All Weeks IT Security: Defense against the digital dark arts Quiz Answers
Table of Contents
Week 01: Understanding Security Threads Quiz Answers
Quiz 01: Malicious Software
Q1. In the CIA Triad, “Confidentiality” means ensuring that data is:
- accurate and was not tampered with.
- not accessible by unwanted parties.
- accessible anonymously.
- available and that people can access it.
Q2. In the CIA Triad, “Integrity” means ensuring that data is:
- available and that people can access it.
- not accessible by unwanted parties.
- truthful and honest.
- accurate and was not tampered with.
Q3. In the CIA Triad, “Availability” means ensuring that data is:
- available to anyone from anywhere.
- accurate and was not tampered with.
- not accessible by unwanted parties.
- available and people can access it.
Q4. What’s the relationship between a vulnerability and an exploit?
- A vulnerability takes advantage of an exploit to run arbitrary code or gain access.
- An exploit takes advantage of a vulnerability to run arbitrary code or gain access.
- They’re unrelated.
- An exploit creates a vulnerability in a system.
Q5. Which statement is true for both a worm and a virus?
- They’re self-replicating and self-propagating.
- They’re undetectable by antimalware software.
- They infect other files with malicious code.
- They don’t cause any harm to the target system.
Q6. Check all examples of types of malware:
- Key Generators
- Adware
- Worms
- Viruses
Q7. What are the characteristics of a rootkit? Check all that apply.
- Is difficult to detect
- Is harmless
- Is destructive
- Provides elevated credentials
Quiz 02: Network Attacks
Q1. What are the dangers of a man-in-the-middle attack? Check all that apply.
- An attacker can block or redirect traffic.
- An attacker can destroy data at rest.
- An attacker can eavesdrop on unencrypted traffic.
- An attacker can modify traffic in transit.
Q2. Why is a DNS cache poisoning attack dangerous? Check all that apply.
- It allows an attacker to redirect targets to malicious webservers.
- Errrr…it’s not actually dangerous.
- It affects any clients querying the poisoned DNS server.
- It allows an attacker to remotely control your computer.
Q3. Which of the following is true of a DDoS attack?
- This type of attack causes a significant loss of data.
- An attacker sends attack traffic directly to the target.
- Attack traffic comes from lots of different hosts.
- Attack traffic is encrypted.
Q4. Which of the following result from a denial-of-service attack? Check all that apply.
- Malware infection
- Data destruction
- Slow network performance
- Service unreachable
Quiz 03: Other Attacks
Q1. How can you protect against client-side injection attacks? Check all that apply.
- Use data sanitization
- Use a SQL database
- Utilize strong passwords
- Use input validation
Q2. True or false: A brute-force attack is more efficient than a dictionary attack.
- TRUE
- FALSE
Q3. Which of the following scenarios are social engineering attacks? Check all that apply.
- An attacker performs a DNS Cache poisoning attack.
- Someone uses a fake ID to gain access to a restricted area.
- An attacker performs a man-in-the-middle attack.
- You receive an email with an attachment containing a virus.
Graded Assessment
https://drive.google.com/drive/folders/1xVnX4YdZuNC0034yu3vFZT3_nNm0_0Hj?usp=sharing
Week 2: Pelgbybtl (Cryptology) Quiz Answers
Quiz 01: Cryptography Applications
Q1. What information does a digital certificate contain? Check all that apply.
- Public key data
- Identifying information of the certificate owner
- Digital signature
- Private key data
Q2. Which type of encryption does SSL/TLS use?
- Asymmetric encryption
- Symmetric encryption
- Neither
- Both
Q3. What are some of the functions that a Trusted Platform Module can perform? Check all that apply.
- Remote attestation
- Malware detection
- Secure user authentication
- Data binding and sealing
Quiz 02: Hashing
Q1. How is hashing different from encryption?
- Hashing operations are one-directional.
- Hashing is meant for large amounts of data, while encryption is meant for small amounts of data.
- It’s less secure.
- It’s faster.
Q2. What’s a hash collision?
- When two identical files generate different hash digests
- When a hash digest is reversed to recover the original
- When two different hashing algorithms produce the same hash
- When two different files generate the same hash digest
Q3. How is a Message Integrity Check (MIC) different from a Message Authentication Code (MAC)?
- A MIC only hashes the message, while a MAC incorporates a secret key.
- A MAC requires a password, while a MIC does not.
- They’re the same thing.
- A MIC is more reliable than a MAC.
Q4. How can you defend against brute-force password attacks? Check all that apply.
- Store passwords in a rainbow table.
- Incorporate salts into password hashing.
- Run passwords through the hashing function multiple times.
- Enforce the use of strong passwords.
Quiz 03: Symmetric Encryption
Q1. What are the components that make up a cryptosystem? Check all that apply.
- Decryption algorithms
- Encryption algorithms
- Transmission algorithms
- Key generation algorithms
Q2. What is steganography?
- The study of languages
- The practice of encoding messages
- The study of stegosauruses
- The practice of hiding messages
Q3. What makes an encryption algorithm symmetric?
- High speed
- Different keys used for encryption and decryption
- The same keys used for encryption and decryption
- Very large key sizes
Q4. What’s the difference between a stream cipher and a block cipher?
- Block ciphers are only used for block device encryption.
- Stream ciphers can’t save encrypted data to disk.
- Stream ciphers encrypt data as a continuous stream, while block ciphers operate on chunks of data.
- There is no difference.
Q5. True or false: The smaller the encryption key is, the more secure the encrypted data is.
- TRUE
- FALSE
Quiz 04: Week Two Practice Quiz
Q1. Plaintext is the original message, while _ is the encrypted message.
- Ciphertext
- Digest
- Cipher
- Algorithm
Q2. The specific function of converting plaintext into ciphertext is called a(n) __.
- Encryption algorithm
- Integrity check
- Data protection standard
- Permutation
Q3. Studying how often letters and pairs of letters occur in a language is referred to as _.
- Codebreaking
- Cryptography
- Frequency analysis
- Espionage
Q4. True or false: The same plaintext encrypted using the same algorithm and same encryption key would result in different ciphertext outputs.
- TRUE
- FALSE
Q5. The practice of hiding messages instead of encoding them is referred to as __.
- Encryption
- Hashing
- Obfuscation
- Steganography
Q6. ROT13 and a Caesar cipher are examples of _.
- Digital signatures
- Steganography
- Substitution ciphers
- Asymmetric encryption
Q7. DES, RC4, and AES are examples of __ encryption algorithms.
- Asymmetric
- Strong
- Symmetric
- Weak
Q8. What are the two components of an asymmetric encryption system, necessary for encryption and decryption operations? Check all that apply.
- Private key
- Random number generator
- Digest
- Public key
Q9. To create a public key signature, you would use the __ key.
- Decryption
- Symmetric
- Private
- Public [INCORRECT]
Q10. Using an asymmetric cryptosystem provides which of the following benefits? Check all that apply.
- Non-repudiation
- Authenticity
- Hashing
- Confidentiality
Q11. If two different files result in the same hash, this is referred to as a __.
- Mistake
- Coincidence
- Key collision
- Hash collision
Q12. When authenticating a user’s password, the password supplied by the user is authenticated by comparing the __ of the password with the one stored on the system.
- Hash
- Plaintext
- Ciphertext
- Length
Q13. If a rainbow table is used instead of brute-forcing hashes, what is the resource trade-off?
- Rainbow tables use less computational resources and more storage space
- Rainbow tables use less RAM resources and more computational resources
- Rainbow tables use less storage space and more RAM resources
- Rainbow tables use less storage space and more computational resources
Q14. In a PKI system, what entity is responsible for issuing, storing, and signing certificates?
- Government
- Certificate Authority
- Intermediary Authority
- Registration Authority
Graded Assessment
https://drive.google.com/drive/folders/1lqShN0jVshRsnRfU1n7lZaMNPKO3XnIf?usp=sharing
Week 3: AAA Security Quiz Answers
Quiz 01: Authentication
Q1. How is authentication different from authorization?
- They’re the same thing.
- Authentication is verifying access to a resource; authorization is verifying an identity.
- Authentication is identifying a resource; authorization is verifying access to an identity.
- Authentication is verifying an identity; authorization is verifying access to a resource.
Q2. What are some characteristics of a strong password? Check all that apply,
- Contains dictionary words
- Includes numbers and special characters
- Is used across accounts and systems
- Is at least eight characters long
Q3. In a multi-factor authentication scheme, a password can be thought of as:
- something you know.
- something you have.
- something you use.
- something you are.
Q4. What are some drawbacks to using biometrics for authentication? Check all that apply.
- Biometric authentication is much slower than alternatives.
- Biometrics are easy to share.
- There are potential privacy concerns.
- Biometric authentication is difficult or impossible to change if compromised.
Q5. In what way are U2F tokens more secure than OTP generators?
- They’re password-protected.
- They can’t be cloned.
- They’re resistant to phishing attacks.
- They’re cheaper.
Q6. What elements of a certificate are inspected when a certificate is verified? Check all that apply.
- Trust of the signatory CA
- Certificate key size
- “Not valid after” date
- “Not valid before” date
Q7. What is a CRL?
- Certified Recursive Listener
- Certificate Revocation List
- Certificate Recording Language
- Caramel Raspberry Lemon
Q8. What are the names of similar entities that a Directory server organizes entities into?
- Clusters
- Groups
- Trees
- Organizational Units
Q9. True or false: The Network Access Server handles the actual authentication in a RADIUS scheme.
- True
- False
Q10. True or false: Clients authenticate directly against the RADIUS server.
- True
- False
Q11. What does a Kerberos authentication server issue to a client that successfully authenticates?
- A ticket-granting ticket
- A master password
- An encryption key [INCORRECT]
- A digital certificate
Q12. What advantages does single sign-on offer? Check all that apply.
- It provides encrypted authentication.
- It reduces the total number of credentials,
- It enforces multifactor authentication.
- It reduces time spent authenticating.
Q13. What does OpenID provide?
- Certificate signing
- Digital signatures
- Authentication delegation
- Cryptographic hashing
Quiz 02: Authorization and Accounting
Q1. What role does authorization play?
- It determines whether or not an entity has access to a resource.
- It verifies an entity’s identity.
- It verifies passwords.
- It provides strong encryption.
Q2. What does OAuth provide?
- Confidentiality
- Integrity
- Access delegation
- Secure communications
Q3. How is auditing related to accounting?
- They’re not related.
- They’re the same thing.
- Accounting is reviewing records, while auditing is recording access and usage.
- Accounting is recording access and usage, while auditing is reviewing these records.
Graded Assessment
Week 4: Securing Your Networks Quiz Answers
Quiz 01: Network Monitoring
Q1. What does tcpdump do? Select all that apply.
- Encrypts your packets
- Analyzes packets and provides a textual analysis
- Captures packets
- Generates packets
Q2. What does wireshark do differently from tcpdump? Check all that apply.
- It can write packet captures to a file.
- It has a graphical interface.
- It understands more application-level protocols.
- It can capture packets and analyze them.
Q3. What factors should you consider when designing an IDS installation? Check all that apply.
- Internet connection speed
- Storage capacity
- OS types in use
- Traffic bandwidth
Q4. What is the difference between an Intrusion Detection System and an Intrusion Prevention System?
- An IDS can actively block attack traffic, while an IPS can only alert on detected attack traffic.
- An IDS can alert on detected attack traffic, but an IPS can actively block attack traffic.
- An IDS can detect malware activity on a network, but an IPS can’t
- They are the same thing.
Q5. What factors would limit your ability to capture packets? Check all that apply.
- Network interface not being in promiscuous or monitor mode
- Anti-malware software
- Encryption
- Access to the traffic in question
Quiz 02: Secure Network Architecture
Q1. Why is normalizing log data important in a centralized logging setup?
- Log normalizing detects potential attacks.
- Uniformly formatted logs are easier to store and analyze.
- The data must be decrypted before sending it to the log server.
- It’s difficult to analyze abnormal logs.
Q2. What type of attacks does a flood guard protect against? Check all that apply.
- Man-in-the-middle attacks
- Malware infections
- SYN floods
- DDoS attacks
Q3. What does DHCP Snooping protect against?
- Rogue DHCP server attacks
- DDoS attacks
- Brute-force attacks
- Data theft
Q4. What does Dynamic ARP Inspection protect against?
- Rogue DHCP server attacks
- Malware infections
- ARP poisoning attacks
- DDoS attacks
Q5. What does IP Source Guard protect against?
- IP spoofing attacks
- Brute-force attacks
- Rogue DHCP server attacks
- DDoS attacks
Q6. What does EAP-TLS use for mutual authentication of both the server and the client?
- Biometrics
- Usernames and passwords
- Digital certificates
- One-time passwords
Q7. Why is it recommended to use both network-based and host-based firewalls? Check all that apply.
- For protection for mobile devices, like laptops
- For protection against DDoS attacks
- For protection against compromised hosts on the same network
- For protection against man-in-the-middle attacks
Quiz 03: Wireless Security
Q1. What are some of the weaknesses of the WEP scheme? Check all that apply.
- Its small IV pool size
- Its use of ASCII characters for passphrases
- Its use of the RC4 stream cipher
- Its poor key generation methods
Q2. What symmetric encryption algorithm does
WPA2 use?
- DES
- DSA
- RSA
- AES
Q3. How can you reduce the likelihood of WPS brute-force attacks? Check all that apply.
- Implement lockout periods for incorrect attempts.
- Update firewall rules.
- Use a very long and complex passphrase.
- Disable WPS.
Q4. Select the most secure WiFi security configuration from below:
- WPA2 enterprise
- WEP 128 bit
- WPA personal
- WPA enterprise
- WPA2 personal
- None
Graded Assessment
Week 5: Defense in Depth Quiz Answers
Quiz 01: Application Hardening
Q1. Why is it important to keep software up-to-date?
- To address any security vulnerabilities discovered
- To ensure compatibility with other systems
- It’s not important. It’s just annoying.
- To ensure access to the latest features
Q2. What are some types of software that you’d want to have an explicit application policy for? Check all that apply.
- Software development kits
- Video games
- Filesharing software
- Word processors
Quiz 02: System Hardening
Q1. What is an attack vector?
- The classification of attack type
- The direction an attack is going in
- The severity of the attack
- A mechanism by which an attacker can interact with your network or systems
Q2. Disabling unnecessary components serves which purposes? Check all that apply.
- Reducing the attack surface
- Making a system harder to use
- Increasing performance
- Closing attack vectors
Q3. What’s an attack surface?
- The target or victim of an attack
- The payload of the attack
- The total scope of an attack
- The combined sum of all attack vectors in a system or network
Q4. A good defense in depth strategy would involve deploying which firewalls?
- No firewalls
- Network-based firewalls only
- Both host-based and network-based firewalls
- Host-based firewalls only
Q5. Using a bastion host allows for which of the following? Select all that apply.
- Running a wide variety of software securely
- Applying more restrictive firewall rules
- Having more detailed monitoring and logging
- Enforcing stricter security measures
Q6. What benefits does centralized logging provide? Check all that apply.
- It prevents database theft.
- It blocks malware infections.
- It helps secure logs from tampering or destruction.
- It allows for easier logs analysis.
Q7. What are some of the shortcomings of antivirus software today? Check all that apply.
- It can’t protect against unknown threats.
- It’s very expensive.
- It only detects malware, but doesn’t protect against it.
- It only protects against viruses.
Q8. How is binary whitelisting a better option than antivirus software?
- It’s cheaper.
- It can block unknown or emerging threats.
- It’s not better. It’s actually terrible.
- It has less performance impact.
Q9. What does full-disk encryption protect against? Check all that apply.
- Data theft
- IP spoofing attacks
- Malware infections
- Tampering with system files
Q10. What’s the purpose of escrowing a disk encryption key?
- Providing data integrity
- Protecting against unauthorized access
- Preventing data theft
- Performing data recovery
Graded Assessment
Week 6: Creating a Company Culture for Security Quiz Answers
Graded Assessment
<< Previous Course Quiz Answers
System Administration and IT Infrastructure Services
There are 5 Courses in Google IT Support Professional Certificate
Course 1: Technical Support Fundamentals
Course 2: The Bits and Bytes of Computer Networking
Course 3: Operating Systems and You: Becoming a Power User
Course 4: System Administration and IT Infrastructure Services
Course 5: IT Security: Defense against the digital dark arts