Week 1: Introduction to Cybersecurity Tools & Cyber Attacks Quiz Answers Coursera
Question 1: Jeff Crume described 5 challenges in security today. Which three (3) of these are challenges because their numbers are increasing rapidly?
- Threats
- Available analysts
- Available time
- Needed knowledge
- Alerts
Question 2: About how many unfilled cybersecurity jobs are expected by the year 2022?
- 180,000
- 1.8 million
- 180 million
- There is expected to be a surplus of available skills by 2022.
What are We Talking about when We Talk about Cybersecurity? Quiz Answers Week 1 Coursera
Question 1: Which is the National Institute of Standards’ (NIST) definition of cybersecurity?
- The measures taken to protect governmental and military computer and weapons systems from unauthorized use, alteration, disruption or destruction.
- The protection of information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.
- The state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this.
Question 2: Which three (3) are components of the CIA Triad?
- Integrity
- Confidentiality
- Cyber
- Availability
- Access
- Information
Question 3: “A flaw, loophole, oversight, or error that can be exploited to violate system security policy.” Is the definition of which key cybersecurity term?
- Threat
- Exploit
- Vulnerability
- Risk
Question 4: “An event, natural or man-made, able to cause a negative impact to an organization.” Is the definition of which key cybersecurity term?
- Threat
- Vulnerability
- Exploit
- Risk
Question 5: Most cyber attacks come from which one (1) of the following sources?
- Natural factors, such as hurricanes, lightning and tornados.
- External threats, such as hackers, malware and viruses.
- Internal factors, such as current and former employees.
- Malicious events, such as an attack orchestrated by a foreign government.
Question 6: Vulnerabilities are weaknesses in a system that can be exploited. Which are the two (2) most common ways in which vulnerabilities are introduced to a system?
- Many vulnerabilities are introduced to a system by malware such as Trojan horses.
- Many systems are shipped with known and unknown security holes, such as insecure default settings.
- Many vulnerabilities occur as a result of misconfiguration by the system administrator.
- Many vulnerabilities are inherent in a systems operating system and cannot be patched, only monitored.
Question 7: Which security role would be responsible for conducting information security assessments for organizations, including analyzing events, alerts and alarms?
- Information Security Analyst
- Chief Information Security Officer
- Information Security Auditor
- Information Security Architect
From Ronald Reagan to Where we are Today Quiz Answers Week 1 Coursera
Question 1: Which American president first recognized the need for a national policy on cybersecurity?
- George W Bush
- Gerald Ford
- Ronald Reagan
- Barack Obama
Question 2: In addition to specific events, what other factor has led to an enhanced need for strong cybersecurity?
- Computing devices like PCs and smartphones are now used by a large majority of people.
- To save money, common operating systems have paid little attention to security and are easily hacked.
- Weapons systems are now fully automated and can be controlled remotely.
- There is nothing illegal about accessing any computer you wish, as long as you do not do harm.
Question 3: Between 2010 and 2016 the number of new software vulnerabilities discovered during this 7-year period was in what range?
- 1000 to 2000
- 50 to 100
- 35,000 to 40,000
- 7000 to 10,000
Question 4: An example of weaponizing a cybervulnerability is the use of the Stuxnet virus. Which attack by a government actor successfully used this virus?
- Stuxnet was used to steal an estimated $100M from various banks in the United States and the UK.
- Stuxnet was used by agents acting on behalf of the Russian government to hack Hillary Clinton’s email server.
- Stuxnet was used to disable uranium processing equipment in an Iranian nuclear facility.
- Stuxnet was used by Edward Snowden to hack US intelligence agency servers and download classified information about secret surveillance programs.
Cybersecurity Programs Quiz Answers Week 1 Coursera
Question 1: Which three (3) factors make cybersecurity far more difficult now that it was in the past when you only needed to protect the computer?
- Local nature of business
- Mobile technology – everyone has a smartphone
- Data protection – your data is everywhere
- Multiple different vendors, each supporting different technology and protocols
Question 2: Which aspect of a comprehensive approach to cybersecurity includes these items: classification, implementation steps, asset control and documentation?
- Security program
- Asset management
- Administrative controls
- Technical controls
Question 3: Which aspect of a comprehensive approach to cybersecurity includes these items: policies, procedures, standards, user education, incident response, disaster recovery, compliance and physical security?
- Security program
- Asset management
- Administrative controls
- Technical controls
Question 4: Which aspect of a comprehensive approach to cybersecurity includes these items: network infrastructure, endpoints, servers, identity management, vulnerability management, monitoring and logging?
- Security program
- Asset management
- Administrative controls
- Technical controls
Cybersecurity – A Security Architect’s Perspective Quiz Answers Week 1 Coursera
Question 1: Which three (3) security challenges face today’s organizations?
- Solutions can be attacked themselves
- Protection of enforcement structure can complicate solutions
- Protectors have to be right just once
- Security is not as simple as it seems
Question 2: In John’s example of friends and enemies, what is the name used to refer to the intruder?
- trudy
Question 3: Describe why comprehensive cybersecurity can be very complex to implement in reality.
- Priya
Question 4: Only the sender and intended receiver of a message can “understand” the message contents is an example of which basic security concept?
- Availability
- Integrity
- Confidentiality
- Authentication
Question 5: The sender and receiver of a message can positively identity each other’s identity is an example of which basic security concept?
- Authentication
- Availability
- Confidentiality
- Integrity
What is Critical Thinking? Quiz Answers Week 1 Coursera
Question 1: Which is the presenter, Kristin Dahl’s definition of Critical Thinking?
- Critical thinking is taking on the mindset of your opponent (the hacker for example) and trying to think like him/her.
- Critical thinking is the controlled, purposeful thinking directed toward a goal.
- Critical thinking is a mode the brain goes into during critical or emergency situations.
- Critical thinking involves always looking for the flaw or weakness in any given situation.
Question 2: The Critical Thinking Model presented places critical thinking at the overlap of which four (4) competencies?
- Interpersonal skills and competencies.
- Technical skills and competencies.
- Technical and experimental knowledge, intellectual skills and competencies.
- Critical thinking characteristics (attitudes & behaviors).
- The ability to place yourself in the mindset of an adversary or attacker.
- The strength necessary to be critical of others who are advocating unsafe practices.
Question 3: Put yourself in others’ shoes – reframe the problem is an example of which of the 5 Key Skills of Critical Thinking?
- Understand Context
- Identify Key Drivers
- Challenge Assumptions
- Consider Alternatives
Quiz: History of Cybersecurity Quiz Answers Week 1 Coursera
Question 1: What was shown in the movie War Games that concerned President Reagan?
- The movie gave an accurate portayal of the Iran-Contra scandle that could have only come from inside sources.
- US Army gererals did not know how to use the advanced weapons systems they were responsable for.
- KGB agents from the USSR were able to hack into Pentagon computer systems and steal plans for advanced US weapons.
- A teenager hacked into a Pentagon computer that was capable of launching nuclear weapons.
Question 2: In addition to the movie War Games, what other event made the need for advanced cybersecurity apparent?
- Confirmed reports of Al Qaeda operatives hacking the E-mail servers of US Government agencies.
- The failed Bay of Pigs invasion.
- 9/11
- The attack against the USS Cole while it was in port in Yeman.
Question 3: What were the three (3) main cybersecurity concerns arising from the 9/11 attacks?
- Could this happen again?
- How did this happen?
- Could an attack like this happen in the virtual world too?
- Who wrote the malware that took control of the 4 airplanes navigation systems?
Question 4: According to a Forbes Magazine study, the annual cost of cybercrime in the United States alone has reached how much?
- $100M
- $1B
- $10B
- $100B
Question 5: Who are Alice, Bob and Trudy?
- They are fictional characters used to illustrate how cryptography works.
- They are the founders of modern cryptography.
- They are the pseudonyms (false names) used by members of the hacktivist group Anonymous.
- They were members of British Navel Intelligence who did pioneering work in secure communications that later became known as cryptography.
Question 6: Which of the following is considered a legitimate challenge to implementing a comprehensive cybersecurity solution?
- Security practices are viewed as being “in the way”.
- Security architectures require constant effort.
- Security is often an after-thought; something that is added at the end of a project rather than baked into the project from the start.
- All of the above
Question 7: Jeff Crume described five challenges in security today. Which two (2) of these are challenges because their numbers are decreasing?
- Available analysts
- Needed knowledge
- Available time
- Threats
- Alerts
Question 8: “A defined way to breach the security of an IT system through a vulnerability” is the definition of which key cybersecurity term?
- Vulnerability
- Risk
- Threat
- Exploit
Question 9: “A situation involving exposure to a danger.” Is the definition of which key cybersecurity term?
- Exploit
- Threat
- Vulnerability
- Risk
Question 10: Which aspect of a comprehensive approach to cybersecurity includes these items: evaluate, create teams, establish baselines, identify and model threats, identify use cases, identify risks, establish monitoring and control requirements?
- Asset management
- Administrative controls
- Security program
- Technical controls
Question 11: According to a 2018 report by Domo, over what period of time do the following things occur: 49,380 videos are uploaded to Instagram, 25,000 gifs are sent on Facebook Messenger, 4.2 million videos are viewed on Snapchat and 473,400 tweets are sent on Twitter?
- Every 1 second
- Every 1 minute
- Every 1 hour
- Every 1 day
- Every 1 month
- Every 1 year
Question 12: In the examples using Bob, Alice and Trudy, what aspect of cybersecurity is being illustrated?
- The availability of communication that needs to be shared between the 3 friends.
- The complexity of communication between people who use different protocols.
- The positioning of firewalls that assure the integrity of communication between the 3 friends.
- The security of communication between Alice and Bob that risks interception by Trudy.
Question 13: Alice sends an unencrypted message to Bob but it is intercepted by Trudy. Trudy reads the message but does not in any way interfere with its content or delivery. Which precept of the CIA Triad would have been violated?
- Confidentiality
- Integrity
- Availability
- All of the above.
Question 14: Alice sends an encrypted message to Bob but it is intercepted by Trudy. Trudy cannot read it so, in anger, she deletes it without allowing its delivery to Bob. Which precept of the CIA Triad would have been violated?
- Confidentiality
- Integrity
- Availability
- All of the above
Question 15: Alice sends an encrypted message to Bob but it is intercepted by Trudy. Trudy cannot read it but forwards it on to Bob from an anonymous address she controls. Which precept of the CIA Triad would have been violated?
- Confidentiality
- Integrity
- Availability
- All of the above
Question 16: A major metropolitan police department gets a warrant from a judge to hack into the computer of a suspected crime boss. A skilled penetration tester working for the department conducts the hack and retrieves incriminating evidence. What color hat does this officer wear?
- A White Hat
- A Black Hat
- A Gray Hat
Question 17: Which three (3) are resources that are available to help guide penetration testing efforts by cybersecurity specialists?
- NIST SP 800-42 Guidelines on Network Security Testing.
- Health Information Portability and Accountability Act (HIPAA)
- Federal Financial Institutions Examination Council (EFIEC) Information Technology Examination.
- Open Source Security Testing Methodology Manual (OSSTMM).
Question 18: According to the Vulnerability Assessment Methodology, Vulnerabilities are determined by which 2 factors?
- Exposure and Sensitivity
- Identify Indicators and Exposure
- Sensitivity and Adaptive Capacity
- Potential Impacts and Adaptive Capacity