[EDUKBCS3] EDUK Level 3 Diploma in
Business Cyber Security Certification Exam
Guide
**Question 1. Which OSI layer is primarily responsible for routing decisions in a corporate
network?**
A) Physical
B) Data Link
C) Network
D) Transport
Answer: C
Explanation: The Network layer (Layer 3) handles logical addressing and routing of packets
between subnets.
**Question 2. In a SaaS model, which of the following is the customer NOT responsible for?**
A) Application updates
B: User authentication
C: Data encryption in transit
D: Physical server maintenance
Answer: D
Explanation: The service provider manages the underlying hardware; customers manage
configuration, identities, and data protection.
**Question 3. Which protocol encrypts web traffic using both symmetric and asymmetric
cryptography?**
A) HTTP
B) FTP
C) TLS
D) SMTP
, [EDUKBCS3] EDUK Level 3 Diploma in
Business Cyber Security Certification Exam
Guide
Answer: C
Explanation: TLS starts with an asymmetric handshake to exchange keys, then uses symmetric
encryption for the session.
**Question 4. Which of the following devices is most vulnerable to default credential attacks in
an office environment?**
A) Desktop workstation
B) Network printer
C) Server rack switch
D) Laptop
Answer: B
Explanation: Office printers often ship with default admin passwords that are rarely changed,
making them easy targets.
**Question 5. The CIA triad’s “Integrity” component is best protected by which control?**
A) Encryption at rest
B) Access control lists
C) Hashing and digital signatures
D) Redundant power supplies
Answer: C
Explanation: Hashes and digital signatures detect unauthorized alterations, ensuring data
integrity.
**Question 6. Multi‑Factor Authentication (MFA) reduces risk by requiring at least how many
independent factors?**
, [EDUKBCS3] EDUK Level 3 Diploma in
Business Cyber Security Certification Exam
Guide
A) One
B) Two
C) Three
D) Four
Answer: B
Explanation: MFA combines two or more of something you know, have, or are, making
unauthorized access significantly harder.
**Question 7. Which principle states that users should receive only the permissions necessary
to perform their job?**
A) Separation of duties
B) Principle of least privilege
C) Need‑to‑know
D) Defense in depth
Answer: B
Explanation: The Principle of Least Privilege limits access to the minimum required for job
functions.
**Question 8. Symmetric encryption is generally faster than asymmetric encryption because:**
A) It uses shorter keys
B) It encrypts data in blocks
C) It requires only one key pair
D) It does not involve mathematical exponentiation
Answer: D
, [EDUKBCS3] EDUK Level 3 Diploma in
Business Cyber Security Certification Exam
Guide
Explanation: Symmetric algorithms use simple operations (e.g., XOR, substitution) rather than
the heavy modular exponentiation of asymmetric cryptography.
**Question 9. Which of the following is a primary use case for a VPN in a business setting?**
A) Hosting a public website
B) Providing remote employees secure access to internal resources
C) Scanning for malware on the network
D) Managing DNS queries
Answer: B
Explanation: VPNs create encrypted tunnels, allowing remote users to connect safely to
corporate networks.
**Question 10. Data‑in‑use is protected most effectively by:**
A) Full‑disk encryption
B) TLS
C) Application‑level encryption and secure enclaves
D) Backup rotation
Answer: C
Explanation: Data‑in‑use resides in memory; secure enclaves and runtime encryption protect it
while being processed.
**Question 11. Phishing attacks typically exploit which human weakness?**
A) Curiosity
B) Greed
Business Cyber Security Certification Exam
Guide
**Question 1. Which OSI layer is primarily responsible for routing decisions in a corporate
network?**
A) Physical
B) Data Link
C) Network
D) Transport
Answer: C
Explanation: The Network layer (Layer 3) handles logical addressing and routing of packets
between subnets.
**Question 2. In a SaaS model, which of the following is the customer NOT responsible for?**
A) Application updates
B: User authentication
C: Data encryption in transit
D: Physical server maintenance
Answer: D
Explanation: The service provider manages the underlying hardware; customers manage
configuration, identities, and data protection.
**Question 3. Which protocol encrypts web traffic using both symmetric and asymmetric
cryptography?**
A) HTTP
B) FTP
C) TLS
D) SMTP
, [EDUKBCS3] EDUK Level 3 Diploma in
Business Cyber Security Certification Exam
Guide
Answer: C
Explanation: TLS starts with an asymmetric handshake to exchange keys, then uses symmetric
encryption for the session.
**Question 4. Which of the following devices is most vulnerable to default credential attacks in
an office environment?**
A) Desktop workstation
B) Network printer
C) Server rack switch
D) Laptop
Answer: B
Explanation: Office printers often ship with default admin passwords that are rarely changed,
making them easy targets.
**Question 5. The CIA triad’s “Integrity” component is best protected by which control?**
A) Encryption at rest
B) Access control lists
C) Hashing and digital signatures
D) Redundant power supplies
Answer: C
Explanation: Hashes and digital signatures detect unauthorized alterations, ensuring data
integrity.
**Question 6. Multi‑Factor Authentication (MFA) reduces risk by requiring at least how many
independent factors?**
, [EDUKBCS3] EDUK Level 3 Diploma in
Business Cyber Security Certification Exam
Guide
A) One
B) Two
C) Three
D) Four
Answer: B
Explanation: MFA combines two or more of something you know, have, or are, making
unauthorized access significantly harder.
**Question 7. Which principle states that users should receive only the permissions necessary
to perform their job?**
A) Separation of duties
B) Principle of least privilege
C) Need‑to‑know
D) Defense in depth
Answer: B
Explanation: The Principle of Least Privilege limits access to the minimum required for job
functions.
**Question 8. Symmetric encryption is generally faster than asymmetric encryption because:**
A) It uses shorter keys
B) It encrypts data in blocks
C) It requires only one key pair
D) It does not involve mathematical exponentiation
Answer: D
, [EDUKBCS3] EDUK Level 3 Diploma in
Business Cyber Security Certification Exam
Guide
Explanation: Symmetric algorithms use simple operations (e.g., XOR, substitution) rather than
the heavy modular exponentiation of asymmetric cryptography.
**Question 9. Which of the following is a primary use case for a VPN in a business setting?**
A) Hosting a public website
B) Providing remote employees secure access to internal resources
C) Scanning for malware on the network
D) Managing DNS queries
Answer: B
Explanation: VPNs create encrypted tunnels, allowing remote users to connect safely to
corporate networks.
**Question 10. Data‑in‑use is protected most effectively by:**
A) Full‑disk encryption
B) TLS
C) Application‑level encryption and secure enclaves
D) Backup rotation
Answer: C
Explanation: Data‑in‑use resides in memory; secure enclaves and runtime encryption protect it
while being processed.
**Question 11. Phishing attacks typically exploit which human weakness?**
A) Curiosity
B) Greed
