Hello Friends in this article i am gone to share Coursera Course: Introduction to Cyber Attacks by New York University | Module 3 Quiz Answers with you..
Introduction to Cyber Attacks Module 3 Quiz Answers
Module 3 Quiz Answers
Question 1)
If the probability of some attack increases while the consequences of that same attack decrease, a security engineer can quantitatively calculate the effects on overall risk as follows:
- Risk increases, because probability is a more intense factor.
- By calculating risk using a common scale, simple arithmetic can be used.
- Just calculate two different risk values and take the average.
- The engineer probably cannot make a reliable calculation.
- Risk decreases, because probability is a less intense factor.
Question 2)
Avi Rubin’s talk “All Your Devices Can be Hacked” teaches us which of the following lessons:
- Security staff cannot be trusted
- Limit time on devices such as your mobile
- You shouldn’t expect device security to be perfect
- Stay away from using devices
You shouldn’t expect device security to be cheap
Question 3)
The Blaster and Nachi worms demonstrated which of the following?
- Patches are best applied remotely, never directly
- Hints about large-scale attacks might come from a network
- Firewalls work if they are configured and patched properly
- Two factor authentication is a must
- Compliance and security are no longer congruent
Question 4)
Botnet-originated DDOS attacks that produce 100 Gbps of aggregate flood traffic to a target must minimally include which of the following architectural and capacity configurations?
- Ten different botnets, especially if they include IoT
- A million bots each generating one Gbps of attack traffic.
- DDOS attacks will never get that large, so it’s a trick question
- Half a million bots each delivering one Mbps of attack traffic.
- A million bots each delivering ten Kbps of attack traffic.
Question 5)
A typical botnet-originated DDOS attack will tend to use which of the following properties for success:
- Amplification
- Adjudication
- Simplification
- Symmetric Keys
Question 6)
Threat trees enforce completeness by which of the following techniques:
- Marking the leaf nodes wherever possible
- Skipping levels in the tree occasionally
- Making sure each level includes an “other” category if needed
- Tracing paths through the various levels
- Never skipping a level
Question 7)
Which of the following security and cost decision represents the worst choice?
- Lower security, higher cost
- Higher security, higher cost
- Higher security, lower cost
- Lower security, lower cost
- It is impossible to tell.
Question 8)
Which of the following statements is false?
- 2400 bots at 500 Kbps take out a 1.2 Gbps line.
- Two bots at 750Kpbs take out a T1 line.
- A million bots at any outbound capacity is simply not feasible
Question 9)
Determining the assets of an enterprise requires involvement of which of the following organizations:
- The CEO should lead a weekly effort
- Mostly HR, because people are the biggest security problem
- Consultants can find assets with scanners
- IT and security taking the lead with BU support
Question 10)
If something caused risk to increase, then we can conclude which of the following?
- Consequence of attack decreased
- Probability of attack increased
- Consequence of attack increased
- Probability of attack might have decreased
- Neither probability of attack or consequence of attack increased