Cyber Awareness & Certification Prep
77 Practice Questions & Answers
SECTION A: Cyber Awareness Fundamentals (1–20)
1. What is cybersecurity?
Answer: Protection of systems, networks, and data from digital attacks
2. What is the CIA triad?
Answer: Confidentiality, Integrity, Availability
3. Which principle ensures data is not altered without authorization?
Answer: Integrity
4. What is phishing?
Answer: Fraudulent attempts to obtain sensitive information via deception
5. Which attack uses fake websites to steal credentials?
Answer: Phishing
6. What is malware?
Answer: Malicious software designed to harm systems
7. Which malware encrypts files for ransom?
Answer: Ransomware
8. What is social engineering?
Answer: Manipulating people to gain unauthorized access
9. Strong passwords should include:
Answer: Letters, numbers, symbols, and length
10. What is two-factor authentication (2FA)?
Answer: Two methods used to verify identity
11. Which factor is something you are?
Answer: Biometrics
12. What does VPN stand for?
Answer: Virtual Private Network
, 13. VPNs primarily provide:
Answer: Secure encrypted connections
14. What is data encryption?
Answer: Converting data into unreadable format without a key
15. What is a firewall?
Answer: A system that controls network traffic
16. Which device filters incoming and outgoing traffic?
Answer: Firewall
17. What is an insider threat?
Answer: Security risk from authorized users
18. What is least privilege?
Answer: Giving users minimum access required
19. What is patch management?
Answer: Updating systems to fix vulnerabilities
20. Why are updates important?
Answer: They fix security flaws
🧩 SECTION B: Threats & Attacks (21–35)
21. What is a zero-day vulnerability?
Answer: Unknown flaw exploited before patching
22. What is brute-force attack?
Answer: Repeated attempts to guess passwords
23. What is spyware?
Answer: Software that secretly monitors activity
24. What is a Trojan?
Answer: Malware disguised as legitimate software
25. What is DDoS attack?
Answer: Overwhelming a system with traffic
26. What is keylogging?
Answer: Recording keystrokes to steal data
27. Which attack targets humans, not systems?
Answer: Social engineering
77 Practice Questions & Answers
SECTION A: Cyber Awareness Fundamentals (1–20)
1. What is cybersecurity?
Answer: Protection of systems, networks, and data from digital attacks
2. What is the CIA triad?
Answer: Confidentiality, Integrity, Availability
3. Which principle ensures data is not altered without authorization?
Answer: Integrity
4. What is phishing?
Answer: Fraudulent attempts to obtain sensitive information via deception
5. Which attack uses fake websites to steal credentials?
Answer: Phishing
6. What is malware?
Answer: Malicious software designed to harm systems
7. Which malware encrypts files for ransom?
Answer: Ransomware
8. What is social engineering?
Answer: Manipulating people to gain unauthorized access
9. Strong passwords should include:
Answer: Letters, numbers, symbols, and length
10. What is two-factor authentication (2FA)?
Answer: Two methods used to verify identity
11. Which factor is something you are?
Answer: Biometrics
12. What does VPN stand for?
Answer: Virtual Private Network
, 13. VPNs primarily provide:
Answer: Secure encrypted connections
14. What is data encryption?
Answer: Converting data into unreadable format without a key
15. What is a firewall?
Answer: A system that controls network traffic
16. Which device filters incoming and outgoing traffic?
Answer: Firewall
17. What is an insider threat?
Answer: Security risk from authorized users
18. What is least privilege?
Answer: Giving users minimum access required
19. What is patch management?
Answer: Updating systems to fix vulnerabilities
20. Why are updates important?
Answer: They fix security flaws
🧩 SECTION B: Threats & Attacks (21–35)
21. What is a zero-day vulnerability?
Answer: Unknown flaw exploited before patching
22. What is brute-force attack?
Answer: Repeated attempts to guess passwords
23. What is spyware?
Answer: Software that secretly monitors activity
24. What is a Trojan?
Answer: Malware disguised as legitimate software
25. What is DDoS attack?
Answer: Overwhelming a system with traffic
26. What is keylogging?
Answer: Recording keystrokes to steal data
27. Which attack targets humans, not systems?
Answer: Social engineering
