Members
About LLPA
Vendors
Events
Digital Skills Cup
Cyber Security Day

IT Security - Digital Skill Cup 2026

Digital Skills Cup 2026

Welcome to the Digital Skills Cup for IT Security

Once you register with your name and email, the quiz starts immediately.
You have 5 minutes to complete the quiz.
No pauses. No switching between windows, no copy-pasting.
Scoring is based on the number of correct answers and the lower time to complete the quiz, in case of a tie.
Use a valid email address and your real name for registration.
You have 1 attempt.
Good luck :)

First Name

Last Name

Email

Country

I agree with the Terms and Conditions and Privacy statement

Time Remaining:

Digital Skill Cup 2026 - IT Security All

1 / 20

Question 1

What is the primary purpose of Multi-Factor Authentication (MFA)?

Encrypt data at rest

Provide an additional layer of user verification

Improve application performance

Monitor network traffic

Question 2

Which actions most effectively reduce the risk of successful phishing attacks against employees?

Relying primarily on advanced spam filters provided by the email service provider and assuming that automated detection alone is sufficient to stop most phishing campaigns

Regular security awareness training, simulated phishing campaigns and MFA on critical systems

Blocking all external email attachments by default and allowing only predefined file types, without addressing user behavior or authentication mechanisms

Publishing internal email addresses publicly to show transparency

Question 3

What is the principle of least privilege?

Users have admin access

Users receive only required permissions

Permissions never change

All access is logged

Question 4

You need to ensure Azure Storage accounts are not publicly accessible over the internet. Which control best enforces this at scale?

Azure RBAC role assignments

Azure Bastion

Azure Policy (deny public network access / enforce private endpoints)

Azure Monitor alerts

Question 5

What is the primary purpose of a Security Information and Event Management (SIEM) system?

Prevent unauthorized access

Monitor and analyze security events

Encrypt sensitive data

Patch vulnerabilities

Question 6

Which practices together best illustrate a defense in depth approach for a web application?

Deploying a next-generation firewall at the network perimeter, enforcing strong password policies for all users, and performing annual penetration testing focused only on external threats

Using endpoint antivirus software combined with regular system patching and centralized authentication, while assuming that internal network traffic is inherently trusted

Encrypting backups but allowing broad admin access in productIon

Combining network segmentation, least privilege access, endpoint protection and application input validation

Question 7

Which AWS service detects suspicious activity using machine learning?

AWS CloudTrail

Amazon GuardDuty

AWS Config

Amazon Macie

Question 8

Which Azure service provides centralized identity and access management?

Azure Firewall

Azure Monitor

Microsoft Entra ID (Azure AD)

Azure Sentinel

Question 9

What is the main goal of phishing?

To increase internet speed

To update the operating system

To steal sensitive data such as passwords or credit card information

To clear the RAM

Question 10

Which approach is generally recommended for modern web APIs that need to authenticate third party clients?

Sending user credentials with each request over HTTPS, assuming transport encryption alone sufficiently mitigates credential exposure risks

Using Oauth 2.0/OpenID Connect with short lived access tokens

Using API keys hard coded in client applications

Restricting API access solely through IP whitelisting while avoiding token-based mechanisms due to perceived implementation complexity

Question 11

Which characteristics distinguish a secure software supply chain?

Signed and verified build artifacts

Dependency vulnerability scanning

Manual code reviews only at release time

Reproducible builds

Question 12

Which Microsoft solution helps protect identities by detecting risky sign-ins?

Microsoft Defender for Endpoint

Microsoft Entra ID Identity Protection

Microsoft Purview

Microsoft Sentinel

Question 13

Which command can be used to compute the NTLM hash of the password "Pa$$word" in a Linux shell?

echo -n Pa$$word | openssl MD4

echo Pa$$word | iconv -t utf16be | openssl MD5

echo -n 'Pa$$word' | iconv -t utf16le | openssl MD4

echo -n 'Pa$$word' | iconv -t utf8be | openssl MD5

Question 14

Which European Union Regulation is the toughest privacy and security law in the world and imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU?

NIS2

GDPR

Cybersecurity Framework (CSF) 2.0

DORA

Question 15

Which type of malware disguises itself as legitimate software?

Worm

Trojan

Rootkit

Spyware

Question 16

Which of the following is not a type of peer-to-peer cyber-crime?

Phishing

Injecting Trojans to a target victim

MiTM

Credit card details leak in deep web

Question 17

Which AWS service is primarily used to manage user access and permissions for AWS resources?

AWS S3

AWS Lambda

AWS IAM (Identity and Access Management)

AWS EC2

Question 18

Which Azure service helps detect and respond to security threats across hybrid environments?

Azure DevOps

Microsoft Defender for Cloud

Azure Data Factory

Azure Logic Apps

Question 19

A firewall is used to control incoming and outgoing network traffic based on predefined security rules.

Yes

No

Question 20

Which AWS service provides centralized logging of API calls for auditing and compliance?

Amazon CloudWatch

AWS Config

AWS CloudTrail

AWS Inspector

Quiz Results

Good job! Thank you for participating in the Digital Skills Cup 2026! We have sent you the quiz results by email.

Leading Learning Partners Association

The Base B
Evert van de Beekstraat 1-104
1118 CL Schiphol, Amsterdam
The Netherlands

info@thellpa.com
LinkedIn

Terms of Service
Privacy Policy

Manage cookie preferences