AP CSP Practice Test Privacy Security

AP CSP Test 5.2: Privacy, Security & Ethics

PII, encryption, cybersecurity, intellectual property, and safe computing

25 Questions ~30 Minutes Instant Scoring
Question 1 PII
Which of the following is LEAST likely to be considered personally identifiable information (PII)?
Question 2 Encryption
In a public key encryption system, Alice wants to send a secure message to Bob. Which key does Alice use to encrypt the message?
Question 3 Cybersecurity
A user receives an email that appears to be from their bank, asking them to click a link and verify their account credentials. The link leads to a fake website. This attack is called:
Question 4 PII
Consider the following statements about PII and data collection:

I. Websites can collect data about users even without the users actively providing it (e.g., through cookies and tracking).
II. Combining multiple pieces of non-PII data can sometimes uniquely identify an individual.
III. Once data is posted online, it can always be completely deleted.

Which statements are true?
Question 5 Encryption
Which of the following BEST describes the difference between symmetric and public key (asymmetric) encryption?
Question 6 Safe Computing
Which of the following is the MOST effective way to protect online accounts from unauthorized access?
Question 7 Intellectual Property
A student finds an image online and uses it in their school presentation without checking the license. Which of the following BEST describes this situation?
Question 8 Cybersecurity
A company’s server is overwhelmed with millions of fake requests, making it unavailable to legitimate users. This is an example of:
Question 9 PII
A fitness app collects users’ GPS location data, heart rate, and daily exercise routes. A data breach exposes this information. Which is a potential consequence?
Question 10 Encryption
A website URL begins with https:// instead of http://. What does the ’s’ indicate?
Question 11 Safe Computing
Which of the following passwords is MOST resistant to a brute-force attack?
Question 12 Intellectual Property
Consider the following types of licenses:

I. Creative Commons - allows sharing with certain conditions
II. Open source - source code is available for use and modification
III. Copyright - all rights reserved by the creator by default

Which of these provides the MOST restrictive control over how others use the work?
Question 13 Cybersecurity
An attacker intercepts communication between a user and their bank by positioning themselves between the two parties. The user believes they are communicating directly with the bank. This describes:
Question 14 PII
A social media platform’s terms of service state that they may share user data with third-party advertisers. A user agrees to these terms. Which of the following is true?
Question 15 Encryption
A Caesar cipher shifts each letter by a fixed number of positions. If the key is 3, 'A' becomes 'D'. Why is this encryption method NOT secure for modern communications?
Question 16 Cybersecurity
Software that secretly records every keystroke a user types, including passwords and credit card numbers, is called:
Question 17 Safe Computing
Which of the following actions puts a user’s data at the GREATEST risk?
Question 18 Intellectual Property
A programmer releases their code under an open-source license. Which of the following is true about the code?
Question 19 Cybersecurity
Consider the following statements about computer viruses and malware:

I. Malware can be installed on a device without the user’s knowledge.
II. Keeping software updated helps protect against known vulnerabilities.
III. Antivirus software can detect and prevent 100% of all malware threats.

Which statements are true?
Question 20 PII
A school stores student records including names, grades, and disciplinary history in a database. Which practice BEST protects this sensitive data?
Question 21 Encryption
A digital certificate is used in HTTPS connections. Which of the following BEST describes its purpose?
Question 22 Safe Computing
A website uses cookies to store user preferences and track browsing behavior. Which statement about cookies is MOST accurate?
Question 23 Cybersecurity
An employee at a company receives a phone call from someone claiming to be from IT support, asking for their login credentials to “fix a system issue.” This is an example of:
Question 24 Intellectual Property
Which of the following scenarios is MOST clearly a violation of intellectual property rights?
Question 25 PII & Ethics
A technology company discovers a data breach that exposed 10 million users’ email addresses and passwords. Which action is MOST responsible?
--

out of 25

--

Answer Review

← Test 5.1: ImpactBack to All Tests

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Email

[email protected]

📚

Courses

AP CSA, CSP, & Cybersecurity

Response Time

Within 24 hours

Prefer email? Reach me directly at [email protected]