Welcome to your go-to guide for Cybersecurity for Everyone quiz answers! Whether you’re completing practice quizzes to build your understanding or preparing for graded quizzes to assess your knowledge, this guide has you covered.
Covering all course modules, this resource will help you grasp essential cybersecurity concepts, including online threats, data protection, safe browsing, and understanding the basics of cybersecurity frameworks.
Cybersecurity for Everyone Quiz Answers – Practice & Graded Quizzes for All Modules
Table of Contents
Cybersecurity for Everyone Week 01 Quiz Answers
Q1. The definition for the term “cyber” includes the interplay between technology and human systems.
Correct Answer:
- True
Explanation:
The term “cyber” encompasses the interaction between technology and human systems, highlighting the relationship between digital networks and human behavior.
Q2. The primary challenge in managing the problem of cyber security is the complexity of technology and human processes that create vulnerabilities that can be exploited by threat actors.
Correct Answer:
- True
Explanation:
Cybersecurity is complex because vulnerabilities often arise from the intersection of advanced technologies and human actions, making systems susceptible to exploitation by threat actors.
Q3. The size and complexity of an organization’s publicly facing internet presence is known as the firm’s:
Correct Answer:
- Attack Surface
Explanation:
The attack surface refers to all the points of entry exposed to potential threats, including systems, networks, and devices accessible from the internet.
Cybersecurity for Everyone Week 02 Quiz Answers
Q1. The origin and evolution of the internet was a product of:
Correct Answer:
- None of the above
Explanation:
The internet’s development was a collaborative, evolutionary process involving government agencies (like DARPA), universities, and the private sector. It wasn’t solely the product of a single group or breakthrough.
Q2. The federal government’s role in developing the internet can best be described as:
Correct Answer:
- An early supporter of a radical concept that helped bridge an academic concept into a service leveraged by corporations and users around the world.
Explanation:
The government, particularly through DARPA, played a key role in funding and supporting foundational research that enabled the development of the internet.
Q3. The federal government was the chief developer of internet technology in the 1960s and 1970s.
Correct Answer:
- True
Explanation:
In the 1960s and 1970s, the federal government, primarily through DARPA, initiated and funded the development of ARPANET, which formed the basis for the modern internet.
Q4. The introduction of Senate bill 2594, the “Super Computer Network Study Act” of 1986, by former president Al Gore helped:
Correct Answer:
- Bring together industry, academia, and government in a joint effort to accelerate development and deployment of gigabit networking
Explanation:
The bill played a key role in fostering collaboration and advancing the infrastructure of high-speed networking, paving the way for modern internet development.
Cybersecurity for Everyone Week 03 Quiz Answers
Q1. The OSI model is:
Correct Answer:
- a) A representation of how information from a user is encapsulated, transmitted, and received across networks, and the global telecommunications infrastructure.
Explanation:
The OSI model outlines how data flows across a network using encapsulation at different layers, from application to physical transmission.
Q2. The OSI Data model utilizes the concept of ____________ to move data from one point of the earth to another:
Correct Answer:
- encapsulation
Explanation:
Encapsulation involves packaging data with protocol headers to ensure proper transmission and delivery between layers.
Q3. What is the key protocol that is leveraged to “provide the map” between networks?
Correct Answer:
- BGP (Border Gateway Protocol)
Explanation:
BGP is used to exchange routing information between different networks, providing the “map” for internet traffic.
Q4. Which definition best describes an Autonomous System?
Correct Answer:
- A collection of connected Internet Protocol (IP) under the control of one or more network operators
Explanation:
An Autonomous System (AS) is a network or group of networks managed by a single entity and sharing the same routing policies.
Q5. Which definition best describes an Internet Exchange Point (IXP)?
Correct Answer:
- The physical infrastructure through which Internet Service Providers (ISPs) and Content Delivery Networks (CDNs) exchange Internet traffic between their networks
Explanation:
IXPs allow networks to interconnect directly, reducing latency and improving efficiency.
Q6. The global telecommunication infrastructure is managed by nation-states who come to an agreement on where to invest and who should have access.
Correct Answer:
- False
Explanation:
While nation-states play a role in some areas, the global telecommunication infrastructure is managed by multiple entities, including private organizations, governments, and international bodies.
Q7. One major limitation of terrestrial microwave technology for use in long-haul communications is:
Correct Answer:
- The curvature of the earth prevents long-distance communications, without the need for a repeater
Explanation:
Microwave signals require line-of-sight, and the earth’s curvature limits their range without the use of repeaters.
Q8. Which description best describes The Internet Corporation for Assigned Names and Numbers (ICANN)?
Correct Answer:
- An internationally organized non-profit responsible for coordinating the maintenance and procedures of several databases related to the namespace on the internet
Explanation:
ICANN manages domain names and IP address allocation to ensure the stability of the internet’s namespace.
Q9. Regional Internet Registries are:
Correct Answer:
- d) Both a and c
Explanation:
RIRs are managed by ICANN and help associate domain names with IP addresses to maintain efficient internet functioning.
Q10. The organization that focuses on short-term immediate needs for the efficient development of internet technology is:
Correct Answer:
- The Internet Engineering Task Force
Explanation:
The IETF is responsible for developing and promoting internet standards and protocols to address immediate technological needs.
Cybersecurity for Everyone Week 04 Quiz Answers
Q1. APT is an acronym for:
Correct Answer:
- Advanced Persistent Threat
Explanation:
APT refers to a prolonged and targeted cyberattack where an intruder gains access to a network and remains undetected for an extended period, often carried out by nation-states or highly skilled groups.
Q2. Which of the following is NOT considered a cyber threat actor?
Correct Answer:
- People who are curious about how technology works and report vulnerabilities to organizations and authorities they discover in their own devices and networks.
Explanation:
Individuals who responsibly report vulnerabilities are considered ethical hackers or “white hats” and are not classified as cyber threat actors.
Q3. A hacker who defaces a government website to protest the arrest of a political prisoner would be considered what type of threat actor?
Correct Answer:
- Hacktivist
Explanation:
A hacktivist uses hacking techniques to promote political or social agendas, such as protesting government actions.
Q4. How would you best describe the capabilities and motives of an APT?
Correct Answer:
- They are heavily skilled, highly coordinated, and usually motivated by national objectives such as espionage.
Explanation:
APTs involve sophisticated, long-term cyber campaigns often sponsored by nation-states for intelligence gathering or disruption.
Q5. Fancy Bear is a threat actor that is best categorized as what type of threat actor?
Correct Answer:
- APT
Explanation:
Fancy Bear is a well-known APT group believed to be linked to Russian military intelligence, conducting cyber-espionage and other state-sponsored activities.
Q6. Criminal organizations engage in hacking activity primarily to:
Correct Answer:
- Illegally obtain monies from their victims
Explanation:
Criminal organizations typically engage in hacking to steal money, often through ransomware, phishing, or other financially motivated schemes.
Cybersecurity for Everyone Week 05 Quiz Answers
Q1. The best way to describe hacking is as a single effort or activity conducted quickly and effortlessly by the threat actor.
Correct Answer:
- False
Explanation:
Hacking often involves multiple stages, including planning, recon, exploitation, and persistence, making it a complex and ongoing effort rather than a simple, quick activity.
Q2. Spear phishing is a tactic in which part of the Lockheed Martin Attack Kill Chain Model?
Correct Answer:
- Delivery
Explanation:
Spear phishing typically occurs in the “Delivery” phase, where the attacker delivers a malicious payload (like a phishing email) to the target.
Q3. Investigating the organizational chart of a target is part of which phase of the Lockheed Martin Attack Kill Chain Model?
Correct Answer:
- Reconnaissance
Explanation:
Reconnaissance is the phase where attackers gather information about their target, such as organizational structures and vulnerabilities.
Q4. IT System Administrators often can easily identify who attackers are and submit their identities to law enforcement for prosecution.
Correct Answer:
- False
Explanation:
It can be difficult for system administrators to identify the specific identities of attackers due to the use of anonymizing techniques, such as proxies and VPNs.
Q5. The phase of the hacking process where a threat actor’s code is executed onto a victim’s device is called:
Correct Answer:
- Exploitation
Explanation:
Exploitation is the phase where an attacker takes advantage of a vulnerability to execute malicious code on a target’s device.
Q6. Writing an exploit to leverage a vulnerability in the Windows 10 operating system would be included in which phase of the Lockheed Martin Cyber Kill Chain?
Correct Answer:
- Weaponization
Explanation:
Weaponization involves creating the exploit that leverages the vulnerability, preparing it for delivery to the target.
Q7. The use of _______ often makes it difficult for victims of cyber-attack to identify the threat actor involved.
Correct Answer:
- Proxy servers
Explanation:
Proxy servers help attackers hide their location and identity, making attribution difficult for victims.
Q8. Attribution can be difficult for victims of cyber attack primarily due to:
Correct Answer:
- The interplay between proxies, encryption, and threat actors hiding in plain network traffic
Explanation:
Attribution is challenging because attackers often use techniques like proxies and encryption to obscure their identities and activities, making it difficult to trace the attack back to them.
Cybersecurity for Everyone Week 06 Quiz Answers
Q1. A threat actor can only create direct effects on the victim cyber-attack can only generate impacts on the system it directly hacks.
Correct Answer:
- False
Explanation:
Cyber-attacks often have ripple effects, impacting not just the directly affected system, but also secondary and even broader systemic effects, such as financial losses and reputation damage.
Q2. The direct impacts a threat actor has on a system is called a:
Correct Answer:
- Primary effect
Explanation:
Primary effects refer to the immediate and direct impacts of a cyber-attack on the affected system, such as system downtime or data loss.
Q3. Secondary effects capture each of the following consequences except for:
Correct Answer:
- Decreased technical system performance
Explanation:
Secondary effects usually refer to broader consequences like loss of revenue or reputation, rather than immediate technical impacts.
Q4. Second-order effects are best described as:
Correct Answer:
- Effects on society that stem from actions taken by threat actors but whose actions generate failures to a critical organization’s systems and processes
Explanation:
Second-order effects stem from primary impacts but extend beyond the victim, affecting external entities or societal systems due to the disruption of critical services or infrastructures.
Q5. Determining if a cyber attack is a private problem versus a public concern is primarily a function of:
Correct Answer:
- The scope and severity of the second-order impacts to a community because of the loss of capabilities of systemically important organizations
Explanation:
If a cyber-attack affects critical systems with widespread impacts on communities or industries, it becomes a public concern.
Q6. A firm’s stock price that falls 20% after a cyber event is an example of a:
Correct Answer:
- Secondary Effect
Explanation:
A drop in stock price reflects the broader, indirect impact of the cyber attack on the firm’s financial standing and reputation.
Q7. In 2017, a cyber attack against Maersk Line, a large container transport company, resulted in thousands of their devices disrupted by the NotPetya ransomware by having the contents on those devices encrypted and made inaccessible to the company. The firm eventually rebuilt over 45,000 desktops and over 2,500 servers. Port operations in 76 countries were impacted, costing the company $300M in lost revenue and remediation costs. Hundreds of companies had their logistics chains stopped or severely degraded. Researchers have tied the distribution of the ransomware to efforts by a Russian APT.
According to the classification system presented, the primary effect to Maersk’s devices is best described as a:
Correct Answer:
- Internal Denial of Service Attack
Explanation:
The primary impact on Maersk’s devices, which were disrupted and rendered inaccessible, is best classified as an internal denial of service (DoS) attack.
Q8. The $300M dollar loss by Maersk Line would be considered a:
Correct Answer:
- Secondary Effect
Explanation:
The $300M loss is a secondary effect as it represents a financial consequence of the primary disruption to their systems.
Q9. The degradation to the central European logistics supply chains stemming from this attack would be an example of a:
Correct Answer:
- Second Order Effect
Explanation:
The disruption to logistics chains is a second-order effect, as it stems from the direct impact on Maersk and spreads to other businesses and industries.
Conclusion
We hope this guide to Cybersecurity for Everyone Quiz Answers helps you build a solid understanding of cybersecurity fundamentals and succeed in your course. Bookmark this page for quick reference and share it with your peers. Ready to strengthen your cybersecurity skills and ace your quizzes? Let’s dive in!
Sources: Cybersecurity for Everyone