All Coursera Quiz Answers

Module quiz: Penetration testing Quiz Answers

by Niyander

In this article i am gone to share Coursera Course: Cybersecurity Tools and Technologies | Module quiz: Penetration testing Quiz Answers with you..

Enrol Link:  Cybersecurity Tools and Technologies

 

Module quiz: Penetration testing Quiz Answers

Question 1)
True or False: Offensive security focuses on protecting systems from attacks.

  • True
  • False

Question 2)
What is the primary responsibility of the blue team in cybersecurity?

  • Safeguarding systems and data
  • Breaching the security of a system
  • Conducting vulnerability scans

Question 3)
True or False: The red team’s objective is to defend an organization’s digital assets and protect against threats.

  • True
  • False

Question 4)
Which stage of penetration testing involves attempting to gain unauthorized access to the target system?

  • Reporting and remediation
  • Enumeration
  • Escalation
  • Exploitation

Question 5)
Penetration testing is a process of ________ vulnerabilities in an organization’s information systems.

  • Exploiting
  • Identifying
  • Identifying and exploiting

Question 6)
The MITRE ATT&CK framework helps organizations improve their threat __________ __________ capabilities.

  • identification and mitigation
  • detection and response
  • monitoring and remediation
  • prevention and recovery

Question 7)
What does black box testing focus on?

  • Internal code and structure.
  • Manipulating the inputs.
  • Inputs and outputs without knowledge of internal workings.
  • System requirements and functionalities.

Question 8)
Which of the following take place in white box testing? Select all that apply.

  • Source code review
  • Path testing
  • Code coverage analysis
  • User acceptance testing

Question 9)
Grey box testing provides a ___________ approach to testing, allowing testers to make educated guesses and decisions about where to focus their testing efforts.

  • Random
  • Complete
  • Limited
  • Balanced

Question 10)
What is the purpose of compliance testing in data management systems?

  • To ensure data encryption is functioning properly.
  • To assess the security controls in place for data protection.
  • To monitor compliance activities and generate compliance reports.
  • To verify adherence to applicable laws, regulations, and industry standards.

 

Question 11)
True or False: The blue team is responsible for network monitoring and vulnerability scanning.

  • True
  • False

Question 12)
Which activity of the red team helps organizations identify vulnerabilities by attempting to breach live systems and infrastructure?

  • Penetration testing
  • Risk assessment and mitigation
  • Vulnerability assessment
  • Social engineering testing

Question 13)
What is the purpose of the enumeration stage in penetration testing?

  • Gathering information about the target system.
  • Identifying vulnerabilities and potential attack vectors.
  • Exploiting software vulnerabilities.
  • Reporting the findings and recommendations.

Question 14)
What is the final stage of the penetration testing process?

  • Enumeration
  • Reporting and remediation
  • Reconnaissance
  • Exploitation

Question 15)
Which of the following are tactics in the MITRE ATT&CK framework? Select all that apply.

  • Command and Control
  • Persistence
  • Authentication
  • Discovery

Question 16)
True or False: Black box testing involves designing test cases that cover various scenarios.

  • True
  • False

Question 17)
Which of the following take place in white box testing? Select all that apply.

  • Source code review
  • Code coverage analysis
  • Path testing
  • User acceptance testing

Question 18)
Which approaches are commonly used in grey box testing during penetration testing? Select all that apply.

  • Black box testing
  • Data flow analysis
  • Architecture analysis
  • Code review

Question 19)
Which activities are part of ethical hacking? Select all that apply.

  • Red versus blue exercises
  • Social engineering testing
  • Network penetration testing
  • Web application development

Question 20)
True or False: The MITRE ATT&CK framework is a knowledge base of adversary tactics and techniques maintained by a non-profit organization called MITRE.

  • True
  • False

Question 21)
Which of the following take place in black box testing? Select all that apply.

  • Requirement analysis
  • Debugging and code optimization
  • Test case design
  • Test execution

Question 22)
Which techniques are used in white box testing during penetration testing? Select all that apply.

  • Static analysis
  • Performance testing
  • Code review
  • Fuzz testing
  • Dynamic analysis

Question 23)
Azure Compliance Manager provides a unified view of compliance controls, allowing organizations to evaluate their ________________ against various regulatory frameworks.

  • data encryption
  • compliance posture
  • access controls
  • risks

Question 24)
Which of the following are responsibilities of the blue team? Select all that apply.

  • Conducting ethical hacking exercises
  • Vulnerability scanning
  • Network monitoring
  • Collaborating with other teams
  • Intrusion detection

Question 25)
Which techniques are commonly used in the exploitation stage of penetration testing? Select all that apply.

  • Leveraging misconfigurations.
  • Gathering information about the target system.
  • Brute-forcing weak passwords.
  • Executing social engineering attacks.

Question 26)
True or False: White box testing involves examining a system solely based on its inputs and outputs without any knowledge of its internal workings.

  • True
  • False

Question 27)
What is the primary goal of red teaming?

  • Assess and improve defensive security measures directly.
  • Simulate real-world attacks and identify vulnerabilities in a system’s security.
  • Protect the organization’s critical assets against any kind of threat.

Question 28)
Which of the following are key compliance features offered by Azure? Select all that apply.

  • Cost management
  • Performance optimization
  • Access controls
  • Data encryption

Question 29)
True or False: Reconnaissance is the stage in penetration testing where testers attempt to gain unauthorized access to the target system.

  • True
  • False

Question 30)
Which benefit does the red team’s activities provide in terms of an organization’s security culture?

  • Raising awareness and empowering employees
  • Identifying vulnerabilities and weaknesses
  • Conducting comprehensive assessments

Question 31)
True or False: Grey box testing combines elements of both black box testing and white box testing.

  • True
  • False