Certification Guides Knowledge Checks IT Career Insights

START HERE New to IT or Cybersecurity?
Begin with CompTIA ITF+ →

Certification Guides› Knowledge Checks› IT Career Insights›

Free resource. No signup needed. Disclosure

ITF+ • LESSON 6

Security Basics

This lesson teaches the security habits that keep real people safe: malware and phishing, strong authentication, updates, and backups. Security is mostly behavior — not magic tools.

✓ Beginner-friendly ✓ Hands-on practical ✓ Quiz + explanations ✓ CompTIA-aligned

Security map (how attacks really work)

Most attacks follow a simple pattern: a threat enters through an entry point, causes an impact, and is reduced by defenses (habits + tools).

Diagram: Threat → entry point → impact. Your defenses are habits: verify links, update, MFA, and backups.

Malware vs phishing (easy definitions)

Malware is harmful software (virus, ransomware, spyware). It damages systems or steals data.

Phishing tricks the user into giving access (passwords, codes) or clicking dangerous links.

Malware

Virus

Attaches to files/programs and spreads when run.

Clue: “I opened a file and now things are weird.”

Malware

Ransomware

Encrypts files and demands payment.

Defense: offline or separate backups.

Phishing

Social engineering

Fake messages that create urgency: “act now.”

Defense: verify sender, don’t click, use MFA.

Quick test: If it’s trying to trick you, it’s probably phishing. If it’s software harming the system, it’s malware.

Security habits that matter most

Authentication

Passwords + MFA

Long + unique passwords are safer than “complex but reused.”

MFA blocks many stolen-password attacks.

Patching

Updates

Updates fix security holes attackers already know about.

Rule: unpatched = unlocked door.

Recovery

Backups

Backups let you recover from ransomware, deletion, or drive failure.

Rule: one copy = no safety.

Practical: Classify the scenario (Malware / Phishing / Safe)

Click a scenario, then click the correct category. This trains the reflex: “What kind of problem is this?”

Security Classification Drill

Goal: sort 12 scenarios correctly. This is the foundation of real troubleshooting.

0/12 correct

Malware = harmful software. | Phishing = trick message stealing access. | Safe = normal or recommended behavior.

Malware “Bad software”

Phishing “Trick message”

Safe “Good behavior”

Scenarios (click one)

Tip: If it’s pressure + link + “act now”, it’s usually phishing. If it’s software changing files / slowing the PC, it’s often malware. If it’s updates, MFA, backups, that’s safe.

Progress: Get 10–12 correct to be quiz-ready.

Lesson 6 Quiz: Security Basics

Answer each question, then click Grade Quiz. Aim for 75%+ to unlock the next lesson.

Knowledge Check

Short, direct questions that build a usable security mindset: recognize threats, reduce risk, recover fast.

1) What does “security” mean in IT?

Making the computer faster Protecting systems, data, and users from threats Installing more games Buying a bigger monitor

Security is about reducing risk and protecting systems, data, and people.

2) Which is an example of malware?

Ransomware A strong password A software update A backup drive

Ransomware is malicious software that encrypts files and demands payment.

3) What is phishing?

A hardware failure A type of file system A trick message designed to steal access or data A backup method

Phishing targets the user with deception (fake urgency, fake links, fake logins).

4) Which is a common sign of phishing?

A device driver installs The computer restarts after an update A file saves to a folder Urgent message pushing you to click a link immediately

Phishing often uses urgency and a link to push quick, unthinking action.

5) Why are software updates important for security?

They increase screen brightness They patch known vulnerabilities attackers use They turn off antivirus They delete old files automatically

Patches fix security holes; attackers often target unpatched systems.

6) What is MFA (multi-factor authentication)?

Using more than one method to prove identity A type of malware scanner A cloud storage plan A device port

MFA combines factors like password + phone code/approval.

7) Which password practice is best?

Reuse one strong password everywhere Use short passwords with symbols Use long, unique passwords for each account Write passwords on sticky notes

Unique passwords prevent one breach from spreading to multiple accounts.

8) A user plugs in a USB drive from an unknown source. What’s the best security mindset?

It’s always safe if it fits the port Open every file to check what it is Disable updates to avoid changes Treat it as potentially risky and avoid unknown media

Unknown downloads/USB media are common malware entry points.

9) What is the main benefit of backups?

They prevent phishing emails They allow recovery from loss, deletion, or ransomware They replace antivirus They speed up RAM

Backups are the recovery plan when things go wrong.

10) Which statement is most accurate?

Security is layers: habits + tools reduce risk Antivirus makes you invincible Only big companies get attacked Updates are optional

Defense-in-depth is the reality: you reduce risk with multiple layers.

Next Lesson

Score 75%+ to unlock the next lesson button. (Progress is saved locally on this device only.)

🔒 Locked 🎯 Target: 75%

Go to Lesson 7 →

Lesson 6: Security Basics: Protecting Systems, Data, and Users

Security Basics

Security map (how attacks really work)

Malware vs phishing (easy definitions)

Virus

Ransomware

Social engineering

Security habits that matter most

Passwords + MFA

Updates

Backups

Practical: Classify the scenario (Malware / Phishing / Safe)

Security Classification Drill

Malware “Bad software”

Phishing “Trick message”

Safe “Good behavior”

Scenarios (click one)

Lesson 6 Quiz: Security Basics

Knowledge Check

1) What does “security” mean in IT?

2) Which is an example of malware?

3) What is phishing?

4) Which is a common sign of phishing?

5) Why are software updates important for security?

6) What is MFA (multi-factor authentication)?

7) Which password practice is best?

8) A user plugs in a USB drive from an unknown source. What’s the best security mindset?

9) What is the main benefit of backups?

10) Which statement is most accurate?

Next Lesson

Leave a Comment Cancel reply