All Coursera Quiz Answers

Module quiz: Security conscious modeling Quiz Answers

In this article i am gone to share Advanced Cybersecurity Concepts and Capstone Project by Microsoft | Week 3 Quiz | Module quiz: Security conscious modeling Quiz Answers with you..

Enrol Link:  Advanced Cybersecurity Concepts and Capstone Project

 

Module quiz: Security conscious modeling Quiz Answers

Question 1)
What does the term “threat landscape” in cybersecurity encompass?

  • All potential risks and hazards to an organization’s information security.
  • Only internal threats and man-made hazards.
  • Only external threats and natural hazards.
  • Only natural hazards

Question 2)
You are a cybersecurity trainer preparing a workshop for small business owners. These business owners have limited knowledge of cybersecurity threats, and you want to explain the concept of ransomware in a clear and concise manner. Which of the following options is the correct explanation?

  • A highly sophisticated cyberattack that targets vulnerabilities in network protocols to gain unauthorized access to systems.
  • A form of malicious software employing complex encryption algorithms to lock or encrypt data, making it inaccessible until a ransom is paid.
  • A type of malicious software that disguises itself as a legitimate application to infiltrate systems and steal sensitive data.
  • A type of ransomware that primarily spreads through spam emails and tricks users into revealing their login credentials.

Question 3)
As a cybersecurity consultant, you are advising a manufacturing company on mitigating hardware vulnerabilities. Which measure is crucial to address hardware vulnerabilities effectively?

  • Using biometric authentication methods for secure access.
  • Employing endpoint detection and response (EDR) solutions for threat detection.
  • Monitoring hardware performance and reporting anomalies in real-time.
  • Conducting regular phishing simulation exercises for employees.

Question 4)
True or False: The zero trust model emphasizes implicit trust within an organization’s network and treats all entities as trustworthy by default.

  • True
  • False

Question 5)
True or False: The defense in depth strategy relies on a single security layer to protect against various types of threats.

  • True
  • False

Question 6)
Which of the following are considered advanced techniques for network segmentation in Azure? Select all that apply.

  • Azure Virtual WAN
  • Perimeter security
  • Azure Firewall
  • Network Security Groups (NSGs)

Question 7)
You are the Azure security administrator for your organization and are considering advanced techniques to secure data stored in Azure. What advanced data protection strategy in Azure goes beyond basic encryption to protect data both in transit and at rest?

  • Azure Virtual Network
  • Azure VPN Gateway
  • Azure Disk Encryption
  • Azure Confidential Computing

Question 8)
You are responsible for designing the architecture of your organization’s authentication system. Which architectural aspects should you consider when designing a modern authentication system? Select all that apply.

  • Leveraging emerging technologies like zero-trust architecture.
  • Token management and session control.
  • Selecting the appropriate username and password combinations.
  • Securing authentication methods and mechanisms.

Question 9)
Which of the following are best practices for configuring network security rules in Azure? Select all that apply.

  • Implementing custom policies for Azure Application Gateway.
  • Prioritizing rule order in Network Security Groups (NSGs).
  • Leveraging service tags for outbound traffic control.
  • Implementing Azure Bastion for RDP/SSH access.

Question 10)
As a cloud security administrator, you need to develop an effective strategy for protecting data on Azure. Choose the strategy that empowers you to concentrate your security resources where they are most vital.

  • Data encryption strategy
  • Data classification and labeling
  • Identity and access management
  • Threat detection and response

 

Question 11)
You are the head of a cybersecurity task force investigating a recent data breach performed by access brokers at a large financial institution. You need to explain to your team the role of access brokers in the cybercrime ecosystem and how they facilitate unauthorized access to compromised systems. Which of the following options is the correct explanation?

  • Access brokers are government agencies responsible for regulating internet access.
  • Access brokers provide legal access to computer systems for authorized users.
  • Access brokers are cybersecurity professionals responsible for securing access to computer systems.
  • Access brokers acquire and sell unauthorized access to compromised systems, serving as intermediaries between hackers and potential buyers.

Question 12)
You’re tasked with educating a group of employees about identity theft mitigation. Your audience includes individuals with varying levels of technical knowledge. Which of the following strategies can you present as a comprehensive approach to mitigate identity theft?

  • Regularly updating software and firmware on personal devices.
  • Implementing multi-factor authentication (MFA) and strong password management policies.
  • Enabling automatic device backups for data recovery.
  • Installing antivirus software on personal computers.

Question 13)
During a cybersecurity training session, you are discussing the defense in depth strategy, focusing on its various layers. How would you explain the primary purpose of the Perimeter layer in the defense in depth strategy?

  • Protect data integrity during transmission.
  • Safeguard data access by authorized personnel.
  • Ensure the security of compute resources.
  • Guard against network-based attacks.

Question 14)
What is the primary purpose of the Subprocess layer in the defense in depth strategy?

  • To conduct a detailed analysis of individual tasks and components.
  • To perform tactical threat modeling.
  • To examine high-level processes within the organization.
  • To create strategic threat models for the organization.

Question 15)
What is the first step in defining defense steps for cloud infrastructure security?

  • Develop a layered approach.
  • Identify threats and vulnerabilities.
  • Assess your assets.
  • Establish security policies.

Question 16)
Fill in the blank: You are in charge of enhancing the compliance posture of your organization’s Azure resources. To enforce specific compliance requirements unique to your industry, you can use Azure Policy ____________.

  • Templates
  • Initiatives
  • Blueprints
  • Procedures

Question 17)
You are responsible for designing the architecture of your organization’s authentication system. Which architectural aspects should you consider when designing a modern authentication system? Select all that apply.

  • Leveraging emerging technologies like zero-trust architecture.
  • Securing authentication methods and mechanisms.
  • Selecting the appropriate username and password combinations.
  • Token management and session control.

Question 18)
Fill in the blank: You are configuring network security for your organization’s Azure resources. You want to ensure the usage of ______________ is applied when creating network security rules to grant the minimum necessary access to resources.

  • Azure Firewall
  • Microsoft Sentinel
  • Least privilege
  • Network Security Groups (NSGs)

Question 19)
Which aspect of data security is responsible for converting data into a format that offers the highest level of protection against unauthorized access?

  • Encryption
  • Authorization
  • Access control
  • Authentication

Question 20)
Which of the following is not considered a common attack surface in cybersecurity?

  • Browsers
  • Databases
  • Printer firmware
  • Social media

Question 21)
You are a security engineer at a large organization and responsible for securing the organization’s web applications. Which of the following is the best approach to secure a web application that will be used to store and process customer data?

  • Implement security features throughout the development lifecycle.
  • Implement security features only after the application is deployed and in production.
  • Implement security features at the end of the development process.
  • Implement security features only after a security audit has been performed.

Question 22)
You’re responsible for strengthening email-related threat mitigation measures at your organization. Which approach directly contributes to comprehensive email-related threat mitigation?

  • Creating allow lists for trusted email addresses and domains
  • Implementing data backup and recovery procedures.
  • Conducting red-team exercises to assess hardware vulnerabilities.
  • Utilizing email filtering solutions, implementing SPF and DMARC records, and conducting phishing simulation exercises.

Question 23)
What is the core principle of “Confidentiality” in the defense in depth model for cloud security?

  • Safeguarding sensitive data, allowing access to authorized individuals only
  • Protecting data during transmission
  • Ensuring data remains accessible to authorized users
  • Maintaining regulatory compliance for compute resources

Question 24)
You’re part of a team responsible for implementing advanced security controls in your organization’s Azure environment. Which of the following security solutions in Azure should the team implement to protect against DDoS attacks? Select all that apply.

  • Azure CDN
  • Azure Application Gateway
  • Azure Logic Apps
  • Azure Front Door

Question 25)
Fill in the blank: You are responsible for designing the architecture of your organization’s modern authentication system. Architecturally, it’s crucial to pay particular attention to ________, ________, and ________ to balance security and usability effectively.

  • Federation, identity federation, authentication.
  • Authorization, auditing, Conditional Access.
  • SSO Design, MFA, threat detection.
  • Token management, session control, security protocols.

Question 26)
You are responsible for monitoring and analyzing network security logs in your Azure environment. To enhance security, you want to identify potential threats and anomalies in real time. Which Azure tool or service should you utilize to collect and analyze network security logs, set up custom alerts, and create advanced log queries for in-depth analysis?

  • Azure Policy
  • Microsoft Defender for Cloud
  • Azure Monitor and Log Analytics
  • Azure Network Watcher

Question 27)
You are configuring data security for your organization’s Azure resources. Identify the best practice that ensures you grant permissions judiciously, adhering to the principle of least privilege.

  • Strong authentication
  • Regular auditing and monitoring
  • Data classification
  • Role-based access control (RBAC)

Question 28)
You are designing an architecture for your organization’s modern authentication system. Which architectural decisions are essential for single sign-on (SSO) across various application types in a modern authentication system? Select all that apply.

  • Token management and session control.
  • Azure AD multi-factor authentication (MFA) configuration.
  • Selecting the appropriate username and password combinations.
  • Azure Active Directory B2B and B2C integration.

Question 29)
Which of the following is an example of an advanced threat vector in cybersecurity?

  • Social engineering attacks
  • Advanced persistent threats (APTs)
  • Malware distribution
  • Phishing attacks

Question 30)
You work for a cybersecurity company that provides incident response services. During an investigation of a recent ransomware attack on a client, you realize that the ransomware used in this attack is of the Locker type. You need to explain to your client the differences between Locker and Crypto ransomware. Which of the following options is the correct explanation?

  • Locker ransomware is a type of malware that specifically targets smartphones, while Crypto ransomware focuses on computers and servers.
  • Locker ransomware is a phishing attack that tricks users into revealing their sensitive information, while Crypto ransomware exploits software vulnerabilities.
  • Locker ransomware locks you out of your system but usually doesn’t encrypt your data, while Crypto ransomware encrypts your data.
  • Locker and Crypto ransomware target the same types of files but use different encryption algorithms.

Question 31)
Which of the following are advanced techniques used for network segmentation in Azure? Select all that apply.

  • Use just-in-time VM access.
  • Use Azure Virtual WAN for network management.
  • Use Network Security Groups (NSGs).
  • Employ adaptive application controls for monitoring and blocking malicious applications.

Question 32)
Which of the following layers of threat modeling is associated with the System layer (Layer 0) in the defense in depth strategy?

  • Operational threat modeling
  • Strategic threat modeling
  • Tactical threat modeling
  • Technical threat modeling