ISACA · ITCA
Entry-level certification that validates fundamental knowledge in cybersecurity concepts, one of five certificates in the ITCA program.
Questions
596
Duration
120 minutes
Passing Score
65%
Difficulty
FoundationalLast Updated
Jan 2026
Use this ITCA practice exam to prepare for Information Technology Certified Associate (ITCA) with realistic questions, detailed explanations, and focused study modes. The practice bank includes 596 questions for ISACA ITCA, so you can review the exam steadily instead of relying on one long cram session.
As you practice, pay extra attention to patterns in your missed answers. Start with short sessions to identify weak areas, then move into timed quizzes once your accuracy is consistent.
The explanations are especially useful when you want to connect exam wording to the responsibilities and scenarios described in the official certification guidance. Use the free preview first, then unlock the full question bank when you are ready to build a complete study routine.
The ISACA Cybersecurity Fundamentals Certificate is one of five stackable credentials that together comprise the Information Technology Certified Associate (ITCA) program. It validates foundational knowledge of cybersecurity principles, threat landscapes, asset security, and security operations — the core competencies required to begin a career protecting enterprise data and infrastructure. The exam blends knowledge-based multiple-choice questions with performance-based questions delivered in a virtual lab environment, ensuring candidates can demonstrate practical ability alongside theoretical understanding.
The certificate is part of ISACA's broader effort to create an entry-level pathway into IT credentialing. Candidates who earn all five ITCA certificates — covering Computing Fundamentals, Networking and Infrastructure, Cybersecurity, Software Development, and Data Science — can then apply for the full ITCA certification. The Cybersecurity Fundamentals certificate itself does not expire and awards 9.5 CPE credits when the accompanying course is completed.
This certificate is designed for individuals at the very beginning of their IT or cybersecurity career journey, including recent graduates, college students, and professionals from non-technical fields looking to transition into cybersecurity. No prior work experience in IT is required, making it accessible to career changers who want a recognized credential to validate self-taught or academic knowledge.
It is also well-suited for IT generalists, help desk technicians, or junior administrators who want to formalize their cybersecurity knowledge and differentiate themselves for roles such as security analyst, IT support specialist, or junior SOC analyst. Organizations may also use it as a structured upskilling tool for existing technical teams.
There are no formal prerequisites for the Cybersecurity Fundamentals certificate. Candidates can register and sit for the exam at any time without prior certifications, work experience documentation, or educational requirements — distinguishing it from ISACA's more advanced credentials such as CISM or CISA.
While no prerequisites are mandated, candidates will benefit from a basic familiarity with computing concepts, networking fundamentals, and general IT terminology before attempting the exam. ISACA offers an optional self-paced online course (9.5 CPE credits) and a study guide authored by subject-matter experts to help candidates without a formal cybersecurity background build the necessary knowledge before sitting for the exam.
The exam consists of 75 questions delivered in a computer-based, remotely proctored format. Questions are a blend of knowledge-based multiple-choice items and performance-based questions set within a virtual lab environment, requiring candidates to demonstrate practical task execution rather than purely theoretical recall. The time limit is 120 minutes, and a passing score of 65% is required.
The exam is available continuously — candidates can schedule it as early as 48 hours after payment, with appointments available up to 90 days in advance. Free rescheduling is permitted with at least 48 hours' notice. Candidates have 365 days from the date of purchase to sit for the exam, and there is no stated limit on retake attempts. Exam fees are US$120 for ISACA members and US$144 for non-members.
Earning the Cybersecurity Fundamentals certificate signals to employers that a candidate has verified, baseline competency in protecting systems and data — a quality increasingly valued even for non-security IT roles. It serves as a credible entry point for positions such as junior security analyst, SOC tier-1 analyst, IT support specialist, or cybersecurity technician, particularly at organizations that recognize ISACA credentials (common in financial services, government, and enterprise technology sectors).
As a standalone certificate it complements ISACA's advanced certifications (CISM, CISA, CRISC), providing a documented foundation that can accelerate a candidate's path toward those credentials. For candidates who complete all five ITCA badges and earn the full ITCA certification, the credential demonstrates breadth across core IT disciplines — making it a differentiator in entry-level hiring where employers seek candidates who can operate across multiple technology domains from day one.
5 sample questions with answers and explanations. Start a practice session to test yourself across all 596 questions.
Preview — answers shown1. A machine learning team trains a classification model to predict customer churn using historical data. After deployment, the model performs well on training data but shows poor accuracy on new customer data. Model predictions fail to generalize to real-world scenarios. What problem has occurred? (Select one!)
Explanation
Overfitting occurs when a model learns training data too well, including noise and anomalies, resulting in high training accuracy but poor generalization to new data. The model essentially memorizes training examples rather than learning generalizable patterns. This is evidenced by the discrepancy between training and real-world performance. Underfitting shows poor performance on both training and test data. High bias indicates oversimplification with poor training performance. Low variance is actually desirable and would not cause poor performance on new data.
2. A systems architect designs storage infrastructure for a database server requiring both high fault tolerance and optimal read performance for frequently accessed data. The budget allows for six identical 2 TB drives. Which RAID level provides the best balance of fault tolerance, read performance, and usable capacity? (Select one!)
Explanation
RAID 10 (1+0) combines mirroring and striping, providing 50% capacity (6 TB from six 2 TB drives), excellent read performance through striping across multiple disks, excellent write performance compared to parity-based RAID, and fault tolerance for multiple disk failures (one per mirrored pair). RAID 6 provides more usable capacity (8 TB) and tolerates two disk failures but has slower write performance due to dual parity calculations. RAID 5 maximizes capacity (10 TB) but only tolerates one disk failure and has significantly degraded write performance due to parity calculations. RAID 0 provides maximum capacity and best performance but offers zero fault tolerance, violating the high fault tolerance requirement.
3. A statistics team analyzes employee salary data from a technology company with 200 employees. The dataset shows that most salaries cluster around 75,000 USD with normal distribution, but three executive salaries of 500,000 USD, 550,000 USD, and 600,000 USD significantly exceed others. The team must select the most appropriate measure of central tendency to represent typical employee salary. Which measure should they use and why? (Select one!)
Explanation
Median is the most appropriate measure for skewed data with outliers because it represents the middle value when data is sorted, remaining unaffected by extreme values like executive salaries. In this dataset, median accurately represents typical employee salary without distortion from the three executive outliers. Mean is sensitive to outliers and would be pulled upward by the high executive salaries, misrepresenting typical employee compensation. Mode identifies the most frequent value but may not be meaningful for continuous salary data where exact duplicates are unlikely. Weighted average requires defined weights for different categories, which is not described in the scenario and would not address the outlier problem.
4. A database developer writes a SQL query to retrieve customer orders with product details from multiple tables. The query must return all orders, including orders that do not have associated product information yet. Which SQL join type should be used? (Select one!)
Explanation
LEFT JOIN returns all rows from the left table and matching rows from the right table, with NULL values for right table columns when no match exists. If the orders table is on the left and products table is on the right, LEFT JOIN ensures every order appears in results even when product information is missing. This satisfies the requirement to return all orders including those without associated product details. INNER JOIN only returns rows where matching records exist in both tables, excluding orders without product information. RIGHT JOIN returns all rows from the right table and matching rows from the left table, which would be appropriate if the query structure were reversed but does not match the stated requirement of returning all orders. FULL OUTER JOIN returns all rows from both tables with NULLs where matches do not exist, providing more data than required and potentially including products without orders. The choice between LEFT and RIGHT JOIN depends on table order in the query, but LEFT JOIN is most commonly used when the primary table is listed first and complete results from that table are required regardless of matching foreign key relationships.
5. A manufacturing company implements Test-Driven Development (TDD) methodology for developing an inventory management system. A developer needs to implement a function that calculates reorder quantities based on current stock levels, minimum thresholds, and lead time demand. Following TDD principles, which sequence of steps should the developer follow? (Select one!)
Explanation
Writing a failing unit test first that specifies the expected behavior, then writing minimal code to make the test pass, then refactoring while keeping tests passing is correct because this follows the Red-Green-Refactor cycle that defines Test-Driven Development. The Red phase creates a failing test that defines desired functionality. The Green phase implements just enough code to pass the test. The Refactor phase improves code quality while maintaining passing tests. This approach ensures tests drive design decisions and provides immediate feedback. Writing implementation before tests contradicts the fundamental TDD principle of tests driving development and results in tests being written to match existing code rather than specifying requirements. Writing documentation first addresses a different concern and is not part of the TDD cycle. Designing database schema first represents a traditional waterfall approach rather than the iterative, test-first approach of TDD where design emerges from the requirements expressed in tests.
Certified Information Security Manager (CISM)
CISM · 1196 questions
Certified Information Systems Auditor (CISA)
CISA · 895 questions
Certified in Risk and Information Systems Control (CRISC)
CRISC · 761 questions
Certified Data Privacy Solutions Engineer (CDPSE)
CDPSE · 749 questions
IoT Fundamentals Certificate
IoT-Fund · 630 questions
IT Audit Fundamentals Certificate
IT-Audit-Fund · 627 questions
$17.99
One-time access to this exam