All Coursera Quiz Answers

Security Principles All Modules Quiz Answers

by Niyander

In this blog post, I will be sharing the quiz answers for Modules 1 to 7 from the Coursera course “Security Principles.” If you’re interested in the course, you can enroll using the following link: Security Principles. Keep reading for a comprehensive guide to all the quiz answers from these modules!

Security Principles Module 1 to 7

Note: Security Principles Course Module 1, 3 & 5 Not available

Module 2 | Self Check: Security Concepts

Instructions

  1. Select the correct term for each definition.
  2. These terms and their concepts are integral to the work of a cybersecurity professional. It’s important that you understand what these terms mean and know how they differ.

Question 1)
The right or a permission that is granted to a system entity to access a system resource.

  • Availability
  • Authorization
  • Authentication
  • Privacy

Question 2)
The property that data has not been altered in an unautorized manner.

  • Confidentiality
  • Privacy
  • Availability
  • Integrity

Question 3)
The characteristic of data or information when it is not made available or disclosed to unauthorized persons or processes.

  • Confidentiality
  • Authentication
  • Non-repudiation
  • Authorization

Question 4)
The right of an individual to control the distribution of information about themselves.

  • Integrity
  • Privacy
  • Confidentiality
  • Authentication

Question 5)
Ensuring timely and reliable access to and use of information by authorized users.

  • Non-repudiation
  • Authentication
  • Authorization
  • Availability

Question 6)
The inability to deny taking an action, such as sending an email message.

  • Privacy
  • Availability
  • Non-repudiation
  • Authentication

Question 7)
Access control process that compares one or more factors of identification to validate that the identity claimed by a user or entity is known to the system.

  • Authentication
  • Authorization
  • Availability
  • Non-repudiation

 

Module: 4 | Self Check: Security Controls

Instructions

  1. Match the term below to the type of control it represents.
  2. These terms and their concepts are integral to the work of a cybersecurity professional. It’s important that you understand what these terms mean and know how they differ.

Question 1)
Acceptable Use Policy

  • Administrative Control
  • Physical Control
  • Technical Control

Question 2)
Badge Reader

  • Administrative Control
  • Physical Control
  • Technical Control

Question 3)
Stop Sign in Parking Lot

  • Administrative Control
  • Physical Control
  • Technical Control

Question 4)
Emergency Operations Procedures

  • Administrative Control
  • Physical Control
  • Technical Control

Question 5)
Access Control List

  • Administrative Control
  • Physical Control
  • Technical Control

Question 6)
Door Lock

  • Administrative Control
  • Physical Control
  • Technical Control

Question 7)
Employee Awareness Training

  • Administrative Control
  • Physical Control
  • Technical Control

Module: 6 | Self Check: Applying the Code

Question 1)
True or False? All (ISC)² members commit to uphold and adhere to the Code of Ethics Canons. (D1, L1.5.1)

  • True
  • False

 

Module 7 | Security Concepts Quiz Answers

This quiz will help you to confirm your understanding and retention of concepts for this course. Please complete it by answering all questions, reviewing correct answers and feedback, and revisiting any course material you feel you need extra time with.

Instructions

  1. This Assessment contains 10 objective item questions.
  2. Recommended time limit is 20 minutes, 2 minutes per question.
  3. Choose the best answer(s) for each question.
  4. You have unlimited attempts and may complete this assessment as many times as you would like.
  5. Passing grade for this quiz is 80%.
  6. Score of highest attempt will be calculated.

Question 1)
A chief information security officer (CISO) at a large organization documented a policy that establishes the acceptable use of cloud environments for all staff. This is an example of a: (D1, L1.3.1)

  • Management/Administrative control
  • Technical control
  • Physical control
  • Cloud control

Question 2)
Is it possible to avoid risk? (D1, L1.2.1)

  • Yes
  • No
  • Sometimes
  • Never

Question 3)
What is meant by non-repudiation?  (D1, L1.1.1)

  • If a user does something, they can’t later claim that they didn’t do it.
  • Controls to protect the organization’s reputation from harm due to inappropriate social media postings by employees, even if on their private accounts and personal time.
  • It is part of the rules set by administrative controls.
  • It is a security feature that prevents session replay attacks.

Question 4)
Which of the following is NOT one of the four typical ways of managing risk?  (D1, L1.2.1)

  • Avoid
  • Accept
  • Mitigate
  • Conflate

Question 5)
Siobhan is deciding whether to make a purchase online; the vendor wants Siobhan to create a new user account, and is requesting Siobhan’s full name, home address, credit card number, phone number, email address, the ability to send marketing messages to Siobhan, and permission to share this data with other vendors. Siobhan decides that the item for sale is not worth the value of Siobhan’s personal information, and decides to not make the purchase.

What kind of risk management approach did Siobhan make? (D1, L1.2.2)

  • avoidance
  • acceptance
  • mitigation
  • transfer

Question 6)
Guillermo is the system administrator for a midsized retail organization. Guillermo has been tasked with writing a document that describes, step-by-step, how to securely install the operating system on a new laptop. This document is an example of a ________. (D1, L1.4.1)

  • policy
  • standard
  • procedure
  • guideline

Question 7)
Lankesh is the security administrator for a small food-distribution company. A new law is published by the country in which Lankesh’s company operates; the law conflicts with the company’s policies. Which governance element should Lankesh’s company follow? (D1, L1.4.2)

  • the law
  • the policy
  • any procedures the company has created for the particular activities affected by the law
  • Lankesh should be allowed to use personal and professional judgment to make the determination of how to proceed

Question 8)
Kristal is the security administrator for a large online service provider. Kristal learns that the company is harvesting personal data of its customers and sharing the data with local governments where the company operates, without the knowledge of the users, to allow the governments to persecute users on the basis of their political and philosophical beliefs. The published user agreement states that the company will not share personal user data with any entities without the users’ explicit permission.

According to the (ISC)² Code of Ethics, to whom does Kristal ultimately owe a duty in this situation? (D1, L1.5.1)

  • the governments of the countries where the company operates
  • the company Kristal works for
  • the users
  • (ISC)²

Question 9)
While taking the certification exam for this certification, you notice another candidate for the certification cheating. What should you do? (D1, L1.5.1)

  • Nothing—each person is responsible for their own actions.
  • Yell at the other candidate for violating test security.
  • Report the candidate to (ISC)². 
  • Call local law enforcement.

Question 10)
The concept of “secrecy” is most related to which foundational aspect of security? (D1, L1.1.1)

  • Confidentiality
  • Integrity
  • Availability
  • Plausibility