Members
About LLPA
Vendors
Events
Digital Skills Cup
Cyber Security Day

IT Security - Digital Skill Cup 2026

Digital Skills Cup 2026

Welcome to the Digital Skills Cup for IT Security

Once you register with your name and email, the quiz starts immediately.
You have 5 minutes to complete the quiz.
No pauses. No switching between windows, no copy-pasting.
Scoring is based on the number of correct answers and the lower time to complete the quiz, in case of a tie.
Use a valid email address and your real name for registration.
You have 1 attempt.
Good luck :)

First Name

Last Name

Email

Country

I agree with the Terms and Conditions and Privacy statement

Time Remaining:

Digital Skill Cup 2026 - IT Security All

1 / 20

Question 1

What is the most secure way to allow an Azure VM to access an Azure Key Vault secret without storing credentials on the VM?

Use Managed Identity for Azure resources

Store the secret in the VM’s environment variables

Use a Shared Access Signature (SAS) token

Embed the secret in the application config file

Question 2

Threat management is a process that is used by cybersecurity professionals to prevent cyberattacks, detect cyberthreats and respond to security incidents. Many modern threat management systems use frameworks that provide comprehensive guidance to improve information security and cybersecurity risk management for private sector organizations. Which Framework is plublished by the NIST and consists of guides, standards, best practices and five core functions, namely to identify, protect, detect, respond and recover?

NIS2

GDPR

Cybersecurity Framework (CSF) 2.0

DORA

Question 3

Which of the following represents a social engineering attack?

SQL Injection

Phishing

Man-in-the-Middle

DoS

Question 4

In Azure networking, which service helps protect web applications from common exploits like SQL injection and XSS at Layer 7?

Network Security Group (NSG)

Azure DDoS Protection Standard

Azure Web Application Firewall (WAF)

Azure Firewall Manager

Question 5

Which actions most effectively reduce the risk of successful phishing attacks against employees?

Relying primarily on advanced spam filters provided by the email service provider and assuming that automated detection alone is sufficient to stop most phishing campaigns

Regular security awareness training, simulated phishing campaigns and MFA on critical systems

Blocking all external email attachments by default and allowing only predefined file types, without addressing user behavior or authentication mechanisms

Publishing internal email addresses publicly to show transparency

Question 6

Which indicators most strongly suggest a system has been compromised by a rootkit?

Kernel-level API hooking

Discrepancies between user-space and kernel-space process listings

Increased CPU usage during peak hours

Unexpected modifications to boot loaders

Question 7

Which technology is used to segment networks and increase security?

VLAN

DNS

DHCP

NAT

Question 8

A firewall is used to control incoming and outgoing network traffic based on predefined security rules.

Yes

No

Question 9

In AWS, which service is used to detect malicious activity and unauthorized behavior?

AWS Shield

AWS GuardDuty

AWS WAF

AWS CloudTrail

Question 10

Which are examples of applying the principle of least privilege to human service identities?

Assigning broad administrative roles to all IT staff to avoid operational delays, assuming internal trust and audit logs sufficiently mitigate misuse risks

Granting developers permanent write access to production systems to simplify deployment and troubleshooting processes

Allowing developers full production DB admin rights permanently

Granting only the permissions required for tasks and reviewing roles regularly for removal of excess access

Question 11

You need to ensure Azure Storage accounts are not publicly accessible over the internet. Which control best enforces this at scale?

Azure RBAC role assignments

Azure Bastion

Azure Policy (deny public network access / enforce private endpoints)

Azure Monitor alerts

Question 12

Which Microsoft tool helps protect endpoints against malware and advanced threats?

Microsoft Excel

Microsoft Defender for Endpoint

Microsoft OneDrive

Microsoft SharePoint

Question 13

Which European Union Regulation is the toughest privacy and security law in the world and imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU?

NIS2

GDPR

Cybersecurity Framework (CSF) 2.0

DORA

Question 14

Which Azure service is primarily used to manage identities and access to cloud resources?

Azure Key Vault

Microsoft Entra ID (Azure Active Directory)

Azure Monitor

Azure Backup

Question 15

What is the main goal of phishing?

To increase internet speed

To update the operating system

To steal sensitive data such as passwords or credit card information

To clear the RAM

Question 16

In Amazon Web Services, which service detects threats and anomalies?

AWS GuardDuty

AWS WAF

AWS Shield

AWS IAM

Question 17

Which attack involves overwhelming a system with traffic to make it unavailable?

Phishing

Man-in-the-middle

SQL Injection

Denial of Service (DoS)

Question 18

In AWS, what is the main security benefit of using Security Groups?

They encrypt data at rest

They act as virtual firewalls for instances

They manage DNS records

They provide user authentication

Question 19

What is the purpose of the concept of “defense in depth”?

Reduce security costs

Implement multiple layers of security to protect assets

Ensure that only one control is sufficient

Avoid redundancy in systems

Question 20

In public key infrastructure (PKI), which factors most directly impact the trustworthiness of a digital certificate?

The strength of the hashing algorithm used in the signature

The certificate authority’s root trust status

The key length of the subject’s public key

The geographic location of the certificate authority

Quiz Results

Good job! Thank you for participating in the Digital Skills Cup 2026! We have sent you the quiz results by email.

Leading Learning Partners Association

The Base B
Evert van de Beekstraat 1-104
1118 CL Schiphol, Amsterdam
The Netherlands

info@thellpa.com
LinkedIn

Terms of Service
Privacy Policy

Manage cookie preferences