Welcome to your go-to guide for “Cyber Attack Countermeasures” quiz answers! Whether you’re working through practice quizzes to strengthen your knowledge or preparing for graded quizzes to assess your understanding, this guide has you covered.
Spanning all course modules, this resource will teach you essential countermeasures for combating various types of cyber attacks. From firewalls and encryption to intrusion detection systems (IDS) and security policies, you’ll gain the tools to safeguard networks and data from malicious threats.
Cyber Attack Countermeasures Quiz Answers – Graded Quizzes for All Modules
Table of Contents
Cyber Attack Countermeasures Module 01 Quiz Answers
Q1. Preventive security has which of the following advantages over reactive security:
Correct Answer: Less likelihood of consequences to assets occurring
Explanation: Preventive security measures aim to stop security incidents before they happen, which reduces the likelihood of harm to assets, unlike reactive security, which responds to incidents after they occur.
Q2. James Anderson created the reference monitor model to describe which aspect of early computer security?
Correct Answer: Basic access decision making for asset requests from subjects
Explanation: The reference monitor model defines the concept of enforcing access control policies by making decisions on whether a subject (such as a user or program) can access an asset (like a file or resource).
Q3. Which of the following statements about the Orange Book are true?
Correct Answer: Government bureaucrats wrote it
Explanation: The Orange Book, also known as the “Trusted Computer System Evaluation Criteria,” was created by the U.S. government to provide a standard for evaluating the security of computer systems.
Q4. The Biba and Bell-LaPadula models are examples of which of the following:
Correct Answer: Early models for secure system design
Explanation: Both the Biba and Bell-LaPadula models were developed to guide the design of secure computer systems by defining rules for controlling access and maintaining integrity.
Q5. The Bell-La Padula Model contains which of the following mottos:
Correct Answer: No write up
Explanation: The Bell-LaPadula model focuses on maintaining confidentiality, with the “no write up” rule preventing subjects from writing data to a higher security level.
Q6. The Biba model was focused on which of these security threats?
Correct Answer: Fraud and abuse
Explanation: The Biba model is designed to maintain data integrity and prevent fraud and abuse by enforcing rules on how data can be modified and by whom.
Q7. Which of the following are true of a covert channel?
Correct Answer: It is not overt
Explanation: A covert channel is an unintended, hidden communication channel used to transfer information, often violating security policies. It is not overt because it operates secretly.
Q8. Why should anyone care about covert channels?
Correct Answer: They might lead to policy violations
Explanation: Covert channels can circumvent established security policies, making it possible for unauthorized information to be transmitted, leading to potential policy violations.
Q9. Which of the following is a true statement about the hook-up theorem from Darryl McCullough for composability of secure systems?
Correct Answer: It proves that composed non-deducible secure systems might not be non-deducible secure
Explanation: The hook-up theorem addresses the risks involved in composing secure systems, showing that combining non-deducible systems could lead to vulnerabilities where deducibility is possible.
Q10. Functional security differs from procedural security in which of the following ways?
Correct Answer: Functional involves automated mechanisms, and procedural involves people
Explanation: Functional security focuses on automated systems for security controls, while procedural security involves human actions and procedures for enforcing security.
Cyber Attack Countermeasures Module 02 Quiz Answers
Q1. “Identification” in the process of authentication involves which of the following?
Correct Answer: Typing in User ID
Explanation: Identification refers to the process of providing a unique identifier, such as a user ID, to the system, which is typically the first step before authentication.
Q2. Which of the following statements is true?
Correct Answer: Identifiers are not secret
Explanation: Identifiers, such as user IDs, are used to identify users and are generally not kept secret, unlike passwords or other proof factors in authentication.
Q3. Which of the following is not a good candidate for use as a proof factor in the authentication process?
Correct Answer: Confirming location, regardless of the country you are in
Explanation: Location is not a reliable proof factor on its own because users can easily spoof their location, which makes it a poor choice for authentication.
Q4. Two-factor authentication can reduce the likelihood of which of the following security incidents?
Correct Answer: All of the above
Explanation: Two-factor authentication enhances security by requiring two different forms of identification, thus reducing the risk of fraudulent website use, identity spoofing, and system breaches.
Q5. The main drawback of a hardware token authenticator is which of the following?
Correct Answer: They require buying and administering physical entities
Explanation: Hardware token authenticators require physical devices, which can be costly to acquire and manage compared to software-based solutions.
Q6. The RSA SecureID protocol implements which of the following?
Correct Answer: One-time password
Explanation: The RSA SecureID protocol is designed to generate one-time passwords, which change after each use for enhanced security.
Q7. RSA SecureID cryptanalysis requires which of the following methods?
Correct Answer: All of the above
Explanation: RSA SecureID cryptanalysis may involve known plaintext, chosen plaintext, and ciphertext-only methods, depending on the attack scenario.
Q8. Passwords are unlikely to disappear in the near term for which of the following reasons?
Correct Answer: They are easy for developers to handle
Explanation: Passwords are widely used because they are simple and familiar for developers to implement, despite other challenges associated with security and usability.
Q9. The six steps of the generic authentication protocol include which of the following steps?
Correct Answer: Identify, challenge, compute, respond, validate, notify
Explanation: These are the core steps in the authentication process, which involve identifying the user, challenging them with a test, computing the response, validating the response, and notifying the system.
Q10. Spoofing the authentication process results in which of the following?
Correct Answer: Incorrect attribution
Explanation: Spoofing involves falsifying authentication credentials, leading to incorrect attribution of actions or access, potentially allowing unauthorized users to impersonate legitimate ones.
Cyber Attack Countermeasures Module 03 Quiz Answers
Q1. The S/Key protocol is cryptanalyzed using which of the following methods?
Correct Answer: All of the above
Explanation: The S/Key protocol can be cryptanalyzed using ciphertext-only, known plaintext, and chosen plaintext methods, depending on the type of attack.
Q2. The S/Key protocol supports which of the following?
Correct Answer: All of the above
Explanation: The S/Key protocol supports two-factor authentication (2FA), enhanced authentication, and reduces reliance on traditional passwords by using a one-time password system.
Q3. The goal of Kerberos was which of the following?
Correct Answer: Get passwords onto the LAN
Explanation: Kerberos was designed to provide secure authentication over a network, enabling users to authenticate to services without sending passwords across the LAN.
Q4. Which of the following is not part of a cryptosystem?
Correct Answer: Certificates
Explanation: A cryptosystem typically includes plaintext, keys, and ciphertext. While certificates are used in some systems for secure communication, they are not considered part of the core cryptosystem.
Q5. Which of the following is a true statement?
Correct Answer: Substitution is replacement
Explanation: In cryptography, substitution refers to replacing one element (such as a letter or symbol) with another, as in cipher algorithms like the Caesar cipher.
Q6. The DES algorithm included which of the following?
Correct Answer: 64 bit blocks
Explanation: The DES (Data Encryption Standard) algorithm operates on 64-bit blocks of data and uses a 56-bit key for encryption.
Q7. Triple DES did not include which of the following?
Correct Answer: Non-interoperability with DES
Explanation: Triple DES (3DES) was designed to be interoperable with DES, allowing for backward compatibility while providing stronger encryption by applying DES three times with different keys.
Q8. DES was invented:
Correct Answer: In the 1980’s
Explanation: DES was developed in the 1970s and officially adopted in the 1980s as a standard encryption algorithm for securing data.
Q9. A Key Distribution Center has responsibility to do which of the following?
Correct Answer: Monitoring key flow
Explanation: A Key Distribution Center (KDC) is responsible for managing and distributing cryptographic keys between parties, ensuring secure key flow in systems like Kerberos.
Cyber Attack Countermeasures Module 04 Quiz Answers
Q1. CBC mode cryptography involves which of the following?
Correct Answer: None of the above
Explanation: CBC (Cipher Block Chaining) mode is a block cipher encryption mode that chains together blocks of plaintext, but it does not directly involve mediation or auditing of channels.
Q2. Which is a true statement?
Correct Answer: Conventional crypto scales poorly to large groups
Explanation: Conventional cryptography methods, such as symmetric-key cryptography, struggle to scale efficiently for large groups due to the need for unique keys for each pair of users.
Q3. Public Key Cryptography involves which of the following?
Correct Answer: Publicly known public keys
Explanation: Public Key Cryptography relies on the use of publicly available public keys for encryption and secure communication, with private keys remaining secret.
Q4. Which is a true statement?
Correct Answer: DES is more expensive than public key crypto
Explanation: Public key cryptography generally requires more computational resources and hardware support than symmetric-key algorithms like DES, making it more expensive in terms of processing.
Q5. Public Key Cryptography accomplishes secrecy through which of the following?
Correct Answer: Encryption with the recipient’s public key
Explanation: In public key cryptography, secrecy is achieved by encrypting data using the recipient’s public key, ensuring only the recipient can decrypt it with their private key.
Q6. Public Key Cryptography accomplishes digital signatures through which of the following?
Correct Answer: Encryption with the sender’s secret key
Explanation: Digital signatures are created by encrypting a message with the sender’s private key, allowing recipients to verify authenticity using the sender’s public key.
Q7. Which is a true statement?
Correct Answer: Diffie and Hellman received the Turing Award for their work
Explanation: Diffie and Hellman received the Turing Award for their pioneering work in cryptography, particularly the development of the Diffie-Hellman key exchange.
Q8. Certification authorities support public key management through what means?
Correct Answer: Binding names to public keys
Explanation: Certification authorities (CAs) issue digital certificates that bind a subject’s identity (such as a name) to their public key, ensuring the authenticity of the public key.
Q9. Secure Sockets Layer (SSL) relies on which of the following?
Correct Answer: Browsers
Explanation: SSL relies on browsers to implement secure communication over the internet by using SSL/TLS protocols to encrypt data between clients and servers.
Q10. James Ellis and Clifford Cocks deserve credit for which of the following?
Correct Answer: Inventing secret encryption (essentially public key technology)
Explanation: James Ellis and Clifford Cocks are credited with the early development of public key cryptography, which forms the basis of modern secure communication systems.
Conclusion
We hope this guide to Cyber Attack Countermeasures Quiz Answers helps you build a strong defense against cyber threats and succeed in your course. Bookmark this page for quick access and share it with your peers. Ready to learn how to protect networks and systems while acing your quizzes? Let’s get started!
Sources: Cyber Attack Countermeasures
Get All Course Quiz Answers of Introduction to Cyber Security Specialization >>
Introduction to Cyber Attacks Quiz Answers
Cyber Attack Countermeasures Quiz Answers
Real-Time Cyber Threat Detection and Mitigation Quiz Answers
Enterprise and Infrastructure Security Quiz Answers