Coursera Answers

IBM Cybersecurity Analyst Practice Quiz Answers

Hello Friends in this article i am gone to share Coursera Course: IBM Cybersecurity Analyst Practice Quiz Answers with you..

Enroll Link: IBM Cybersecurity Analyst

IBM Cybersecurity Analyst Practice Quiz Answers

Question 1)
A Denial of Service (DDoS) attack typically involves a bad actor sending millions of requests to a computer overwhelming that system’s ability to process them all properly. This is a violation of which aspect of the CIA Triad?

  • Confidentiality
  • Integrity
  • Availability
  • All of the above.

Question 2)
Money is the primary motivation for which type of hacking organization?

  • Black hats
  • Hactivists
  • White hats
  • Governments

Question 3)
The common vulnerability exploited in all social engineering attacks is what?

  • Firewalls
  • People
  • Social media platforms
  • Public infrastructure like dams and electrical grids

Question 4)
A directive from upper management stating that all employees must wear an ID badge at all times is an example of what?

  • Security guideline
  • Security policy
  • Security architecture
  • Security standard

Question 5)
Policies, procedures and tactical plans are all part of what?

  • The CIA Triad
  • Security awareness training
  • The IT Governance process.
  • The OWASP “Top 10”

Question 6)
Trudy intercepts a plain text-message sent by Alice and changes the location of a meeting that Alice is trying to arrange with Bob before she forwards the altered message to Bob. Which two (2) aspects of the CIA Triad were violated? (Select 2)

  • Availability
  • Integrity
  • Authentication
  • Confidentiality

Question 7)
To exchange messages between two people using symmetric key encryption, how many unique encryption keys are required?

  • 0
  • 1
  • 2
  • 4

Question 8)
In digital forensics, the record that documents the sequence of custody, control, transfer, analysis, and disposition of physical or electronic evidence is called what?

  • Forensic index
  • Chain of custody
  • Forensic custody record
  • Record of custody

Question 9)
Which of the following models how to document the processes, functions, and roles of IT Service Management?

  • The Open Web Application Security Project (OWASP) Framework.
  • The CIA Triad.
  • The Information Technology Infrastructure Library (ITIL) framework.
  • The Business Process Management Framework.

Question 10)
An unplanned interruption to an IT Service would be handled by which ITIL process?

  • Service Level Management
  • Information Security Management
  • Incident Management
  • Event Management
  • Change Management
  • Problem Management

Question 11)
Which role is a high-level management position responsible for the entire computer security department and staff?

  • Information Security Auditor
  • Information Security Analyst
  • Information Security Architect
  • Chief Information Security Officer (CISO)

Question 12)
Alice, Bob and Trudy are fictional characters commonly used to illustrate which aspect of information security?

  • NIST 800-53
  • The CIA Triad.
  • ISO27000
  • ITIL

Question 13)
Alice sends a message to Bob that is intercepted by Trudy. Which scenario describes an availability violation?

  • Trudy changes the message and then forwards it on.
  • Trudy deletes the message without reading or forwarding it.
  • Trudy cannot read it because it is encrypted but allows it to be delivered to Bob in its original form.
  • Trudy reads the message.

Question 14)
Which are the three (3) factor categories used in multi factor authentication? (Select 3)

  • Someone you know.
  • Something you have.
  • Something you can do.
  • Something you know.
  • Something you are.

Question 15)
Mary has access to certain resources because she is in the Research division of her company. She has access to other resources because she is a manager. Which access control system is probably in use in her company?

  • Mandatory Access Control (MAC)
  • Discretionary Access Control (DAC)
  • Role Based Access Control (RBAC)
  • Hierarchical Access Control (HAC)

Question 16)
In Windows, how many unique address spaces are used by applications running in user mode?

  • 1
  • 64
  • As many as there are applications running.
  • As many as there are processes running.

Question 17)
Which company developed and now owns Linux?

  • RedHat
  • Ubuntu
  • SUSE
  • None of the above.

Question 18)
Which of the following statements about hypervisors is true?

  • A hypervisor runs inside of a virtual image.
  • A hypervisor is hardware that coordinates process tasks between CPUs.
  • A hypervisor operates between the hardware and the operating system.
  • A hypervisor is an application that runs in an operating system.

Question 19)
If data security is the primary concern, which type of cloud should be considered first?

  • Universal cloud
  • Public cloud
  • Private cloud
  • Hybrid cloud

Question 20)
An employee seeking to damage his company because he did not get an expected promotion would be classified as which type of actor?

  • Hactivists
  • Inadvertent Actor
  • Malicious Insider
  • Outsiders

Question 21)
When examining endpoint security, which three (3) of the following would be classified as clients? (Select 3)

  • Laptop
  • Cellphone
  • Personal Computer
  • Cloud-based email service

Question 22)
Which two (2) Windows patch classifications should always be installed quickly? (Select 2)

  • Important
  • High
  • Critical
  • Confidential
  • Urgent

Question 23)
When working on a Windows computer, which mode will you usually be operating in?

  • Kernel mode
  • System mode
  • Host mode
  • User mode
  • Client mode

Question 24)
In Active Directory, Administrator, Guest, HelpAssistant, and KRBTGT are all examples of what?

  • Global accounts
  • Local accounts
  • Domain accounts
  • Roles

Question 25)
Digital signatures ensure which of the following?

  • Authentication
  • Non-repudiation
  • Integrity
  • All of the above.

Question 26)
How will Quantum computing impact the effectiveness of cryptography?

  • Both Symmetric and Public Key encryption will work fine if you use quantum keys.
  • Both Symmetric and Public Key encryption will be worthless. The only hope for cryptography will be the development of some new quantum encryption technology.
  • Symmetric key encryption will be weakened but Public Key encryption will not be impacted.
  • Symmetric key encryption will be weakened, and Public Key encryption will be broken.

Question 27)
When can data be encrypted?

  • While at rest only.
  • While at rest or in transit only.
  • While in transit and while in use only
  • While at rest, in transit and in use.
  • While at rest or while in use only.

Question 28)
How are Rainbow Tables used by hackers?

  • To decipher stolen passwords by looking up a hashed password and matching it to a string of clear text.
  • To coordinate a “full spectrum” attack against a given target all at once.
  • To better understand the demographics of a target when constructing a phishing attack email.
  • To match individual characters against their hashed values across a broad range of standard hashing algorithms.

Question 29)
Which of the following inspections can be performed only by a stateful firewall and not by a stateless firewall?

  • the destination port
  • if the packet belongs to an open session
  • the destination IP address
  • the source IP address
  • the service or protocol used

Question 30)
Which statement best describes the results of configuring a NAT router to use static address mapping?

  • Many unregistered IP addresses are mapped to a single registered IP address using different port numbers.
  • Unregistered IP addresses are mapped to registered IP addresses as they are needed.
  • The NAT router uses each computer’s IP address for both internal and external communication.
  • The organization will need as many registered IP addresses as it has computers that need Internet access.

Question 31)
Which address type does a router use to deliver a packet to a computer on its own local network?

  • The computer’s domain name.
  • The computer’s MAC address.
  • The network’s DHCP server address.
  • The network’s default gateway address.
  • The computer’s IP address.
  • The network’s DNS server address.

Question 32)
How do you represent the number 8 in binary?

  • 1000
  • 1010
  • 1100
  • 1111

Question 33)
A subnet mask of is used for which class of network?

  • Class A
  • Class B
  • Class C
  • Class D

Question 34)
Translation of domain names to IP addresses and vice versa is carried out by which protocol?

  • ARP
  • DNS
  • HTTP
  • SNMP
  • DHCP

Question 35)
Distributed databases and data warehouses would be considered which data model type?

  • Structured data
  • Structureless data
  • Semi-structured data
  • Unstructured data

Question 36)
Which activity should be considered suspicious and might indicate inappropriate activity is being attempted?

  • An authorized user attempts to run SQL statements with invalid syntax.
  • Attempts to create a list of user ID credentials using an SQL query rather than your organization’s identity management application.
  • A Finance department application that is accessed far more in the last few days of each month than at any other time.
  • A user who changes his password the first day of every month like clockwork.

Question 37)
Which operating system is immune from OS Command Injection attacks?

  • Windows
  • Linux
  • MacOS
  • None of the above.

Question 38)
Which two (2) are phases of a penetration test? (Select 2)

  • Discovery
  • Restoration
  • Containment
  • Exploitation or Attack

Question 39)
Select the correct option to fill in the blank with the missing step in the penetration test attack phase. Gaining Access, ______, System Browsing, Installing Additional Tools.

  • Scanning Ports
  • Vulnerability Scanning
  • Exfiltrating Files
  • Escalating Privileges

Question 40)
Which are the first three phases of incident response?

  • Containment, Eradication, Recovery.
  • Preparation, Detection & Analysis, Containment, Eradication & Recovery.
  • Detection, Analysis, Remediation.
  • Preparation, Review, Analysis.

Question 41)
Which type of monitoring system is designed to stop unauthorized users from accessing or downloading sensitive data?

  • SIEM
  • DLP
  • IDS
  • IPS

Question 42)
Why would you make hash values of all the data on a system before you move it or begin to analyze it?

  • To encrypt the original data so it cannot be further corrupted.
  • Data analysis is primarily focused on what you learn from the hash values.
  • To preserve the integrity of the original data.
  • To expose viruses or malware signatures in the data.

Question 43)
Which three (3) of the following data types are considered volatile? (Select 3)

  • Slack space
  • Swap files
  • Login sessions
  • Running processes

Question 44)
Which three (3) of the following are examples of how scripts are used today? (Select 3)

  • Transcription
  • Backups
  • Testing
  • Automation

Question 45)
What will be printed by the following block of Python code?

def Add5(in)
return out

  • Add5(10)
  • 10
  • 5
  • 15

Question 46)
How is Python developed and distributed?

  • Python is developed by Google and distributed free of charge.
  • Python is developed by IBM and distributed free of charge.
  • Python is developed by RedHat and distributed free of charge.
  • Python is an Open Source project and distributed free of charge.

Question 47)
How do you indicate some text is only a comment in a Python file?

  • Any code between double angle brackets (i.e. <<comments>>) is considered a comment.
  • Comments are isolated inside a comment function, i.e. comment(“this is a comment only”).
  • Use a hash “#” character. Everything to the right of that character on the same line will be treated as a comment.
  • Comments must be entire lines that start with “REM”.

Question 48)
Which country had the highest average cost per breach in 2018 at $8.19M

  • Russia
  • United States
  • China
  • Japan
  • United Kingdom
  • Germany

Question 49)
Activities performed as a part of security intelligence can be divided into pre-exploit and post-exploit activities. Which two (2) of these are post-exploit activities? (Select 2)

  • Perform forensic investigation.
  • Prioritize vulnerabilities to optimize remediation processes and close critical exposures.
  • Gather full situational awareness through advanced security analytics.
  • Detect deviations from the norm that indicate early warnings of APTs.

Question 50)
Which mobile operating system is being developed in a consortium that includes the Open Handset Alliance?

  • Blackberry
  • Windows
  • iOS
  • Android

Question 51)
Which data protection process provides prebuilt capabilities, mapped to specific regulations, to create the necessary resources to implement and demonstrate compliance with these regulations?

  • Real-time alerting
  • Automated compliance support
  • Blocking, masking and quarantining
  • Active analytics

Question 52)
A university just upgraded their email system, so it now encrypts all email by default. What aspect of the CIA Triad does this upgrade support?

  • Availability
  • Confidentiality
  • Authorization
  • Integrity

Question 53)
Which component of a vulnerability scanner allows the administrator to operate the scanner?

  • Engine Scanner
  • Database
  • Report Module
  • User Interface

Question 54)
The Common Vulnerability Scoring System (CVSS) is designed to help a company prioritize vulnerabilities. Which score would indicate a very high priority vulnerability?

  • 1
  • High
  • Red
  • 10

Question 55)
The foundation of robust security depends upon a number of factors including which two (2) of these? (Select 2)

  • Iterate design and build for rapid deployment.
  • Build with a clearly communicated structure.
  • Use systematic analysis of the threats and controls.
  • Strict adherence to security architecture standards such as ISO/IEC: 20071.

Question 56)
The Recover step in the DevSecOps Operate & Monitor phase contains which of these activities?

  • Virtual Patching
  • Inventory
  • Root Cause Analysis
  • Compliance

Question 57)
Which of these is an aspect of an Enterprise Architecture?

  • Shows the internal data and use of reusable or off-the-shelf components.
  • Gives the technology perspectives in detail.
  • Describes how specific products or technologies are used.
  • Does not describe the internals of the main components or how they will be implemented.

Question 58)
Which three (3) of these are features of Solution Building Blocks (SBBs)? (Select 3)

  • May be product or vendor aware.
  • Add context of the platforms and environments.
  • Is product and vendor neutral.
  • Specifies the technical components to implement a function.

Question 59)
Which two (2) approaches do SIEMs take to establish relationships between event log entries? (Select 2)

  • correlation/regression analysis
  • rule-based
  • map and grid
  • statistical correlation engine based

Question 60)
What is event coalescing in SIEM data processing?

  • It is the promotion of an event to a higher status due to its severity or the presence of multiple similar events.
  • Multiple endpoints, such as all of the laptops belonging to the same department, are treated as a single device for analysis purposes.
  • When 3 events are found with matching properties within a 10 second period, they are coalesced into a single event.
  • It is the dropping of duplicate event records from the same source.

Question 61)
Targeted acts of war, espionage, hacktivists, targeted data theft, and indirect criminal activities designed for mass disruption are collectively referred to as what?

  • The attack vector.
  • The vulnerability profile.
  • The threat surface.
  • The countermeasure challenge.

Question 62)
Your enemy uses a cyber kill chain to plan and execute his attack against your organization. Which three (3) of these are steps in a cyber kill chain? (Select 3)

  • Actions on Objectives
  • Command & Control
  • Withdraw and Cover Up
  • Installation

Question 63)
In creating an incident response capability in your organization, NIST recommends taking 6 actions. Which three (3) actions that are a included on that list? (Select 3)

  • Establish policies and procedures regarding incident-related information sharing.
  • Develop an incident response plan based on the incident response policy.
  • Establish a formal incident response capability.
  • Secure sufficient funding for the incident response team.

Question 64)
Holding a cross-departmental meeting to review lessons learned from an incident after it has been resolved falls into which phase of the incident response lifecycle?

  • Post-Incident Activity
  • Containment, Eradication & Recovery
  • Preparation
  • Detection & Analysis

Question 65)
What are three (3) common signs that an email might be a phishing attack? (Select 3)

  • It is generically address, for example, to “Dear Customer”.
  • It is not from someone you know or do business with.
  • There is a request to click a link and provide personal “account” details.
  • It is from a company you have done business with and contains advertisements for products similar to what you have purchased from them in the past.

Question 66)
True of False. Because of their large volume of transactions, it is often easier for an attacker to successfully penetrate the PoS systems of a major retail chain than it is that of a small independent business where every transaction can be viewed by the owner.

  • True
  • False

Question 67)
True or False. A study conducted by the Ingenico Group recommended the use of Tokenization which replaces credit card data with a secure token while the data is at rest.

  • True
  • False

Question 68)
According to NIST, Cyber Supply Chain Risk Management (SCRM) activities include which of the following?

  • Determining cybersecurity requirements for suppliers.
  • Communicating to suppliers how cybersecurity requirements will be verified and validated.
  • Enacting cybersecurity requirements through formal agreements.
  • All of the above.

Question 69)
You get a pop-up message on your screen telling you that highly confidential company files have been downloaded and will be made public unless you pay a fee. What type of ransomware has attacked your system?

  • Blockware
  • Leakware/Doxware
  • Locker
  • Crypto

Question 70)
What is an effective fully automated way to prevent malware from entering your system as an email attachment?

  • Strong passwords.
  • Fully patched operating system and applications.
  • Anti-virus software.
  • A full system backup.