Cybersecurity Apprentice Practice Exam: Test Your Knowledge 2025

What is the primary function of the OSI model's Transport Layer?

A network administrator notices that a device with IP address 192.168.1.50/24 cannot communicate with a device at 192.168.2.100/24. What is the most likely reason?

Which protocol operates at Layer 2 of the OSI model and is used to resolve IP addresses to MAC addresses within a local network?

A company is experiencing network congestion during business hours. Network analysis shows that broadcast traffic is consuming significant bandwidth. What network design improvement would BEST reduce this broadcast domain size?

What is the main difference between TCP and UDP protocols?

An organization uses multiple routing protocols in different parts of its network. What metric determines which route will be installed in the routing table when the same destination is learned via different routing protocols?

What is the fundamental principle behind the CIA triad in cybersecurity?

A security analyst discovers that an attacker has gained initial access to a network through a phishing email and is now attempting to access additional systems. What phase of the cyber kill chain is the attacker currently in?

Which type of malware is specifically designed to encrypt a victim's files and demand payment for the decryption key?

An organization implements a security control that monitors user behavior to detect anomalies that might indicate compromised credentials. What type of security control is this?

What is the primary purpose of implementing the principle of least privilege in an organization?

A company's security team is analyzing a sophisticated attack where the threat actor used multiple zero-day vulnerabilities, advanced evasion techniques, and appeared to have significant resources and time. What type of threat actor is this most likely?

What is the primary security benefit of implementing network segmentation using firewalls?

Which security technology inspects encrypted HTTPS traffic by decrypting, analyzing, and re-encrypting it to detect threats hidden in encrypted communications?

A next-generation firewall (NGFW) blocks a file download that a traditional firewall would have allowed. What additional capability does the NGFW have that enabled this action?

An organization wants to protect against unknown malware that has never been seen before. Which security technology would be MOST effective?

What is the primary difference between an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS)?

A security operations center (SOC) analyst receives an alert about potential data exfiltration. What should be the analyst's FIRST step in responding to this alert?

During an incident response, what is the primary purpose of preserving the chain of custody for digital evidence?

An employee receives an email appearing to be from the company CEO requesting an urgent wire transfer. The email address looks legitimate but contains a slight misspelling. What type of social engineering attack is this?