All Coursera Quiz Answers

Assets, Threats, and Vulnerabilities Weekly challenge 2 Quiz Answers

In this article i am gone to share Coursera Course: Assets, Threats, and Vulnerabilities Weekly challenge 2 Quiz Answers with you..

Enroll Link: Assets, Threats, and Vulnerabilities

 

Also Visit:  Assets, Threats, and Vulnerabilities Weekly challenge 1 Quiz Answers

 

Assets, Threats, and Vulnerabilities Weekly challenge 2 Quiz Answers

Question 1)
What is the purpose of security controls?

  • Create policies and procedures
  • Encrypt information for privacy
  • Reduce specific security risks
  • Establish incident response systems

Question 2)
A large hotel chain collects customer email addresses as part of a national sweepstakes. As data custodians, what are the hotel chain’s responsibilities to protect this information? Select three answers.

  • To protect the data while in storage
  • To securely transport the data over networks
  • To edit the data when necessary
  • To safely handle the data when it’s accessed

Question 3)
What do symmetric encryption algorithms use to encrypt and decrypt information?

  • A digital certificate
  • A public and private key pair
  • A hash value
  • A single secret key

Question 4)
A security analyst is investigating a critical system file that may have been tampered with. How might the analyst verify the integrity of the system file?

  • By brute forcing the system file using a rainbow table.
  • By comparing the system files hash value to a known, trusted hash value.
  • By opening the system file in word processing application and checking its version history.
  • By decrypting the system files secret key using Advanced Encryption Standard (AES).

Question 5)
Fill in the blank: A _____ is used to prove the identity of users, companies, and networks in public key infrastructure.

  • digital certificate
  • access token
  • digital signature
  • access key

Question 6)
What are the two most common forms of identification used by authentication systems? Select two answers.

  • Password
  • Facial scan
  • Fingerprint
  • Username

Question 7)
What is a key advantage of multi-factor authentication compared to single sign-on?

  • It requires more than one form of identification before granting access to a system.
  • It streamlines the authentication process.
  • It can grant access to multiple company resources at once.
  • It is faster when authenticating users.

Question 8)
A business has one person who receives money from customers at the register. At the end of the day, another person counts that money that was received against the items sold and deposits it. Which security principles are being implemented into business operations? Select two answers.

  • Separation of duties
  • Least privilege
  • Single sign-on
  • Multi-factor authentication

Question 9)
What are common authorization tools that are designed with the principle of least privilege and separation of duties in mind? Select three answers.

  • OAuth
  • API Tokens
  • Basic auth
  • SHA256

Question 10)
What is the practice of monitoring the access logs of a system?

  • Accounting
  • Auditing
  • Authentication
  • Authorization

 

Question 11)
Which of the following examples are categories of security controls? Select three answers.

  • Operational
  • Technical
  • Managerial
  • Compliance

Question 12)
A large hotel chain collects customer email addresses as part of a national sweepstakes. As data custodians, what are the hotel chain’s responsibilities to protect this information? Select three answers.

  • To securely transport the data over networks
  • To safely handle the data when it’s accessed
  • To edit the data when necessary
  • To protect the data while in storage

Question 13)
You send an email to a friend. The service provider of your inbox encrypts all messages that you send. What happens to the information in your email when it’s encrypted?

  • It’s converted from Caesar’s cipher to plaintext.
  • It’s converted from a hash value to ciphertext.
  • It’s converted from ciphertext to plaintext.
  • It’s converted from plaintext to ciphertext.

Question 14)
What factors do authentication systems use to verify a user’s identity? Select three answers.

  • Knowledge
  • Accounting
  • Ownership
  • Characteristic

Question 15)
What is an advantage of using single sign-on (SSO) systems to authenticate users?

  • Users lose access to multiple platforms when the system is down.
  • Users must set multiple passwords.
  • It prevents credential stuffing attacks.
  • It makes the login process faster.

Question 16)
A business has one person who receives money from customers at the register. At the end of the day, another person counts that money that was received against the items sold and deposits it. Which security principles are being implemented into business operations? Select two answers.

  • Separation of duties
  • Least privilege
  • Single sign-on
  • Multi-factor authentication

Question 17)
What are common authorization tools that are designed with the principle of least privilege and separation of duties in mind? Select three answers.

  • SHA256
  • OAuth
  • API Tokens
  • Basic auth

Question 18)
A customer of an online retailer has complained that their account contains an unauthorized purchase. You investigate the incident by reviewing the retailer’s access logs. Which component of the user’s session that you might review?

  • Session algorithm
  • Session API key
  • Session certificate
  • Session cookie

Question 19)
Which of the following steps are part of the public key infrastructure process? Select two answers.

  • Transfer hash digests
  • Establish trust using digital certificates
  • Exchange of public and private keys
  • Exchange of encrypted information

Question 20)
A shipping company imports and exports materials around the world. Their business operations include purchasing goods from suppliers, receiving shipments, and distributing goods to retailers. How should the shipping company protect their assets under the principle of separation of duties? Select two answers.

  • Have one employee approve purchase orders
  • Have one employee select goods and submit payments
  • Have one employee file purchase orders
  • Have one employee receive shipments and distribute goods

Question 21)
What types of user information does an API token contain? Select two answers.

  • A user’s identity
  • A user’s secret key
  • A user’s site permissions
  • A user’s password

Question 22)
Which functions would fall under the category of operational security controls? Select two answers.

  • Establishing trust using digital certificates
  • Responding to an incident alert
  • Exchanging encrypted information
  • Providing security awareness training

Question 23)
How is hashing primarily used by security professionals?

  • To store data in the cloud
  • To determine data integrity
  • To make data quickly available
  • To decrypt sensitive data

Question 24)
Fill in the blank: ____ is the technology used to establish a user’s request to access a server.

  • Digital certificates
  • OAuth
  • API tokens
  • Basic auth

Question 25)
Why are hash algorithms that generate long hash values more secure than those that produce short hash values?

  • They are more difficult to brute force
  • They are more difficult to remember
  • They are easier to exchange over a network
  • They are easier to decrypt

Question 26)
Your security team receives an alert from the organization’s login server regarding multiple failed login attempts. The alert indicated that there were 10 failed login attempts to the company’s customer database in the past hour. What is the first thing you should do to investigate this incident?

  • Disable the customer database server.
  • Ignore the alert until you receive more user complaints.
  • Return the server’s operating system to a previous version.
  • Perform accounting on the access logs of the system.

Question 27)
A paid subscriber of a news website has access to exclusive content. As a data owner, what should the subscriber be authorized to do with their account? Select three answers.

  • Edit articles on the website
  • Review their username and password
  • Stop their subscription
  • Update their payment details

Question 28)
Which type of encryption is generally slower because the algorithms generate a pair of encryption keys?

  • Data encryption standard (DES)
  • Symmetric
  • Asymmetric
  • Rivest–Shamir–Adleman (RSA)

Question 29)
Fill in the blank: Knowledge, ownership, and characteristic are three factors of _____ systems.

  • authentication
  • administrative
  • accounting
  • authorization

Question 30)
The main responsibility of a receptionist at a healthcare company is to check-in visitors upon arrival. When visitors check-in, which kinds of information should the receptionist be able to access to complete their task? Select two answers.

  • The patient being visited
  • A photo ID
  • Their billing information
  • Their medical history

Question 2)
An employee reports that they cannot log into the payroll system with their access credentials. The employee does not recall changing their username or password. As a security analyst, you are asked to review access logs to investigate whether a breach occurred. What information are you able to review as a data custodian in this situation? Select two answers.

  • Any coworkers’ contact information
  • The IP address of the computer used to log in
  • The time the user signed in and out
  • Any payroll access credentials the user has stored on the server

Question 5)
Which security controls are used in public key infrastructure (PKI)? Select three answers.

  • Digital certificates
  • Multi-factor authentication
  • Asymmetric encryption
  • Symmetric encryption