Unlock hundreds more features
Save your Quiz to the Dashboard
View and Export Results
Use AI to Create Quizzes and Analyse Results

OR
Sign inSign in with Facebook
Sign inSign in with Google
Quizzes > Computers & IT

Cyber security quiz with certificate for exam practice

Quick, free cyber security practice test to check your skills. Instant results.

Editorial: Review CompletedCreated By: Grant E MasekUpdated Aug 23, 2025
Difficulty: Moderate
Questions: 20
Learning OutcomesStudy Material
Colorful paper art depicting elements related to Cybersecurity Certification Practice Quiz

This cybersecurity certification practice quiz helps you check exam readiness across threats, encryption, and incident response. Get instant feedback and see where to focus next, then go deeper with the sy0-501 practice test or refresh core concepts in the cybersecurity basics quiz; if you need a broader checkup, try our cyber security awareness quiz.

Which of the following best describes a phishing attack?
A technique for executing unauthorized code on a server
A tool used for scanning network ports
A security feature implemented by firewalls
An email-based social engineering attempt to obtain sensitive information
Phishing attacks use deceptive emails to trick users into revealing credentials or personal information. This technique relies on social engineering rather than network scanning or code execution.
Which of these is the strongest example of a secure password?
John1985
123456
Y7#bT9*kLp2@mQ
password123
Strong passwords use length and a mix of uppercase, lowercase, digits, and symbols. Common words or sequences are easily cracked.
Which encryption algorithm operates using a single secret key for both encryption and decryption?
RSA
AES (Advanced Encryption Standard)
Diffie-Hellman
SHA-256
AES is a symmetric cipher where the same key is used to encrypt and decrypt data. RSA and Diffie-Hellman use asymmetric techniques and SHA-256 is a hash function.
What is the primary function of a network firewall?
To block or permit network traffic based on defined security rules
To encrypt data stored on servers
To detect and remove malware on endpoints
To apply software patches to operating systems
Firewalls control incoming and outgoing network traffic according to security policies. They are not used for encryption, malware removal, or patch management.
The principle of least privilege dictates that users should be given:
Temporary elevated permissions at all times
Administrative rights on all systems
The minimum access rights needed to perform their tasks
Full access for troubleshooting convenience
Least privilege restricts users to the minimal rights required for their job, reducing potential damage from errors or attacks. It does not grant full or administrative access by default.
Which vulnerability is specifically exploited by SQL injection attacks?
Default network configurations
Unsanitized user input in database queries
Weak password policies
Outdated antivirus definitions
SQL injection attacks occur when user input is not properly sanitized before inclusion in SQL statements, allowing attackers to manipulate queries. Other options are different security issues.
What is the main difference between symmetric and asymmetric encryption methods?
Symmetric uses the same key for encryption and decryption, asymmetric uses a public and private key pair
Symmetric is slower than asymmetric in all cases
Symmetric always provides integrity, asymmetric does not
Symmetric uses two keys, asymmetric uses one
Symmetric encryption uses one shared secret key to both encrypt and decrypt data, whereas asymmetric encryption uses a public key to encrypt and a private key to decrypt. Performance and integrity characteristics depend on algorithms, not this distinction.
Which phase is the first in the NIST incident response lifecycle?
Preparation
Recovery
Containment
Detection
Preparation is the initial phase where policies, communication plans, and response tools are established. Containment, detection, and recovery occur in later phases.
Multi-factor authentication enhances security primarily by:
Checking passwords against a database of common passwords
Employing CAPTCHA challenges
Using solely biometric verification
Requiring two or more independent credentials such as a password and a one-time code
MFA increases security by using multiple types of credentials (something you know, have, or are), making it harder for attackers to gain access. CAPTCHA and single-factor methods do not provide equivalent strength.
During a TLS handshake, what is established between a client and a server?
A user permission level
A direct file transfer
A permanent password for future logins
A symmetric session key for encrypting subsequent communication
The TLS handshake negotiates encryption parameters and securely exchanges a symmetric session key to encrypt data. It does not set passwords or permissions.
What is the first step in a formal risk assessment process?
Training end users
Implementing security controls
Identifying and classifying organizational assets
Performing penetration testing
Risk assessment begins by identifying and valuing assets to understand what needs protection. Controls and testing follow the initial asset identification.
How does an Intrusion Detection System (IDS) differ from an Intrusion Prevention System (IPS)?
An IDS blocks traffic, whereas an IPS only logs events
IPS is a physical device, IDS is software only
IDS and IPS perform the same functions
An IDS monitors and alerts on malicious activity, while an IPS actively blocks or rejects malicious traffic
An IDS is a passive system that detects and alerts on suspicious activity. An IPS takes proactive measures to block or mitigate identified threats.
Which method is most effective for protecting data at rest on a laptop?
Transport layer security (TLS)
Network segmentation
Full disk encryption
Antivirus software
Full disk encryption secures all stored data on a device, rendering it unreadable without proper credentials. TLS protects data in transit, while antivirus and segmentation address other concerns.
What is the primary focus of a Business Continuity Plan (BCP) compared to a Disaster Recovery Plan (DRP)?
Managing user access, whereas DRP trains staff
Encrypting data at rest, whereas DRP encrypts data in transit
Detailing network configurations, whereas DRP handles policy updates
Ensuring essential business operations continue during a disruption, whereas a DRP focuses on restoring IT systems
A BCP addresses maintaining critical business functions during crises. A DRP specifically targets IT system restoration after a disaster.
What is a key security benefit of implementing VLANs in a network?
Encryption of all transmitted data by default
Automatic vulnerability patching
Centralized authentication for all users
Segmenting network traffic to limit broadcast domains and contain potential threats
VLANs divide a network into logical segments, reducing the scope of broadcast traffic and isolating threats. They do not inherently provide encryption or patch management.
Which technique helps detect a man-in-the-middle attack on a TLS connection?
Using network address translation (NAT) to hide IP addresses
Deploying VLANs to separate network segments
Implementing certificate pinning to validate the exact expected server certificate
Enforcing complex password rules
Certificate pinning ensures the client only trusts a specific certificate, preventing attackers from presenting fraudulent ones in MITM attempts. NAT, VLANs, and password rules do not directly address TLS handshake integrity.
Why is salting important when storing password hashes?
It ensures passwords can be decrypted if needed
It adds a unique value to each password before hashing, preventing attackers from using precomputed rainbow tables
It encrypts the hash with a symmetric key
It forces users to change passwords regularly
Salting combines a unique random value with the password before hashing, making each hash unique and defeating precomputed attack tables. Salting does not enable decryption or enforce password rotation.
Which characteristic distinguishes an advanced persistent threat (APT) from other cyberattacks?
A long-term, stealthy presence targeting specific organizations to extract data over time
A quick denial-of-service attack against a random site
A self-propagating worm that spreads indiscriminately
A one-time phishing email sent broadly
APTs involve coordinated, prolonged intrusion campaigns aimed at specific targets with the goal of stealthy data exfiltration. Other attacks may be quick, random, or non-persistent.
What is a core principle of a Zero Trust security architecture?
Continuously verifying every user and device regardless of network location before granting access
Relying solely on perimeter firewalls for security
Trusting all devices inside the corporate network perimeter
Automatically granting access to authenticated users forever
Zero Trust assumes no implicit trust and requires continuous authentication and authorization of all requests. Traditional perimeter defense and perpetual access contradict this approach.
In the incident triage phase, what is the most important task?
Patching all vulnerable systems without analysis
Immediately backing up all system logs for archival
Notifying all end users about the incident details
Identifying the scope, severity, and impact of the security incident to prioritize response
Triage focuses on quickly assessing the incident's extent and potential business impact to determine the appropriate response. Backup, patching, or broad notifications without context can hinder effective handling.
0
{"name":"Which of the following best describes a phishing attack?", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Which of the following best describes a phishing attack?, Which of these is the strongest example of a secure password?, Which encryption algorithm operates using a single secret key for both encryption and decryption?","img":"https://www.quiz-maker.com/3012/images/ogquiz.png"}

Learning Outcomes

  1. Identify common cyber threats and vulnerabilities
  2. Analyse access control and authentication techniques
  3. Apply data encryption best practices effectively
  4. Evaluate incident response and recovery strategies
  5. Demonstrate understanding of risk management protocols
  6. Master core network security principles

Cheat Sheet

  1. Understand the CIA Triad - The CIA Triad - Confidentiality, Integrity, and Availability - is the cornerstone of any solid cybersecurity strategy. Think of it as a three-legged stool: if one leg falters, the whole system wobbles. Keeping data private, accurate, and accessible makes you the ultimate security hero.
  2. Recognize Common Cyber Threats - From sneaky phishing hooks to malicious malware and disruptive DDoS floods, cyber threats come in many shapes and sizes. Knowing how each works helps you dodge the digital bullets before they hit. Stay sharp and remember: "Spot it, stop it, secure it!"
  3. Implement Access Control Measures - Imagine a bouncer at an exclusive club who only admits VIP guests: that's access control in action. Techniques like role-based access control (RBAC) and multi-factor authentication (MFA) keep imposters out. Layer your defenses and grant permissions on a "need to know" basis.
  4. Apply Data Encryption Best Practices - Encryption turns your secrets into unreadable code that only authorized keys can unlock. Using robust algorithms and secure key management is like mailing a locked treasure chest - you need the right combination to open it. Don't forget to update your ciphers regularly to stay ahead of the hackers.
  5. Develop Incident Response Plans - A well-rehearsed incident response plan is your cyber fire drill - prepare for detection, containment, eradication, recovery, and reflection. Simulations and tabletop exercises keep your team agile when real threats strike. The faster you act, the less damage the breach can do.
  6. Understand Risk Management Protocols - Identifying, assessing, and mitigating risks is like surveying a minefield before crossing it. Frameworks such as NIST guide you through "Identify, Protect, Detect, Respond, Recover." Consistent risk reviews keep your defenses in tune with emerging threats.
  7. Master Network Security Principles - Picture your network as a digital castle: firewalls are your moat, IDS/IPS your watchtowers, and secure configurations your sturdy walls. Every packet passing through needs to be inspected and validated. A layered approach keeps invaders at bay.
  8. Recognize Vulnerabilities and Exploits - Every system flaw is a potential backdoor for threat actors. Regular patching, vulnerability scans, and code reviews seal up those weak spots. Remember: "A chain is only as strong as its weakest link" - keep each link reinforced.
  9. Implement Defense in Depth Strategies - Defense in depth layers physical, technical, and administrative controls so attackers face multiple hurdles. It's like stacking locks on your door, each requiring a unique key. If one layer fails, the next line of defense is ready.
  10. Stay Informed on Cybersecurity Frameworks - Frameworks like NIST's Cybersecurity Framework offer a proven roadmap to secure environments and continuous improvement. Treat them as your study guide for best practices and audits. Continuous learning keeps you ahead of the curve.
Make a Quiz (FREE) Copy & Edit This Quiz Create a Quiz with AI

Technology Quizzes

Powered by: Quiz Maker