This question tests understanding of safe computing principles as discussed in AP Computer Science Principles, focusing on their practical and ethical implications. Safe computing encompasses practices like verifying senders, using password managers, and understanding security threats to protect data integrity and privacy. The passage provides examples such as phishing messages that imitate banks to steal passwords, illustrating how attackers exploit trust to compromise security. Choice A is correct because it accurately captures how phishing impacts data security by showing that fake bank messages can trick users into revealing passwords, leading to account compromise - directly reflecting the passage's description of phishing. Choice B is incorrect because it contradicts the passage's implication that phishing affects individual users, not just large companies, a common error when students underestimate personal security risks. To help students: Focus on identifying specific security threats and their mechanisms. Encourage analyzing real-world examples of attacks and their consequences. Practice recognizing social engineering tactics. Watch for: underestimating personal vulnerability, misunderstanding attack methods, assuming security is only a corporate concern.

This question tests understanding of safe computing principles as discussed in AP Computer Science Principles, focusing on their practical and ethical implications. Safe computing encompasses practices like using unique passwords for different accounts to prevent cascading security failures when breaches occur. The passage mentions the 2018 Marriott breach which exposed personal details and increased fraud risk, illustrating why password compartmentalization is crucial. Choice A is correct because it accurately captures the purpose of using unique passwords - ensuring that a breach of one site does not automatically compromise accounts on other sites, which directly addresses the security principle of limiting damage from individual breaches. Choice B is incorrect because it suggests storing passwords in plain text on shared computers is safe, which contradicts fundamental security practices, a common error when students misunderstand that unique passwords alone don't eliminate all security requirements. To help students: Focus on understanding defense-in-depth strategies. Encourage analyzing how password reuse creates vulnerability chains. Practice recognizing the importance of password management tools. Watch for: assuming one security measure eliminates the need for others, misunderstanding password storage best practices, underestimating breach impacts.

This question tests understanding of safe computing principles as discussed in AP Computer Science Principles, focusing on their practical and ethical implications. Safe computing encompasses recognizing social engineering tactics, which the passage defines as manipulation that pressures quick decisions, a critical skill for protecting against human-targeted attacks. The passage emphasizes how social engineering relates to security concerns like phishing calls that request verification codes, showing how attackers exploit human psychology rather than technical vulnerabilities. Choice A is correct because it accurately captures the role of recognizing social engineering in enhancing cybersecurity by helping users resist pressure tactics, thereby reducing the chance they disclose passwords or codes - directly addressing the manipulation tactics described in the passage. Choice B is incorrect because it claims recognizing social engineering eliminates the need for device updates, misunderstanding that social and technical security measures serve different purposes, a common error when students compartmentalize security concepts. To help students: Focus on understanding how attackers exploit human psychology. Encourage analyzing pressure tactics and urgency in suspicious communications. Practice recognizing manipulation techniques across different contexts. Watch for: assuming technical measures alone provide complete security, misunderstanding the human element in security, underestimating social engineering risks.

This question tests understanding of safe computing principles as discussed in AP Computer Science Principles, focusing on their practical and ethical implications. Safe computing encompasses practices like logging out on shared devices, using screen locks, and verifying app sources to protect data integrity and privacy in shared environments. The passage emphasizes both personal security measures and ethical considerations when using shared resources, noting how the 2012 LinkedIn breach led to password reuse attacks. Choice B is correct because it accurately captures safe computing practices by combining two key principles from the passage - installing apps only from trusted sources (addressing malware concerns) and logging out when using public devices (addressing privacy concerns on shared computers). Choice A is incorrect because leaving accounts signed in on shared computers directly contradicts the passage's emphasis on logging out to protect privacy, a common error when students prioritize convenience over security in shared environments. To help students: Focus on identifying comprehensive security practices for different contexts. Encourage analyzing risks specific to shared computing environments. Practice recognizing the importance of both software security and user behavior. Watch for: prioritizing convenience in shared spaces, misunderstanding multi-user security risks, assuming trust eliminates security needs.

This question tests understanding of safe computing principles as discussed in AP Computer Science Principles, focusing on their practical and ethical implications. Safe computing encompasses understanding various security threats including ransomware, which the passage defines as a type of malware that locks files until payment is made. The passage specifically references WannaCry's disruption and costly recovery efforts, illustrating the severe impact ransomware can have on both individuals and organizations. Choice A is correct because it accurately captures how ransomware impacts data security by showing that it locks files and pressures payment, disrupting access to essential personal data - directly reflecting the passage's description of ransomware as malware that locks files until payment. Choice D is incorrect because it mischaracterizes ransomware as strengthening privacy through free encryption, completely misunderstanding that ransomware is a malicious attack, a common error when students confuse legitimate encryption with malicious file locking. To help students: Focus on understanding different types of malware and their impacts. Encourage analyzing the difference between protective encryption and malicious file locking. Practice recognizing the financial and operational impacts of security breaches. Watch for: confusing security features with attacks, misunderstanding malware purposes, underestimating ransomware impacts.

This question tests understanding of safe computing principles as discussed in AP Computer Science Principles, focusing on their practical and ethical implications. Safe computing encompasses understanding privacy risks, including how oversharing personal information can lead to serious consequences like identity theft and stalking. The passage specifically mentions fitness apps sharing location patterns that reveal home addresses as a privacy concern, illustrating how seemingly innocent data can be exploited. Choice A is correct because it accurately captures how oversharing impacts privacy by explaining that location patterns can reveal routines, making identity theft and stalking easier - directly reflecting the passage's example of fitness apps exposing home addresses through location data. Choice B is incorrect because it suggests oversharing only matters for celebrities, contradicting the passage's focus on everyday users, a common error when students underestimate their own privacy risks. To help students: Focus on identifying how personal data can be aggregated and misused. Encourage analyzing seemingly harmless information sharing. Practice recognizing privacy implications of location and routine data. Watch for: underestimating personal vulnerability, misunderstanding data aggregation risks, assuming privacy only matters for high-profile individuals.

This question tests understanding of safe computing principles as discussed in AP Computer Science Principles, focusing on their practical and ethical implications. Safe computing requires continuous maintenance including patching, which the passage defines as 'installing updates that fix known flaws.' The passage demonstrates how an unpatched server was exploited, leading to production stoppage and significant business impact, illustrating why timely patching is critical. Choice A is correct because it accurately describes how patching fixes known weaknesses in software, reducing the chance attackers exploit outdated systems, which directly addresses the vulnerability that led to the breach where 'an unpatched server is exploited.' Choice C is incorrect because it makes unrealistic guarantees about production continuity and ignores that patching addresses software vulnerabilities, not user configuration errors, demonstrating a common misconception about the scope of security measures. To help students: Focus on understanding the purpose and limitations of each security measure. Encourage analyzing how vulnerabilities are discovered and fixed through the patching process. Practice distinguishing between different types of security controls and their specific purposes. Watch for: making absolute claims about security, confusing different security measures' functions, missing the ongoing nature of security maintenance.

This question tests understanding of safe computing principles as discussed in AP Computer Science Principles, focusing on their practical and ethical implications. Safe computing encompasses ethical responsibilities to protect user data beyond mere compliance, considering the real harm that can result from data breaches. The passage emphasizes how unencrypted backups with public links led to reputational damage and customer complaints, illustrating the importance of proactive security measures. Choice A is correct because it demonstrates ethical computing by showing leaders encrypting backups and restricting links to prevent foreseeable customer harm, even if it causes minor inconvenience, which aligns with the passage's emphasis on ethical implications including preventing foreseeable harm. Choice B is incorrect because it shows negligence and disregard for customer privacy, directly contradicting the ethical principle of protecting customer data from unnecessary exposure mentioned in the passage. To help students: Focus on identifying ethical responsibilities beyond legal requirements. Encourage analyzing the balance between convenience and security. Practice recognizing how technical decisions have ethical implications. Watch for: confusing legal compliance with ethical responsibility, missing the human impact of security decisions, overlooking preventable vulnerabilities.

This question tests understanding of safe computing principles as discussed in AP Computer Science Principles, focusing on their practical and ethical implications. Safe computing encompasses authentication methods like two-factor authentication, which adds an extra layer of security beyond passwords. The passage provides the example of requiring 'a password plus a second check, such as a code' to illustrate how two-factor authentication works in protecting patient data. Choice A is correct because it accurately describes how two-factor authentication adds a second verification step, reducing harm when a password is guessed or stolen, which directly addresses the vulnerability exploited in the breach where attackers guessed a simple, reused password. Choice B is incorrect because it confuses two-factor authentication with encryption - authentication controls access while encryption scrambles data, and the passage clearly distinguishes these as separate security measures. To help students: Focus on understanding different security layers and their specific purposes. Encourage students to identify how each security measure addresses different vulnerabilities. Practice distinguishing between authentication (verifying identity) and encryption (protecting data). Watch for: confusing different security technologies, misunderstanding how security measures complement rather than replace each other, overlooking the specific vulnerability each measure addresses.

This question tests understanding of safe computing principles as discussed in AP Computer Science Principles, focusing on their practical and ethical implications. Safe computing includes defensive measures like rate limiting, which the passage defines as 'the system slows repeated login attempts to deter guessing.' The passage shows how attackers exploited weak passwords through repeated guessing, demonstrating why rate limiting is an important defense against brute force attacks. Choice A is correct because it accurately describes how rate limiting slows repeated login attempts, making password guessing harder and reducing account takeover risk, which directly addresses the attack method used in the breach where 'attackers repeatedly guess weak patron passwords.' Choice C is incorrect because it claims rate limiting increases guessing speed to help users, which is the opposite of its actual purpose and would make systems more vulnerable to the exact attack described in the passage. To help students: Focus on understanding how technical controls defend against specific attack methods. Encourage analyzing the relationship between attack techniques and defensive measures. Practice identifying how security measures balance usability with protection. Watch for: misunderstanding security measures as helping attackers, confusing the purpose of defensive controls, missing the connection between vulnerabilities and countermeasures.