Home Uncategorised Introduction to Cybersecurity Tools & Cyber Attacks Week 2 Quiz Answers

Introduction to Cybersecurity Tools & Cyber Attacks Week 2 Quiz Answers

9334
0

WEEK 2: Introduction to Cybersecurity Tools & Cyber Attacks Quiz Answers Coursera

Types of actors and their motives Quiz Answers Coursera

Question 1: What are the four (4) types of actors identified in the video A brief overview of types of actors and their motives?

  • Internal
  • Hackers
  • White Hats
  • Black Hats
  • Security Analysts
  • Hactivists
  • Governments

Question 2: Which of these common motivations is often attributed to a hactivist?

  • Political action and movements
  • Hire me!
  • Just playing around
  • Money

Question 3: In the video Hacking organizations, which three (3) governments were called out as being active hackers?

  • Canada
  • Venezuela
  • Israel
  • United States
  • China

Question 4: Which four (4) of the following are known hacking organizations?

  • Syrian Electronic Army
  • Fancy Bears
  • The Ponemon Institute
  • Guardians of Peace
  • Anonymous

Question 5: Which of these hacks resulted in over 100 million credit card numbers being stolen?

  • 2011 Sony Playstation hack
  • 2013 Singapore Cyberattacks
  • 2014 Ebay hack
  • 2015 Target Stores hack
  • 2016 US Election hack

An Architect’s perspective on attack classifications Quiz Answers Coursera

Question 1: Which of the following statements is True?

  • Passive attacks are hard to detect because the original message is delivered unchanged and can pass an integrity check.
  • Passive attacks are hard to detect because the original message is never delivered so the receiving does not know they missed anything.
  • Passive attacks are easy to detect because the original message wrapper must be modified by the attacker before it is forwarded on to the intended recipient.
  • Passive attacks are easy to detect because of the latency created by the interception and second forwarding.

Question 2: The purpose of security services includes which three (3) of the following?

  • Often replicate functions found in physical documents
  • Enhance security of data processing systems and information transfer.
  • Includes any component of your security infrastructure that has been outsourced to a third-party
  • Are intended to counter security attacks.

Question 3: Which statement best describes access control?

  • Prevention of unauthorized use of a resource
  • Protection against the unauthorized disclosure of data
  • Protection against denial by one of the parties in communication
  • Assurance that the communicating entity is the one claimed

Question 4: The International Telecommunication Union (ITU) X.800 standard addresses which three (3) of the following topics?

  • Data transmission speeds
  • Access Control
  • Authentication
  • Data Confidentiality
  • Transmission cost sharing between member countries

Question 5: Protocol suppression, ID and authentication are examples of which?

  • Security Mechanism
  • Business Policy
  • Security Architecture
  • Security Policy

Question 6: The motivation for more security in open systems is driven by which three (3) of the following factors?

  • Society’s increasing dependance on computers.
  • The desire by a number of organizations to use OSI recommendations.
  • New requirements from the WTO, World Trade Organization
  • The appearence of data protection legislation in several countries.

Question 7: True or False: The accidental disclosure of confidential data by an employee is considered a legitimate organizational threat.

  • True
  • False

Question 8: True or False: The accidental disclosure of confidential information by an employee is considered an attack.

  • True
  • False

Question 9: A replay attack and a denial of service attack are examples of which?

  • Passive attack
  • Security architecture attack
  • Masquerade attack
  • Origin attack

Malware and an introduction to threat protection Quiz Answers Coursera

Question 1: True or False: An application that runs on your computer without your authorization but does no damage to the system is not considered malware.

  • True
  • False

Question 2: How would you classify a piece of malicious code designed to cause damage and spreads from one computer to another by attaching itself to files but requires human actions in order to replicate?

  • Virus
  • Worms
  • Trojan Horses
  • Spyware
  • Adware
  • Ransomware

Question 3: How would you classify a piece of malicious code designed collect data about a computer and its users and then report that back to a malicious actor?

  • Virus
  • Worms
  • Spyware
  • Adware

Question 4: A large scale Denial of Service attack usually relies upon which of the following?

  • A botnet
  • A keylogger
  • Logic Bombs
  • Trojan Horses

Question 5: Antivirus software can be classified as which form of threat control?

  • Technical controls
  • Administrative controls
  • Active controls
  • Passive controls

Additional Attack examples today Quiz Answers Coursera

Question 1: Which of the following measures can be used to counter a mapping attack?

  • Record traffic entering the network
  • Look for suspicious activity like IP addresses or ports being scanned sequentially.
  • Use a host scanner and keep an inventory of hosts on your network.
  • All of the above.

Question 2: In order for a network card (NIC) to engage in packet sniffing, it must be running in which mode?

  • Promiscuous
  • Sniffer
  • Inspection
  • Open

Question 3: Which countermeasure can be helpful in combating an IP Spoofing attack?

  • Ingress filtering
  • Enable IP Packet Authentication filtering
  • Keep your certificates up-to-date
  • Enable the IP Spoofing feature available in most commercial antivirus software.
  • All of the above.

Question 4: Which two (2) measures can be used to counter a Denial of Service (DOS) attack?

  • Use traceback to identify the source of the flooded packets.
  • Enable packet filtering on your firewall.
  • Implement a filter to remove flooded packets before they reach the host.
  • Enable the DOS Filtering option now available on most routers and switches.

Question 5: Which countermeasure should be used agains a host insertion attack?

  • Maintain an accurate inventory of of computer hosts by MAC address.
  • Use a host scanning tool to match a list of discovered hosts against known hosts.
  • Investigate newly discovered hosts.
  • All of the above.

Attacks and Cyber resources Quiz Answers Coursera

Question 1: Which is not one of the phases of the intrusion kill chain?

  • Command and Control
  • Delivery
  • Activation
  • Installation

Question 2: Which social engineering attack involves a person instead of a system such as an email server?

  • Spectra
  • Vishing
  • Phishing
  • Cyberwarfare

Question 3: Which of the following is an example of a social engineering attack?

  • Logging in to the Army’s missle command computer and launching a nuclear weapon.
  • Setting up a web site offering free games, but infecting the downloads with malware.
  • Calling an employee and telling him you are from IT support and must observe him logging into his corporate account.
  • Sending someone an email with a Trojan Horse attachment.

Question 4: True or False: While many countries are preparing their military for a future cyberwar, there have been no “cyber battles” to-date.

  • False
  • True

 A day in the life of a SOC analyst Quiz Answers Coursera

Question 1: Which tool did Javier say was crucial to his work as a SOC analyst?

  • SIEM (Security Information and Event Management)
  • Packet Sniffers
  • Firewalls
  • Intrusion detection software

A brief overview of types of actors and their motives Quiz Answers Coursera

Question 1: Which hacker organization hacked into the Democratic National Convension and released Hillery Clinton’s emails?

  • Fancy Bears
  • Anonymous
  • Syrian Electronic Army
  • Guardians of the Peace
  • All of the above

Question 2: What challenges are expected in the future?

  • Enhanced espionage from more countries
  • Far more advanced malware
  • New consumer technology to exploit
  • All of the above

Question 3: Why are cyber attacks using SWIFT so dangerous?

  • SWIFT is the protocol used by all banks to transfer money
  • SWIFT is the protocol used by all US healthcare providers to encrypt medical records
  • SWIFT is the protocol used to transmit all diplomatic telegrams between governments around the world
  • SWIFT is the flight plan and routing system used by all cooperating nations for international commercial flights

Question 4: Which statement best describes Authentication?

  • Assurance that the communicating entity is the one claimed
  • Protection against denial by one of the parties in communication
  • Assurance that a resource can be accessed and used
  • Prevention of unauthorized use of a resource

Question 5: Trusted functionality, security labels, event detection, security audit trails and security recovery are all examples of which type of security mechanism?

  • Contingent security mechanism
  • External security mechanism
  • Active security mechanism
  • Passive security mechanism

Question 6: If an organization responds to an intentional threat, that threat is now classified as what?

  • A malicious threat
  • An attack
  • An active threat
  • An open case

Question 7: An attack that is developed particularly for a specific customer and occurs over a long period of time is a form of what type of attack?

  • Advanced Persistent Threat
  • Water Hole
  • Spectra
  • Denial of Service (DOS)

Question 8: Which of three (3) these approaches could be used by hackers as part of a Business Email Compromise attack?

  • Request to make a payment
  • Attorney impersonation
  • CEO Fraud, where CEO sends email to an employee
  • Account compromise

Question 9: Which type of actor was not one of the four types of actors mentioned in the video A brief overview of types of actors and their motives?

  • Hactivists
  • Governments
  • Hackers
  • Internal
  • Black Hats

Question 10: A political motivation is often attributed to which type of actor?

  • Internal
  • Hackers
  • Hactivist
  • Security Analysts

Question 11: The video Hacking organizations called out several countries with active government sponsored hacking operations in effect. Which one of these was among those named?

  • Canada
  • Israel
  • South Africa
  • Egypt

Question 12: Which of these is not a known hacking organization?

  • The Ponemon Institute
  • Fancy Bears
  • Syrian Electronic Army
  • Anonymous
  • Guardians of the Peace

Question 13: Which type of actor hacked the 2016 US Presidential Elections?

  • Hackers
  • Government
  • Hactivists
  • Internal

Question 14: True or False: Passive attacks are easy to detect because the original messages are usually alterned or undelivered.

  • False
  • True

Question 15: True or False: Authentication, Access Control and Data Confidentiality are all addressed by the ITU X.800 standard.

  • True
  • False

or

Question 15: Trusted functionality, security labels, event detection and security audit trails are all considered which?

  • Business Policy
  • Specific security mechanisms
  • Pervasive security mechanisms
  • Security Policy

Question 16: Cryptography, digital signatures, access controls and routing controls considered which?

  • Security Policy
  • Specific security mechanisms
  • Business Policy
  • Pervasive security mechanisms

Question 17: True or False: Only acts performed with intention to do harm can be classified as Organizational Threats

  • False
  • True

Question 18: Traffic flow analysis is classified as which?

  • An origin attack
  • A passive attack
  • A masquerade attack
  • An active attack

Question 19: How would you classify a piece of malicious code designed to cause damage, can self-replicate and spreads from one computer to another by attaching itself to files?

  • Spyware
  • Adware
  • Worm
  • Virus
  • Trojan Horse
  • Ransomware

Question 20: Botnets can be used to orchestrate which form of attack?

  • Distribution of Spam
  • DDoS attacks
  • Phishing attacks
  • Distribution of Spyware
  • As a Malware launchpad
  • All of the above

Question 21:Policies and training can be classified as which form of threat control?

  • Active controls
  • Technical controls
  • Administrative controls
  • Passive controls

Question 22: Which type of attack can be addressed using a switched Ethernet gateway and software on every host on your network that makes sure their NICs is not running in promiscuous mode.

  • Packet Sniffing
  • Host Insertion
  • Trojan Horse
  • Ransomware
  • All of the above

Question 23:  A flood of maliciously generated packets swamp a receiver’s network interface preventing it from responding to legitimate traffic. This is characteristic of which form of attack?

  • A Denial of Service (DOS) attack
  • A Trojan Horse
  • A Masquerade attack
  • A Ransomware attack

Question 24: A person calls you at work and tells you he is a lawyer for your company and that you need to send him specific confidential company documents right away, or else! Assuming the caller is not really a lawyer for your company but a bad actor, what kind of attack is this?

  • A Social Engineering attack
  • A Trojan Horse
  • A Denial of Service attack
  • A Worm attack

Question 25: True or False: An individual hacks into a military computer and uses it to launch an attack on a target he personally dislikes. This is considered an act of cyberwarfare.

  • False
  • True

LEAVE A REPLY

Please enter your comment!
Please enter your name here