1.

You are browsing a website to make an online purchase. Which indicator confirms
the connection is secure? (L2)
● A) The URL starts with "[Link]
● B) The website has a ".com" extension
● C) The website has a green background
● D) The URL starts with "[Link]
Answer: A
2.
You are using public WiFi in a coffee shop. Which of the following actions would
keep your browsing session secure? (L2)
● A) Use the open WiFi without any additional security
● B) Connect through a VPN
● C) Share personal information freely on social media
● D) Disable firewall on your device
Answer: B
3.
Which of the following is a secure method to protect your password? (L2)
● A) Writing it down in your notebook
● B) Using multi-factor authentication (MFA)
● C) Sharing it with your trusted colleagues
● D) Keeping a short and simple password
Answer: B
4.
A user receives an email asking for personal information and claims to be from their
bank. What type of threat is this? (L2)
● A) Phishing
● B) Malware
● C) Social engineering
● D) Spyware
Answer: A
5.
You're configuring a home WiFi network. Which security protocol should you select
for the highest security? (L1)
● A) WEP
● B) WPA
● C) WPA2
● D) Open WiFi
Answer: C
6.
You connect to a free WiFi network at an airport. What is the best practice to avoid
data theft? (L2)
● A) Disable all firewalls
● B) Use VPN for encryption
● C) Share files with others connected
● D) Use simple passwords for easy access
Answer: B
7.
What should you check to ensure that the email attachment you received is safe?
(L2)
● A) The sender’s address
● B) The file size
● C) The file extension
● D) The time of receiving the email
Answer: C
8.
If you suspect that your computer has been infected with malware, what is the first
step you should take? (L2)
● A) Restart the computer
● B) Disconnect from the internet
● C) Share the malware with a friend
● D) Format the hard drive
Answer: B
9.
A co-worker asks you to log in to a website to download a shared file. The URL starts
with “[Link] What should you do? (L1)
● A) Download the file immediately
● B) Ask for an https version of the link
● C) Ignore the request
● D) Disable firewall temporarily
Answer: B
10.
Which of the following is the most secure password? (L1)
● A) 12345
● B) Password1
● C) @lPh@Num123#
● D) yourname01
Answer: C
11.
You receive a warning that the SSL certificate of a website has expired. What should
you do before proceeding? (L2)
● A) Ignore the warning
● B) Update your browser
● C) Contact the website administrator
● D) Verify the security of the site’s SSL certificate
Answer: D
12.
You are working remotely and want to ensure a secure connection to your company's
network. Which method is most secure? (L1)
● A) Using any available public WiFi
● B) Using a VPN
● C) Using a guest account
● D) Disabling security protocols
Answer: B
13.
Which of the following tools can you use to securely transfer files between
computers over a network? (L1)
● A) FTP
● B) HTTP
● C) SSH
● D) Telnet
Answer: C
14.
Your organization asks you to manage multiple passwords securely. What’s the best
tool to use? (L1)
● A) A password management system
● B) A physical notebook
● C) Shared spreadsheets
● D) Browsers' built-in password managers
Answer: A
15.
If a user is regularly prompted to change their password but continues using simple
and common phrases, what risk does this behavior pose? (L2)
● A) No risk if changed frequently
● B) Increased risk of password cracking
● C) Minimal risk with multi-factor authentication
● D) Reduced vulnerability to malware
Answer: B
16.
Which of these represents a weak password choice? (L1)
● A) !@#F45rt&
● B) J0hn_1985
● C) Password123
● D) 3y$%R4ty
Answer: C
17.
A co-worker leaves their computer unlocked in a public space. What security principle
is at risk here? (L2)
● A) Availability
● B) Integrity
● C) Confidentiality
● D) Authentication
Answer: C
18.
What should you do if you receive an unsolicited email asking you to reset your
account password? (L2)
● A) Click the link immediately
● B) Call the sender to confirm
● C) Verify the email by logging into your account directly
● D) Share it with your IT department
Answer: C
19.
When setting up a new account, which option will provide you with the highest level
of account security? (L1)
 ● A) Using a simple password
● B) Using the same password across multiple accounts
● C) Enabling multi-factor authentication (MFA)
● D) Disabling encryption for easier access
Answer: C
20.
You notice multiple failed login attempts on your account. What could this indicate?
(L2)
● A) Routine maintenance
● B) A brute-force attack
● C) A network misconfiguration
● D) A software update
Answer: B

1.
You receive an email from what appears to be your company's IT department asking
you to verify your password by clicking a link. The email looks legitimate, but you're
unsure. What should you do next? (L2)
● A) Click the link to verify the request
● B) Reply to the email asking for more information
● C) Ignore the email entirely
● D) Contact the IT department through official channels to confirm the request
Answer: D

2.
You are working remotely from a cafe and need to access your company’s secure
servers. You connect to the free public WiFi. Which of the following is the best course
of action to protect your connection? (L2)
● A) Use a VPN before accessing any company data
● B) Rely on the browser’s “incognito mode” to protect your privacy
● C) Use the public WiFi without any additional security measures
● D) Disable your device’s firewall to improve connection speed
Answer: A

3.
Your colleague shares a file with you via email, and you are prompted to download it.
However, you notice that the file has an unusual extension that you are not familiar
with. What should you do before opening the file? (L2)
● A) Open the file immediately to check its content
● B) Verify the file’s extension and scan it with antivirus software
● C) Forward the file to another colleague for review
 ● D) Rename the file extension and then open it
Answer: B

4.
While attempting to log into a website, you notice that the browser displays a
"connection not secure" warning. The site is critical for your work, but you're unsure if
you should proceed. What should be your next step? (L2)
● A) Continue logging in, trusting that the site is usually secure
● B) Look for the SSL certificate details to verify if the site is safe
● C) Refresh the page and try again
● D) Use a different browser to bypass the error
Answer: B

5.
You’ve recently received several failed login attempt notifications for your personal
email account, even though you haven’t tried to log in. What should you do to protect
your account from a potential security breach? (L2)
● A) Do nothing, as the notifications may stop
● B) Change your password immediately and enable multi-factor
authentication (MFA)
● C) Close the email account entirely
● D) Log in again and try to reset your security questions
Answer: B

6.
Your friend asks for your WiFi password to browse the web. However, you’re aware
that they often visit suspicious websites. What should you do to protect your
network? (L2)
● A) Give them your password and hope for the best
● B) Set up a guest WiFi network for them to use
● C) Disable your WiFi temporarily to prevent access
● D) Monitor their browsing to make sure they avoid dangerous websites
Answer: B

7.
You have been asked to set up a new WiFi network for your office. Which encryption
method should you choose to ensure the highest level of security? (L1)
● A) WEP
● B) WPA
● C) WPA2
● D) Open WiFi with no encryption
Answer: C

8.
While reviewing your company’s security logs, you notice a large number of failed
login attempts from multiple locations. What is the most likely scenario? (L2)
● A) The system is under routine maintenance
● B) A brute-force attack is being attempted
 ● C) Users forgot their passwords
● D) There is a technical glitch in the system
Answer: B

9.
A website you frequently visit was recently hacked, and user information was
compromised. What should you do if you have an account on this website? (L2)
● A) Change your password for that website and any others that use the same
credentials
● B) Wait for the website to inform you of any necessary actions
● C) Stop using the website altogether
● D) Continue using the same password since you haven’t noticed any issues
Answer: A

10.
You are using a password manager to store your passwords. One of your co-workers
asks you to share a password for a joint project. What is the most secure way to
share it? (L2)
● A) Share the password over email
● B) Use the password manager’s secure sharing option
● C) Write it down and hand it to them
● D) Tell them verbally over the phone
Answer: B

11.
A suspicious pop-up window appears while you are browsing the internet, asking you
to install a “critical update” for your browser. How should you handle this situation?
(L2)
● A) Click on the pop-up to install the update
● B) Close the pop-up and check your browser’s official website for updates
● C) Ignore the pop-up and continue browsing
● D) Download the update from a third-party website
Answer: B

12.
Your IT department instructs you to enable two-factor authentication (2FA) for all
your online accounts. What is the primary benefit of this security measure? (L1)
● A) Faster login process
● B) Additional layer of security by requiring a second form of verification
● C) Automatic password generation
● D) It allows sharing your account with others safely
Answer: B

13.
You accidentally clicked on a phishing email link and entered your login credentials
before realizing it was a scam. What should you do immediately after realizing the
mistake? (L2)
● A) Wait to see if any unusual activity occurs
 ● B) Change your password and inform your IT department or service provider
● C) Delete the email and ignore it
● D) Block the sender and continue using the account
Answer: B

14.
You are tasked with managing sensitive customer data. What is the best practice to
ensure data security when transmitting this information over the network? (L2)
● A) Send the data via email without encryption
● B) Encrypt the data before transmission using secure protocols
● C) Use a shared folder with no password protection
● D) Upload the data to a public server
Answer: B

15.
A colleague accidentally left their computer unlocked in a shared workspace. What
potential security risk does this behavior pose? (L2)
● A) None, if the computer is in sleep mode
● B) Confidential information could be accessed by unauthorized individuals
● C) Only local files can be compromised, not networked files
● D) It is not a concern if the computer has antivirus software
Answer: B

1.
You are attending a meeting and need to project your laptop screen wirelessly to a
display in the room. The WiFi network available is unsecured (no password required).
What should you do before connecting? (L2)
● A) Connect immediately and begin projecting
● B) Use a VPN before connecting to the unsecured WiFi
● C) Disable your firewall to allow better connectivity
● D) Ignore the connection and only use a wired connection
Answer: B

2.
You receive an email from a service you use, asking you to update your billing
information. The email contains a link to what appears to be the service's website.
What should you do to verify if this is a phishing attempt? (L2)
● A) Click the link and check the site for signs of phishing
● B) Reply to the email to ask if it is legitimate
● C) Open the official website in a separate browser window and log in directly
● D) Forward the email to your IT department and delete it
Answer: C
3.
A colleague informs you that their laptop was stolen at a conference. They had
stored sensitive company data on the device but did not encrypt the hard drive. What
security risk does this pose? (L2)
● A) The device is locked, so there’s no risk
● B) The data is at risk of being accessed by the thief
● C) No risk, as long as a password was required to log in
● D) The device will automatically wipe the data
Answer: B

4.
While working on a shared project, you need to send a large file containing
confidential information to a colleague. What is the best way to securely transfer the
file? (L2)
● A) Attach it to an email without any special precautions
● B) Upload it to a cloud service with password protection and encryption
● C) Use a public file-sharing website
● D) Share the file over an unsecured WiFi connection
Answer: B

5.
Your company has just implemented a new policy requiring all employees to change
their passwords every 30 days. You notice that a colleague is using a variation of the
same simple password each time (e.g., Password1, Password2). What is the primary
security risk of this behavior? (L2)
● A) Increased vulnerability to phishing attacks
● B) The passwords are easy to guess and may be cracked by brute-force
attacks
● C) Passwords are difficult to remember, leading to more password resets
● D) There is no significant security risk if passwords are changed regularly
Answer: B

6.
You are setting up a network in a small office environment. To ensure data security,
which network topology would provide the most resilience and minimize the chance
of a single point of failure? (L1)
● A) Bus topology
● B) Ring topology
● C) Star topology
● D) Mesh topology
Answer: D

7.
Your personal laptop prompts you to install a system update. However, you are
currently working on a time-sensitive project and are worried the update will take too
long. What is the best course of action? (L2)
● A) Postpone the update indefinitely
● B) Proceed with the update after ensuring your files are backed up
 ● C) Install the update immediately without checking its details
● D) Disconnect from the internet to avoid further update prompts
Answer: B

8.
You receive an urgent phone call from someone claiming to be from your bank,
requesting that you confirm your account details due to suspicious activity. What
should you do? (L2)
● A) Provide the requested information to prevent any unauthorized activity
● B) Hang up and call the bank using the official contact number to verify the
claim
● C) Ignore the call, assuming it is a mistake
● D) Ask for their employee ID and continue with the call
Answer: B

9.
A colleague is accessing sensitive company information using an outdated browser.
What is the potential risk of this action? (L2)
● A) Slower internet speeds
● B) The browser may not display all content properly
● C) Vulnerabilities in the browser could be exploited by attackers
● D) The browser might not support the latest websites
Answer: C

10.
Your company uses email as the primary form of communication with clients.
Recently, several employees received suspicious emails that appear to be from
clients, asking for sensitive information. What security measure should be
implemented to reduce the risk of these phishing attacks? (L2)
● A) Block all external emails
● B) Set up email filtering and train employees on recognizing phishing
attempts
● C) Disable the company email system temporarily
● D) Send out a memo warning clients not to send any emails
Answer: B