In this article i am gone to share Coursera Course: Cybersecurity Architecture by IBM | Week 4 | Module 4 Graded Quiz: Detection and Response Quiz Answers with you.

Enrol Link:  Cybersecurity Architecture

Module 4 Graded Quiz: Detection and Response Quiz Answers

Question 1)
What is SIEM?

• A type of antivirus software.
• A system that allows us to monitor, analyze, and report on what happens in our environment.
• A database management system.
• A messaging app for the team.

Question 2)
What is XDR?

• A type of encryption method.
• A system that allows us to conserve data and only fetch necessary information when needed.
• A machine learning algorithm.
• A productivity tool.

Question 3
What is the primary purpose of threat hunting in cybersecurity?

• To identify and fix software bugs.
• To ensure that firewalls are up to date.
• To repair damaged systems.
• To be proactive and detect possible threats before triggering an alarm.

Question 4)
What tools does a threat hunter typically use to search for indicators of compromise?

• Website builders
• SIEM and XDR tools
• Debugging tools
• Photo editing tools

Question 5)
What is the main advantage of using both SIEM and XDR?

• They have an easy-to-use interface.
• They complement each other and form part of a more robust security response.
• They provide free storage space.
• They help in creating responsive web pages.

Question 6)
What is the role of a cybersecurity analyst in threat hunting?

• They develop a hypothesis based on their experience and instincts about potential threats.
• They develop software to combat threats.
• They install and update antivirus software.
• They maintain the server infrastructure.

Question 7)
What benefit does early detection in threat hunting provide?

• It enables automatic system updates.
• It helps to fix software bugs.
• It moves the awareness of an attack back earlier into the attack scenario timeline.
• It enhances server performance.

Question 8)
What is the primary difference between a SIEM and an XDR?

• A SIEM is less expensive as compared to an XDR.
• A SIEM and XDR have the same function.
• A SIEM collects all data and raises alarms when necessary, while an XDR leaves most data local and fetches it when requested.
• An XDR requires more operators than a SIEM.

Question 9)
What is threat hunting?

• It refers to the process of being proactive, developing hypotheses, and looking for indicators of compromise.
• It refers to the process of physically tracking down cyber criminals.
• It refers to a reactive process following a SIEM or XDR alarm.
• It refers to removing threats once they have been identified.

Question 10)
What is the mean-time-to-identify (MTTI)?

• It is the time delay until we know an attack has occurred.
• The total time from when an attack happens until the problem is fully recovered.
• It is the time it takes to prevent an attack.
• It is the time it takes to fix a problem once it has been identified.