This site uses cookies to give you the best possible experience. If you continue to use this site we will assume that you are happy with this. Find out more. Show
Coursera Google IT Security: Defense against the digital dark arts quiz answers to all weekly questions (weeks 1-6):
You may also be interested in Google IT Support Professional Certificate quiz answers. IT Security: Defense against the digital dark arts quiz answersIT Security: Defense against the digital dark arts is Course 5 of the five-course Google IT Support Professional Certificate. This course covers a wide variety of IT security concepts, tools, and best practices. It introduces threats and attacks and the many ways they can show up. We’ll give you some background of encryption algorithms and how they’re used to safeguard data. Then, we’ll dive into the three As of information security: authentication, authorization, and accounting. We’ll also cover network security solutions, ranging from firewalls to Wifi encryption options. The course is rounded out by putting all these elements together into a multi-layered, in-depth security architecture, followed by recommendations on how to integrate a culture of security into your organization or team. At the end of this course, you’ll understand:● how various encryption algorithms and techniques work as well as their benefits and limitations.● various authentication systems and types.● the difference between authentication and authorization.● how to evaluate potential risks and recommend ways to reduce risk.● best practices for securing a network. ● how to help others to grasp security concepts and protect themselves. Week 1: Understanding Security Threats quiz answersWelcome to the IT Security course of the Google IT Support Professional Certificate! In the first week of this course, we will cover the basics of security in an IT environment. We will learn how to define and recognize security risks, vulnerabilities and threats. We’ll identify the most common security attacks in an organization and understand how security revolves around the “CIA” principle. By the end of this module, you will know the types of malicious software, network attacks, client-side attacks, and the essential security terms you’ll see in the workplace. Malicious SoftwareQuestion 1In the CIA Triad, “Confidentiality” means ensuring that data is:
Question 2In the CIA Triad, “Integrity” means ensuring that data is:
Question 3In the CIA Triad, “Availability” means ensuring that data is:
Question 4What’s the relationship between a vulnerability and an exploit?
Question 5Which statement is true for both a worm and a virus?
Question 6Check all examples of types of malware:
Question 7What are the characteristics of a rootkit? Check all that apply.
Network AttacksQuestion 1What are the dangers of a man-in-the-middle attack? Check all that apply.
Question 2Why is a DNS cache poisoning attack dangerous? Check all that apply.
Question 3Which of the following is true of a DDoS attack?
Question 4Which of the following result from a denial-of-service attack? Check all that apply.
Other AttacksQuestion 1How can you protect against client-side injection attacks? Check all that apply.
Question 2True or false: A brute-force attack is more efficient than a dictionary attack.
Question 3Which of the following scenarios are social engineering attacks? Check all that apply.
Graded AssessmentUnderstanding Security ThreatsQuestion 1A network-based attack where one attacking machine overwhelms a target with traffic is a(n) _ attack.
Question 2When cleaning up a system after a compromise, you should look closely for any __ that may have been installed by the attacker.
Question 3A(n) _ attack is meant to prevent legitimate traffic from reaching a service.
Question 4The best defense against password attacks is using strong _.
Question 5Which of these is an example of the confidentiality principle that can help keep your data hidden from unwanted eyes?
Question 6What could potentially decrease the availability of security and also test the preparedness of data loss?
Question 7Which of these is a characteristic of Trojan malware?
Question 8What is it called when a hacker is able to get into a system through a secret entryway in order to maintain remote access to the computer?
Question 9An unhappy Systems Administrator wrote a malware program to bring down the company’s services after a certain event occurred. What type of malware does this describe?
Question 10Which of these is where a victim connects to a network that the victim thinks is legitimate, but is really an identical network controlled by a hacker to monitor traffic?
Question 11How can injection attacks be prevented? Check all that apply.
Question 12If a hacker targets a vulnerable website by running commands that delete the website’s data in its database, what type of attack did the hacker perform?
Question 13An attacker, acting as a postal worker, used social engineering tactics to trick an employee into thinking she was legitimately delivering packages. The attacker was then able to gain physical access to a restricted area by following behind the employee into the building. What type of attack did the attacker perform? Check all that apply.
Week 2: Pelcgbybtl (Cryptology) quiz answersIn the second week of this course, we’ll learn about cryptology. We’ll explore different types of encryption practices and how they work. We’ll show you the most common algorithms used in cryptography and how they’ve evolved over time. By the end of this module, you’ll understand how symmetric encryption, asymmetric encryption, and hashing work; you’ll also know how to choose the most appropriate cryptographic method for a scenario you may see in the workplace. Cryptography ApplicationsQuestion 1What information does a digital certificate contain? Check all that apply.
Question 2Which type of encryption does SSL/TLS use?
Question 3What are some of the functions that a Trusted Platform Module can perform? Check all that apply.
HashingQuestion 1How is hashing different from encryption?
Question 2What’s a hash collision?
Question 3How is a Message Integrity Check (MIC) different from a Message Authentication Code (MAC)?
Question 4How can you defend against brute-force password attacks? Check all that apply.
Symmetric EncryptionQuestion 1What are the components that make up a cryptosystem? Check all that apply.
Question 2What is steganography?
Question 3What makes an encryption algorithm symmetric?
Question 4What’s the difference between a stream cipher and a block cipher?
Question 5True or false: The smaller the encryption key is, the more secure the encrypted data is.
Week Two Practice QuizQuestion 1Plaintext is the original message, while _ is the encrypted message.
Question 2The specific function of converting plaintext into ciphertext is called a(n) __.
Question 3Studying how often letters and pairs of letters occur in a language is referred to as _.
Question 4True or false: The same plaintext encrypted using the same algorithm and same encryption key would result in different ciphertext outputs.
Question 5The practice of hiding messages instead of encoding them is referred to as __.
Question 6ROT13 and a Caesar cipher are examples of _.
Question 7DES, RC4, and AES are examples of __ encryption algorithms.
Question 8What are the two components of an asymmetric encryption system, necessary for encryption and decryption operations? Check all that apply.
Question 9To create a public key signature, you would use the __ key.
Question 10Using an asymmetric cryptosystem provides which of the following benefits? Check all that apply.
Question 11If two different files result in the same hash, this is referred to as a __.
Question 12When authenticating a user’s password, the password supplied by the user is authenticated by comparing the __ of the password with the one stored on the system.
Question 13If a rainbow table is used instead of brute-forcing hashes, what is the resource trade-off?
Question 14In a PKI system, what entity is responsible for issuing, storing, and signing certificates?
Graded Assessment# generate a 2048-bit RSA private key openssl genrsa -out private_key.pem 2048 cat private_key.pem # generate public key openssl rsa -in private_key.pem -outform PEM -pubout -out public_key.pem cat public_key.pem # creating a text file echo 'This is a secret message, for authorized parties only' > secret.txt # encrpyt the file using public key openssl rsautl -encrypt -pubin -inkey public_key.pem -in secret.txt -out secret.enc # decrpyt the message using private key openssl rsautl -decrypt -inkey private_key.pem -in secret.enc # create hash digest openssl dgst -sha256 -sign private_key.pem -out secret.txt.sha256 secret.txt # verification openssl dgst -sha256 -verify public_key.pem -signature secret.txt.sha256 secret.txt # MD 5 # creating a text file echo 'This is some text in a file, just so we have some data' > file.txt # generate the MD5 sum for the file and store it md5sum file.txt > file.txt.md5 cat file.txt.md5 # verify that the hash is correct # and that the original file hasn't been tampered with since the sum was made md5sum -c file.txt.md5 # Verifying an invalid file # make a copy of file cp file.txt badfile.txt # generate new md5sum for the new file md5sum badfile.txt > badfile.txt.md5 # check the resulting hash cat badfile.txt.md5 cat file.txt.md5 # edit file and add a space character to the end of the file nano badfile.txt # verify md5sum -c badfile.txt.md5 # generate new hash md5sum badfile.txt > new.badfile.txt.md5 cat new.badfile.txt.md5 # SHA1 # create sh1 sum shasum file.txt > file.txt.sha1 cat file.txt.sha1 # verify shasum -c file.txt.sha1 # SHA256 # generate sha256 sum shasum -a 256 file.txt > file.txt.sha256 cat file.txt.sha256 shasum -c file.txt.sha256Week 3: AAA Security (Not Roadside Assistance) quiz answersIn the third week of this course, we’ll learn about the “three A’s” in cybersecurity. No matter what type of tech role you’re in, it’s important to understand how authentication, authorization, and accounting work within an organization. By the end of this module, you’ll be able to choose the most appropriate method of authentication, authorization, and level of access granted for users in an organization. AuthenticationQuestion 1How is authentication different from authorization?
Question 2What are some characteristics of a strong password? Check all that apply,
Question 3In a multi-factor authentication scheme, a password can be thought of as:
Question 4What are some drawbacks to using biometrics for authentication? Check all that apply.
Question 5In what way are U2F tokens more secure than OTP generators?
Question 6What elements of a certificate are inspected when a certificate is verified? Check all that apply.
Question 7What is a CRL?
Question 8What are the names of similar entities that a Directory server organizes entities into?
Question 9True or false: The Network Access Server handles the actual authentication in a RADIUS scheme.
Question 10True or false: Clients authenticate directly against the RADIUS server.
Question 11What does a Kerberos authentication server issue to a client that successfully authenticates?
Question 12What advantages does single sign-on offer? Check all that apply.
Question 13What does OpenID provide?
Authorization and AccountingQuestion 1What role does authorization play?
Question 2What does OAuth provide?
Question 3How is auditing related to accounting?
Graded AssessmentAAA Security (Not Roadside Assistance)Question 1Authentication is concerned with determining _.
Question 2The two types of one-time-password tokens are _ and _. Check all that apply.
Question 3In addition to the client being authenticated by the server, certificate authentication also provides __.
Question 4Kerberos uses _ as authentication tokens.
Question 5Which of these passwords is the strongest for authenticating to a system?
Question 6In a Certificate Authority (CA) infrastructure, why is a client certificate used?
Question 7A network admin wants to use a Remote Authentication Dial-In User Service (RADIUS) protocol to allow 5 user accounts to connect company laptops to an access point in the office. These are generic users and will not be updated often. Which of these internal sources would be appropriate to store these accounts in?
> Question 8What are the benefits of using a Single Sign-On (SSO) authentication service? Check all that apply.
Question 9In the three As of security, which part pertains to describing what the user account does or doesn’t have access to?
Question 10A company is utilizing Google Business applications for the marketing department. These applications should be able to temporarily access a user’s email account to send links for review. Why should the company use Open Authorization (OAuth) in this situation?
Question 11Access control entries can be created for what types of file system objects? Check all that apply.
Week 4: Securing Your Networks quiz answersIn the fourth week of this course, we’ll learn about secure network architecture. It’s important to know how to implement security measures on a network environment, so we’ll show you some of the best practices to protect an organization’s network. We’ll learn about some of the risks of wireless networks and how to mitigate them. We’ll also cover ways to monitor network traffic and read packet captures. By the end of this module, you’ll understand how VPNs, proxies and reverse proxies work; why 802.1X is a super important for network protection; understand why WPA/WPA2 is better than WEP; and know how to use tcpdump to capture and analyze packets on a network. That’s a lot of information, but well worth it for an IT Support Specialist to understand! Network MonitoringQuestion 1What does tcpdump do? Select all that apply.
Question 2What does wireshark do differently from tcpdump? Check all that apply.
Question 3What factors should you consider when designing an IDS installation? Check all that apply.
Question 4What is the difference between an Intrusion Detection System and an Intrusion Prevention System?
Question 5What factors would limit your ability to capture packets? Check all that apply.
Secure Network ArchitectureQuestion 1Why is normalizing log data important in a centralized logging setup?
Question 2What type of attacks does a flood guard protect against? Check all that apply.
Question 3What does DHCP Snooping protect against?
Question 4What does Dynamic ARP Inspection protect against?
Question 5What does IP Source Guard protect against?
Question 6What does EAP-TLS use for mutual authentication of both the server and the client?
Question 7Why is it recommended to use both network-based and host-based firewalls? Check all that apply.
Wireless SecurityQuestion 1What are some of the weaknesses of the WEP scheme? Check all that apply.
Question 2What symmetric encryption algorithm does
Question 3How can you reduce the likelihood of WPS brute-force attacks? Check all that apply.
Question 4Select the most secure WiFi security configuration from below:
Graded Assessment# Using tcpdump # fill terminal with a constant stream of text as new packets are read. sudo tcpdump -i eth0 # the -v flag to enable more verbose output # the -n avoid generating additional traffic from the DNS lookups, and to speed up the analysis sudo tcpdump -i eth0 -vn # tcpdump's filter # we only want packets where the source or destination IP address matches what we specify (in this case 8.8.8.8) sudo tcpdump -i eth0 -vn host 8.8.8.8 and port 53 # in second terminal dig @8.8.8.8 A example.com # Saving captured packets # capture on our eth0 interface that filters for only HTTP traffic by specifying port 80. # the -w flag indicates that we want to write the captured packets to a file named http.pcap. sudo tcpdump -i eth0 port 80 -w http.pcap # in second terminal curl example.com # generate some traffic # read from this file using tcpdump tcpdump -r http.pcap -nvWeek 5: Defense in Depth quiz answersIn the fifth week of this course, we’re going to go more in-depth into security defense. We’ll cover ways to implement methods for system hardening, application hardening, and determine the policies for OS security. By the end of this module, you’ll know why it’s important to disable unnecessary components of a system, learn about host-based firewalls, setup anti-malware protection, implement disk encryption, and configure software patch management and application policies. Application HardeningQuestion 1Why is it important to keep software up-to-date?
Question 2What are some types of software that you’d want to have an explicit application policy for? Check all that apply.
System HardeningQuestion 1What is an attack vector?
Question 2Disabling unnecessary components serves which purposes? Check all that apply.
Question 3What’s an attack surface?
Question 4A good defense in depth strategy would involve deploying which firewalls?
Question 5Using a bastion host allows for which of the following? Select all that apply.
Question 6What benefits does centralized logging provide? Check all that apply.
Question 7What are some of the shortcomings of antivirus software today? Check all that apply.
Question 8How is binary whitelisting a better option than antivirus software?
Question 9What does full-disk encryption protect against? Check all that apply.
Question 10What’s the purpose of escrowing a disk encryption key?
Graded AssessmentDefense in DepthQuestion 1How are attack vectors and attack surfaces related?
Question 2What does full-disk encryption protect against? Check all that apply.
Question 3What does applying software patches protect against? Check all that apply.
Question 4A hacker gained access to a network through malicious email attachments. Which one of these is important when talking about methods that allow a hacker to gain this access?
Question 5When looking at aggregated logs, you are seeing a large percentage of Windows hosts connecting to an Internet Protocol (IP) address outside the network in a foreign country. Why might this be worth investigating more closely?
Question 6Which of these protects against the most common attacks on the internet via a database of signatures, but at the same time actually represents an additional attack surface that attackers can exploit to compromise systems?
Question 7A hacker exploited a bug in the software and triggered unintended behavior which led to the system being compromised by running vulnerable software. Which of these helps to fix these types of vulnerabilities?
Question 8Why is it risky if you wanted to make an exception to the application policy to allow file sharing software?
Week 6: Creating a Company Culture for Security quiz answersCongratulations, you’ve made it to the final week in the course! In the last week of this course, we’ll explore ways to create a company culture for security. It’s important for any tech role to determine appropriate measures to meet the three goals of security. By the end of this module, you will develop a security plan for an organization to demonstrate the skills you’ve learned in this course. You’re almost done, keep up the great work! Graded AssessmentCreating a Company Culture for SecurityQuestion 1What tool can you use to discover vulnerabilities or dangerous misconfigurations on your systems and network?
Question 2A strong password is a good step towards good security, but what else is recommended to secure authentication?
Question 3What’s a quick and effective way of evaluating a third party’s security?
Question 4When handling credit card payments, your organization needs to adhere to the _.
Question 5A company wants to restrict access to sensitive data. Only those who have a “need to know” will have access to this data. Strong access controls need to be implemented. Which of these examples, that don’t include user identification, are used for 2-factor authentication? Check all that apply.
Question 6Your company wants to establish good privacy practices in the workplace so that employee and customer data is properly protected. Well-established and defined privacy policies are in place, but they also need to be enforced. What are some ways to enforce these privacy policies? Check all that apply.
Question 7Which of these are bad security habits commonly seen amongst employees in the workplace? Check all that apply.
Question 8What are some ways to combat against email phishing attacks for user passwords? Check all that apply.
Question 9Third-party services that require equipment on-site may require your company to do which of the following? Check all that apply.
Question 10Periodic mandatory security training courses can be given to employees in what way? Check all that apply.
Question 11Once the scope of the incident is determined, the next step would be _.
Related contentGoogle Data Analytics Professional Certificate Course 1: Foundations – Cliffs Notes How to break into information security How to get CCNA certification IT career paths – everything you need to know Network security risk mitigation best practices Professional ethical hacking body of knowledge The GRC approach to managing cybersecurity The Security Operations Center (SOC) career path What do ethical hackers do? Back to DTI Courses |