Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

Cybersecurity Fundamentals Exam Practice Questions And Correct Answers (Verified Answers) Plus Rationale 2026 Q&A

Rating
-
Sold
-
Pages
34
Grade
A+
Uploaded on
23-06-2026
Written in
2025/2026

Cybersecurity Fundamentals Exam Practice Questions And Correct Answers (Verified Answers) Plus Rationale 2026 Q&A

Institution
Cybersecurity Fundamentals
Course
Cybersecurity Fundamentals

Content preview

Cybersecurity Fundamentals Exam Practice
Questions And Correct Answers (Verified Answers)
Plus Rationale 2026 Q&A


SECTION 1: CORE SECURITY CONCEPTS & CIA TRIAD
1. What does the "C" in the CIA triad stand for?
A) Confidentiality
B) Compliance
C) Control
D) Certificate
Correct Answer: A | Rationale: The CIA triad is the foundation of information
security: Confidentiality (ensuring data is accessible only to authorized users),
Integrity (ensuring data is accurate and unaltered), and Availability (ensuring data
is accessible when needed).
2. Which CIA principle is violated when an attacker modifies a bank transaction
amount?
A) Confidentiality
B) Integrity
C) Availability
D) Authentication
Correct Answer: B | Rationale: Integrity ensures that data has not been tampered
with or altered. Modifying a transaction amount violates integrity. Confidentiality
(A) is about unauthorized access; Availability (C) is about accessibility.
3. A Distributed Denial of Service (DDoS) attack primarily threatens which CIA
principle?
A) Confidentiality
B) Integrity

,C) Availability
D) Authentication
Correct Answer: C | Rationale: A DDoS attack overwhelms a system with traffic,
making it unavailable to legitimate users. This directly violates Availability.
Confidentiality and Integrity are not directly affected by DDoS.
4. Encryption is primarily used to protect which CIA principle?
A) Confidentiality
B) Integrity
C) Availability
D) Authentication
Correct Answer: A | Rationale: Encryption transforms plaintext into ciphertext,
ensuring that only authorized parties with the correct key can read the data. This
protects Confidentiality. Hashing (not encryption) is used for Integrity.
5. What is the difference between a vulnerability and a threat?
A) A vulnerability is a potential danger; a threat is a weakness
B) A vulnerability is a weakness; a threat is a potential danger
C) They are the same thing
D) A vulnerability is a patch; a threat is a virus
Correct Answer: B | Rationale: A vulnerability is a weakness in a system (e.g.,
unpatched software, misconfiguration). A threat is a potential danger that could
exploit that vulnerability (e.g., a hacker, malware).
6. What is a risk in cybersecurity?
A) A weakness in a system
B) A potential danger
C) The likelihood of a threat exploiting a vulnerability and the resulting impact
D) A security control
Correct Answer: C | Rationale: Risk is the potential for loss or damage when a
threat exploits a vulnerability. It is calculated as: Risk = Threat × Vulnerability ×
Impact. It's not just the threat or vulnerability alone.

,7. What is an exploit?
A) A weakness in a system
B) A piece of software or code that takes advantage of a vulnerability
C) A security control
D) A type of firewall
Correct Answer: B | Rationale: An exploit is a specific piece of code, method, or
technique that takes advantage of a vulnerability to gain unauthorized access,
execute code, or cause harm. The vulnerability is the weakness (A).
8. What is the difference between a threat actor and an adversary?
A) They are the same thing
B) A threat actor is an individual/group; an adversary is an attack method
C) A threat actor is an attack; an adversary is a vulnerability
D) A threat actor is a system; an adversary is a network
Correct Answer: A | Rationale: Threat actor and adversary are often used
interchangeably. Both refer to an individual, group, or entity that carries out
malicious actions against systems, networks, or organizations.
9. What is defense-in-depth?
A) A single layer of security
B) Multiple layers of security controls to protect data and systems
C) A type of encryption
D) A type of firewall
Correct Answer: B | Rationale: Defense-in-depth is a cybersecurity strategy that
uses multiple, overlapping layers of security controls (e.g., firewalls, IDS,
encryption, access controls, training) so that if one layer fails, others still provide
protection.
10. What is the principle of least privilege?
A) Granting users all permissions they request
B) Granting users the minimum permissions necessary to perform their job
functions

, C) Granting users no permissions at all
D) Granting users permission based on their seniority
Correct Answer: B | Rationale: The principle of least privilege states that users
should be given only the minimum access rights required to perform their tasks.
This reduces the attack surface and limits the damage from compromised
accounts.
11. What is zero trust security?
A) A security model that assumes everything is trusted
B) A security model that does not trust anything by default, requiring continuous
verification
C) A type of antivirus software
D) A firewall configuration
Correct Answer: B | Rationale: Zero trust is a security framework that assumes no
user, device, or network is inherently trusted. It requires continuous
authentication, authorization, and validation for every access request, regardless
of location.
12. What is the difference between authentication and authorization?
A) Authentication verifies identity; authorization determines what a user can do
B) Authorization verifies identity; authentication determines what a user can do
C) They are the same thing
D) Authentication is for users; authorization is for systems
Correct Answer: A | Rationale: Authentication is the process of verifying who a
user is (e.g., using a password, biometrics). Authorization is the process of
determining what an authenticated user is allowed to do (e.g., read, write, delete).
13. Which of the following is an example of "something you are" in multi-factor
authentication?
A) Password
B) Smart card
C) Fingerprint
D) One-time PIN (OTP)

Written for

Institution
Cybersecurity Fundamentals
Course
Cybersecurity Fundamentals

Document information

Uploaded on
June 23, 2026
Number of pages
34
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$23.79
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF

Get to know the seller
Seller avatar
docwillowivy

Get to know the seller

Seller avatar
docwillowivy Walden University
View profile
Follow You need to be logged in order to follow users or courses
Sold
7
Member since
8 months
Number of followers
1
Documents
1667
Last sold
4 days ago
Smart Study Hub

Reach your academic goals with professionally crafted, high-quality educational materials designed to help you study efficiently and achieve success faster. In my Stuvia store, you’ll find a wide range of study guides, summaries, past exams, solved questions, and revision notes — all written to be clear, accurate, and easy to follow. Each resource is well-organized and based on trusted textbooks, lectures, and verified coursework, ensuring you always receive dependable and valuable content. These materials are perfect for exam preparation, coursework enhancement, and quick revision, helping you master complex topics, save study time, and improve your grades with confidence. Whether you’re a college student, lifelong learner, or preparing for certification exams, you’ll discover the right tools to make your studying more effective and enjoyable. I specialize in creating concise, time-saving notes that simplify challenging concepts without leaving out key information — empowering you to learn faster and perform better in exams. Trusted by students worldwide, all resources are available for instant download, giving you immediate access to premium study materials whenever you need them. Invest in your academic success today — study smarter, stay organized, and reach your goals with professional, accurate, and easy-to-understand learning resources designed to support your educational journey.

Read more Read less
0.0

0 reviews

5
0
4
0
3
0
2
0
1
0

Recently viewed by you

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions