CYBER SECURITY INFORMATION SECURITY Micro
Credential Practice Exam
**Question 1.** Which of the following best describes the confidentiality
component of the CIA triad?
A) Ensuring data is accurate and unaltered
B) Ensuring data is available when needed
C) Preventing unauthorized disclosure of information
D) Verifying the identity of users
Answer: C
Explanation: Confidentiality protects information from being disclosed to
unauthorized individuals.
**Question 2.** In the context of information security, non‑repudiation is
primarily achieved through:
A) Strong password policies
B) Digital signatures
C) Firewalls
D) Intrusion detection systems
Answer: B
Explanation: Digital signatures provide proof that a specific entity performed an
action, preventing denial of that action.
**Question 3.** A vulnerability is best defined as:
A) An existing exploit in the wild
, CYBER SECURITY INFORMATION SECURITY Micro
Credential Practice Exam
B) A weakness that can be exploited by a threat
C) The intent to cause damage
D) A successful attack on a system
Answer: B
Explanation: A vulnerability is a flaw or weakness that can be leveraged by a
threat actor.
**Question 4.** Which type of malware disguises itself as a legitimate program
but performs malicious actions once executed?
A) Worm
B) Trojan horse
C) Rootkit
D) Logic bomb
Answer: B
Explanation: Trojans appear benign to users but contain hidden malicious
functionality.
**Question 5.** Ransomware primarily impacts which CIA component?
A) Confidentiality
B) Integrity
C) Availability
, CYBER SECURITY INFORMATION SECURITY Micro
Credential Practice Exam
D) Authentication
Answer: C
Explanation: Ransomware encrypts data, making it unavailable to legitimate users
until a ransom is paid.
**Question 6.** A Distributed Denial of Service (DDoS) attack differs from a DoS
attack because:
A) It targets multiple protocols simultaneously
B) It originates from multiple compromised hosts
C) It uses encryption to hide traffic
D) It exploits software vulnerabilities
Answer: B
Explanation: DDoS leverages many distributed sources to overwhelm a target,
unlike a single-source DoS.
**Question 7.** Which social engineering technique involves sending fraudulent
emails that appear to come from a trusted source?
A) Tailgating
B) Vishing
C) Phishing
D) Shoulder surfing
Answer: C
, CYBER SECURITY INFORMATION SECURITY Micro
Credential Practice Exam
Explanation: Phishing uses deceptive emails to trick recipients into revealing
credentials or installing malware.
**Question 8.** Shoulder surfing is an example of:
A) Physical attack
B) Network attack
C) Malware attack
D) Insider threat
Answer: A
Explanation: Shoulder surfing involves observing a user’s credentials or
information directly, a physical security breach.
**Question 9.** An Advanced Persistent Threat (APT) is characterized by:
A) Rapid, high‑volume attacks
B) Short‑term, opportunistic exploits
C) Long‑term, targeted intrusion with stealth
D) Use of ransomware only
Answer: C
Explanation: APTs involve persistent, stealthy intrusion aimed at specific
high‑value targets.
Credential Practice Exam
**Question 1.** Which of the following best describes the confidentiality
component of the CIA triad?
A) Ensuring data is accurate and unaltered
B) Ensuring data is available when needed
C) Preventing unauthorized disclosure of information
D) Verifying the identity of users
Answer: C
Explanation: Confidentiality protects information from being disclosed to
unauthorized individuals.
**Question 2.** In the context of information security, non‑repudiation is
primarily achieved through:
A) Strong password policies
B) Digital signatures
C) Firewalls
D) Intrusion detection systems
Answer: B
Explanation: Digital signatures provide proof that a specific entity performed an
action, preventing denial of that action.
**Question 3.** A vulnerability is best defined as:
A) An existing exploit in the wild
, CYBER SECURITY INFORMATION SECURITY Micro
Credential Practice Exam
B) A weakness that can be exploited by a threat
C) The intent to cause damage
D) A successful attack on a system
Answer: B
Explanation: A vulnerability is a flaw or weakness that can be leveraged by a
threat actor.
**Question 4.** Which type of malware disguises itself as a legitimate program
but performs malicious actions once executed?
A) Worm
B) Trojan horse
C) Rootkit
D) Logic bomb
Answer: B
Explanation: Trojans appear benign to users but contain hidden malicious
functionality.
**Question 5.** Ransomware primarily impacts which CIA component?
A) Confidentiality
B) Integrity
C) Availability
, CYBER SECURITY INFORMATION SECURITY Micro
Credential Practice Exam
D) Authentication
Answer: C
Explanation: Ransomware encrypts data, making it unavailable to legitimate users
until a ransom is paid.
**Question 6.** A Distributed Denial of Service (DDoS) attack differs from a DoS
attack because:
A) It targets multiple protocols simultaneously
B) It originates from multiple compromised hosts
C) It uses encryption to hide traffic
D) It exploits software vulnerabilities
Answer: B
Explanation: DDoS leverages many distributed sources to overwhelm a target,
unlike a single-source DoS.
**Question 7.** Which social engineering technique involves sending fraudulent
emails that appear to come from a trusted source?
A) Tailgating
B) Vishing
C) Phishing
D) Shoulder surfing
Answer: C
, CYBER SECURITY INFORMATION SECURITY Micro
Credential Practice Exam
Explanation: Phishing uses deceptive emails to trick recipients into revealing
credentials or installing malware.
**Question 8.** Shoulder surfing is an example of:
A) Physical attack
B) Network attack
C) Malware attack
D) Insider threat
Answer: A
Explanation: Shoulder surfing involves observing a user’s credentials or
information directly, a physical security breach.
**Question 9.** An Advanced Persistent Threat (APT) is characterized by:
A) Rapid, high‑volume attacks
B) Short‑term, opportunistic exploits
C) Long‑term, targeted intrusion with stealth
D) Use of ransomware only
Answer: C
Explanation: APTs involve persistent, stealthy intrusion aimed at specific
high‑value targets.
