Members
About LLPA
Vendors
Events
Digital Skills Cup
AI Festival

IT Security - Digital Skill Cup 2026

Digital Skills Cup 2026

Welcome to the Digital Skills Cup for IT Security

Once you register with your name and email, the quiz starts immediately.
You have 5 minutes to complete the quiz.
No pauses. No switching between windows, no copy-pasting.
Scoring is based on the number of correct answers and the lower time to complete the quiz, in case of a tie.
Use a valid email address and your real name for registration.
You have 1 attempt.
Good luck :)

First Name

Last Name

Email

Country

I agree with the Terms and Conditions and Privacy statement

Time Remaining:

Digital Skill Cup 2026 - IT Security All

1 / 20

Question 1

A difference between QUIC and transport protocols such as TCP and UDP is that it has stream multiplexing built-in on the transport layer. This allows having multiple, concurrent, independent data streams that don't affect each other. MsQuic is shipped in-box in the Windows kernel in the form of the msquic.sys driver, to support built-in HTTP and SMB features. MsQuic is made generally available with the release of which Windows Server version?

Windows Server 2019

Windows Server 2022

Windows Server 2025

Question 2

What is the main purpose of Multi-Factor Authentication (MFA)?

Encrypting network traffic

Adding an extra layer of identity verification

Backing up user data

Monitoring application performance

Question 3

What is the primary purpose of Multi-Factor Authentication (MFA)?

Encrypt data at rest

Provide an additional layer of user verification

Improve application performance

Monitor network traffic

Question 4

Which Microsoft service is primarily used for Cloud Access Security Broker (CASB) capabilities (app discovery, session control, SaaS governance)?

Microsoft Defender for Cloud Apps

Microsoft Sentinel

Microsoft Purview

Microsoft Intune

Question 5

In Google Cloud, what is the preferred way to grant a VM access to other GCP services securely without managing long-lived keys?

Create and download a service account key file to the VM

Use Workload Identity Federation only

Use an attached Service Account with appropriate IAM roles (using metadata server)

Use a shared password stored in Secret Manager without IAM bindings

Question 6

Which Microsoft service provides cloud-native SIEM capabilities?

Azure Sentinel

Azure Key Vault

Azure AD

Azure Firewall

Question 7

Which control helps prevent unauthorized access after employee termination?

Patch management

Account deprovisioning

Firewall rules

Load balancing

Question 8

In Amazon Web Services, which service detects threats and anomalies?

AWS GuardDuty

AWS WAF

AWS Shield

AWS IAM

Question 9

A firewall is used to control incoming and outgoing network traffic based on predefined security rules.

Yes

No

Question 10

What does Zero Trust security assume?

Internal networks are trusted

Continuous verification is required

Least privilege access

Perimeter security is sufficient

Question 11

Which attack involves overwhelming a system with traffic to make it unavailable?

Phishing

Man-in-the-middle

SQL Injection

Denial of Service (DoS)

Question 12

Which flags should protect a session cookie?

httpOnly

secure

readonly

sameSite

Question 13

Which Azure service is a cloud-native SIEM and SOAR solution?

Azure Monitor

Microsoft Defender XDR

Microsoft Sentinel

Azure Policy

Question 14

Which European Union Directive establishes a unified legal framework to uphold cybersecurity in 18 critical sectors across the EU among others energy, transport, healthcare, finance, water management, digital infrastructure public electronic communications, critical product manufacturing and the space sector?

NIS2

GDPR

Cybersecurity Framework (CSF) 2.0

DORA

Question 15

Which actions most effectively reduce the risk of successful phishing attacks against employees?

Relying primarily on advanced spam filters provided by the email service provider and assuming that automated detection alone is sufficient to stop most phishing campaigns

Regular security awareness training, simulated phishing campaigns and MFA on critical systems

Blocking all external email attachments by default and allowing only predefined file types, without addressing user behavior or authentication mechanisms

Publishing internal email addresses publicly to show transparency

Question 16

Which security model enforces access control based on user roles?

DAC

MAC

RBAC

ABAC

Question 17

When designing a zero-trust network architecture, which principles are fundamental?

Implicit trust based on network location

Continuous verification of identity and device posture

Least-privilege access enforcement

Microsegmentation of resources

Question 18

Which Azure service helps detect and respond to security threats across hybrid environments?

Azure DevOps

Microsoft Defender for Cloud

Azure Data Factory

Azure Logic Apps

Question 19

Which AWS services or features can be used to detect anomalous or malicious activity in an AWS account?

AWS GuardDuty

AWS CloudTrail

AWS Shield Advanced

AWS Config

Question 20

Which Microsoft 365 feature is used to prevent sensitive information from being shared?

Sensitivity Labels

Data Loss Prevention (DLP)

Retention Policies

eDiscovery

Quiz Results

Good job! Thank you for participating in the Digital Skills Cup 2026! We have sent you the quiz results by email.

Leading Learning Partners Association

The Base B
Evert van de Beekstraat 1-104
1118 CL Schiphol, Amsterdam
The Netherlands

info@thellpa.com
LinkedIn

Terms of Service
Privacy Policy

Manage cookie preferences