Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Free Resources

Difficulty IndexLearn — Free ChaptersIT GlossaryFree Tools & LabsStudy GuidesCareer RoadmapsBrowse by VendorCisco Command ReferenceCCNA Scenarios

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Security practice sets

FC0-U61 Security • Complete Question Bank

FC0-U61 Security — All Questions With Answers

Complete FC0-U61 Security question bank — all 0 questions with answers and detailed explanations.

98
Questions
Free
No signup
Certifications/FC0-U61/Practice Test/Security/All Questions
Question 1easymultiple choice
Read the full Security explanation →

Which of the following best describes the principle of confidentiality in the CIA triad?

Question 2mediummultiple choice
Read the full Security explanation →

A company implements a policy requiring employees to use a password and a one-time code sent to their mobile phone when logging into the corporate network. Which security concept is being employed?

Question 3mediummultiple choice
Read the full Security explanation →

A user receives an email that appears to be from their bank, asking them to click a link and verify their account details. The email contains urgent language and threats of account closure. What type of attack is this?

Question 4easymultiple choice
Read the full Security explanation →

Which of the following is the strongest password?

Question 5hardmultiple choice
Read the full Security explanation →

A security analyst discovers that a file on a server has been modified without authorization. However, the system logs show that the modification was made by an authenticated user who had legitimate access to the file. Which aspect of the CIA triad has been violated?

Question 6mediummultiple choice
Read the full Security explanation →

Which of the following malware types is characterized by self-replication without needing to attach to a host file?

Question 7mediummultiple choice
Read the full Security explanation →

A company wants to ensure that sensitive documents are not readable if a laptop is stolen. Which of the following provides the best protection?

Question 8easymultiple choice
Read the full Security explanation →

What is the primary purpose of a password manager?

Question 9hardmultiple choice
Read the full Security explanation →

An attacker gains physical access to a building by following an employee through a secured door without using a badge. This is an example of which social engineering technique?

Question 10mediummultiple choice
Read the full Security explanation →

Which of the following is the best practice for creating strong passwords?

Question 11mediummultiple choice
Read the full Security explanation →

A user downloads a free game from an untrusted website. After installation, the user's computer begins displaying pop-up advertisements frequently. Which type of malware is most likely installed?

Question 12hardmultiple choice
Read the full Security explanation →

An organization uses a security model where users are granted the minimum permissions necessary to perform their job functions. This model is known as:

Question 13mediummulti select
Read the full Security explanation →

Which TWO of the following are effective measures to protect against ransomware attacks? (Select two.)

Question 14hardmulti select
Read the full Security explanation →

Which THREE of the following are examples of multi-factor authentication? (Select three.)

Question 15easymulti select
Read the full Security explanation →

Which TWO of the following are recommended practices for physical security in an office environment? (Select two.)

Question 16easymultiple choice
Read the full Security explanation →

Which of the following best describes the principle of least privilege?

Question 17mediummultiple choice
Read the full Security explanation →

A user receives an email that appears to be from their bank, asking them to click a link and verify their account details. The user notices the email address is slightly misspelled (e.g., 'support@bankk.com' instead of 'support@bank.com'). Which type of attack is this?

Question 18hardmultiple choice
Read the full Security explanation →

An organization implements a security control that requires users to swipe a smart card and then enter a PIN to access a secure facility. Which combination of authentication factors does this represent?

Question 19easymultiple choice
Read the full Security explanation →

Which of the following is a characteristic of a worm in the context of malware?

Question 20mediummultiple choice
Read the full Security explanation →

A company wants to protect its network from unauthorized external access. Which of the following devices should be configured to filter traffic based on port and protocol?

Question 21mediummultiple choice
Read the full Security explanation →

An employee is tailgated into a secure office building by someone without a badge. Which type of security threat does this represent?

Question 22mediummultiple choice
Read the full Security explanation →

An organization adopts the 3-2-1 backup rule. Which of the following practices aligns with this rule?

Question 23hardmultiple choice
Read the full Security explanation →

A security analyst is explaining the CIA triad to new employees. Which scenario best illustrates a breach of integrity?

Question 24easymultiple choice
Read the full Security explanation →

Which of the following is a best practice for creating a strong password?

Question 25hardmultiple choice
Read the full Security explanation →

A small business owner wants to protect customer data stored on laptops in case the devices are stolen. Which encryption method provides the best protection for the entire hard drive?

Question 26mediummultiple choice
Read the full Security explanation →

Which of the following is a key difference between a vulnerability and a threat in cybersecurity?

Question 27mediummultiple choice
Read the full Security explanation →

A company implements a policy where employees must lock their computer screen when leaving their desk. Which security principle does this practice support?

Question 28mediummulti select
Read the full Security explanation →

Which TWO of the following are examples of social engineering attacks? (Select TWO.)

Question 29hardmulti select
Read the full Security explanation →

Which THREE of the following are effective methods to protect against malware infections? (Select THREE.)

Question 30easymulti select
Read the full Security explanation →

Which TWO of the following are characteristics of a strong password? (Select TWO.)

Question 31easymultiple choice
Read the full Security explanation →

Which of the following best describes the principle of confidentiality in the CIA triad?

Question 32mediummultiple choice
Read the full Security explanation →

A user receives an email that appears to be from their bank, asking them to click a link and verify their account details. The user suspects it is a phishing attempt. Which type of phishing attack is this most likely to be?

Question 33hardmultiple choice
Read the full Security explanation →

An organization implements a security policy where users must provide a password and a one-time code generated by a mobile app to log in. Which type of authentication is being used?

Question 34easymultiple choice
Read the full Security explanation →

Which of the following is a characteristic of a strong password?

Question 35mediummultiple choice
Read the full Security explanation →

A company requires all employees to use a smart card and a PIN to access the building. This is an example of which concept?

Question 36hardmultiple choice
Read the full Security explanation →

A security analyst discovers that a file on a server has been modified without authorization. Which element of the CIA triad has been compromised?

Question 37mediummultiple choice
Read the full Security explanation →

Which type of malware is designed to replicate itself and spread to other computers without needing to attach to a host file?

Question 38easymultiple choice
Read the full Security explanation →

Which of the following is the best practice for backing up data according to the 3-2-1 rule?

Question 39mediummultiple choice
Read the full Security explanation →

An attacker gains physical access to a secure area by following an authorized employee through a door that requires a badge. This social engineering technique is known as:

Question 40hardmultiple choice
Read the full Security explanation →

Which of the following encryption methods is used to protect data in transit over a public network, such as the internet?

Question 41mediummultiple choice
Read the full Security explanation →

A user reports that their computer has been displaying unwanted pop-up advertisements frequently. Which type of malware is most likely responsible?

Question 42easymultiple choice
Read the full Security explanation →

Which of the following is an example of a physical security control?

Question 43mediummulti select
Read the full Security explanation →

A company wants to implement the principle of least privilege for its employees. Which TWO of the following actions align with this principle? (Choose TWO.)

Question 44hardmulti select
Read the full Security explanation →

An organization is implementing a defense-in-depth strategy. Which THREE of the following are considered security controls that can be used? (Choose THREE.)

Question 45mediummulti select
Read the full Security explanation →

Which TWO of the following are examples of multi-factor authentication? (Choose TWO.)

Question 46easymultiple choice
Read the full Security explanation →

Which element of the CIA triad is primarily concerned with ensuring that data is not accessed by unauthorized individuals?

Question 47mediummultiple choice
Read the full Security explanation →

A user receives an email that appears to be from their bank, asking them to click a link and verify their account details. The user notices the sender's email address is slightly misspelled. Which type of threat is this?

Question 48mediummultiple choice
Read the full Security explanation →

An organization requires employees to use a password and a one-time code sent to their mobile phone when logging into the network. Which security principle is being implemented?

Question 49easymultiple choice
Read the full Security explanation →

Which of the following is the best practice for creating a strong password?

Question 50hardmultiple choice
Read the full Security explanation →

A security analyst is explaining the difference between a threat and a vulnerability. Which statement accurately describes this difference?

Question 51mediummultiple choice
Read the full Security explanation →

Which type of malware is disguised as legitimate software but performs malicious actions?

Question 52mediummultiple choice
Read the full Security explanation →

A company wants to ensure that data on lost laptops cannot be accessed. Which technology should be used?

Question 53easymultiple choice
Read the full Security explanation →

What is the primary purpose of a password manager?

Question 54hardmultiple choice
Read the full Security explanation →

An employee calls the help desk claiming to be a manager from another department and requests a password reset. This is an example of which social engineering technique?

Question 55mediummultiple choice
Read the full wireless explanation →

A user is concerned about connecting to a public Wi-Fi network at a coffee shop. Which security measure can best protect their data?

Question 56hardmultiple choice
Read the full Security explanation →

A company's backup strategy requires three copies of data, on two different media types, with one copy offsite. Which backup rule does this follow?

Question 57mediummultiple choice
Read the full Security explanation →

Which of the following is an example of something you are in multi-factor authentication?

Question 58mediummulti select
Read the full Security explanation →

A company is implementing physical security measures. Which two of the following are examples of physical security controls? (Select TWO.)

Question 59hardmulti select
Read the full Security explanation →

An IT administrator is hardening a server. Which three of the following actions should be taken to improve security? (Select THREE.)

Question 60hardmulti select
Read the full Security explanation →

A user receives a suspicious email with an attachment claiming to be an invoice. Which three practices should the user follow? (Select THREE.)

Question 61easymultiple choice
Read the full Security explanation →

Which component of the CIA triad ensures that data cannot be modified by unauthorized users?

Question 62mediummultiple choice
Read the full Security explanation →

A user receives an email that appears to be from their bank, asking them to click a link and verify their account. The email contains urgent language and a generic greeting. Which type of security threat is this?

Question 63hardmultiple choice
Read the full Security explanation →

A company implements a policy where employees must swipe their ID card and then enter a PIN to access the server room. Which two authentication factors are being used?

Question 64mediummultiple choice
Read the full Security explanation →

Which of the following best describes the principle of least privilege?

Question 65easymultiple choice
Read the full Security explanation →

What is the primary purpose of a password manager?

Question 66mediummultiple choice
Read the full Security explanation →

An employee allows a delivery person to enter a secure office building by holding the door open. The delivery person does not have an access badge. Which social engineering attack is this?

Question 67hardmultiple choice
Read the full Security explanation →

A security administrator wants to protect data at rest on a laptop that may be lost or stolen. Which of the following is the BEST solution?

Question 68mediummultiple choice
Read the full Security explanation →

Which backup strategy involves keeping three copies of data on two different media types with one copy offsite?

Question 69easymultiple choice
Read the full Security explanation →

What is the primary purpose of a network firewall?

Question 70mediummultiple choice
Read the full Security explanation →

Which type of malware attaches to legitimate files and spreads when those files are executed?

Question 71hardmultiple choice
Read the full VPN explanation →

A company requires employees to use a one-time code from a smartphone app in addition to their password to log into the corporate VPN. This is an example of:

Question 72mediummultiple choice
Read the full wireless explanation →

What is the primary risk of using public Wi-Fi without a VPN?

Question 73mediummulti select
Read the full Security explanation →

Which TWO of the following are examples of physical security measures? (Select TWO)

Question 74hardmulti select
Read the full Security explanation →

Which THREE of the following are characteristics of a strong password? (Select THREE)

Question 75easymulti select
Read the full Security explanation →

Which TWO of the following are types of malware? (Select TWO)

Question 76easymultiple choice
Read the full Security explanation →

Which of the following best describes the 'Confidentiality' component of the CIA triad?

Question 77mediummultiple choice
Read the full Security explanation →

An employee receives an email that appears to be from the CEO, urgently requesting a wire transfer to an external vendor. The email address looks slightly off. Which type of social engineering attack is this?

Question 78hardmultiple choice
Read the full Security explanation →

A company is implementing a backup strategy. Which of the following best adheres to the 3-2-1 backup rule?

Question 79mediummultiple choice
Read the full Security explanation →

Which of the following is an example of multi-factor authentication?

Question 80easymultiple choice
Read the full Security explanation →

Which of the following is a characteristic of a strong password?

Question 81mediummultiple choice
Read the full Security explanation →

An organization wants to ensure that employees only have access to the data necessary to perform their job functions. Which principle should be applied?

Question 82hardmultiple choice
Read the full Security explanation →

A security analyst notices that a user's computer is running slowly and displaying many pop-up ads. Which type of malware is most likely causing this?

Question 83mediummultiple choice
Read the full Security explanation →

Which of the following is the primary purpose of hashing a password before storing it in a database?

Question 84easymultiple choice
Read the full Security explanation →

What is the difference between a threat and a vulnerability?

Question 85mediummultiple choice
Read the full Security explanation →

An employee is working from a coffee shop and needs to access company files. Which of the following is the most secure method?

Question 86hardmultiple choice
Read the full Security explanation →

Which of the following is a characteristic of a worm compared to a virus?

Question 87mediummultiple choice
Read the full Security explanation →

What is the primary purpose of a firewall?

Question 88mediummulti select
Read the full Security explanation →

A help desk technician receives a call from a user who says their computer is showing a message that files are encrypted and a ransom is demanded. Which TWO types of malware are most likely involved?

Question 89hardmulti select
Read the full Security explanation →

A company is developing a security policy. Which THREE of the following are examples of physical security controls?

Question 90easymulti select
Read the full Security explanation →

Which TWO of the following are best practices for password security?

Question 91mediummultiple choice
Read the full Security explanation →

A user receives an email from their bank asking them to click a link and verify their account information. The email contains spelling errors and the sender's address looks suspicious. Which type of social engineering attack is this?

Question 92easymulti select
Read the full Security explanation →

Which TWO of the following are examples of multi-factor authentication?

Question 93hardmulti select
Read the full Security explanation →

A company's IT policy mandates data backups following the 3-2-1 rule. Which THREE of the following practices align with this rule?

Question 94mediummulti select
Read the full Security explanation →

Which TWO of the following are characteristics of ransomware?

Question 95mediummulti select
Read the full Security explanation →

Which THREE of the following are best practices for password security?

Question 96hardmulti select
Read the full Security explanation →

A security analyst is evaluating risks to the company's network. According to the risk formula (Risk = Likelihood × Impact), which THREE of the following are considered vulnerabilities?

Question 97easymulti select
Read the full Security explanation →

Which TWO of the following are examples of physical security controls?

Question 98mediummulti select
Read the full Security explanation →

A user wants to protect their laptop in case it is stolen. Which THREE of the following measures would help protect the confidentiality of the data?

Practice tests

Scored 10-question sessions with instant feedback and explanations.

FC0-U61 Practice Test 1 — 25 Questions→FC0-U61 Practice Test 2 — 25 Questions→FC0-U61 Practice Test 3 — 25 Questions→FC0-U61 Practice Test 4 — 25 Questions→FC0-U61 Practice Test 5 — 25 Questions→FC0-U61 Practice Exam 1 — 20 Questions→FC0-U61 Practice Exam 2 — 20 Questions→FC0-U61 Practice Exam 3 — 20 Questions→FC0-U61 Practice Exam 4 — 20 Questions→Free FC0-U61 Practice Test 1 — 30 Questions→Free FC0-U61 Practice Test 2 — 30 Questions→Free FC0-U61 Practice Test 3 — 30 Questions→FC0-U61 Practice Questions 1 — 50 Questions→FC0-U61 Practice Questions 2 — 50 Questions→FC0-U61 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

IT Concepts and TerminologyInfrastructureApplications and SoftwareSoftware DevelopmentDatabase FundamentalsSecuritySoftware Development Concepts

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Security setsAll Security questionsFC0-U61 Practice Hub