The Cyber Awareness Challenge is an annual course designed to empower authorized users with the knowledge and skills necessary to effectively prevent and mitigate threats and vulnerabilities within an organization’s system. Beyond offering a comprehensive overview of cybersecurity best practices, this challenge aims to enhance awareness regarding potential and prevalent cyber threats. Its primary objective is straightforward: to influence user behavior and minimize risks and vulnerabilities faced by DoD Information Systems. Here you will find out the answers for the DoD Cyber Awareness Challenge for the years 2024.
Cyber Awareness Challenge Answers 2024 | All For Free
Below, you will discover a collection of cyber awareness challenge answers of 2024:
Q1 Which of the following is true of spillage?
AnsIt can be either inadvertent or intentional.
Q2 Which of the following statements about Protected Health Information (PHI) is false?
AnsIt requires more protection than Personally Identifiable Information (PII).
Q3 On your home computer, how can you best establish passwords when creating separate user accounts?
AnsThe best practice among the provided options for establishing passwords when creating separate user accounts on your home computer is: Have each user create their own, strong password.
Q4 Which of the following statements is true of DoD Unclassified data?
AnsIt may require access and distribution controls.
Q5 You receive a text message from a package shipper notifying you that your package delivery is delayed due to needing updated delivery instructions from you. It provides a shortened link for you to provide the needed information. You are not expecting a package. What is the best course of action?
AnsDelete the message
Q6 When is the safest time to post on social media about your vacation plans?
AnsAfter the trip.
Q7 You receive a phone call offering you a $50 gift card if you participate in a survey. Which course of action should you take?
AnsDecline to participate in the survey. This may be a social engineering attempt.
Q8 Which of the following is NOT an appropriate use of your Common Access Card (CAC)?
AnsUsing it as photo identification with a commercial entity.
Q9 Which of the following is an example of behavior that you should report?
AnsTaking sensitive information home for telework without authorization.
Q10 How should government owned removable media be stored?
AnsIn a GSA-approved container according to the appropriate security classification.
Q11 Which of the following is NOT a best practice for protecting your home wireless network for telework?
AnsUse your router’s pre-set Service Set Identifier (SSID) and password.
Q12 Which of the following contributes to your online identity?
AnsAll of these.
Q7 You receive a phone call offering you a $50 gift card if you participate in a survey. Which course of action should you take?
AnsDecline to participate in the survey. This may be a social engineering attempt.
Q13 Which of the following is NOT a way that malicious code can spread?
AnsRunning a virus scan.
Q14 Which of the following is NOT a best practice for protecting data on a mobile device?
AnsDisable automatic screen locking after a period of inactivity.
Q15 Beth taps her phone at a payment terminal to pay for a purchase. Does this pose a security risk?
AnsYes, there is a risk that the signal could be intercepted and altered.
Q16 How can you protect your home computer?
AnsRegularly back up your files.
Q17 Which of the following uses of removable media is appropriate?
AnsEncrypting data stored on removable media.
Q18 Which of the following is true of working within a Sensitive Compartmented Information Facility (SCIF)?
AnsAuthorized personnel who permit another individual to enter the SCIF are responsible for confirming the individual’s need-to-know and access.
Q19 Tom is working on a report that contains employees’ names, home addresses, and salary. Which of the following is Tom prohibited from doing with the report?
AnsUsing his home computer to print the report while teleworking.
Q20 Which of these is NOT a potential indicator that your device may be under a malicious code attack?
AnsA notification for a system update that has been publicized.
Q21 Under which Cyberspace Protection Condition (CPCON) is the priority focus limited to critical and essential functions?
AnsThe priority focus on critical and essential functions is established under Cyber Protection Condition (CPCON) level 1.
Q22 Which of the following is a best practice for using government e-mail?
AnsDo not send mass e-mails.
Q23 Carl receives an e-mail about a potential health risk caused by a common ingredient in processed food. Which of the following actions should Carl NOT take with the e-mail?
AnsForward it.
Q24 Which of the following is permitted when using an unclassified laptop within a collateral classified space?
AnsA Government-issued wired headset with microphone.
Q25 Annabeth becomes aware that a conversation with a co-worker that involved Sensitive Compartmented Information (SCI) may have been overheard by someone who does not have the required clearance. What action should Annabeth take?
AnsContact her security POC with detailed information about the incident.
Q26 Which of the following is an appropriate use of government e-mail?
AnsUsing a digital signature when sending attachments.
Q27 Sylvia commutes to work via public transportation. She often uses…
AnsYes. Eavesdroppers may be listening to Sylvia’s phone calls, and shoulder surfers may be looking at her screen.
Q28 Which of the following is true of transmitting or transporting SCI?
AnsPrinted SCI must be retrieved promptly from the pr
Q29 What conditions are necessary to be granted access to SCI?
AnsTop Secret clearance and indoctrination into the SCI program.
Q30 Terry sees a post on her social media feed that says there is smoke billowing from the Pentagon…
AnsThis is probably a post designed to attract Terr’s attention to click on a link and steal her information.
Q31 Which of the following statements about PHI is false?
AnsIt is created or received by a healthcare provider, health plan, or employer of a business associate of these.
Q32 How can you prevent viruses and malicious code?
AnsScan all external files before uploading to your computer.
Q33 Which of the following is an appropriate use of a DoD PKI token?
AnsDo not use a token approved for NIPR on SIPR.
Q34 YWhich of the following is a best practice when browsing the internet?
AnsOnly accept cookies from reputable, trusted websites.
Q35 Where are you permitted to use classified data?
AnsOnly in areas with security appropriate to the classification level.
Q36 What is the goal of an Insider Threat Program?
AnsDeter, detect, and mitigate.
Q37 Which of the following uses of removable media is allowed?
AnsGovernment owned removable media that is approved as operationally necessary.
Q38 Which of the following is NOT an appropriate use of your CAC?
AnsUsing it as photo identification with a commercial entity.
Q39 Which of the following is an authoritative source for derivative classification?
AnsSecurity Classification Guide.
Q40 How can an adversary use information available in public records to target you?
AnsCombine it with information from other data sources to learn how best to bait you with a scam.
Q41 Which of the following is an allowed use of government furnished equipment (GFE)?
AnsChecking personal e-mail if your organization allows it.
Q42 Which best describes an insider threat? Someone who uses _ access, __, to harm national security through unauthorized disclosure, data modification, espionage, terrorism, or kinetic actions.
AnsAuthorized, wittingly or unwittingly.
Q43 After a classified document is leaked online, it makes national headlines. Which of the following statements is true of the leaked information that is now accessible by the public?
AnsYou should still treat it as classified even though it has been compromised.
Q44 When linked to a specific individual, which of the following is NOT an example of Personally Identifiable Information (PII)?
AnsAutomobile make and model.
Q45 What does the Common Access Card (CAC) contain?
AnsCertificates for identification, encryption, and digital signature.
Conclusion
We hope that our effort of answering almost all question of cyber awareness challenge 2024 will become useful for you. Let us know if you face any difficulty in answering in any kind of answers key.