Hello Friends in this article i am gone to share Coursera Course: Introduction to Cyber Attacks by New York University | Module 2 Quiz Answers with you..
Introduction to Cyber Attacks Module 2 Quiz Answers
Module 2 Quiz Answers
Question 1)
Hackers might produce an availability threat in which of the following scenarios?
- A hacker causes a tiny delay in some system
- A hacker causes no delay, but lies about it
- The entire company sees Spam in its in-box.
- Money is stolen from the corporate bank account.
- None of the above
Question 2)
The difference between a hurricane knocking out a data center and a malicious hacker knocking out the same data center is the following:
- One is an attack and the other is not.
- One involves a single vulnerability and the other involves an attack.
- One is a vulnerability and the other is not.
- One involves multiple vulnerabilities and the other is a weakness.
- There is no appreciable difference. Both result in a lost center.
Question 3)
Which of the following statements is false?
- You can build a finite list of assets
- You cannot build a complete list of vulnerabilities
- You can identify a finite list of threat types
- You cannot build a complete list of attacks
- None of the above are false.
Question 4)
Program testing is an ineffective means for detecting the absence of Trojan horses for which of the following reasons?
- Testing takes too long for most people’s liking
- Trusting a test is a bad idea from a security perspective
- Testing costs more than verification
- Trojan horses have no signature
- Testers cannot draw conclusions about every possible use case
Question 5)
Pre-attack indicators are like post-attack indicators in which of the following ways:
- Both are more effective in the presence of external threat intelligence
- Both are really a waste of time for most tools
- Both will always prevent attacks
- Neither can possibly prevent an attack.
- IP source shuns work about 50% of the time for both methods.
Question 6)
DMARC is a standard that enforces which of the following IT infrastructure bindings:
- Connects email content with checksums
- Connects source and destination ports
- Connects email source with email server IP address
- Connects email destinations with cryptographically checked ports
- None of the above
Question 7)
Fraud fits poorly into the CIA model for which of the following reasons:
- Fraud and disclosure are mostly related
- Integrity has many fraud attributes
- Fraud fits into existing categories, but only after some adjustment
- Fraud is a unique scenario that does not easily fit into existing categories
Question 8)
Which of the following is an advantage of more reactive cyber defense (versus proactive defense)?
- Less false positives
- Less false negatives
- Fewer vendor options
- More vendor options
- Fewer firewall rules at the perimeter gateway
Question 9)
Brute force attacks are good for which of the following scenarios?
- Lots of attack choices, but most will not work
- Fewer attack choices, and most will work
- Large attack domain size that can be enumerated and traversed with automation
- Small number of attacks, where each is complex
- None of the above
Question 10)
Which of the following statements is not true?
- Ciphertext-only is less secure than breaking encrypted text directly
- Codebook is easier for bad guys to break than known plaintext
- Known-plaintext hints cannot be controlled by the eavesdropper
- Chosen-plaintext is more secure than codebook
- None of these statements are true.