The rapid expansion of digital technologies has heightened exposure to cyber threats, underscoring the urgent need for comprehensive cyber security literacy. This study develops and validates a questionnaire designed to assess three critical domains of cyber security literacy: knowledge, critical thinking, and skills. A survey was administered to 60 higher education students, and the instrument underwent rigorous psychometric evaluation. Reliability testing showed strong internal consistency (Cronbach’s α = 0.815 for knowledge, 0.714 for critical thinking, and 0.956 for skills) and high test–retest stability (0.945 and 0.970 for knowledge and critical thinking, respectively). Item analysis revealed that while most items demonstrated satisfactory difficulty, discrimination, and item–total correlations, a few required refinements. Validity testing confirmed strong construct and convergent validity, with high inter-domain correlations (r = 0.849 between knowledge and critical thinking, r = 0.769 between knowledge and skills, and r = 0.654 between critical thinking and skills). These results indicate that the questionnaire is a reliable and valid tool for measuring cyber security literacy in educational contexts. The study highlights its utility for identifying learners’ strengths and weaknesses, informing curriculum development, and guiding future interventions. Recommendations are provided for item improvement and validation across broader populations to strengthen its generalizability..