Members
About LLPA
Vendors
Events
Digital Skills Cup
AI Credentials

IT Security - Digital Skill Cup 2026

Digital Skills Cup 2026

Welcome to the Digital Skills Cup for IT Security

Once you register with your name and email, the quiz starts immediately.
You have 5 minutes to complete the quiz.
No pauses. No switching between windows, no copy-pasting.
Scoring is based on the number of correct answers and the lower time to complete the quiz, in case of a tie.
Use a valid email address and your real name for registration.
You have 1 attempt.
Good luck :)

First Name

Last Name

Email

Country

I agree with the Terms and Conditions and Privacy statement

Time Remaining:

Digital Skill Cup 2026 - IT Security All

1 / 20

Question 1

Which of the following session cookie names is the most secure?

__My-SID

__Private-JSESSIONID

__Host-SESSIONID

__Secure-SESSIONID

Question 2

What is the primary purpose of a Security Information and Event Management (SIEM) system?

Prevent unauthorized access

Monitor and analyze security events

Encrypt sensitive data

Patch vulnerabilities

Question 3

Which practices together best illustrate a defense in depth approach for a web application?

Deploying a next-generation firewall at the network perimeter, enforcing strong password policies for all users, and performing annual penetration testing focused only on external threats

Using endpoint antivirus software combined with regular system patching and centralized authentication, while assuming that internal network traffic is inherently trusted

Encrypting backups but allowing broad admin access in productIon

Combining network segmentation, least privilege access, endpoint protection and application input validation

Question 4

In AWS IAM, which practices reduce the risk of privilege escalation?

Avoiding wildcard permissions in policies

Enforcing MFA on privileged roles

Using long-lived access keys for automation

Regularly reviewing and pruning unused roles

Question 5

What is Multi-Factor Authentication (MFA)?

Using multiple passwords at the same time

Logging in from multiple devices

Authentication using two or more verification factors

A type of encryption algorithm

Question 6

In Azure, which service provides centralized security posture management and threat protection?

Azure Monitor

Microsoft Defender for Cloud

Azure Firewall

Azure Sentinel

Question 7

Which approach is generally recommended for modern web APIs that need to authenticate third party clients?

Sending user credentials with each request over HTTPS, assuming transport encryption alone sufficiently mitigates credential exposure risks

Using Oauth 2.0/OpenID Connect with short lived access tokens

Using API keys hard coded in client applications

Restricting API access solely through IP whitelisting while avoiding token-based mechanisms due to perceived implementation complexity

Question 8

Which Azure service is primarily used to manage identities and access to cloud resources?

Azure Key Vault

Microsoft Entra ID (Azure Active Directory)

Azure Monitor

Azure Backup

Question 9

A cyber-criminal or penetration tester uses the additional data that stores certain special instructions in the memory for activities to break the system in which of the following attack?

Clickjacking

Buffer-overflow

Phishing

MiTM

Question 10

Which algorithms use the EAPOL handshake?

WEP

WPA

WPA2

WPA3

Question 11

In Microsoft Entra ID, which feature helps enforce MFA only when risk is detected (e.g., unfamiliar sign-in, leaked credentials)?

Privileged Identity Management (PIM)

Conditional Access (with risk-based policies)

Access Reviews

Entitlement Management

Question 12

Which AWS service is specifically designed to help you monitor and manage security and compliance across your AWS infrastructure?

Amazon Soldier

AWS Config

AWS Lambda

Amazon GuardDuty

Question 13

Which control helps prevent unauthorized access after employee termination?

Patch management

Account deprovisioning

Firewall rules

Load balancing

Question 14

What are effective controls for reducing the impact of ransomware in enterprise environments?

Immutable or write-once backups

Network segmentation

Endpoint detection and response (EDR)

Disabling user account control (UAC)

Question 15

You need to ensure Azure Storage accounts are not publicly accessible over the internet. Which control best enforces this at scale?

Azure RBAC role assignments

Azure Bastion

Azure Policy (deny public network access / enforce private endpoints)

Azure Monitor alerts

Question 16

Which tool in Microsoft Azure helps monitor security configurations and provides recommendations to protect cloud resources?

Azure Monitor

Microsoft Defender for Cloud

Azure DevOps

Microsoft Word Online

Question 17

Which Azure feature allows secure storage and management of secrets, keys, and certificates?

Azure Blob Storage

Azure Key Vault

Azure App Service

Azure Virtual Network

Question 18

Which Microsoft solution helps protect identities by detecting risky sign-ins?

Microsoft Defender for Endpoint

Microsoft Entra ID Identity Protection

Microsoft Purview

Microsoft Sentinel

Question 19

What is the primary purpose of a firewall?

To store backup data

To monitor employee productivity

To control incoming and outgoing network traffic

To encrypt hard drives

Question 20

Which Azure service provides centralized security posture management and threat protection recommendations across Azure resources?

Azure Policy

Azure Monitor

Azure Advisor

Microsoft Defender for Cloud

Quiz Results

Good job! Thank you for participating in the Digital Skills Cup 2026! We have sent you the quiz results by email.

Leading Learning Partners Association

The Base B
Evert van de Beekstraat 1-104
1118 CL Schiphol, Amsterdam
The Netherlands

info@thellpa.com
LinkedIn

Terms of Service
Privacy Policy

Manage cookie preferences