All Coursera Quiz Answers

Play It Safe: Manage Security Risks Weekly challenge 2 Quiz Answers

by Niyander

In this article i am gone to share Coursera Course: Play It Safe: Manage Security Risks | Weekly challenge 2 Quiz Answers with you..

Course Link: Play It Safe: Manage Security Risks

Also Visit:  Play It Safe: Manage Security Risks Weekly challenge 1 Quiz Answers

 

Play It Safe: Manage Security Risks Weekly challenge 2 Quiz Answers

Question 1)
What is the purpose of a security framework?

  • Build plans to help mitigate risks and threats to data and privacy
  • Create security controls to protect marketing campaigns
  • Develop procedures to help identify productivity goals
  • Establish policies to expand business relationships

Question 2)
Fill in the blank: A security professional uses _____ to verify that an employee has permission to access a resource.

  • authorization
  • admission
  • encryption
  • integrity

Question 3)
What type of social engineering attack attempts to exploit biometrics?

  • Cryptographic attack
  • Vishing
  • Whaling
  • Spear phishing

Question 4)
You work as a security analyst for a supply chain organization and need to confirm all inventory data is correct, authentic, and reliable. Which core principle of the CIA triad are you using?

  • Integrity
  • Availability
  • Confidentiality
  • Credibility

Question 5)
Which of the following statements accurately describe the CSF? Select all that apply.

  • The CSF is a voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity risk.
  • Restoring affected files or data is part of the recover function of the CSF.
  • The identify function of the CSF involves returning affected systems back to normal operation.
  • The detect function of the CSF involves improving monitoring capabilities to increase the speed and efficiency of detections.

Question 6)
A security team considers how to avoid unnecessarily complicated solutions when implementing security controls. Which OWASP principle does this scenario describe?

  • Principle of least privilege
  • Keep security simple
  • Fix security issues correctly
  • Defense in depth

Question 7)
What are some of the primary objectives of an internal security audit? Select three answers.

  • Improve security posture
  • Help security teams identify organizational risk
  • Avoid fines due to a lack of compliance
  • Develop a guiding security statement for the business

Question 8)
Fill in the blank: The planning elements of an internal security audit include establishing scope and _____, then conducting a risk assessment.

  • compliance
  • goals
  • limitations
  • controls

Question 9)
A security analyst performs an internal security audit. They focus on the human component of cybersecurity, such as the policies and procedures that define how their company manages data. What are they working to establish?

  • Physical controls
  • Technical controls
  • Compliance controls
  • Administrative controls

Question 10)
What information is typically communicated to stakeholders after completion of an internal security audit? Select three answers.

  • A list of existing risks
  • A summary of the scope
  • Results and recommendations
  • Questions about specific controls

Question 11)
What does a security professional use to create guidelines and plans that educate employees about how they can help protect the organization?

  • Security framework
  • Security audit
  • Security hardening
  • Security posture

Question 12)
Fill in the blank: A security professional uses _____ to convert data from a readable format to an encoded format.

  • confidentiality
  • authorization
  • authentication
  • encryption

Question 13)
A person’s fingerprint, eye or palm scan are examples of what?

  • Codes
  • Biometrics
  • Passwords
  • Statistics

Question 14)
You work as a security analyst for a community organization that has large amounts of private data. Which core principle of the CIA triad do you use to ensure private information is kept safe?

  • Integrity
  • Availability
  • Consistency
  • Confidentiality

Question 15)
A security team has just finished addressing a recent security incident. They now conduct tests to ensure that all of their repairs were successful. Which OWASP principle does this scenario describe?

  • Principle of least privilege
  • Separation of duties
  • Minimize attack surface area
  • Fix security issues correctly

Question 16)
What are some of the primary objectives of an internal security audit? Select all that apply.

  • Reduce the amount of data on a network
  • Determine what needs to be improved in order to achieve the desired security posture
  • Help security teams identify organizational risk
  • Avoid fines due to a lack of compliance

Question 17)
Fill in the blank: In an internal security audit, _____ refers to identifying people, assets, policies, procedures, and technologies that might impact an organization’s security posture.

  • completing a controls assessment
  • goals
  • implementing administrative controls
  • scope

Question 18)
What information is typically communicated to stakeholders after completion of an internal security audit? Select three answers.

  • Compliance regulations to be adhered to
  • Comprehensive details about each part of the process
  • Results and recommendations
  • Strategies for improving security posture

Question 19)
Fill in the blank: An employee using multi-factor authentication to verify their identity is an example of the _____ process.

  • authentication
  • integrity
  • encryption
  • confidentiality

Question 20)
Which of the following characteristics are examples of biometrics? Select all that apply.

  • Fingerprint
  • Palm scan
  • Password
  • Eye scan

Question 21)
You work as a security analyst at a bank and need to ensure that customers can access their account information. Which core principle of the CIA triad are you using to confirm their data is accessible to them?

  • Availability
  • Integrity
  • Accuracy
  • Confidentiality

Question 22)
A security team establishes controls, including permission settings that will be used to create multiple security points that a threat actor must get through to breach their organization. Which OWASP principle does this scenario describe?

  • Separation of duties
  • Keep security simple
  • Principle of least privilege
  • Defense in depth

Question 23)
What are some of the primary objectives of an internal security audit? Select all that apply.

  • Enable security teams to assess controls
  • Identify any security gaps or weaknesses within an organization
  • Limit traffic on an organization’s firewall
  • Help security teams correct compliance issues

Question 24)
How do organizations use security frameworks to develop an effective security posture?

  • As a policy to protect against phishing campaigns
  • As a guide to reduce risk and protect data and privacy
  • As a policy to support employee training initiatives
  • As a guide to identify threat actor strategies

Question 25)
Which of the following statements accurately describe the CSF? Select all that apply.

  • The CSF is a voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity risk.
  • Investigating an incident to determine how the threat occurred, what was affected, and where the attack originated is part of the respond function of the CSF.
  • The detect function of the CSF involves making sure proper procedures are used to contain, neutralize, and analyze security incidents.
  • The protect function of the CSF involves implementing policies, procedures, training, and tools to mitigate threats.

Question 26)
A security analyst performs an internal security audit. They determine that the organization needs to install surveillance cameras at various store locations. What are they working to establish?

  • Administrative controls
  • Technical controls
  • Communication controls
  • Physical controls

Question 27)
What information is typically communicated to stakeholders after completion of an internal security audit? Select three answers.

  • Detailed data about past cybersecurity incidents
  • Existing risks that need to be addressed now or in the future
  • Strategies for improving security posture
  • A summary of the goals

Question 28)
Which of the following statements accurately describe the CSF? Select all that apply.

  • Implementing improvements to a security process is part of the respond function of the CSF.
  • The CSF is a voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity risk.
  • The identify function of the CSF involves managing cybersecurity risk and its effects on an organization’s people and assets.
  • The protect function of the CSF involves returning affected systems back to normal operation.

Question 29)
Fill in the blank: In an internal security audit, _____ involves identifying potential threats, risks, and vulnerabilities in order to decide what security measures should be implemented.

  • establishing the scope and goals
  • conducting a risk assessment
  • assessing compliance
  • communicating to stakeholders

Question 30)
A security analyst performs an internal security audit. They review their company’s existing assets, then evaluate potential risks to those assets. Which aspect of a security audit does this scenario describe?

  • Assessing compliance
  • Establishing the scope and goals
  • Communicating results
  • Completing a controls assessment