AP Computer Science Principles Practice Quiz: Safe Computing

Written by AP Content Team, Verified for 2026 AP Exams, Last updated: May 2026

Test your understanding with short quizzes. This quiz has 16 questions to check your progress.

Question 1 of 16

Which of the following best describes how detailed knowledge about an individual can be created from seemingly unrelated pieces of online data?

A)Through the aggregation of disparate data like geolocation, cookies, and browsing history.B)By using multifactor authentication to link different user accounts together.C)By encrypting personal data, which makes it more valuable to marketing companies.D)Through the use of keylogging software, which only captures a user's name and address.

All Questions (16)

Which of the following best describes how detailed knowledge about an individual can be created from seemingly unrelated pieces of online data?

A) Through the aggregation of disparate data like geolocation, cookies, and browsing history.

B) By using multifactor authentication to link different user accounts together.

C) By encrypting personal data, which makes it more valuable to marketing companies.

D) Through the use of keylogging software, which only captures a user's name and address.

Correct Answer: A

According to the provided content, 'Disparate personal data, such as geolocation, cookies, and browsing history, can be aggregated to create knowledge about an individual.' This process combines various data points to build a comprehensive profile.

A user is required to enter their password and then a one-time code sent to their phone to log in. This security measure is an example of:

A) Symmetric key encryption

B) A rogue access point

C) Multifactor authentication

D) A computer virus scan

Correct Answer: C

The content states that 'Multifactor authentication adds layers of security, requiring at least two steps to unlock protected information' and requires evidence from at least two categories. A password (knowledge) and a code on a phone (possession) fit this description.

What is the primary function of a certificate authority in secure communications?

A) To create strong passwords for users that are difficult to guess.

B) To scan for and remove malware from a computing system.

C) To issue digital certificates that validate the ownership of encryption keys.

D) To record every keystroke made by a user to detect fraudulent activity.

Correct Answer: C

As stated in the text, 'Certificate authorities issue digital certificates that validate the ownership of encryption keys used in secure communications based on a trust model.'

A user receives an email that appears to be from their bank, asking them to click a link and verify their account details. This is a common example of what kind of attack?

A) Keylogging

B) Phishing

C) A rogue access point

D) A computer virus

Correct Answer: B

The content defines phishing as 'a technique that attempts to trick a user into providing personal information, which can then be used to access sensitive online resources.' The scenario described is a classic phishing attempt.

According to the provided text, which of the following is an example of Personally Identifiable Information (PII)?

A) A user's preferred web browser

B) The name of a city a user lives in

C) A user's phone number

D) A user's favorite color

Correct Answer: C

The text defines PII as 'information about an individual that identifies, links, relates, or describes them' and explicitly lists 'phone number' as an example.

What is a significant risk associated with information once it is placed online?

A) It is automatically encrypted by all websites.

B) It is difficult to delete permanently.

C) It can only be viewed by the person who posted it.

D) It is automatically verified for accuracy by search engines.

Correct Answer: B

The content explicitly states, 'Once information is placed online, it is difficult to delete.' This highlights the persistence of digital data.

A wireless access point set up in a coffee shop by an attacker to intercept user data is known as a:

A) Certificate authority

B) Rogue access point

C) Symmetric key

D) Freeware download

Correct Answer: B

The provided text defines a rogue access point as 'a wireless access point that gives unauthorized access to secure networks.' This perfectly describes the scenario, as it's designed to intercept data sent over the public network.

Why are regular software updates considered an important security practice?

A) They increase the speed of the user's internet connection.

B) They add new cosmetic features to the user interface.

C) They fix errors or design flaws that could be exploited.

D) They automatically delete any stored Personally Identifiable Information.

Correct Answer: C

The content states that 'Regular software updates help fix errors or design flaws that could be exploited to compromise a computing system.'

Which of the following describes a key difference between malware and a computer virus?

A) Malware is software intended to cause damage, while a virus is a specific type of malware that can copy itself.

B) A virus is intended to cause damage, while malware is only used for targeted marketing.

C) Malware is always downloaded from freeware sites, while viruses are only spread through email.

D) A virus is a hardware issue, while malware is a software issue.

Correct Answer: A

The text defines malware as 'software intended to damage a computing system' and a computer virus as a 'malicious program that can copy itself.' This indicates that a virus is a specific category of the broader term 'malware'.

How might a search engine use a person's search history?

A) To issue a digital certificate for their browser.

B) To provide targeted marketing or suggest websites.

C) To create a strong password for their accounts.

D) To scan their computer for malware.

Correct Answer: B

According to the text, 'Search engines can use search history to suggest websites or for targeted marketing.'

A program that records every keystroke a user makes in order to steal passwords or other confidential information is known as:

A) A search engine history

B) Keylogging

C) Multifactor authentication

D) Encryption

Correct Answer: B

The content defines keylogging as 'the use of a program to record every keystroke made by a computer user to gain fraudulent access to confidential information.'

Which of the following best defines a strong password, according to the provided text?

A) A password that is short and uses a common word.

B) A password that is easy for the user to remember but hard for others to guess.

C) A password that is the user's Social Security number.

D) A password that is shared among multiple users for convenience.

Correct Answer: B

The text states, 'A strong password is easy for a user to remember but difficult for someone else to guess based on knowledge of that user.'

What is a primary risk of commercial and governmental curation of information if privacy protections are ignored?

A) The information may be exploited.

B) The information will be automatically deleted.

C) The information will become more accurate.

D) The information will be converted into a public key.

Correct Answer: A

The content warns that 'Commercial and governmental curation of information may be exploited if privacy and other protections are ignored.'

Encoding data to prevent unauthorized access is a protection method known as:

A) Phishing

B) Keylogging

C) Authentication

D) Encryption

Correct Answer: D

The text defines encryption as 'encoding data to prevent unauthorized access.'

A user downloads a free game from an untrustworthy shareware site. What is a potential security risk associated with this action?

A) The download may contain malware.

B) The download will improve the computer's performance.

C) The download will automatically create a strong password for the user.

D) The download will encrypt the user's entire hard drive for protection.

Correct Answer: A

The provided content explicitly warns that 'Untrustworthy (often free) downloads from freeware or shareware sites can contain malware.'

How can information posted to social media be used to deduce private information about an individual?

A) Social media platforms automatically delete all PII.

B) Social media posts are always encrypted and cannot be read by others.

C) By combining it with information from other sources.

D) By using multifactor authentication on the social media account.

Correct Answer: C

The text states, 'Information posted to social media services can be used by others. Combining this information with other sources can deduce private information about you.'