Certification Exam: Cybersecurity & Ransomware

Question 1 of 10

What is "Polymorphic" malware?

A) Malware that rewrites its own code to bypass signature-based detection B) Malware that is easily deleted C) Malware that only targets phones D) Malware that comes from a USB drive

Question 2 of 10

Why are "Passkeys" more secure than traditional passwords?

A) They are longer B) They are easier to remember C) They use local biometrics and are mathematically immune to phishing D) They are stored on a public server

Question 3 of 10

What is "Quishing"?

A) Phishing via malicious QR codes B) Phishing via physical mail C) Phishing via phone call D) A type of network virus

Question 4 of 10

What is an "MFA Fatigue" attack?

A) Using too many different MFA apps B) When the MFA server crashes C) When the user is tired of passwords D) Spamming a user with MFA prompts until they accidentally or out of frustration click "Approve"

Question 5 of 10

What is the best defense against a Deepfake Voice Clone of your CEO?

A) Asking for an email confirmation B) Hanging up immediately C) Using a "Shared Secret" or verbal challenge-response protocol D) Trusting the caller ID

Question 6 of 10

Which part of the NIST 2.0 framework was added in 2026 to emphasize leadership responsibility?

A) Govern B) Identify C) Recover D) Protect

Question 7 of 10

What is the "Principle of Least Privilege" (PoLP)?

A) Only hiring people with low clearance B) A type of password policy C) Giving everyone admin access D) Providing only the minimum access required for a person to do their job

Question 8 of 10

What should you do if you receive an unexpected MFA push notification?

A) Approve it to clear the screen B) Ignore it and go back to work C) Call the bank D) Deny the request and immediately report it to IT as a potential compromise

Question 9 of 10

What is "Zero Trust Architecture"?

A) A network that never fails B) Only trusting managers C) A network with no security D) The assumption that the threat is already inside; "Never Trust, Always Verify"

Question 10 of 10

How has AI changed phishing in 2026?

A) It allows for hyper-personalized "spear-phishing" that mimics colleague tone perfectly B) It only targets personal emails C) It has completely stopped phishing D) It made phishing easier to spot due to typos