Knowledge Tests

MCSI Knowledge Test

KART - Attacks, Risks and Threats

The cyber world is a dynamic and ever-changing environment, making it challenging to safeguard against cyber dangers, risks, and attacks. Individuals, businesses, and governments must all have a thorough grasp of these dangers in order to protect themselves and limit the risks.

Organized crime groups, state-sponsored entities, and lone hackers are all potential sources of cyber threats. Threats can be motivated by a variety of factors, including financial gain or reputation for some, and political or ideological ideals for others.

Organizations can use the risk management process to identify, assess, and respond to cyber threats. The purpose of risk management is to protect an organization's data and ICT systems while yet allowing it to operate.

This course starts with a basic training that covers all of the essential ideas before putting your knowledge to the test with a multiple-choice question.

MCSI's KART accreditation is an invaluable tool for any individual. The certification indicates mastery of the key knowledge needed for success in the field of information security. Employers recognize the KART certification, making it a valuable addition to any résumé. The qualification can help a person stand out from the crowd and open doors to greater job prospects.

Register Now
Intermediate Level MCSI Certification Beginner
ic-certificate Knowledge Test
cpe-points 20
ic-money 100
No Expiry, No Renewals, Training Included

Exam Overview

What is assessed?

The following subjects will be covered and assessed:

  • Attacks and Threats: Attacks that can be carried out against computer networks. Everything is covered, including malware and phishing attacks.
  • Risk Management: The process of reducing the probability and consequences of unacceptable events.
  • Security Tools: Software that helps protect a computer or network from unauthorized access or attack.
  • Cyber Operations: Teams and procedures responsible for defending organizations and responding to incidents.
  • Network Security: The process of securing a computer network from unauthorized access and use.

Exam Format and Delivery

This is a multiple-choice-question examination (MCQ). You take the exam in your browser using MCSI's Online Learning Platform. To pass, you must obtain a 90 percent pass rate.

Designed for beginners

This exam is for persons who have one or two years of work experience or a bachelor's degree in information security. It is also applicable to self-taught individuals.

The benefits of MCQ exams

It's been scientifically proven that taking an MCQ test improves the retention of the information being tested. Furthermore, taking a test has been shown to improve the retention of non-tested information if it is related to the tested material in a specific way.

All of our students are encouraged to take our Knowledge Tests to reinforce existing cybersecurity knowledge or learn knowledge that will help them advance in their jobs.

Certificate of Completion

If you pass this exam, you will earn a Certificate of Completion. This certificate can be added to your LinkedIn page as well as your resume.

Unlimited Attempts

Don't be concerned about failure. The main goal is to study and then concentrate on practical skills. These are the most crucial ones. As a result, using our Knowledge Tests, you can retake the exam as many times as necessary till you pass. The questions are designed to be challenging, and passing them is a rewarding experience. We also hope that allowing you to fail without repercussions will motivate you to try harder and not look for methods to cheat.

No exam renewal

This is not a phoney certification. We're not attempting to persuade you to renew it every few years, pay for an ongoing subscription, or purchase other products in order to maintain your CPEs. You pay once, pass your exam, and that's all with us. Your certificate is good for the rest of your life. Then, we recommend that you concentrate on more advanced, practical certificates. In this field, practical skills are the most vital.

You will show your knowledge

MCSI is a well-known and respected name in the field of cyber security education and training. Obtaining your MCSI certification will demonstrate your understanding of cyber security principles, technologies, and procedures, which will assist you in defending companies and individuals against threats.

  • Demonstrate your knowledge of cyber-attacks and threats

    Every year, cyber-attacks and threats become more widespread and complex. Individuals, corporations, and governments must be aware of these dangers and take actions to protect themselves now more than ever. Cyber-attacks can result in financial loss, data loss, and even death.


    Computer malware is a type of software that is created with the intent of harming or disabling computers. Viruses, ransomware, and spyware are examples of malware that can be installed mistakenly or maliciously. Malware has the ability to corrupt files, slow down computer performance, and steal data. It can also allow hackers to remotely access and control computer systems.


    Phishing is a sort of cyberattack in which an attacker impersonates a trustworthy entity in an electronic conversation in order to get sensitive information such as usernames, passwords, and credit card numbers. Phishing is most commonly done by email, however it can also be done via text messaging and social media platforms.


    A person-in-the-middle (PitM or MitM) attack is a type of computer security attack in which the attacker places themselves between two communicating parties in order to read, manipulate, or disrupt the conversation. This can be done for a variety of purposes, including monetary gain, espionage, or simply to cause mischief. In some circumstances, the attacker may even impersonate one of the communication parties to obtain access to information that they would not otherwise have access to.

    Zero-Day Exploit

    Zero-day exploits are security vulnerabilities that are unknown to the public and the vendor. These vulnerabilities are typically discovered by security researchers and are not fixed until a security patch is released. Because zero-day exploits are unknown, they can be used to attack systems without being detected.

    Denial-of-Service Attack

    A denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users. Attackers can use a number of methods to achieve this, such as flooding the target machine with requests so that it can't respond to legitimate traffic.

    SQL Injection

    A SQL injection vulnerability is a security hole that allows an attacker to inject malicious SQL code into an SQL statement, potentially resulting in the execution of the code by the database. This can allow the attacker to access and manipulate data, steal information, or even take complete control of the database. SQL injection vulnerabilities are a common security vulnerability, and are often exploited by attackers.

    Web Shell

    A web shell is a script that can be uploaded to a web server to provide an attacker with a remote command line interface. This can be used to execute commands on the server and to access the file system. Web shells are often used to upload and run malicious code, or to steal sensitive information. They can also be used to take control of the server and to launch a denial of service attack.

    Malicious Insider

    A malicious insider is an employee who intentionally harms their organization. They may steal or leak confidential information, sabotages systems, or even commit fraud. Malicious insiders can cause a great deal of damage, and are a serious threat to businesses.


    Ransomware is a type of malware that locks users out of their devices or encrypts their files and demands a ransom payment to unlock them. The ransomware can be delivered through a variety of means, including phishing emails, infected websites, or trojan horses. Once installed, the ransomware will typically display a message informing the user that their device has been locked or their files have been encrypted and demanding a ransom payment to unlock them.

    Data Spill

    A data spill is an inadvertent release of confidential or sensitive information. This can include, but is not limited to, the release of Personally Identifiable Information (PII), Protected Health Information (PHI), or credit card numbers. Data spills can occur in a number of ways, including but not limited to: emailing the wrong person, leaving documents in a public place, or uploading files to the wrong server. The consequences of a data spill can be significant, including fines, loss of customers, and damage to reputation. Data spills should be taken seriously and steps should be taken to prevent them from occurring.

    Identity Theft

    A crime in which someone acquires key pieces of personal information such as name, Social Security number, or credit card number, in order to impersonate another person. Identity theft can be committed in a variety of ways, including stealing mail, hacking into computer systems, or stealing personal information from the victim. The goal of identity theft is usually to gain access to the victim's finances or to obtain government benefits in the victim's name.

    Advanced Persistent Threat

    An Advanced Persistent Threat (APT) is a cyberattack that is carried out over a long period of time and is meant to achieve a specific goal, such as stealing confidential data. APTs are often conducted by state-sponsored actors or criminal organizations and can be very difficult to detect.

  • Show that you have an understanding of risk management techniques and strategies

    The process of discovering, assessing, and responding to information security risks is known as risk management. The risk of harm to an organization's information assets is known as information security risk. Risk management is critical for safeguarding an organization's data and ICT assets.

    Risk Management Process

    There are three steps in the risk management process: identification, assessment, and response. Identification is the process of identifying the information assets that need to be protected and the risks that threaten them. Assessment is the process of quantifying the potential damage that could be caused by a risk and determining the likelihood that it will occur. Response is the process of developing a plan to mitigate or eliminate the risks.

    Risk Register

    An information security risk register is a document that catalogues and tracks all known information security risks faced by an organization. It includes information on the nature of each risk, who is responsible for managing it, and how it is being mitigated. The register can be used to identify and prioritize risks, track progress in mitigating them, and ensure that risks are adequately managed.

    CIA Triad

    The CIA triad is a model for understanding information security that classifies information assets into three categories: confidentiality, integrity, and availability. Each category is important for protecting different types of data. Confidentiality protects the privacy of data, integrity protects the accuracy of data, and availability ensures that data is accessible when needed. The CIA triad is a fundamental principle in information security and is used to make decisions about how to protect information.

    Risk Rating

    Information security risk rating is the process of assessing and classifying the severity of risks to information assets. This is typically done by identifying the threats and vulnerabilities that could impact the confidentiality, integrity, or availability of those assets. Risks are then rated on a scale of low, medium, or high, depending on their severity.

    Organizations use risk ratings to help them make informed decisions about how to manage their information security risks. They can use this information to prioritize risks and determine which ones need to be addressed first. Risk ratings can also be used to measure the effectiveness of information security controls and strategies.

  • Affirm that you are familiar with the enterprise security tools that are used to protect systems and data

    An enterprise information security tool is a software application that helps organizations protect their computer networks and user data. These tools usually provide a variety of features, such as the ability to monitor network traffic, detect intrusions, and block access to certain websites. They can also help organizations manage passwords and user accounts, as well as encrypt sensitive data.

    Penetration Testing Tools

    Penetration testing tools are software applications used by security professionals to identify vulnerabilities in networks, systems, and applications. By identifying these vulnerabilities, organizations can determine the risk that an attacker could exploit them and take steps to mitigate that risk.

    There are a variety of penetration testing tools available, each with its own strengths and weaknesses. Some of the most popular tools include Nmap, Metasploit, and Kali Linux. Nmap is a versatile tool that can be used to scan for open ports and services on a target system. Kali is a Linux distribution that contains a large number of penetration testing tools.

    Anti-virus Software

    Anti-virus software is a type of computer program that is designed to protect your computer from viruses. A virus is a type of malware that can harm your computer by corrupting your data or by infecting your system files. Anti-virus software usually runs in the background of your computer and it will scan all of your files for signs of a virus. If it finds a virus, it will quarantine the file and notify you so that you can take action to remove the virus. Anti-virus software is essential for protecting your computer from malware and viruses.

    Endpoint Detection and Response

    Endpoint Detection and Response (EDR) is a term for software that monitors and defends endpoint devices, such as laptops, desktops, servers, and smartphones. EDR software is designed to detect malicious activity on devices, including malware and ransomware, and to respond to incidents. Some EDR software also includes features that allow administrators to investigate incidents, gather forensics data, and generate reports.


    Security information and event management (SIEM) is a term for the practice of collecting, storing, analyzing, and reporting on security alerts and events from multiple sources. SIEM is used to identify potential threats to an organization's computer systems and to help manage security risks. The collected data can be used to create reports that help identify trends and potential vulnerabilities. SIEM tools can also be used to help administrators respond to security incidents.


    Proxy servers are used to protect networks and users from potentially harmful content on the internet. They work by acting as a filter between the user and the internet. This means that any requests made by the user are first sent through the proxy server, which then decides whether or not to allow the request to be fulfilled. This can help to protect users from inappropriate or dangerous content, as well as from data theft and other online threats. Proxy servers can also be used to improve performance, by caching content and reducing the amount of data that needs to be downloaded each time a user accesses a website.

    Secure Operating Environment

    Secure Operating Environment (SOE) is a security-enhanced environment in which users with proper clearance privileges can run their applications. The SOE provides controlled access to the network and its resources, using firewalls, intrusion detection/prevention systems, and other security measures. It isolates user applications and data from the underlying operating system, preventing unauthorized access and malware infection.

    Vulnerability Scanner

    A vulnerability scanner is a type of security software that is used to identify security vulnerabilities in computer systems or networks. These scanners work by scanning systems for known vulnerabilities, and then reporting them to the user. Vulnerability scanners can be used to find security holes in systems that could be exploited by hackers, and can help administrators secure their systems against attack.

  • Demonstrate that you are familiar with the various cybersecurity operations groups

    The goal of Security Operations is to protect an organization's systems and data from unauthorized access, destruction, or theft. Security Operations teams use a variety of tools and techniques to achieve this goal, including firewalls, intrusion detection and prevention systems, anti-virus software, and user authentication mechanisms. They also work closely with other parts of the organization, such as Information Technology (IT) and Human Resources (HR), to ensure that security policies and procedures are implemented and followed.

    Cybersecurity Operations Center

    A cybersecurity operations center, or CSOC, is a facility where cyber security experts work together to protect an organization's computer networks and systems. CSOCs monitor networks for signs of attack, investigate incidents, and work to prevent future breaches. They use a variety of tools and techniques to detect and respond to cyber threats, including automated systems, threat intelligence, and human analysts. CSOCs play a critical role in protecting organizations from cybercrime and other online threats.

    Incident Response Team

    An Incident Response Team (IRT) is a group of individuals who respond to computer security incidents. The team is typically composed of experts in computer security, law enforcement, and forensics. The goal of the IRT is to minimize the damage caused by the incident, and to investigate and prosecute the perpetrators.

    Red Team

    A Red Team is a group of experts that is used to test the security of an organization. They are typically brought in to test the organization's defenses and find any potential vulnerabilities. Red Teams are also used to test the response of the organization to a security incident.

    Threat Hunting Team

    The Threat Hunting Team is responsible for the identification and eradication of cyber threats on the network. They use a variety of methods, including advanced analytics and manual review, to find and remove malicious actors from the network. The Threat Hunting Team is an important part of the organization's cybersecurity strategy, and their work helps to protect the network and its users from cyber threats.

    Infrastructure Security Team

    The Infrastructure Security team is responsible for ensuring the security of the company's computer networks and systems. They work closely with the IT department to maintain security posture and protect the company's infrastructure from online threats. The Infrastructure Security team uses a variety of tools and techniques to secure the network, including firewalls, intrusion detection systems, and antivirus software.

Sample Questions

The images below illustrate examples of questions that could appear in the exam. Please note that none of the finest questions will be released. These samples should, however, give you an indication of what to expect.

What does SIEM stand for?


What is Continuous Security Monitoring?


What is Ransomware?


Career Outcomes

This exam is designed for people who want to work in the following roles:

  • Junior Security Analyst
  • Junior IT Auditor
  • System Administrator
Certification Detail

The MCSI Knowledge Tests are highly respected and sought-after credentials in the industry. Earning an MCSI Knowledge Certificate acknowledges your dedication to excellence and demonstrates your knowledge. The examinations are challenging and cover a broad range of cybersecurity subjects. Passing the examinations is a huge step forwards in your career, and it opens you a lot of doors.

The certificates are valid indefinitely and do not require any renewal fees.


Training Modules

This certification includes training exercises to help you prepare for the exam. There's no need to pay extra for a study book, workbook, or pre-recorded lectures. It's also unnecessary to join a study group.

  • KART-001: Attacks and Threats - 10 exercises
  • KART-002: Risk Management - 11 exercises
  • KART-003: Security Tools - 5 exercises
  • KART-004: Cyber Operations - 8 exercises
  • KART-005: Network Security - 5 exercises

Our Instructors

Student exercises are reviewed and graded by multiple instructors. This one-of-a-kind approach allows you to get highly personalized input from a number of successful professionals.

MCSI's teachers bring real-world experience and knowledge to the classroom, ensuring that students have the skills they need to excel in the field of information security. Due to their extensive experience in penetration testing, vulnerability assessment, reverse engineering, incident response, digital forensics, and exploit development, students will understand the most up-to-date defensive and offensive cybersecurity strategies and procedures.

Our instructors are passionate about information security and are always looking to further their own knowledge. Students who attend an MCSI course can be confident that they are learning from some of the best in the business. They can adapt their teaching approaches to match the demands of any student, regardless of their degree of expertise.

The MCSI team strives to provide the most comprehensive and up-to-date cybersecurity training available. Whether you are a seasoned security professional or new to the field, MCSI has a course that will meet your needs.

Receive personalized feedback from cybersecurity experts:

  • Overcome challenges and hurdles preventing you from advancing your skills
  • Receive guidance on how to focus your training efforts and avoid wasting time
  • Learn how to meet the industry's quality standards and produce high-quality work
  • When you're stuck, go to a support forum or ask inquiries to the instructors right on the platform


Browser Requirement

This exam can be completed using a regular laptop and browser. The following browsers are supported by us:

  • Chromium (Chrome, Edge Insider)
  • Edge
  • Firefox
  • Safari 10+

Proficiency in the English language

You must have the ability to comfortably read and understand IT documentation written in English. Ideally, they have an IELTS score of 6.5 with no band less than 6 (or equivalent).

Note: You can register for this course without having undertaken an English test.

Why MCSI's KART Examination is World Class

why MCSI

Comprehensive, Effective, Exceeds Standards

The KART exam is an extraordinarily thorough assessment of a person's fundamental knowledge in the field of information security. It tests an individual's ability to think critically and solve problems by covering a wide range of topics, from security basics to incident response.

why MCSI

Recognized Industry Knowledge

The questions are based on current industry technology and trends, and they provide an accurate assessment of a candidate's ability to apply their knowledge in a practical setting. Furthermore, KART is updated on a regular basis to reflect changes in the industry. Candidates are examined on the most up-to-date material, making them better prepared to operate in today's ever-changing environment.

why MCSI

Vital Stepping Stone

KART is a great resource for those who want to sharpen up on their information security knowledge. The exam is designed to assess knowledge and comprehension of essential information security principles. Bypassing the KART exam, students will be unprepared for more advanced training and their professional growth would be stunted. For students interested in pursuing a career in information security, the KART exam is a vital step in the right direction.

Enrollment and Fees


$100 (+ GST if you're based in Australia).

Practical exercises must be completed online using MCSI's Online Learning Platform.

How to enrol

  • Step 1 - Login/Register for MCSI's Online Learning Platform
  • Step 2 - Click `Shop` from the left-side menu
  • Step 3 - Find the course, select `Buy` and proceed through the checkout process.

You can purchase the training using a Credit Card or PayPal. The training is immediately available.

Terms and Conditions

  • No discounts
  • No refunds
  • No transfers
  • No renewal fees
  • No hidden fees
  • No time limits

How does MCSI Compare?

If you are looking for a certification that will give you an edge in the job market, look no further than MCSI certifications. Thanks to our innovative approach, cybersecurity training is more affordable and effective than traditional methods.

MCSI Cert C Cert I Cert G
Cost 100 $350+ $600+ $800+
Extra cost for training materials No Yes Yes Yes
Extra cost for exam retakes No Yes Yes Yes
Renewal Fees No Yes Yes Yes
Certification Expires No Yes Yes Yes
Free trial Yes No No No
Access to instructors for free Yes No No No

Our pricing is more affordable than our competitors because we have reinvented how cyber training is done online. Our innovative Online Learning Platform is highly effective at teaching cyber security. The platform provides a more engaging and interactive learning experience than traditional methods, which helps students learn and retain skills better. Try the free version and see for yourself.

Enroll now with lifetime access for $100

Bloom's Taxonomy

Bloom's Taxonomy is a system for categorizing distinct stages of intellectual growth. It is used in education to assist students comprehend and learn material more effectively. MCSI teaches students how to apply, analyze, evaluate, and create at the highest levels of the taxonomy. The majority of our competitors are simply concerned with getting you to remember concepts.

The intellectual developments outlined in Bloom's Taxonomy are directly tied to your capacity to advance in your cyber security career. Employers look for people who can solve challenges that are worth paying for. With us, you'll learn practical skills that are in demand and applicable to a wide range of cyber occupations.

Industry Recognized Skills

MCSI credentials are well-respected around the world, and organisations searching for people with real cyber security abilities seek them out. Obtaining an MCSI certification verifies your understanding of critical cyber security topics as well as your ability to provide real-world results.

The ability of MCSI's training programme to give students with real-world, hands-on experience is unrivalled. Students must conduct their own research and develop their own answers in order to complete our practical exercises, which are meant to give them the skills they need to be successful in the field.

With MCSI, you will build a comprehensive cybersecurity portfolio of your skills as you complete exercises. This portfolio is a powerful tool for displaying your cybersecurity knowledge and abilities. A portfolio, as opposed to typical resumes and paper-based credentials, presents a more thorough summary of your skills and accomplishments.

Students Feedback

Here's what students say about the MCSI Method™ and our Online Learning Platform:

Student Testimonials

Information Security Professionals made a median salary of $103,590 in 2020. Cybersecurity roles are regularly ranked #1 jobs in the United States.

If you are looking to increase your earning potential, this course will put you on track for jobs that offer a salary of $75,000 to $150,000 per year. Why spend tens of thousands of dollars on degrees or theoretical certifications when you can develop in-demand practical skills in a shorter amount of time?

Enroll now with lifetime access for $100

Frequently Asked Questions

Is it possible to cheat on MCQ exams?

On MCQ exams, there is no doubt that cheating is possible. In truth, most industry certifications are frequently compromised by fraud, in which students pay third parties to take their exams on their behalf. If that isn't the case, these tests allow you to bring your study book with you to the exam. That should make you ask how the industry continues to support these vendors that charge thousands of dollars for low-quality knowledge testing...

Click here to see how people cheat.

We make no attempt to prevent cheating on our Knowledge Tests. Our goal is to charge a small price so that you may validate your knowledge and confidently advance your career. Practical skills are what really count in cybersecurity. To work in this field, remembering concepts, terminology, and ideas isn't enough. So, if you want to cheat, go ahead. It will come back to bite you later when you find yourself in a situation where you are unable to accomplish the job you were recruited to do and your reputation suffers as a result.

Common Questions

  • Do you offer any special offers and discounts?

    We understand that many of our customers may be looking for discounts, and we would love to be able to offer them. However, we do not provide discounts because we believe that our prices are fair and reasonable. We work hard to keep our prices low, and we feel that discounts would be unfair to our other customers. We hope you understand.

  • If I can't solve the exercise where do I go for help?
  • Who reviews and marks exercises?
    • Trained cyber security instructors that work for Mossé Cyber Security Institute.
    • MCSI instructors are highly qualified and experienced professionals who are able to teach a variety of topics related to information security. They have the ability to tailor their teaching methods to meet the needs of each student, regardless of their experience level. In addition, they are always up-to-date on the latest trends and developments in information security, which enables them to provide students with the most relevant and current information.
  • We can't pay via credit card. Can you raise an invoice for international wire payment instead?
    • Yes. Send us the list of bundles and certifications you want to purchase at [email protected]
  • Can I access a trial/demo the certification programmes prior to enrolling?
    • We provide a free curriculum with 82 practical exercises you can try.
    • The Free Curriculum teaches Security Tools, Penetration Testing, Red Teaming, Threat Hunting, Cyber Defence, GRC and Windows Internals.
    • Try the Free Curriculum
  • Do you provide Continuing Professional Education (CPE) credits?

    Yes. This Knowledge Test earns you 20 CPEs.


We'll respond within 24 hours

Visit our Frequently Asked Questions (FAQ) page for answers to the most common questions we receive.

Ready to learn hands-on cyber security skills online?

Try 100 hours for free