Cybersecurity
Knowledge is Your Best Defense in 2025

PKI Tokens Proper Use of DoD Public Key Infrastructure (PKI) Tokens

An appropriate use of a DoD Public Key Infrastructure (PKI) token is to only leave it in a system while actively using it for a PKI-required task. This ensures the security of your digital identity and prevents unauthorized access.

Think of your PKI token as a key. You wouldn't leave a key in the lock when you're not using it, right? Similarly, remove your token when you're finished with the task.

Internet Browsing Best Practices for Secure

Always look for 'https' in the URL when browsing the internet. The 's' signifies a secure connection, encrypting the data transmitted between your device and the website.

This simple step can protect your sensitive information from being intercepted by malicious actors.

Data Classification Protecting Sensitive Information

Confidential data, if compromised, could reasonably be expected to cause damage to national security. Always handle confidential information with the utmost care.

Proper handling includes secure storage, encryption, and limiting access to authorized personnel.

Mobile Device Security Securing Your Mobile Devices

Protect data on your mobile device by using two-factor authentication. This adds an extra layer of security, making it harder for unauthorized individuals to access your information.

Enable two-factor authentication on all your important accounts.

Insider Threats Understanding

An insider threat is someone who uses authorized access, either wittingly or unwittingly, to harm national security. This could be through malicious actions or negligence.

Be vigilant and report any suspicious activity.

Government Email Appropriate Use of

Using a digital signature when sending hyperlinks is an appropriate use of government email. This verifies the sender's identity and ensures the email hasn't been tampered with.

This builds trust and enhances security.

Home Computer Security Best Practices for

Create separate accounts for each user and have each user create their own password. This is a fundamental step to secure your home computer and protect user data.

This limits the impact of a security breach and allows you to track user activity more effectively.

CAC Usage Improper Use of Your Common Access Card (CAC)

Exchanging your CAC for a visitor pass in another building is NOT an appropriate use of your CAC. Your CAC is for official government business only.

Never share your CAC or use it for unauthorized purposes.

Smartwatch Security Risks

Yes, it does pose a security risk to tap your smartwatch to pay for a purchase at a store. There is a risk that the signal could be intercepted and altered. Be aware and take necessary precautions.

Consider using a secure payment method and keeping your smartwatch information secure.

Insider Threat Indicators Potential

Death of a spouse is a potential insider threat indicator. Financial problems, changes in behavior, or other personal issues can sometimes lead to security risks. Report anything unusual to your security POC.

Be aware of the signs, and report any suspicious behaviors.

Home Network Security Protecting Your Home Wireless Network

Implement, as a minimum, Wi-Fi Protected Access 2 (WPA2) Personal encryption for your home wireless network. This encrypts the data transmitted over your network.

This is a critical step to protect your data.

Social Media Sharing Safest Information to Share on Social Media

Your favorite movie is the safest thing to share on a social networking site. Avoid sharing personal information, such as your location or date of birth.

Be mindful of what you post online.

SCI Access Requirements for Access to Sensitive Compartmented Information (SCI)

Top Secret clearance and indoctrination into the SCI program are the requirements for access to Sensitive Compartmented Information (SCI). This information is highly sensitive and requires a rigorous vetting process.

Adhere to all security protocols when handling SCI.

Removable Media and PEDs Risks of Removable Media and Portable Electronic Devices (PEDs)

The risks associated with removable media and portable electronic devices (PEDs) may lead to loss of life. Always handle these devices with care and follow all security guidelines.

Lost or stolen devices can expose sensitive information.

“

Knowledge is the key to unlocking cybersecurity. By understanding the risks and implementing best practices, you can protect yourself and your data.

Cybersecurity Expert

Home Computer Protection Protecting Your Home Computer

Use legitimate, known antivirus software to protect your home computer. This helps prevent malware and viruses from infecting your system.

Keep your antivirus software updated.

Mobile Device Protection While Traveling Protecting Your Mobile Device While Traveling

Connect with a Government VPN to protect your mobile device while traveling. This encrypts your internet traffic and ensures secure access to government resources.

This safeguards your data.

Insider Threat Indicators (Scenario) Analyzing an Insider Threat Scenario

Based on the description provided, there are 2 insider threat indicators present: Edward's aggressive interest in others' work and his tendency to ask for classified details of their projects.

Always report suspicious behaviors.

Strong Passwords Creating

bRobr@79l*P is an example of a strong password. It is long, complex, and uses a combination of upper and lowercase letters, numbers, and special characters.

Use strong and unique passwords for each account.

Sharing Sensitive Information Securely

Matt, a government employee, should encrypt the document containing source selection data and send it via digitally signed Government e-mail. This is the most appropriate method for secure sharing.

Always protect sensitive data.

Responding to Suspicious Calls Handling Suspicious Phone Calls

If you receive a phone call from an unknown person asking for a directory name on your government-furnished laptop so that a software update can be made, document the interaction and contact your security POC or help desk.

Never provide information to unknown individuals.

SCIF Permitted Devices Permitted Devices in a Sensitive Compartmented Information Facility (SCIF)

A Bluetooth medical device, such as a glucose monitor, is permitted within a Sensitive Compartmented Information Facility (SCIF). Ensure the device is properly vetted and follows all security protocols.

Always adhere to SCIF regulations.

Personally Identifiable Information (PII) Understanding Personally Identifiable Information (PII)

Smartphone brand and model, when linked to a specific individual, is NOT an example of Personally Identifiable Information (PII).

PII is information that can be used to identify, contact, or locate a single person.

Identity Theft Protection Protecting Yourself from Identity Theft

Review your credit report annually to protect yourself from identity theft. This allows you to identify any unauthorized activity and take corrective action.

Be proactive in protecting your identity.

SCIF Behavior Working Within a Sensitive Compartmented Information Facility (SCIF)

Badges must be worn while in the facility and removed when leaving the facility when working within a Sensitive Compartmented Information Facility (SCIF). Always follow the rules.

This helps maintain the security of the facility.

Preventing Viruses and Malicious Code

Scan all e-mail attachments to prevent viruses and malicious code from infecting your system. This is a critical step to protect your data.

Never open attachments from unknown senders.

Protecting Your Identity Best Practices for

Ask how information will be used before giving it out. Be cautious about sharing personal information.

Protect your identity.

Protecting Classified Data

Store classified data in a GSA-approved container to protect it. This ensures the data is secure and only accessible to authorized personnel.

Handle classified information with care.