Home Uncategorised Introduction to Cybersecurity Tools & Cyber Attacks Week 3 Quiz Answers

Introduction to Cybersecurity Tools & Cyber Attacks Week 3 Quiz Answers

923
0

Week 3: Introduction to Cybersecurity Tools & Cyber Attacks

CIA Triad Quiz Answers Coursera

Question 1: Encrypting your email is an example of addressing which aspect of the CIA Triad?

  • Confidentiality
  • Integrity
  • Availability

Question 2: Trudy changes the meeting time in a message she intercepts from Alice before she forwards it on to Bob. This is a violation of which aspect of the CIA Triad?

  • Confidentiality
  • Integrity
  • Availability

Question 3: You fail to backup your files and then drop your laptop breaking it into many small pieces. You have just failed to address which aspect of the CIA Triad?

  • Confidentiality
  • Integrity
  • Availability

Question 4: The use of digital signatures is an example of which concept?

  • Non-repudiation
  • Confidentiality
  • Integrity
  • Availability

Access Management Quiz Answers Coursera

Question 1: Managers in the Singapore office at your company can access documents that managers in other offices cannot access, nor can nonmanager employees in the Singapore office. Which 2 access criterial types were likely involved in setting this up?

  • Timeframe
  • Transaction type
  • Groups
  • Physical location

Incident Response Quiz Answers Coursera

Question 1: In incident management, an event that has a negative impact on some aspect of the network or data is called what?

  • Incident
  • Attack
  • Threat
  • Event

Question 2: In incident management, a data inventory, data classification and data management process are part of which key concept?

  • Business Continuity Plan & Disaster Recovery
  • E-Discovery
  • Post-Incident Activities
  • Automated system

Question 3: Which of the phase of the Incident Response Process do steps like Identify cyber security incident, Define objectives and investigate situation and Take appropriate action fall into?

  • Phase 1: Prepare
  • Phase 2: Respond
  • Phase 3: Follow Up

Frameworks and their purpose Quiz Answers Coursera

Question 1: In the context of security standards and compliance, which two (2) of these items are goals of frameworks and best practices?

  • They seek to improve performance, controls and metrics.
  • They are rules to follow for a specific industry.
  • They help translate the business needs into technical or operational needs.
  • They serve as an enforcement mechanism for government, industry or clients.

Question 2: A company document that says employees may not do online shopping while at work would be which of the following?

  • Strategic Plan
  • Procedure
  • Policy
  • Tactical Plan

Question 3: Which three (3) of these are compliance standards that must be adhered to by companies is some industries / countries?

  • OCTAVE
  • PCI/DSS
  • HIPPA
  • SOX

Question 4: A method of evaluating computer and network security by simulating an attack on a computer system or network from external or internal threats is know as which of the following?

  • A pentest
  • A white hat
  • A threat
  • A hack

Question 5: The OWASP “Top 10” provides guidance on what?

  • The top 10 network vulnerabilities reported each year.
  • The top 10 malware exploits reported each year.
  • The top 10 application vulnerabilities reported each year.
  • The top 10 cybercrimes reported each year.

Quiz: Key concepts Quiz Answers Coursera

Question 1: Which two (2) key components are part of incident response? (Select 2)

  • Threat
  • Response team
  • Attack
  • Investigation

Question 2: Which is not part of the Sans Institutes Audit process?

  • Deliver a report.
  • Define the audit scope and limitations.
  • Feedback based on the findings.
  • Help to translate the business needs into technical or operational needs.

Question 3: Which key concept to understand incident response is defined as “data inventory, helps to understand the current tech status, data classification, data management, we could use automated systems. Understand how you control data retention and backup.”

  • BCP & Disaster Recovery
  • E-Discovery
  • Post-Incident
  • Automated Systems

Question 4: Which is not included as part of the IT Governance process?

  • Tactical Plans
  • Policies
  • Audits
  • Procedures

Question 5: Trudy reading Alice’s message to Bob is a violation of which aspect of the CIA Triad?

  • Confidentiality
  • Integrity
  • Availability

Question 6: A hash is a mathematical algorithm that helps assure which aspect of the CIA Triad?

  • Confidentiality
  • Integrity
  • Availability

Question 7: A successful DOS attack against your company’s servers is a violation of which aspect of the CIA Triad?

  • Confidentiality
  • Integrity
  • Availability

Question 8: Which of these is an example of the concept of non-repudiation?

  • Alice sends a message to Bob with certainty that it was not altered while in route by Trudy.
  • Alice sends a message to Bob with certainty that it will be delivered.
  • Alice sends a message to Bob and Bob knows for a certainty that it came from Alice and no one else.
  • Alice sends a message to Bob and Alice is certain that it was not read by Trudy.

Question 9: You have been asked to establish access to corporate documents in such a way that they can be read from anywhere, but only modified while the employees are in the office. Which 2 access criteria types were likely involved in setting this up?

  • Groups
  • Physical location
  • Transaction type
  • Timeframe

Question 10: In incident management, an observed change to the normal behavior of a system, environment or process is called what?

  • Incident
  • Attack
  • Threat
  • Event

Question 11: In incident management, tools like SIEM, SOA and UBA are part of which key concept?

  • E-Discovery
  • Automated system
  • BCP & Disaster Recovery
  • Post-Incident Activities

Question 12: Which phase of the Incident Response Process do steps like Carry out a post incident review and Communicate and build on lessons learned fall into?

  • Follow Up
  • Prepare
  • Respond

Question 13: In the context of security standards and compliance, which two (2) of these are considered normative and compliance items?

  • They help translate the business needs into technical or operational needs.
  • They serve as an enforcement mechanism for government, industry or clients.
  • They seek to improve performance, controls and metrics.
  • They are rules to follow for a specific industry.

Question 14: A company document that details how an employee should request Internet access for her computer would be which of the following?

  • Procedure
  • Policy
  • Strategic Plan
  • Tactical Plan

Question 15: Which of these is a methodology by which to conduct audits?

  • SOX
  • HIPPA
  • PCI/DSS
  • OCTAVE

Question 16: Mile 2 CPTE Training teaches you how to do what?

  • Advanced network management tasks
  • Conduct a pentest.
  • Construct a botnet
  • Conduct a Ransomware attack

Question 17: Which three (3) statements about OWASP are True?

  • OWASP provides tools and guidance for mobile applications.
  • OWASP stands for Open Web Application Security Project
  • OWASP provides guidance and tools to help you address web application vulnerabilities on their Top 10 list.
  • OWASP Top 10 only lists the top 10 web application vulnerabilities but you must engage an OWASP certified partner to learn how to fix them.

LEAVE A REPLY

Please enter your comment!
Please enter your name here