Members
About LLPA
Vendors
Events
Digital Skills Cup
AI Credentials

IT Security - Digital Skill Cup 2026

Digital Skills Cup 2026

Welcome to the Digital Skills Cup for IT Security

Once you register with your name and email, the quiz starts immediately.
You have 5 minutes to complete the quiz.
No pauses. No switching between windows, no copy-pasting.
Scoring is based on the number of correct answers and the lower time to complete the quiz, in case of a tie.
Use a valid email address and your real name for registration.
You have 1 attempt.
Good luck :)

First Name

Last Name

Email

Country

I agree with the Terms and Conditions and Privacy statement

Time Remaining:

Digital Skill Cup 2026 - IT Security All

1 / 20

Question 1

What is a “Brute-Force Attack”?

A physical attack on the data center

Automated trial of all possible password combinations

Intercepting Wi-Fi signals

Sending spam emails

Question 2

Which of the following passwords is complex?

Pa$$w0rd

pass123

$pa.ssw*ord_

Password1

Question 3

Which AWS product is a frontier agent that proactively secures your applications throughout the development lifecycle across all your environments?

AWS Security Agent

AWS Security Hub

AWS Control Tower

Question 4

Which tool in Microsoft Azure helps monitor security configurations and provides recommendations to protect cloud resources?

Azure Monitor

Microsoft Defender for Cloud

Azure DevOps

Microsoft Word Online

Question 5

Which well-known framework is used for exploiting vulnerabilities?

EXPLOFRAME

FRAMEFOREX

METASPLOIT

Question 6

Which cryptographic method is based on the difficulty of computing discrete logarithms in finite fields?

RSA

AES-256

Diffie-Hellman

SHA-3

Question 7

The protocol QUIC standardized in RFC 9000 establishes connections faster and it is inherently secure as it mandates TLS 1.3, which underlying transport layer protocol does QUIC use?

UDP

TCP

SMB

Question 8

In Azure, which service provides centralized security posture management and threat protection?

Azure Monitor

Microsoft Defender for Cloud

Azure Firewall

Azure Sentinel

Question 9

Which of the following is a common method used by attackers to exploit weak or default credentials?

Distributed Denial of Service (DDoS)

Cross-site scripting (XSS)

Brute force attacks

SQL injection

Question 10

Which Azure feature allows secure storage and management of secrets, keys, and certificates?

Azure Blob Storage

Azure Key Vault

Azure App Service

Azure Virtual Network

Question 11

What type of attack involves tricking users into revealing sensitive information?

Phishing

Brute force

Man-in-the-middle

DDoS

Question 12

What is a “Zero-Day Exploit”?

A vulnerability unknown to the software vendor and without an available patch

A virus that deletes itself after 24 hours

An attack that occurs exactly at midnight

A data compression method

Question 13

In Microsoft Entra ID, which feature helps enforce MFA only when risk is detected (e.g., unfamiliar sign-in, leaked credentials)?

Privileged Identity Management (PIM)

Conditional Access (with risk-based policies)

Access Reviews

Entitlement Management

Question 14

The private communication of individuals and organizations is protected online by cryptography. Existing public-key cryptography (also known as asymmetric cryptography) is based on the difficulty of factoring and the difficulty of calculating elliptic curve discrete logarithms. It is expected that in the near furture these two problems will be readily and efficiently solved by what type of computing power?

Quantum

Agentic AI

Artificial superintelligence (ASI)

Question 15

In AWS IAM, which practices reduce the risk of privilege escalation?

Avoiding wildcard permissions in policies

Enforcing MFA on privileged roles

Using long-lived access keys for automation

Regularly reviewing and pruning unused roles

Question 16

Which approach is generally recommended for modern web APIs that need to authenticate third party clients?

Sending user credentials with each request over HTTPS, assuming transport encryption alone sufficiently mitigates credential exposure risks

Using Oauth 2.0/OpenID Connect with short lived access tokens

Using API keys hard coded in client applications

Restricting API access solely through IP whitelisting while avoiding token-based mechanisms due to perceived implementation complexity

Question 17

What is the primary purpose of a Security Information and Event Management (SIEM) system?

Prevent unauthorized access

Monitor and analyze security events

Encrypt sensitive data

Patch vulnerabilities

Question 18

What type of malware encrypts files and demands payment to restore access?

Spyware

Worm

Ransomware

Trojan

Question 19

What does Zero Trust security assume?

Internal networks are trusted

Continuous verification is required

Least privilege access

Perimeter security is sufficient

Question 20

When designing a zero-trust network architecture, which principles are fundamental?

Implicit trust based on network location

Continuous verification of identity and device posture

Least-privilege access enforcement

Microsegmentation of resources

Quiz Results

Good job! Thank you for participating in the Digital Skills Cup 2026! We have sent you the quiz results by email.

Leading Learning Partners Association

The Base B
Evert van de Beekstraat 1-104
1118 CL Schiphol, Amsterdam
The Netherlands

info@thellpa.com
LinkedIn

Terms of Service
Privacy Policy

Manage cookie preferences