Get All Week Introduction to Cybersecurity Essentials Quiz Answers
Table of Contents
Introduction to Cybersecurity Essentials Week 01 Quiz Answers
Quiz 1: Common Security Threats and Risks
Q1. In cybersecurity, what does the CIA in CIA Triad refer to?
- Confidentiality, Integrity, Availability
- Cybersecurity, Integration, Accessibility
- Cybersecurity Investigation Agency
- Control, Integration, Availability
Q2. When does raw data become information?
- When it has been cleaned, refined, and organized
- When it is exported to a spreadsheet or report
- When it has been securely stored in a database and analyzed
- When it is captured
Q3. Which malicious software is a virus that starts itself after identifying system weaknesses and spreads between computers and over networks?
Q4. What type of malware locks the user out of their files or device, and then demands an anonymous online payment to restore access?
- Man-in-the-Middle attack
Q5. Employees at your company are having a difficult time accessing the company’s website. Some employees report slow performance, and some cannot access it all. IT staff investigated and found millions of half-open connections on port 443 from thousands of different IP addresses. Which type of attack is occurring?
- Man-in-the-Middle attack
- DDoS attack
- Domain name hijacking
- MAC flooding
Quiz 2: Common Security Threats and Risks
Q1. What does confidentiality of data refer to?
- Rules that restrict access only to those who need to know
- Rules that prevent data from being changed
- Rules that allow access only to all parties
- Rules that hide data
Q2. Maria has taken her college entry exam and is waiting to get her results via email. By accident, the university sent Maria’s results to Alexander. What part of the CIA Triad has been broken?
- Data breach
Q3. Your company’s Marketing team will be taking a group of people on a tour of your facility. The company has sent an email to all employees requiring them to clean all whiteboards and to make sure their desktops are cleared. What is the company trying to protect against?
- Exposure to login credentials
- Damage to the company’s reputation
- Social engineering
- A loss of intellectual property
Q4. What does the acronym PII stand for?
- Private Internet Identifier
- Personally Identifiable Information
- Protected identity Information
- Personnel Internal Information
Q5. David noticed an unattended laptop in a coffee shop and decided to steal it. Which of the following types of cybercrime did he commit?
- Unauthorized access
- Identity theft
- Hardware theft
Q6. Someone was recently caught sifting through your company’s trash looking for confidential information. Which type of security threat is this?
- Data dump
- Dumpster diving
- Data leak
Q7. You’ve started to notice that a co-worker sitting next to you always seems to look your way when you’re trying to enter your username and password to log onto the network. What is this co-worker doing?
- Man-in-the-Middle attack
- Shoulder surfing
Q8. You just installed a new search engine on your computer. Afterward, whenever you search the Internet, several pop-up windows appear on your screen directing you to buy products. What type of malware is installed on your machine?
Q9. Your supervisor is extremely busy today and asks you to log into the HR server using her login credentials to retrieve some payroll reports. What should you do?
- Forward her request to the IT Department because they also have logins to the HR server and can run the reports for you because their logins allow them to provide software patches to the server.
- Politely declined the request and reminded her that it is against the company’s security policy to share login credentials.
- She’s a trusted employee and your supervisor so it is acceptable to do ask she asks.
- Ignore her request and hope she forgets about it.
Q10. Which of the following best describes a Trojan Horse?
- A type of malware that tricks you into installing software that looks legitimate.
- A type of malware that encrypts your files and makes a demand that ransom be paid.
- A type of malware that inserts ads on top of websites that you visit.
- A type of malware that records your keystrokes.
Introduction to Cybersecurity Essentials Week 02 Quiz Answers
Quiz 1: Security Best Practices
Q1. Which of the following is an example of an effective password policy?
- A password could be shared with a trusted co-worker such as someone from the IT Department or Help Desk.
- Passwords may be reused or recycled after 6 months.
- Set the minimum password to 6 characters or more.
- Password strength combined with multifactor authentication are essential tools for maintaining security.
Q2. What is the benefit of the principle of least privilege?
- It reduces the number of hours that an employee can log into the company’s network.
- It reduces the number of employees who can log into the corporate network.
- It improves data security and prevents the spread of malware on your network.
- It lets system administrators monitor all user activity on the company’s network, including logins and system changes.
Q3. Which of the following is the correct term used for making a device, operating system, or software application as secure as possible?
Q4. Which method would prevent an attacker from connecting to your computer remotely from an Internet connection over an open port?
- Use full disk encryption like Microsoft BitLocker.
- Use a host-based firewall, like Windows Firewall.
- Use a VPN (Virtual Private Network), like Norton Secure VPN.
- Use cipher text to encrypt your files.
Q5. Which of the following terms best refers to fixing a known software problem?
- Firmware Update
- BIOS Update
Quiz 2: Security Best Practices
Q1. You are investigating fraudulent activities committed by two employees at your company. You’re asked to provide non-refutable evidence to confirm it. What type of evidence will you provide?
- Authentication records
- Access control
- Authorization logs
Q2. Why would you use a VPN?
- To encrypt data on a public network
- To allocate IP addresses to network hosts
- To translate network addresses into subnets
- To share an Internet connection to multiple devices
Q3. Which of the following authentication methods require more than one authentication process for a logon? (Select two)
- Multifactor authentication
- Access badge
- Fingerprint reader
Q4. You received an email from your bank alerting you to suspicious activity on your bank account. They inform you that to keep your account safe, you should change your password immediately. They provide you with a link to change your password. Which type of social engineering attack was used against you?
- Session hijacking
- Identity theft
Q5. Recently, your company experienced a data breach. An investigation confirms that the source was a company executive who was using his mobile phone in a public area. Which of the following might have prevented this breach?
- A firewall
- Multifactor authentication
- Disabling NFC
- Disabling Bluetooth
Q6. Using asymmetric encryption is best suited for which one of the following scenarios?
- Protecting data at rest stored on hard drives and removable drives.
- Protecting data in transit against eavesdropping and data tampering.
- A laptop with a WWAN card installed.
- Efficiency. There is a single key used to encrypt and decrypt data.
Q7. Which of the following practices can help you manage your email and reduce spam
- Only subscribe to legitimate email distribution lists
- Don’t use throwaway accounts
- Change your password every 6-12 months
- Keep your inbox clean and use folders to organize your email by category
Q8. You are assigned a task to secure data on the development machines in the lab. None are connected to any external networks. What can you do to prevent data theft?
- Use drive encryption
- Install a VPN
- Use file-level encryption
- Install a network firewall
Q9. After you have applied an operating system update to your laptop, your sound card is no longer functional. You’ve determined that the sound card driver is no longer compatible and needs an update. Where is the best place to obtain a new driver?
- From the original equipment manufacturer (OEM)
- From a torrent site
- The Google Play store
- The Apple App Store
Q10. Common passwords and phrases are safe for passwords as long as they:
- Are at least 12 characters long and include a number and punctuation mark
- Are in a language other than your own native language
- Commonly used passwords are never safe
- Are easy for you to remember
Introduction to Cybersecurity Essentials Week 03 Quiz Answers
Quiz 1: Safe Browsing Practices
Q1. Why is it important for organizations to secure their business software?
- To prevent hackers from targeting and launching ransomware, exploits, or other cyberattacks against it
- To ensure that IT staff can install necessary patches to keep it up to date
- To prevent hackers from obtaining the software and selling it on the dark web
- To prevent employees from legally downloading and installing it on their computers
Q2. What does the HTTPS:// at the beginning of a URL mean, as opposed to a URL that begins with HTTP://?
- That the site has special high-definition content.
- That the site is only for computers and not mobile phones
- That any information entered into the site is encrypted
- That the site is not accessible to certain computers
Q3. When a public Wi-Fi network requires a password to use it, does that mean it’s generally safe to use it for sensitive activities like online banking?
- Yes, as long as you’re using your mobile phone.
- No, it is not safe.
- Yes, as long as you are only checking balances and not sending or receiving funds.
- Yes, as long as your bank requires multifactor authentication.
Q4. Which of the following statements is true regarding browser plugins, toolbars, and extensions?
- They should never be installed on a mobile device.
- They are completely safe to use.
- They are safe to use only if they come from a website that has HTTP:\ in the URL.
- Browsers and their associated add-ons should be updated to the newest versions.
Q5. Your co-worker, Rachelle, has recently discovered that when she starts typing her name into a field in a web browser, her whole name and address appears in their respective boxes. What is causing this to happen?
Quiz 2: Safe Browsing Practices
Q1. Which of the following best describes the primary reason that hackers target companies?
- To see if the company’s employees are practicing unsafe browsing habits.
- To try to steal sensitive data such as intellectual property, trade secrets and other valuable data to sell on the dark web.
- So they can learn more about the non-approved applications installed at the company.
- So they can learn more about multifactor authentication.
Q2. Which technology can help reduce security threats when using an unsecure Wi-Fi network?
- By rooting or jailbreaking your phone
- Using a different public Wi-Fi network that requires a password to log in
- Using a virtual private network (VPN)
- Using the Bluetooth connection on your mobile phone
Q3. Which of the following is a strong password?
Q4. You’ve been messaging online with a stranger for a few weeks, and he asked you for your email address. He’s been friendly and seems trustworthy, so you give it to him. He then cut off all contact with you and now your Inbox is filling up with thousands of emails from companies, and people you don’t know. What happened?
- The stranger used a phishing attack and social engineering against you to obtain your email address to use for sending spam.
- Your email account was hacked.
- Your identity was stolen.
- The stranger is trying to impersonate you online.
Q5. Which of the following statements about cookies is true?
- I can get a cookie from a website I’ve never been to.
- Cookies do not track my activities on a website.
- Cookies contain viruses that can damage my computer.
- Cookies can fill up my hard drive and make my computer run slower.
Q6. Which of the following characteristics should apply to a CA security certificate?
- A security certificate should be hashed with an MD5 algorithm.
- A security certificate should be self-signed.
- A security certificate should not be required if the website’s URL begins with HTTPS://.
- A security certificate should be issued from a trusted Certificate of Authority.
Q7. What is SSL (Secure Socket Layer) used for?
- Protecting the website from SQL injection attacks
- Protecting the website from drive-by malware installations
- Preventing the interception and tampering of data
- Stopping certificate expiration warning messages
Q8. After logging into your computer today, you’ve noticed that every time you try to visit a website, your browser keeps redirecting you to other sites. What is the cause?
- A hacker is controlling your computer.
- Your computer was hacked and is now part of a botnet.
- Your computer has been infected with malware that is causing the redirects.
- Someone has stolen your identity and is impersonating you on your computer.
Q9. Which of the following is a risk to rooting or jailbreaking a mobile device?
- You won’t be charged for the software you want to install on it.
- Data is exposed to hackers.
- All data is deleted from the device.
- The device is bricked or becomes unusable.
Q10. Which of the following is a genuine Certificate of Authority (root certificate store)?
- Google Play Store
- Apple App Store
Introduction to Cybersecurity Essentials Week 04 Quiz Answers
Quiz 1: Final Quiz
Q1. Which of the following attacks would a hacker use to potentially target the theft of intellectual property?
- Man-in-the-Middle attack
- Dumpster diving
- Replay attack
Q2. An attacker was easily able to log in to your company’s security camera by performing a basic Internet search. He found a setup guide for that particular camera brand and model. Which of the following BEST describes the configurations the attacker exploited?
- Open permissions
- Weak encryption
- Unsecure Protocols
- Default settings
Q3. Which of the following is one of the categories used in multifactor authentication?
- Somewhere you are
- Someone you know
- Something you have
- Something you can do
Q4. What does SSL stand for?
- Secure sockets layer
- Special security license
- Secure space layer
- Straight socket loop
Q5. Which of the following are elements of the CIA Triad?
- Confidentiality, Integrity, and Availability
- Control, Integrity, and Accessibility
- Confidentiality, Interest, and Accessibility
- Control, Integrity, and Authentication
Q6. In the context of security and information privacy, what does IP stand for?
- Information Privacy
- Intellectual Property
- Internet Privacy
- Integrity Protocol
Q7. Which of the following is a way that a web browser is vulnerable to a breach?
- Leaving the browser open after it has become infected.
- A virus can be sent through the monitor.
- A browser plug-in can be exploited.
- Web browsers are impervious to exploitation.
Q8. Digital signatures provide which of the following?
- Authentication, data integrity, a form of non-repudiation
Q9. What is personally identifiable information, or PII?
- Historical information about a celebrity published on Wikipedia
- Information or data stored online or offline
- Any information about an employee
- Any data that alone, or in combination with other information, can identify an individual
Q10. What is the purpose of Trojan malware?
- To masquerade as non-malicious software while exploiting a system’s weaknesses.
- To replicate itself and spread to other computers to form a botnet.
- To secretly record your browsing activities, capture your keystrokes and report back to a command-and-control server.
- To flood a target system with so much traffic that it ceases to function, crashes, or reduces its performance.
Q11. Which of the following best describes a zombie cookie?
- Cookies that emulate users by downloading the victim’s information to a virtual machine.
- Cookies are altered to a virus-like state.
- Cookies that emulate users by stealing their personal identity.
- They don’t follow normal protocols and are difficult to remove.
Q12. What happens to your data when it’s encrypted?
- It is scrambled to retain privacy from third parties.
- It is transferred to a third party, encoded, then sent back.
- It is sent through a series of computers to be compressed multiple times.
- It is compressed, renamed, and archived.
Q13. There are two types of firewalls. What are they?
- Remote and local
- Digital and electronic
- Hardware-based and software-based
- Internet-based and home-based
Q14. Which of the following webpage addresses indicate that the browsing session is secured by SSL?
- The web address begins with ssl.http://
- The web address begins with https://
- The web address begins with http://
- The web address begins with http.ssl://
Q15. When is data at its least vulnerable?
- When it’s being written.
- When it’s in transit.
- When it’s at rest.
- When it’s being transferred on a USB stick.