Security Operations Coursera Final Assessment Quiz Answers
In this blog post, we provide the answers to the Module 1 to 7 quizzes from Coursera’s “Security Operations” course. Whether you need to check your responses or get guidance on key concepts, this guide will help you stay on track and improve your understanding of security operations. / Security Operations Coursera Final Assessment Quiz Answers
Security Operations Coursera Final Assessment Quiz Answers
Security Operations Quiz Answers
Question 1)
Which of the following can be used to map data flows through an organization and the relevant security controls used at each point along the way? (D5.1, L5.1.1)
- Encryption
- Hashing
- Hard copy
- Data life cycle
Question 2)
Why is an asset inventory so important? (D5.2, L5.2.1)
- It tells you what to encrypt
- You can’t protect what you don’t know you have
- The law requires it
- It contains a price list
Question 3)
Who is responsible for publishing and signing the organization’s policies? (D5.3, L5.3.1)
- The security office
- Human Resources
- Senior management
- The legal department
Question 4)
Which of the following is always true about logging? (D5.1, L5.1.3)
- Logs should be very detailed
- Logs should be in English
- Logs should be concise
- Logs should be stored separately from the systems they’re logging
Question 5)
A mode of encryption for ensuring confidentiality efficiently, with a minimum amount of processing overhead (D5.1, L5.1.3)
- Asymmetric
- Symmetric
- Hashing
- Covert
Question 6)
A ready visual cue to let anyone in contact with the data know what the classification is. (D5.1, L5.1.1)
- Encryption
- Label
- Graphics
- Photos
Question 7)
A set of security controls or system settings used to ensure uniformity of configuration throughout the IT environment. (D5.2, L5.2.1)
- Patches
- Inventory
- Baseline
- Policy
Question 8)
What is the most important aspect of security awareness/training? (D5.4, L5.4.1)
- Protecting assets
- Maximizing business capabilities
- Ensuring the confidentiality of data
- Protecting health and human safety
Question 9)
Which entity is most likely to be tasked with monitoring and enforcing security policy? (D5.3, L5.3.1)
- The Human Resources office
- The legal department
- Regulators
- The security office
Question 10)
Which organizational policy is most likely to indicate which types of smartphones can be used to connect to the internal IT environment? (D5.3, L5.3.1)
- The CM policy (change management)
- The password policy
- The AUP (acceptable use policy)
- The BYOD policy (bring your own device)
Check out also this article: Security Principles All Modules Quiz Answers
Final Assessment Answers
Question 1)
Steve is a security practitioner assigned to come up with a protective measure for ensuring cars don’t collide with pedestrians. What is probably the most effective type of control for this task? (D1, L1.3.1)
- administrative
- technical
- physical
- nuanced
Question 2)
Chad is a security practitioner tasked with ensuring that the information on the organization’s public website is not changed by anyone outside the organization. This task is an example of ensuring _________. (D1, L1.1.1)
- Confidentiality
- Integrity
- Availability
- Confirmation
Question 3)
Which of the following is an example of a “something you know” authentication factor? (D1, L1.1.1)
- user ID
- password
- fingerprint
- iris scan
Question 4)
A system that collects transactional information and stores it in a record in order to show which users performed which actions is an example of providing ________. (D1, L1.1.1)
- non-repudiation
- multifactor authentication
- biometrics
- privacy
Question 5)
In risk management concepts, a(n) _________ is something a security practitioner might need to protect. (D1, L1.2.1)
- vulnerability
- asset
- threat
- likelihood
Question 6)
In risk management concepts, a(n) ___________ is something or someone that poses risk to an organization or asset. (D1, L1.2.1)
- fear
- threat
- control
- asset
Question 7)
Kerpak works in the security office of a medium-sized entertainment company. Kerpak is asked to assess a particular threat, and he suggests that the best way to counter this threat would be to purchase and implement a particular security solution. This is an example of _______. (D1, L1.2.2)
- acceptance
- avoidance
- mitigation
- transference
Question 8)
Phrenal is selling a used laptop in an online auction. Phrenal has estimated the value of the laptop to be $100, but has seen other laptops of similar type and quality sell for both more and less than that amount. Phrenal hopes that the laptop will sell for $100 or more, but is prepared to take less for it if nobody bids that amount. This is an example of ___________. (D1, L1.2.2)
- risk tolerance
- risk inversion
- threat
- vulnerability
Question 9)
A software firewall is an application that runs on a device and prevents specific types of traffic from entering that device. This is a type of ________ control. (D1, L1.3.1)
- physical
- administrative
- passive
- technical
Question 10)
Preenka works at an airport. There are red lines painted on the ground next to the runway; Preenka has been instructed that nobody can step or drive across a red line unless they request, and get specific permission from, the control tower. This is an example of a(n)______ control. (D1, L1.3.1)
- physical
- administrative
- critical
- technical
Question 11)
A bollard is a post set securely in the ground in order to prevent a vehicle from entering an area or driving past a certain point. Bollards are an example of ______ controls. (D1, L1.3.1)
- physical
- administrative
- drastic
- technical
Question 12)
The city of Grampon wants to know where all its public vehicles (garbage trucks, police cars, etc.) are at all times, so the city has GPS transmitters installed in all the vehicles. What kind of control is this? (D1, L1.3.1)
- administrative
- entrenched
- physical
- technical
Question 13)
The city of Grampon wants to ensure that all of its citizens are protected from malware, so the city council creates a rule that anyone caught creating and launching malware within the city limits will receive a fine and go to jail. What kind of rule is this? (D1, L1.4.1)
- policy
- procedure
- standard
- law
Question 14)
The Triffid Corporation publishes a strategic overview of the company’s intent to secure all the data the company possesses. This document is signed by Triffid senior management. What kind of document is this? (D1, L1.4.1)
- policy
- procedure
- standard
- law
Question 15)
The Payment Card Industry (PCI) Council is a committee made up of representatives from major credit card providers (Visa, Mastercard, American Express) in the United States. The PCI Council issues rules that merchants must follow if the merchants choose to accept payment via credit card. These rules describe best practices for securing credit card processing technology, activities for securing credit card information, and how to protect customers’ personal data. This set of rules is a _____. (D1, L1.4.2)
- law
- policy
- standard
- procedure
Question 16)
A vendor sells a particular operating system (OS). In order to deploy the OS securely on different platforms, the vendor publishes several sets of instructions on how to install it, depending on which platform the customer is using. This is an example of a ________. (D1, L1.4.2)
- law
- procedure
- standard
- policy
Question 17)
Hoshi is an (ISC)² member who works for the Triffid Corporation as a data manager. Triffid needs a new firewall solution, and Hoshi is asked to recommend a product for Triffid to acquire and implement. Hoshi’s cousin works for a firewall vendor; that vendor happens to make the best firewall available. What should Hoshi do? (D1, L1.5.1)
- recommend a different vendor/product
- recommend the cousin’s product
- Hoshi should ask to be recused from the task
- disclose the relationship, but recommend the vendor/product
Question 18)
Siobhan is an (ISC)² member who works for Triffid Corporation as a security analyst. Yesterday, Siobhan got a parking ticket while shopping after work. What should Siobhan do? (D1, L1.5.1)
- inform (ISC)²
- pay the parking ticket
- inform supervisors at Triffid
- resign employment from Triffid
Question 19)
Olaf is a member of (ISC)² and a security analyst for Triffid Corporation. During an audit, Olaf is asked whether Triffid is currently following a particular security practice. Olaf knows that Triffid is not adhering to that standard in that particular situation, but that saying this to the auditors will reflect poorly on Triffid. What should Olaf do? (D1, L1.5.1)
- tell the auditors the truth
- ask supervisors for guidance
- ask (ISC)² for guidance
- lie to the auditors
Question 20)
Zarma is an (ISC)² member and a security analyst for Triffid Corporation. One of Zarma’s colleagues is interested in getting an (ISC)² certification and asks Zarma what the test questions are like. What should Zarma do? (D1, L1.5.1)
- inform (ISC)²
- explain the style and format of the questions, but no detail
- inform the colleague’s supervisor
- nothing
Question 21)
An attacker outside the organization attempts to gain access to the organization’s internal files. This is an example of a(n) ______. (D2, L2.1.1)
- intrusion
- exploit
- disclosure
- publication
Question 22)
What is the goal of an incident response effort? (D2, L2.1.1)
- ensure no incidents ever happen
- reduce the impact of incidents on operations
- punish wrongdoers
- save money
Question 23)
What is the goal of Business Continuity efforts? (D2, L2.2.1)
- save money
- impress customers
- ensure all IT systems continue to operate
- keep critical business functions operational
Question 24)
Which of the following is likely to be included in the business continuity plan? (D2, L2.2.1)
- alternate work areas for personnel affected by a natural disaster
- the organization’s strategic security approach
- last year’s budget information
- log data from all systems
Question 25)
What is the most important goal of a business continuity effort? (D2, L2.2.1)
- ensure all IT systems function during a potential interruption
- ensure all business activities are preserved during a potential disaster
- ensure the organization survives a disaster
- preserve health and human safety
Question 26)
What is the overall objective of a disaster recovery (DR) effort? (D2, L2.3.1)
- save money
- return to normal, full operations
- preserve critical business functions during a disaster
- enhance public perception of the organization
Question 27)
What is the risk associated with resuming full normal operations too soon after a DR effort? (D2, L2.3.1)
- the danger posed by the disaster might still be present
- investors might be upset
- regulators might disapprove
- the organization could save money
Question 28)
At Parvi’s place of work, the perimeter of the property is surrounded by a fence; there is a gate with a guard at the entrance. All inner doors only admit personnel with badges, and cameras monitor the hallways. Sensitive data and media are kept in safes when not in use. This is an example of: (D3, L3.1.1)
- two-person integrity
- segregation of duties
- defense in depth
- penetration testing
Question 29)
Gelbi is a Technical Support analyst for Triffid, Inc. Gelbi sometimes is required to install or remove software. Which of the following could be used to describe Gelbi’s account? (D3, L3.1.1)
- privileged
- internal
- external
- user
Question 30)
Trina is a security practitioner at Triffid, Inc. Trina has been tasked with selecting a new product to serve as a security control in the environment. After doing some research, Trina selects a particular product. Before that product can be purchased, a manager must review Trina’s selection and determine whether to approve the purchase. This is a description of: (D3, L3.1.1)
- two-person integrity
- segregation of duties
- software
- defense in depth
Question 31)
Guillermo logs onto a system and open a document file. In this example, Guillermo is: (D3, L3.1.1)
- the subject
- the object
- the process
- the software
Question 32)
Which of the following is not an appropriate control to add to privileged accounts? (D3, L3.1.1)
- increased logging
- multifactor authentication
- increased auditing
- security deposit
Question 33)
Which of these is an example of a physical access control mechanism? (D3, L3.2.1)
- software-based firewall at the perimeter of the network
- a lock on a door
- network switches that filter according to MAC addresses
- a process that requires two people to act at the same time to perform a function
Question 34)
Which of the following is a biometric access control mechanism? (D3, L3.2.1)
- a badge reader
- a copper key
- a fence with razor tape on it
- a door locked by a voiceprint identifier
Question 35)
Visitors to a secure facility need to be controlled. Controls useful for managing visitors include all of the following except: (D3, L3.2.1)
- sign-in sheet/tracking log
- fence
- badges that differ from employee badges
- receptionist
Question 36)
A human guard monitoring a hidden camera could be considered a ______ control. (D3, L3.2.1)
- detective
- preventive
- deterrent
- logical
Question 37)
A _____ is a record of something that has occurred. (D3, L3.2.1)
- biometric
- law
- log
- firewall
Question 38)
Network traffic originating from outside the organization might be admitted to the internal IT environment or blocked at the perimeter by a ________. (D3, L3.2.1)
- turnstile
- fence
- vacuum
- firewall
Question 39)
Bruce is the branch manager of a bank. Bruce wants to determine which personnel at the branch can get access to systems, and under which conditions they can get access. Which access control methodology would allow Bruce to make this determination? (D3, L3.3.1)
- MAC (mandatory access control)
- DAC (discretionary access control)
- RBAC (role-based access control)
- defense-in-depth
Question 40)
Which of the following would be considered a logical access control? (D3, L3.3.1)
- an iris reader that allows an employee to enter a controlled area
- a fingerprint reader that allows an employee to enter a controlled area
- a fingerprint reader that allows an employee to access a laptop computer
- a chain attached to a laptop computer that connects it to furniture so it cannot be taken
Question 41)
Trina and Doug both work at Triffid, Inc. Doug is having trouble logging into the network. Trina offers to log in for Doug, using Trina’s credentials, so that Doug can get some work done. What is the problem with this? (D3, L3.3.1)
- Doug is a bad person
- If Trina logs in for Doug, then Doug will never be encouraged to remember credentials without assistance
- Anything either of them do will be attributed to Trina
- It is against the law
Question 42)
Gary is unable to log in to the production environment. Gary tries three times and is then locked out of trying again for one hour. Why? (D3, L3.3.1)
- Gary is being punished
- The network is tired
- Users remember their credentials if they are given time to think about it
- Gary’s actions look like an attack
Question 43)
Suvid works at Triffid, Inc. When Suvid attempts to log in to the production environment, a message appears stating that Suvid has to reset the password. What may have occurred to cause this? (D3, L3.3.1)
- Suvid broke the law
- Suvid’s password has expired
- Suvid made the manager angry
- someone hacked Suvid’s machine
Question 44)
Prina is a database manager. Prina is allowed to add new users to the database, remove current users, and create new usage functions for the users. Prina is not allowed to read the data in the fields of the database itself. This is an example of: (D3, L3.3.1)
- role-based access controls (RBAC)
- mandatory access controls (MAC)
- discretionary access controls (DAC)
- alleviating threat access controls (ATAC)
Question 45)
A device typically accessed by multiple users, often intended for a single purpose, such as managing email or web pages. (D4.1 L4.1.1)
- router
- switch
- server
- laptop
Question 46)
The logical address of a device connected to the network or Internet. (D4.1 L4.1.1)
- media access control (MAC) address
- Internet Protocol (IP) address
- geophysical address
- terminal address
Question 47)
Barry wants to upload a series of files to a web-based storage service, so that people Barry has granted authorization can retrieve these files. Which of the following would be Barry’s preferred communication protocol if he wanted this activity to be efficient and secure? (D4.1 L4.1.2)
- SMTP (Simple Mail Transfer Protocol)
- FTP (File Transfer Protocol)
- SFTP (Secure File Transfer Protocol)
- SNMP (Simple Network Management Protocol)
Question 48)
Cheryl is browsing the Web. Which of the following protocols is she probably using? (D4.1 L4.1.2)
- SNMP (Simple Network Management Protocol)
- FTP (File Transfer Protocol)
- TFTP (Trivial File Transfer Protocol)
- HTTP (Hypertext Transfer Protocol)
Question 49)
Ludwig is a security analyst at Triffid, Inc. Ludwig notices network traffic that might indicate an attack designed to affect the availability of the environment. Which of the following might be the attack Ludwig sees? (D4.2 L4.2.1)
- DDOS (distributed denial of service)
- spoofing
- exfiltrating stolen data
- an insider sabotaging the power supply
Question 50)
Garfield is a security analyst at Triffid, Inc. Garfield notices that a particular application in the production environment is being copied very quickly, across systems and devices utilized by many users. What kind of attack could this be? (D4.2 L4.2.1)
- spoofing
- side channel
- Trojan
- worm
Question 51)
Triffid, Inc., has many remote workers who use their own IT devices to process Triffid’s information. The Triffid security team wants to deploy some sort of sensor on user devices in order to recognize and identify potential security issues. Which of the following is probably most appropriate for this specific purpose? (D4.2 L4.2.2)
- HIDS (host-based intrusion-detection systems)
- NIDS (network-based intrusion-detection systems)
- LIDS (logistical intrusion-detection systems)
- firewalls
Question 52)
Which of the following is one of the common ways potential attacks are often identified? (D4.2 L4.2.2)
- the attackers contact the target prior to the attack, in order to threaten and frighten the target
- victims notice excessive heat coming from their systems
- the power utility company warns customers that the grid will be down and the Internet won’t be accessible
- users report unusual systems activity/response to Help Desk or the security office
Question 53)
Inbound traffic from an external source seems to indicate much higher rates of communication than normal, to the point where the internal systems might be overwhelmed. Which security solution can often identify and potentially counter this risk? (D4.2 L4.2.2)
- firewall
- turnstile
- anti-malware
- badge system
Question 54)
A tool that aggregates log data from multiple sources, and typically analyzes it and reports potential threats. (D4.2 L4.2.2)
- HIDS
- anti-malware
- router
- SIEM
Question 55)
“Wiring _____” is a common term meaning “a place where wires/conduits are often run, and equipment can be placed, in order to facilitate the use of local networks.” (D4.3 L4.3.1)
- shelf
- closet
- bracket
- house
Question 56)
Which type of fire-suppression system is typically the safest for humans? (D4.3 L4.3.1)
- water
- dirt
- oxygen-depletion
- gaseous
Question 57)
To adequately ensure availability for a data center, it is best to plan for both resilience and _______ of the elements in the facility. (D4.3 L4.3.1)
- uniqueness
- destruction
- redundancy
- hue
Question 58)
Which of the following is *not* a typical benefit of cloud computing services? (D4.3 L4.3.2)
- reduced cost of ownership/investment
- metered usage
- scalability
- freedom from legal constraints
Question 59)
Which common cloud service model only offers the customer access to a given application? (D4.3 L4.3.2)
- Lunch as a service (LaaS)
- Infrastructure as a service (IaaS)
- Platform as a service (PaaS)
- Software as a service (SaaS)
Question 60)
The concept that the deployment of multiple types of controls provides better security than using a single type of control. (D4.3 L4.3.3)
- VPN
- least privilege
- Internet
- defense in depth
Question 61)
A VLAN is a _____ method of segmenting networks. (D4.3 L4.3.3)
- secret
- physical
- regulated
- logical
Question 62)
An IoT (Internet of Things) device is typified by its effect on or use of the _____ environment. (D4.3 L4.3.3)
- philosophical
- remote
- internal
- physical
Question 63)
Archiving is typically done when _________. (D5.1, L5.1.1)
- data is ready to be destroyed
- data has lost all value
- data is not needed for regular work purposes
- data has become illegal
Question 64)
Every document owned by Triffid, Inc., whether hardcopy or electronic, has a clear, 24-point word at the top and bottom. Only three words can be used: “Sensitive,” “Proprietary,” and “Public.” This is an example of _____. (D5.1, L5.1.1)
- secrecy
- privacy
- inverting
- labeling
Question 65)
Security needs to be provided to ____ data. (D5.1, L5.1.1)
- restricted
- illegal
- private
- all
Question 66)
Log data should be kept ______. (D5.1, L5.1.2)
- on the device that the log data was captured from
- in an underground bunker
- in airtight containers
- on a device other than where it was captured
Question 67)
Security controls on log data should reflect ________. (D5.1, L5.1.2)
- the organization’s commitment to customer service
- the local culture where the log data is stored.
- the price of the storage device
- the sensitivity of the source device
Question 68)
Bluga works for Triffid, Inc. as a security analyst. Bluga wants to send a message to several people and wants the recipients to know that the message definitely came from Bluga. What type of encryption should Bluga use? (D5.1, L5.1.3)
- symmetric encryption
- asymmetric encryption
- small-scale encryption
- hashing
Question 69)
Dieter wants to send a message to Lupa and wants to be sure that Lupa knows the message has not been modified in transit. What technique/tool could Dieter use to assist in this effort? (D5.1, L5.1.3)
- hashing
- clockwise rotation
- symmetric encryption
- asymmetric encryption
Question 70)
An organization must always be prepared to ______ when applying a patch. (D5.2, L5.2.1)
- pay for the updated content
- buy a new system
- settle lawsuits
- rollback
Question 71)
Proper alignment of security policy and business goals within the organization is important because: (D5.3, L5.3.1)
- security should always be as strict as possible
- security policy that conflicts with business goals can inhibit productivity
- bad security policy can be illegal
- security is more important than business
Question 72)
Probably the most important reason to conduct security instruction for all employees. (D5.4, L5.4.1)
- reduce liability
- provide due diligence
- it is a moral imperative
- an informed user is a more secure user
Question 73)
By far, the most crucial element of any security instruction program. (D5.4, L5.4.1)
- protect assets
- preserve health and human safety
- ensure availability of IT systems
- preserve shareholder value
Question 74)
When Pritha started working for Triffid, Inc., Pritha had to sign a policy that described how Pritha would be allowed to use Triffid’s IT equipment. What policy was this? (D5.3, L5.3.1)
- the organizational security policy
- the acceptable use policy (AUP)
- the bring-your-own-device (BYOD) policy
- the workplace attire policy
Question 75)
The output of any given hashing algorithm is always _____. (D5.1, L5.1.3)
- the same length
- the same characters
- the same language
- different for the same inputs