IT Security: Defense against the digital dark arts Quiz Answers

All Weeks IT Security: Defense against the digital dark arts Quiz Answers

Week 01: Understanding Security Threads Quiz Answers

Quiz 01: Malicious Software

Q1. In the CIA Triad, “Confidentiality” means ensuring that data is:

  • accurate and was not tampered with.
  • not accessible by unwanted parties.
  • accessible anonymously.
  • available and that people can access it.

Q2. In the CIA Triad, “Integrity” means ensuring that data is:

  • available and that people can access it.
  • not accessible by unwanted parties.
  • truthful and honest.
  • accurate and was not tampered with.

Q3. In the CIA Triad, “Availability” means ensuring that data is:

  • available to anyone from anywhere.
  • accurate and was not tampered with.
  • not accessible by unwanted parties.
  • available and people can access it.

Q4. What’s the relationship between a vulnerability and an exploit?

  • A vulnerability takes advantage of an exploit to run arbitrary code or gain access.
  • An exploit takes advantage of a vulnerability to run arbitrary code or gain access.
  • They’re unrelated.
  • An exploit creates a vulnerability in a system.

Q5. Which statement is true for both a worm and a virus?

  • They’re self-replicating and self-propagating.
  • They’re undetectable by antimalware software.
  • They infect other files with malicious code.
  • They don’t cause any harm to the target system.

Q6. Check all examples of types of malware:

  • Key Generators
  • Adware
  • Worms
  • Viruses

Q7. What are the characteristics of a rootkit? Check all that apply.

  • Is difficult to detect
  • Is harmless
  • Is destructive
  • Provides elevated credentials

Quiz 02: Network Attacks

Q1. What are the dangers of a man-in-the-middle attack? Check all that apply.

  • An attacker can block or redirect traffic.
  • An attacker can destroy data at rest.
  • An attacker can eavesdrop on unencrypted traffic.
  • An attacker can modify traffic in transit.

Q2. Why is a DNS cache poisoning attack dangerous? Check all that apply.

  • It allows an attacker to redirect targets to malicious webservers.
  • Errrr…it’s not actually dangerous.
  • It affects any clients querying the poisoned DNS server.
  • It allows an attacker to remotely control your computer.

Q3. Which of the following is true of a DDoS attack?

  • This type of attack causes a significant loss of data.
  • An attacker sends attack traffic directly to the target.
  • Attack traffic comes from lots of different hosts.
  • Attack traffic is encrypted.

Q4. Which of the following result from a denial-of-service attack? Check all that apply.

  • Malware infection
  • Data destruction
  • Slow network performance
  • Service unreachable

Quiz 03: Other Attacks

Q1. How can you protect against client-side injection attacks? Check all that apply.

  • Use data sanitization
  • Use a SQL database
  • Utilize strong passwords
  • Use input validation

Q2. True or false: A brute-force attack is more efficient than a dictionary attack.

  • TRUE
  • FALSE

Q3. Which of the following scenarios are social engineering attacks? Check all that apply.

  • An attacker performs a DNS Cache poisoning attack.
  • Someone uses a fake ID to gain access to a restricted area.
  • An attacker performs a man-in-the-middle attack.
  • You receive an email with an attachment containing a virus.

Graded Assessment

https://drive.google.com/drive/folders/1xVnX4YdZuNC0034yu3vFZT3_nNm0_0Hj?usp=sharing

Week 2: Pelgbybtl (Cryptology) Quiz Answers

Quiz 01: Cryptography Applications

Q1. What information does a digital certificate contain? Check all that apply.

  • Public key data
  • Identifying information of the certificate owner
  • Digital signature
  • Private key data

Q2. Which type of encryption does SSL/TLS use?

  • Asymmetric encryption
  • Symmetric encryption
  • Neither
  • Both

Q3. What are some of the functions that a Trusted Platform Module can perform? Check all that apply.

  • Remote attestation
  • Malware detection
  • Secure user authentication
  • Data binding and sealing

Quiz 02: Hashing

Q1. How is hashing different from encryption?

  • Hashing operations are one-directional.
  • Hashing is meant for large amounts of data, while encryption is meant for small amounts of data.
  • It’s less secure.
  • It’s faster.

Q2. What’s a hash collision?

  • When two identical files generate different hash digests
  • When a hash digest is reversed to recover the original
  • When two different hashing algorithms produce the same hash
  • When two different files generate the same hash digest

Q3. How is a Message Integrity Check (MIC) different from a Message Authentication Code (MAC)?

  • A MIC only hashes the message, while a MAC incorporates a secret key.
  • A MAC requires a password, while a MIC does not.
  • They’re the same thing.
  • A MIC is more reliable than a MAC.

Q4. How can you defend against brute-force password attacks? Check all that apply.

  • Store passwords in a rainbow table.
  • Incorporate salts into password hashing.
  • Run passwords through the hashing function multiple times.
  • Enforce the use of strong passwords.

Quiz 03: Symmetric Encryption

Q1. What are the components that make up a cryptosystem? Check all that apply.

  • Decryption algorithms
  • Encryption algorithms
  • Transmission algorithms
  • Key generation algorithms

Q2. What is steganography?

  • The study of languages
  • The practice of encoding messages
  • The study of stegosauruses
  • The practice of hiding messages

Q3. What makes an encryption algorithm symmetric?

  • High speed
  • Different keys used for encryption and decryption
  • The same keys used for encryption and decryption
  • Very large key sizes

Q4. What’s the difference between a stream cipher and a block cipher?

  • Block ciphers are only used for block device encryption.
  • Stream ciphers can’t save encrypted data to disk.
  • Stream ciphers encrypt data as a continuous stream, while block ciphers operate on chunks of data.
  • There is no difference.

Q5. True or false: The smaller the encryption key is, the more secure the encrypted data is.

  • TRUE
  • FALSE

Quiz 04: Week Two Practice Quiz

Q1. Plaintext is the original message, while _ is the encrypted message.

  • Ciphertext
  • Digest
  • Cipher
  • Algorithm

Q2. The specific function of converting plaintext into ciphertext is called a(n) __.

  • Encryption algorithm
  • Integrity check
  • Data protection standard
  • Permutation

Q3. Studying how often letters and pairs of letters occur in a language is referred to as _.

  • Codebreaking
  • Cryptography
  • Frequency analysis
  • Espionage

Q4. True or false: The same plaintext encrypted using the same algorithm and same encryption key would result in different ciphertext outputs.

  • TRUE
  • FALSE

Q5. The practice of hiding messages instead of encoding them is referred to as __.

  • Encryption
  • Hashing
  • Obfuscation
  • Steganography

Q6. ROT13 and a Caesar cipher are examples of _.

  • Digital signatures
  • Steganography
  • Substitution ciphers
  • Asymmetric encryption

Q7. DES, RC4, and AES are examples of __ encryption algorithms.

  • Asymmetric
  • Strong
  • Symmetric
  • Weak

Q8. What are the two components of an asymmetric encryption system, necessary for encryption and decryption operations? Check all that apply.

  • Private key
  • Random number generator
  • Digest
  • Public key

Q9. To create a public key signature, you would use the __ key.

  • Decryption
  • Symmetric
  • Private
  • Public [INCORRECT]

Q10. Using an asymmetric cryptosystem provides which of the following benefits? Check all that apply.

  • Non-repudiation
  • Authenticity
  • Hashing
  • Confidentiality

Q11. If two different files result in the same hash, this is referred to as a __.

  • Mistake
  • Coincidence
  • Key collision
  • Hash collision

Q12. When authenticating a user’s password, the password supplied by the user is authenticated by comparing the __ of the password with the one stored on the system.

  • Hash
  • Plaintext
  • Ciphertext
  • Length

Q13. If a rainbow table is used instead of brute-forcing hashes, what is the resource trade-off?

  • Rainbow tables use less computational resources and more storage space
  • Rainbow tables use less RAM resources and more computational resources
  • Rainbow tables use less storage space and more RAM resources
  • Rainbow tables use less storage space and more computational resources

Q14. In a PKI system, what entity is responsible for issuing, storing, and signing certificates?

  • Government
  • Certificate Authority
  • Intermediary Authority
  • Registration Authority

Graded Assessment

https://drive.google.com/drive/folders/1lqShN0jVshRsnRfU1n7lZaMNPKO3XnIf?usp=sharing

Week 3: AAA Security Quiz Answers

Quiz 01: Authentication

Q1. How is authentication different from authorization?

  • They’re the same thing.
  • Authentication is verifying access to a resource; authorization is verifying an identity.
  • Authentication is identifying a resource; authorization is verifying access to an identity.
  • Authentication is verifying an identity; authorization is verifying access to a resource.

Q2. What are some characteristics of a strong password? Check all that apply,

  • Contains dictionary words
  • Includes numbers and special characters
  • Is used across accounts and systems
  • Is at least eight characters long

Q3. In a multi-factor authentication scheme, a password can be thought of as:

  • something you know.
  • something you have.
  • something you use.
  • something you are.

Q4. What are some drawbacks to using biometrics for authentication? Check all that apply.

  • Biometric authentication is much slower than alternatives.
  • Biometrics are easy to share.
  • There are potential privacy concerns.
  • Biometric authentication is difficult or impossible to change if compromised.

Q5. In what way are U2F tokens more secure than OTP generators?

  • They’re password-protected.
  • They can’t be cloned.
  • They’re resistant to phishing attacks.
  • They’re cheaper.

Q6. What elements of a certificate are inspected when a certificate is verified? Check all that apply.

  • Trust of the signatory CA
  • Certificate key size
  • “Not valid after” date
  • “Not valid before” date

Q7. What is a CRL?

  • Certified Recursive Listener
  • Certificate Revocation List
  • Certificate Recording Language
  • Caramel Raspberry Lemon

Q8. What are the names of similar entities that a Directory server organizes entities into?

  • Clusters
  • Groups
  • Trees
  • Organizational Units

Q9. True or false: The Network Access Server handles the actual authentication in a RADIUS scheme.

  • True
  • False

Q10. True or false: Clients authenticate directly against the RADIUS server.

  • True
  • False

Q11. What does a Kerberos authentication server issue to a client that successfully authenticates?

  • A ticket-granting ticket
  • A master password
  • An encryption key [INCORRECT]
  • A digital certificate

Q12. What advantages does single sign-on offer? Check all that apply.

  • It provides encrypted authentication.
  • It reduces the total number of credentials,
  • It enforces multifactor authentication.
  • It reduces time spent authenticating.

Q13. What does OpenID provide?

  • Certificate signing
  • Digital signatures
  • Authentication delegation
  • Cryptographic hashing

Quiz 02: Authorization and Accounting

Q1. What role does authorization play?

  • It determines whether or not an entity has access to a resource.
  • It verifies an entity’s identity.
  • It verifies passwords.
  • It provides strong encryption.

Q2. What does OAuth provide?

  • Confidentiality
  • Integrity
  • Access delegation
  • Secure communications

Q3. How is auditing related to accounting?

  • They’re not related.
  • They’re the same thing.
  • Accounting is reviewing records, while auditing is recording access and usage.
  • Accounting is recording access and usage, while auditing is reviewing these records.

Graded Assessment

Click here to Download

Week 4: Securing Your Networks Quiz Answers

Quiz 01: Network Monitoring

Q1. What does tcpdump do? Select all that apply.

  • Encrypts your packets
  • Analyzes packets and provides a textual analysis
  • Captures packets
  • Generates packets

Q2. What does wireshark do differently from tcpdump? Check all that apply.

  • It can write packet captures to a file.
  • It has a graphical interface.
  • It understands more application-level protocols.
  • It can capture packets and analyze them.

Q3. What factors should you consider when designing an IDS installation? Check all that apply.

  • Internet connection speed
  • Storage capacity
  • OS types in use
  • Traffic bandwidth

Q4. What is the difference between an Intrusion Detection System and an Intrusion Prevention System?

  • An IDS can actively block attack traffic, while an IPS can only alert on detected attack traffic.
  • An IDS can alert on detected attack traffic, but an IPS can actively block attack traffic.
  • An IDS can detect malware activity on a network, but an IPS can’t
  • They are the same thing.

Q5. What factors would limit your ability to capture packets? Check all that apply.

  • Network interface not being in promiscuous or monitor mode
  • Anti-malware software
  • Encryption
  • Access to the traffic in question

Quiz 02: Secure Network Architecture

Q1. Why is normalizing log data important in a centralized logging setup?

  • Log normalizing detects potential attacks.
  • Uniformly formatted logs are easier to store and analyze.
  • The data must be decrypted before sending it to the log server.
  • It’s difficult to analyze abnormal logs.

Q2. What type of attacks does a flood guard protect against? Check all that apply.

  • Man-in-the-middle attacks
  • Malware infections
  • SYN floods
  • DDoS attacks

Q3. What does DHCP Snooping protect against?

  • Rogue DHCP server attacks
  • DDoS attacks
  • Brute-force attacks
  • Data theft

Q4. What does Dynamic ARP Inspection protect against?

  • Rogue DHCP server attacks
  • Malware infections
  • ARP poisoning attacks
  • DDoS attacks

Q5. What does IP Source Guard protect against?

  • IP spoofing attacks
  • Brute-force attacks
  • Rogue DHCP server attacks
  • DDoS attacks

Q6. What does EAP-TLS use for mutual authentication of both the server and the client?

  • Biometrics
  • Usernames and passwords
  • Digital certificates
  • One-time passwords

Q7. Why is it recommended to use both network-based and host-based firewalls? Check all that apply.

  • For protection for mobile devices, like laptops
  • For protection against DDoS attacks
  • For protection against compromised hosts on the same network
  • For protection against man-in-the-middle attacks

Quiz 03: Wireless Security

Q1. What are some of the weaknesses of the WEP scheme? Check all that apply.

  • Its small IV pool size
  • Its use of ASCII characters for passphrases
  • Its use of the RC4 stream cipher
  • Its poor key generation methods

Q2. What symmetric encryption algorithm does
WPA2 use?

  • DES
  • DSA
  • RSA
  • AES

Q3. How can you reduce the likelihood of WPS brute-force attacks? Check all that apply.

  • Implement lockout periods for incorrect attempts.
  • Update firewall rules.
  • Use a very long and complex passphrase.
  • Disable WPS.

Q4. Select the most secure WiFi security configuration from below:

  • WPA2 enterprise
  • WEP 128 bit
  • WPA personal
  • WPA enterprise
  • WPA2 personal
  • None

Graded Assessment

Click here to Download

Week 5: Defense in Depth Quiz Answers

Quiz 01: Application Hardening

Q1. Why is it important to keep software up-to-date?

  • To address any security vulnerabilities discovered
  • To ensure compatibility with other systems
  • It’s not important. It’s just annoying.
  • To ensure access to the latest features

Q2. What are some types of software that you’d want to have an explicit application policy for? Check all that apply.

  • Software development kits
  • Video games
  • Filesharing software
  • Word processors

Quiz 02: System Hardening

Q1. What is an attack vector?

  • The classification of attack type
  • The direction an attack is going in
  • The severity of the attack
  • A mechanism by which an attacker can interact with your network or systems

Q2. Disabling unnecessary components serves which purposes? Check all that apply.

  • Reducing the attack surface
  • Making a system harder to use
  • Increasing performance
  • Closing attack vectors

Q3. What’s an attack surface?

  • The target or victim of an attack
  • The payload of the attack
  • The total scope of an attack
  • The combined sum of all attack vectors in a system or network

Q4. A good defense in depth strategy would involve deploying which firewalls?

  • No firewalls
  • Network-based firewalls only
  • Both host-based and network-based firewalls
  • Host-based firewalls only

Q5. Using a bastion host allows for which of the following? Select all that apply.

  • Running a wide variety of software securely
  • Applying more restrictive firewall rules
  • Having more detailed monitoring and logging
  • Enforcing stricter security measures

Q6. What benefits does centralized logging provide? Check all that apply.

  • It prevents database theft.
  • It blocks malware infections.
  • It helps secure logs from tampering or destruction.
  • It allows for easier logs analysis.

Q7. What are some of the shortcomings of antivirus software today? Check all that apply.

  • It can’t protect against unknown threats.
  • It’s very expensive.
  • It only detects malware, but doesn’t protect against it.
  • It only protects against viruses.

Q8. How is binary whitelisting a better option than antivirus software?

  • It’s cheaper.
  • It can block unknown or emerging threats.
  • It’s not better. It’s actually terrible.
  • It has less performance impact.

Q9. What does full-disk encryption protect against? Check all that apply.

  • Data theft
  • IP spoofing attacks
  • Malware infections
  • Tampering with system files

Q10. What’s the purpose of escrowing a disk encryption key?

  • Providing data integrity
  • Protecting against unauthorized access
  • Preventing data theft
  • Performing data recovery

Graded Assessment

Click here to Download

Week 6: Creating a Company Culture for Security Quiz Answers

Graded Assessment

Click here to Download

<< Previous Course Quiz Answers

System Administration and IT Infrastructure Services

There are 5 Courses in Google IT Support Professional Certificate

Course 1: Technical Support Fundamentals

Course 2: The Bits and Bytes of Computer Networking

Course 3: Operating Systems and You: Becoming a Power User

Course 4: System Administration and IT Infrastructure Services

Course 5: IT Security: Defense against the digital dark arts

Tags
Team Networking Funda
Team Networking Funda

We are Team Networking Funda, a group of passionate authors and networking enthusiasts committed to sharing our expertise and experiences in networking and team building. With backgrounds in Data Science, Information Technology, Health, and Business Marketing, we bring diverse perspectives and insights to help you navigate the challenges and opportunities of professional networking and teamwork.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending now

Introduction to battery-management systems Coursera Quiz AnswersSolar Energy Systems Overview Coursera Quiz Answers – Networking FundaJava Programming: Solving Problems with Software Quiz Answers 2024Introduction to Web Development with HTML, CSS, JavaScript Quiz Answers