Introduction to Cyber Attacks Module 2 Quiz Answers

Hello Friends in this article i am gone to share Coursera Course: Introduction to Cyber Attacks by New York University | Module 2 Quiz Answers with you..

Introduction to Cyber Attacks Module 2 Quiz Answers

Module 2 Quiz Answers

Question 1)
Hackers might produce an availability threat in which of the following scenarios?

  • A hacker causes a tiny delay in some system
  • A hacker causes no delay, but lies about it
  • The entire company sees Spam in its in-box.
  • Money is stolen from the corporate bank account.
  • None of the above

Question 2)
The difference between a hurricane knocking out a data center and a malicious hacker knocking out the same data center is the following:

  • One is an attack and the other is not.
  • One involves a single vulnerability and the other involves an attack.
  • One is a vulnerability and the other is not.
  • One involves multiple vulnerabilities and the other is a weakness.
  • There is no appreciable difference. Both result in a lost center.

Question 3)
Which of the following statements is false?

  • You can build a finite list of assets
  • You cannot build a complete list of vulnerabilities
  • You can identify a finite list of threat types
  • You cannot build a complete list of attacks
  • None of the above are false.

Question 4)
Program testing is an ineffective means for detecting the absence of Trojan horses for which of the following reasons?

  • Testing takes too long for most people‚Äôs liking
  • Trusting a test is a bad idea from a security perspective
  • Testing costs more than verification
  • Trojan horses have no signature
  • Testers cannot draw conclusions about every possible use case

Question 5)
Pre-attack indicators are like post-attack indicators in which of the following ways:

  • Both are more effective in the presence of external threat intelligence
  • Both are really a waste of time for most tools
  • Both will always prevent attacks
  • Neither can possibly prevent an attack.
  • IP source shuns work about 50% of the time for both methods.

Question 6)
DMARC is a standard that enforces which of the following IT infrastructure bindings:

  • Connects email content with checksums
  • Connects source and destination ports
  • Connects email source with email server IP address
  • Connects email destinations with cryptographically checked ports
  • None of the above

Question 7)
Fraud fits poorly into the CIA model for which of the following reasons:

  • Fraud and disclosure are mostly related
  • Integrity has many fraud attributes
  • Fraud fits into existing categories, but only after some adjustment
  • Fraud is a unique scenario that does not easily fit into existing categories

Question 8)
Which of the following is an advantage of more reactive cyber defense (versus proactive defense)?

  • Less false positives
  • Less false negatives
  • Fewer vendor options
  • More vendor options
  • Fewer firewall rules at the perimeter gateway

Question 9)
Brute force attacks are good for which of the following scenarios?

  • Lots of attack choices, but most will not work
  • Fewer attack choices, and most will work
  • Large attack domain size that can be enumerated and traversed with automation
  • Small number of attacks, where each is complex
  • None of the above

Question 10)
Which of the following statements is not true?

  • Ciphertext-only is less secure than breaking encrypted text directly
  • Codebook is easier for bad guys to break than known plaintext
  • Known-plaintext hints cannot be controlled by the eavesdropper
  • Chosen-plaintext is more secure than codebook
  • None of these statements are true.

 

 

Leave a Comment