Cybersecurity Compliance Framework & System Administration Quiz Answers

All Weeks Cybersecurity Compliance Framework & System Administration Quiz Answers

This course gives you the background needed to understand the key cybersecurity compliance and industry standards. This knowledge will be important for you to learn no matter what cybersecurity role you would like to acquire or have within an organization.

You will learn the basic commands for user and server administration as it relates to security. You will need this skill to be able to understand vulnerabilities within your organization’s operating systems. You will learn the concepts of endpoint security and patch management. Both of these topics are important to keep systems current to avoid cybersecurity incidents against an organization.

Finally you will learn in-depth skills around cryptography and encryption to understand how these concepts affect software within a company. This course is intended for anyone who wants to gain a basic understanding of Security Frameworks, Compliance, endpoint management, encryption, or cryptography or as the third course in a series of courses to gain the skill as a Jr Cybersecurity analyst.

Enroll on Coursera

Cybersecurity Compliance Framework & System Administration Quiz Answers

Week 01 – Quiz 01

Compliance and Regulations for Cybersecurity ( PRACTICE QUIZ )



Q1. Which of the bad guys are described as “They are “in” an organization but are human and make mistakes”?

  • Inadvertant Actor

Q2. Which is NOT one of the security controls?

  • Testing

Q3. What year did the GDPR come into effect?

  • 2018

Q4. Which three (3) of these obligations are part of the 5 key GDPR obligations? Check all that apply

  • Accountability of Compliance
  • Consent
  • Rights of EU Data Subject

Quiz 02: System and Organization Controls Report (SOC) Overview ( PRACTICE QUIZ )

Q1. Which is the foundational principle that everyone will get during a SOC audit?

  • Security

Industry Standards ( PRACTICE QUIZ )

Q1. The HIPAA security rule requires covered entites to maintain which two (2) reasonable safeguards for protecting e-PHI?

  • Physical
  • Technical

Q2. HIPAA Administrative safeguards include which two (2) of the following ?

  • Security Personnel 
  • Workforce Training and Management

Q3. PCI includes 264 requirements grouped under how many main requirements ?

  • 12

CIS Critical Security Controls ( PRACTICE QUIZ )


Q1. If you are a mature organization which CIS Controls Implementation Group would you use?

  • Implementation Group 3

Quiz 03: Compliance Frameworks and Industry Standards ( MAIN QUIZ)

Q1. A security attack is defined as which of the following?

  • An event that has been identified by correlation and analytics tools as a malicious activity.

Q2. Which order does a typical compliance process follow?

  • Establish scope, readiness assessment, gap remediation, testing/auditing, management reporting

Q3. Under GDPR who determines the purpose and means of processing of personal data?

  • Controller

Q4. Under the International Organization for Standardization (ISO) which standard focuses on Privacy?

  • ISO 27018

Q5. Which SOC report is closest to an ISO report?

  • Type 1

Q6. What is an auditor looking for when they test control the control for implementation over an entire offering with no gaps?

  • Completeness

Q7. The HIPAA Security Rule requires covered entities to maintain which three (3) reasonable safeguards for protecting e-PHI?

  • physical
  • technical
  • administrative

Q8. HIPAA Administrative safeguards include which two (2) of the following?

  • Workforce training and management
  • Security Personnel

Q9. Who is the governing entity for HIPAA?

  • US Department of Health and Human Services Office of Civil Rights

Q10. HIPAA Physical safeguards include which two (2) of the following?

  • Workstation and Device Security
  • Facility Access and Control

Q11. PCI uses which three (3) of the following Card Holder Data Environment categories to determine scope?

  • Technology
  • Processes
  • People

Q12. One PCI Requirement is using an approved scanning vendor to scan at what frequency?

  • Quarterly

Q13. In which CIS control category will you find Incident Response and Management?

  • Organizational

Week 02 – Quiz 01

Client System Administration and Endpoint Protection ( PRACTICE QUIZ )

Q1. Which is NOT an example of a client?

  • e-mail Server

Q2. Which three (3) threat key factors should be considered when looking at an Endpoint Security Solution?

  • threat hunting
  • user education
  • detection response

Patching

Q1. A patch is a set of changes to a computer program or its data designed for which three (3) functions?

  • update
  • improve
  • fix

Q2. Which two types of updates do most organizations patch as soon as possible after testing?

  • Security and Critical

Quiz 02

Client System Administration, Endpoint Protection and Patching ( Main QUIZ )

Q1. Which three (3) are common Endpoint attack types?

  • Whale hunting
  • Ad Network
  • Spear Phishing

Q2. Endpoint detection and response includes which three (3) of these key technologies?

  • Zero-day OS updates.
  • Automatic policy creation for endpoints.
  • Continuous monitoring.

Q3. Which common endpoint attack is targeted at supply chain infiltration?

  • Island Hopping

Q4. What two windows security updates do most organizations always patch?

  • critical and important

Q5. How frequently will most organizations distribute patches?

  • Monthly

Week 03 – Quiz 01

Windows Administration ( PRACTICE QUIZ )

Q1. Which three (3) objects are typically managed by active directory?

  • Services
  • Network User
  • Volumes

Q2. Which type of group within Active Directory is used to assign permissions to shared resources?

  • Security groups

Q3. Does Kerberos Authentication provide several benefits including which three (3) of the following?

  • interoperability
  • single sign on
  • delegated authentication

Q4. Which of the nine different kinds of Windows events that can be audited is used to see when someone has shut down or restarted the computer or when a program tries to do something it does not have permission to do?

  • System events

Linux Basics ( PRACTICE QUIZ )

Q1. True or False:  Internal commands are built into the shell program and are shell dependent?

  • True

Q2. Which Linux Run Level shuts down all services when the system is being rebooted?

  • Run Level 6:  Reboot

Quiz 02

Server and User Administration ( Main QUIZ )

Q1. Which Windows directory folder stores per-user application data and settings?

  • \AppData

Q2. Which is NOT an example of a default Windows local user account?

  • Network Service

Q3. Which feature allows Active Directory to be shared by multiple servers?

  • A replication services

Q4. Which three (3) of the following steps can be taken to help protect sensitive Windows domain accounts? (Select 3)

  • Separate administrator accounts from user accounts.
  • Disable the account delegation rights for administrator accounts.
  • Create dedicated workstation hosts without Internet and email access.

Q5. What tool can an administrator use to manage servers on private networks that are not connected to the Internet?

  • Windows Admin Center

Q6. Which of the nine different kinds of Windows events that can be audited is used to see each instance of a user logging on to and logging off from another computer?

  • Account logon

Q7. Which of these commands does not shut down the Linux operating system?

  • reboot
  • itit 6
  • shutdown -r

Q8. Which Linux commands are totally shell-independent and usually found in any Linux distribution?

  • External commands

Q9. Which three (3) of the following are common choices of Shell?

  • tcsh
  • Bash
  • sh

Week 04 – Quiz 01

Cryptography Basics ( PRACTICE QUIZ )

Q1. Which of the cryptography basics ensures authentication, non-repudiation, and integrity?

  • Digital Signatures

Q2. Complete the following statement.

Data can be encrypted_____

  • at rest, in use, and in transit.

Q3. Which is NOT a pitfall of encryption?

  • Implementing a reliable and proven cryptography

Q4. True or False:  Internal commands are built into the shell program and are shell-dependent.

  • True

Quiz 02

Cryptography and Compliance Pitfalls ( Main QUIZ )

Q1. True or False:  A whole branch of hacking – Reverse Engineering – is devoted to discovering hidden algorithms and data.

  • True

Q2. Which is not a key takeaway of best practices of cryptography?

  • Do rely on your own encryption algorithms.

Q3. Which three (3) are true of digital signatures?

  • Ensures authentication, non-reputiation, and integrity

Q4. What is the recommendation to avoid the encrypting data at rest pitfall “Using hardcoded/easily guessed keys”?

  • Select cryptographically-random keys, do not reuse keys for different installs.

Q5. Which two (2) statements are true of the Hash function?

  • Hashing provides integrity.
  • Maps data of arbitrary size to data of a fixed size.
Cybersecurity Compliance Framework & System Administration Coursera Course Review:

In our experience, we suggest you enroll in the Cybersecurity Compliance Framework & System Administration courses and gain some new skills from Professionals completely free and we assure you will be worth it.

Cybersecurity Compliance Framework & System Administration courses are available on Coursera for free, if you are stuck anywhere between quiz or graded assessment quizzes, just visit Networking Funda to get Cybersecurity Compliance Framework & System Administration Coursera Quiz Answers.

Conclusion:

I hope this Cybersecurity Compliance Framework & System Administration Coursera Quiz Answers would be useful for you to learn something new from this Course. If it helped you then don’t forget to bookmark our site for more Coursera Quiz Answers.

This course is intended for audiences of all experiences who are interested in learning about new skills in a business context; there are no prerequisite courses.

Keep Learning!

All Course Quiz Answers of IBM Cybersecurity Analyst Professional Certificate

Course 01: Introduction to Cybersecurity Tools & Cyber Attacks

Course 02: Cybersecurity Roles, Processes & Operating System Security

Course 03: Cybersecurity Compliance Framework & System Administration

Course 04: Network Security & Database Vulnerabilities

Course 05: Penetration Testing, Incident Response, and Forensics

Course 06: Cyber Threat Intelligence

Course 07: Cybersecurity Capstone: Breach Response Case Studies

Course 08: IBM Cybersecurity Analyst Assessment

Leave a Reply

error: Content is protected !!