Page 1 of 116
CYBERSECURITY CERTIFICATION
EXAM|QUESTIONS AND ANSWERS WITH
RATIONALE|GRADED A+|100%
CORRECT|2026 UPDATE
1. Which of the following best describes the principle of "Least
Privilege"?
A) Users are given access to all resources within a specific
department
B) Users are provided only the minimum levels of access
necessary to perform their job functions
C) Users are granted administrative rights for a limited window
of time
D) Users are allowed to access any non-sensitive data without
authentication
,Page 2 of 116
Answer: B
Rationale: The principle of least privilege ensures that users
have only the specific permissions required for their tasks, which
minimizes potential damage from accidents or malicious intent .
2. The three core goals of the CIA triad are:
A) Confidentiality, Integrity, Availability
B) Confidentiality, Identification, Authentication
C) Compliance, Integrity, Availability
D) Confidentiality, Integrity, Authorization
Answer: A
Rationale: The CIA triad forms the foundation of information
security: Confidentiality prevents unauthorized disclosure,
Integrity prevents unauthorized modification, and Availability
ensures timely access .
3. A security administrator wants to protect against unauthorized
physical access to a server room. Which control is considered a
,Page 3 of 116
preventative physical control?
A) Motion sensors
B) Security cameras
C) Biometric door locks
D) Alarm systems
Answer: C
Rationale: Biometric locks are a preventative control because
they physically stop an unauthorized person from entering.
Sensors, cameras, and alarms are detective or deterrent
controls .
4. An attacker uses a "man-in-the-middle" attack to intercept
traffic between a client and a server. Which security triad
component is primarily compromised?
A) Availability
B) Integrity
, Page 4 of 116
C) Confidentiality
D) Authenticity
Answer: C
Rationale: While integrity can be affected, the primary goal of
intercepting MITM attacks is to view data, which violates
confidentiality .
5. Which of the following is used to verify the integrity of a
downloaded file?
A) Digital Signature
B) Symmetric Key
C) Hash Function
D) Public Key
Answer: C
Rationale: A hash function produces a fixed-size string
(checksum). If the file changes, the hash will change, allowing the
user to verify integrity .
CYBERSECURITY CERTIFICATION
EXAM|QUESTIONS AND ANSWERS WITH
RATIONALE|GRADED A+|100%
CORRECT|2026 UPDATE
1. Which of the following best describes the principle of "Least
Privilege"?
A) Users are given access to all resources within a specific
department
B) Users are provided only the minimum levels of access
necessary to perform their job functions
C) Users are granted administrative rights for a limited window
of time
D) Users are allowed to access any non-sensitive data without
authentication
,Page 2 of 116
Answer: B
Rationale: The principle of least privilege ensures that users
have only the specific permissions required for their tasks, which
minimizes potential damage from accidents or malicious intent .
2. The three core goals of the CIA triad are:
A) Confidentiality, Integrity, Availability
B) Confidentiality, Identification, Authentication
C) Compliance, Integrity, Availability
D) Confidentiality, Integrity, Authorization
Answer: A
Rationale: The CIA triad forms the foundation of information
security: Confidentiality prevents unauthorized disclosure,
Integrity prevents unauthorized modification, and Availability
ensures timely access .
3. A security administrator wants to protect against unauthorized
physical access to a server room. Which control is considered a
,Page 3 of 116
preventative physical control?
A) Motion sensors
B) Security cameras
C) Biometric door locks
D) Alarm systems
Answer: C
Rationale: Biometric locks are a preventative control because
they physically stop an unauthorized person from entering.
Sensors, cameras, and alarms are detective or deterrent
controls .
4. An attacker uses a "man-in-the-middle" attack to intercept
traffic between a client and a server. Which security triad
component is primarily compromised?
A) Availability
B) Integrity
, Page 4 of 116
C) Confidentiality
D) Authenticity
Answer: C
Rationale: While integrity can be affected, the primary goal of
intercepting MITM attacks is to view data, which violates
confidentiality .
5. Which of the following is used to verify the integrity of a
downloaded file?
A) Digital Signature
B) Symmetric Key
C) Hash Function
D) Public Key
Answer: C
Rationale: A hash function produces a fixed-size string
(checksum). If the file changes, the hash will change, allowing the
user to verify integrity .
