AP Cybersecurity Study Guide & Review
Get ready for AP Cybersecurity with study guides, all 5 unit breakdowns, practice questions, key terms, and Device Security Analysis FRQ practice. Use these AP Cybersecurity resources to connect threats, vulnerabilities, mitigations, networks, devices, and defense-in-depth reasoning for the exam.
AP Cybersecurity at a glance
AP Cybersecurity is a yearlong course where you apply defense-in-depth thinking to protect physical spaces, networks, devices, and data by connecting real vulnerabilities to the attacks that exploit them and the mitigations that stop them.
Not sure where to start?
Start with the overview
Get the big picture: what AP Cybersecurity covers, how it is scored, and how the units connect.
read the overviewTake a diagnostic
Answer a quick mix of questions to see which units need the most review.
start a diagnosticJump into a unit
Open the unit you are studying now and review its guides, practice, and key terms.
browse all 5 unitsWhat is AP Cybersecurity?
AP Cybersecurity, often searched as AP Cyber, is a yearlong course that teaches you how to protect digital and physical systems from real threats. You work through 5 units that move from broad security concepts into specific domains: physical spaces, networks, devices, and applications and data. Throughout the course, you practice adversarial thinking by connecting each vulnerability to the attack that exploits it and the mitigation or detection method that stops it.
The course is built around three skill categories: analyzing risk, mitigating risk, and detecting attacks. You learn to read log files, configure firewalls and access controls, apply cryptography, and cite evidence to support your reasoning. It is designed as the equivalent of a one-semester college introduction to cybersecurity, with no required prerequisites, so motivation and steady effort carry you further than prior technical experience.
What students review in AP Cybersecurity
Recognize social engineering, weak authentication, and public Wi-Fi risks
Identify physical vulnerabilities and select controls to secure spaces
Configure firewalls and network segmentation to manage traffic
Analyze authentication and access logs for indicators of compromise
Apply symmetric and asymmetric cryptography to protect data
Set access controls and mitigate attacks on applications and data
AP Cybersecurity units
Start with a unit overview, then use the linked topic guides to review the concepts that appear throughout class and exam practice.
What's This Unit All About?
Big ideas & exam guides
These guides collect important exam skills, big ideas, essay tasks, and other subject-specific resources.
Exam Guides
4 guides
How to study for AP Cybersecurity
Move through all 5 units in sequence so each domain builds on the last. For every topic, train yourself to spot the vulnerability, name the attack that exploits it, and choose the mitigation or detection method that responds. The multiple-choice section is scenario-driven and pulls technical artifacts like file-permission strings, firewall ACLs, phishing emails, and server logs, so get comfortable reading them. The one Device Security Analysis FRQ rewards evidence-based reasoning, so practice quoting specific sources and explaining how a configuration or permission change would affect users and traffic. Use key terms and practice questions to reinforce concepts, then close each unit with realistic scenario practice.
Week 1: Review Units 1 and 2, then practice spotting social engineering and physical vulnerabilities
Week 2: Study Unit 3 networks and practice firewall ACL and segmentation questions
Week 3: Study Unit 4 devices, authentication, and reading auth logs for indicators of compromise
Week 4: Study Unit 5 cryptography and access controls, then drill data and application scenarios
Week 5: Practice a full Device Security Analysis FRQ using multiple device sources and cite evidence
Week 6: Take a timed multiple-choice set across all units and review missed skill categories
AP Cybersecurity study tools
Frequently Asked Questions
Is AP Cybersecurity hard?
AP Cybersecurity is moderately challenging and rewards applied thinking over memorization. Across 5 units you analyze vulnerabilities, attacks, mitigations, and detection across physical spaces, networks, devices, and data. The pace is steady, and projects ask for both independent and team work. With no required prerequisites, curiosity and consistent unit-by-unit effort matter far more than prior technical background.
How do I start studying for AP Cybersecurity?
Start with Unit 1 and move through all 5 units in order, since later domains build on the foundations. For each topic, link a vulnerability to the attack that exploits it and the mitigation that stops it. Practice reading log files and configurations early, since the exam expects you to cite evidence. Mix multiple-choice review with scenario-based practice to build applied reasoning.
Which units are weighted most on the AP Cybersecurity exam?
The multiple-choice section draws from all 5 units, organized by three skill categories rather than by single dominant units. Analyze Risk, Mitigate Risk, and Detect Attacks each carry roughly 25 to 40 percent of the multiple-choice section. Because the skills span every unit, you cannot skip a domain. Focus on connecting attacks, mitigations, and detection evidence across physical, network, device, and data security.
How many FRQs are on the AP Cybersecurity exam?
The exam has 1 free-response question, a Device Security Analysis prompt worth 30 percent of your score with a suggested 50 minutes. You get several sources from one device, such as firewall settings, file permissions, authentication logs, and access logs. You identify security issues, detect evidence of attacks, and explain how configuration or permission changes affect the device, citing evidence throughout.
What is the Device Security Analysis FRQ on AP Cybersecurity?
Device Security Analysis gives you simulated sources from a single device, including security policies, firewall configurations, file-system permissions, and log files like auth.log and nginx access logs. You analyze them to spot security issues, detect attack evidence, and describe how permission or configuration changes would affect users and traffic. Always cite specific evidence and explain your reasoning to earn full credit.