CAC contain in Cyber Awareness 2024? ›

The microchip contains a digital image of the cardholder's face, two digital fingerprints, organizational affiliation, Social Security number, agency, card expiration date, and PKI certificate.

Which of the following is a best practice for physical security cyber awareness challenge 2024? ›

Which of the following is a best practice for physical security? Use your own security badge or key code for facility access.

Which of the following is true of telework cyber awareness 2024? ›

Which of the following is true of telework? You must have permission from your organization to telework.

Which best describes an insider threat cyber awareness 2024? ›

CISA defines insider threat as the threat that an insider will use their authorized access, wittingly or unwittingly, to do harm to the department's mission, resources, personnel, facilities, information, equipment, networks, or systems.

Which of the following describes sensitive compartmented information cyber awareness 2024? ›

Sensitive Compartmented Information (SCI) is a program that segregates various types of classified information into distinct compartments for added protection and dissemination or distribution control. SCI introduces an overlay of security to Top Secret, Secret, and Confidential information.

Who is eligible for a CAC card? ›

The CAC, a "smart" card about the size of a credit card, is the standard identification for active duty uniformed Service personnel, Selected Reserve, DoD civilian employees, and eligible contractor personnel.

What information is on the CAC certificate? ›

Information Stored on a CAC

These cards contain only selected, abbreviated data relating to your work functions or benefits and privileges provided as a uniformed member of the Armed Forces, U.S. Public Health Service, or NOAA, DoD Civilian, or DoD Contractor.

Which of the following is a risk associated with removable media cyber awareness 2024? ›

Which of the following is a risk associated with removable media? ALL OF THESE: Introduction of malicious codes; compromise of systems' confidentiality, availability, or integrity; spillage of classified documents.

What is the most difficult challenge to cyber security? ›

What are the main challenges of cybersecurity in the world today? The biggest challenge in cybersecurity today is the ever-changing nature of cyber threats. Cybercriminals are constantly inventing new techniques and strategies to exploit vulnerabilities in networks and systems.

What is the theme for Cyber Security Awareness Month 2024? ›

Organizations can use the Secure Our World theme when planning for the 2024 and future Cybersecurity Awareness Month campaigns.

What is the largest threat to physical security? ›

But what threats are deemed the most serious, and how can they be prevented? The top five security threats detected in 2022 are workplace violence, crime/theft, natural disasters, biosecurity, and the push to move employees completely remote (WFH).

What does the common access card contain cyber awareness 2024? ›

The CAC contains a microprocessor chip that stores the user's personal information, such as name, rank, and organization, and also includes cryptographic keys and digital certificates that are used to authenticate the user's identity and grant access to DoD resources.

Which best describes an insider threat? ›

An insider threat is anyone with authorized access who uses that access to wittingly or unwittingly cause harm to an organization and its resources including information, personnel, and facilities.

Which of the following is not an appropriate use of your CAC? ›

Removing from your computer and taking it with you when you leave your workstation: This is NOT an appropriate use of your CAC. The CAC is intended to remain in the possession of the authorized user and should not be removed from the workstation.

How can you prevent viruses and malicious code in Quizlet? ›

How can you prevent viruses and malicious code? Scan all external files before uploading to your computer.

Which is a best practice that can prevent viruses and other malicious code? ›

Use a standard user account instead of an administrator account. An administrator account can access anything on the system, and any malware run with an administrator account can use the administrator permissions to potentially infect or damage any files on the system.

How can you prevent viruses and malicious code brainly? ›

Answer. Option (A) Installing and maintaining up-to-date antivirus software is an essential measure to prevent viruses and malicious code. Being cautious with links and attachments, enabling firewall protection, and not sharing passwords are also important steps.

How will you protect your system from malicious Internet and malicious code? ›

Avoid visiting sites that offer potentially illicit content. Many of these sites install malware on the fly or offer downloads that contain malware. Use a modern browser like Microsoft Edge, which can help block malicious websites and prevent malicious code from running on your computer.

References

Top Articles
Latest Posts
Recommended Articles
Article information

Author: Sen. Emmett Berge

Last Updated:

Views: 6655

Rating: 5 / 5 (80 voted)

Reviews: 87% of readers found this page helpful

Author information

Name: Sen. Emmett Berge

Birthday: 1993-06-17

Address: 787 Elvis Divide, Port Brice, OH 24507-6802

Phone: +9779049645255

Job: Senior Healthcare Specialist

Hobby: Cycling, Model building, Kitesurfing, Origami, Lapidary, Dance, Basketball

Introduction: My name is Sen. Emmett Berge, I am a funny, vast, charming, courageous, enthusiastic, jolly, famous person who loves writing and wants to share my knowledge and understanding with you.