This course covers a variety of computer security concepts, tools, and best practices. It presents threats and attacks and the many ways in which they can manifest. We will provide you with general information about encryption algorithms and how they are used to protect data. Next, we’ll dive into the three A’s of information security: authentication, authorization and accounting.
IT Security: Defense against the digital dark arts Quiz Answers
Week 01: Understanding Security Threads Quiz Answers
Quiz 01: Malicious Software
Q1. In the CIA Triad, “Confidentiality” means ensuring that data is:
- accurate and was not tampered with.
- not accessible by unwanted parties.
- accessible anonymously.
- available and that people can access it.
Q2. In the CIA Triad, “Integrity” means ensuring that data is:
- available and that people can access it. ;
- not accessible by unwanted parties.
- truthful and honest.
- accurate and was not tampered with.
Q3. In the CIA Triad, “Availability” means ensuring that data is:
- available to anyone from anywhere.
- accurate and was not tampered with.
- not accessible by unwanted parties.
- available and people can access it.
Q4. What’s the relationship between a vulnerability and an exploit?
- A vulnerability takes advantage of an exploit to run arbitrary code or gain access.
- An exploit takes advantage of a vulnerability to run arbitrary code or gain access.
- They’re unrelated.
- An exploit creates a vulnerability in a system.
Q5. Which statement is true for both a worm and a virus?
- They’re self-replicating and self-propagating.
- They’re undetectable by antimalware software.
- They infect other files with malicious code.
- They don’t cause any harm to the target system.
Q6. Check all examples of types of malware:
- Key Generators
- Adware
- Worms
- Viruses
Q7. What are the characteristics of a rootkit? Check all that apply.
- Is difficult to detect
- Is harmless
- Is destructive
- Provides elevated credentials
Quiz 02: Network Attacks
Q1. What are the dangers of a man-in-the-middle attack? Check all that apply.
- An attacker can block or redirect traffic.
- An attacker can destroy data at rest.
- An attacker can eavesdrop on unencrypted traffic.
- An attacker can modify traffic in transit.
Q2. Why is a DNS cache poisoning attack dangerous? Check all that apply.
- It allows an attacker to redirect targets to malicious webservers.
- Errrr…it’s not actually dangerous.
- It affects any clients querying the poisoned DNS server.
- It allows an attacker to remotely control your computer.
Q3. Which of the following is true of a DDoS attack?
- This type of attack causes a significant loss of data.
- An attacker sends attack traffic directly to the target.
- Attack traffic comes from lots of different hosts.
- Attack traffic is encrypted.
Q4. Which of the following result from a denial-of-service attack? Check all that apply.
- Malware infection
- Data destruction
- Slow network performance
- Service unreachable
Quiz 03: Other Attacks
Q1. How can you protect against client-side injection attacks? Check all that apply.
- Use data sanitization
- Use a SQL database
- Utilize strong passwords
- Use input validation
Q2. True or false: A brute-force attack is more efficient than a dictionary attack.
- TRUE
- FALSE
Q3. Which of the following scenarios are social engineering attacks? Check all that apply.
- An attacker performs a DNS Cache poisoning attack.
- Someone uses a fake ID to gain access to a restricted area.
- An attacker performs a man-in-the-middle attack.
- You receive an email with an attachment containing a virus.
Graded Assessment
https://drive.google.com/drive/folders/1xVnX4YdZuNC0034yu3vFZT3_nNm0_0Hj?usp=sharing
Week 2: Pelgbybtl (Cryptology) Quiz Answers
Quiz 01: Cryptography Applications
Q1. What information does a digital certificate contain? Check all that apply.
- Public key data
- Identifying information of the certificate owner
- Digital signature
- Private key data
Q2. Which type of encryption does SSL/TLS use?
- Asymmetric encryption
- Symmetric encryption
- Neither
- Both
Q3. What are some of the functions that a Trusted Platform Module can perform? Check all that apply.
- Remote attestation
- Malware detection
- Secure user authentication
- Data binding and sealing
Quiz 02: Hashing
Q1. How is hashing different from encryption?
- Hashing operations are one-directional.
- Hashing is meant for large amounts of data, while encryption is meant for small amounts of data.
- It’s less secure.
- It’s faster.
Q2. What’s a hash collision?
- When two identical files generate different hash digests
- When a hash digest is reversed to recover the original
- When two different hashing algorithms produce the same hash
- When two different files generate the same hash digest
Q3. How is a Message Integrity Check (MIC) different from a Message Authentication Code (MAC)?
- A MIC only hashes the message, while a MAC incorporates a secret key.
- A MAC requires a password, while a MIC does not.
- They’re the same thing.
- A MIC is more reliable than a MAC.
Q4. How can you defend against brute-force password attacks? Check all that apply.
- Store passwords in a rainbow table.
- Incorporate salts into password hashing.
- Run passwords through the hashing function multiple times.
- Enforce the use of strong passwords. ;
Quiz 03: Symmetric Encryption
Q1. What are the components that make up a cryptosystem? Check all that apply.
- Decryption algorithms
- Encryption algorithms
- Transmission algorithms
- Key generation algorithms
Q2. What is steganography?
- The study of languages
- The practice of encoding messages
- The study of stegosauruses
- The practice of hiding messages
Q3. What makes an encryption algorithm symmetric?
- High speed
- Different keys used for encryption and decryption
- The same keys used for encryption and decryption
- Very large key sizes
Q4. What’s the difference between a stream cipher and a block cipher?
- Block ciphers are only used for block device encryption.
- Stream ciphers can’t save encrypted data to disk.
- Stream ciphers encrypt data as a continuous stream, while block ciphers operate on chunks of data.
- There is no difference.
Q5. True or false: The smaller the encryption key is, the more secure the encrypted data is.
- TRUE
- FALSE ;
Quiz 04: Week Two Practice Quiz
Q1. Plaintext is the original message, while _ is the encrypted message.
- Ciphertext
- Digest
- Cipher
- Algorithm
Q2. The specific function of converting plaintext into ciphertext is called a(n) __.
- Encryption algorithm
- Integrity check
- Data protection standard
- Permutation
Q3. Studying how often letters and pairs of letters occur in a language is referred to as _.
- Codebreaking
- Cryptography ;
- Frequency analysis
- Espionage
Q4. True or false: The same plaintext encrypted using the same algorithm and same encryption key would result in different ciphertext outputs.
- TRUE
- FALSE
Q5. The practice of hiding messages instead of encoding them is referred to as __.
- Encryption
- Hashing
- Obfuscation
- Steganography
Q6. ROT13 and a Caesar cipher are examples of _.
- Digital signatures
- Steganography
- Substitution ciphers
- Asymmetric encryption
Q7. DES, RC4, and AES are examples of __ encryption algorithms.
- Asymmetric
- Strong
- Symmetric
- Weak
Q8. What are the two components of an asymmetric encryption system, necessary for encryption and decryption operations? Check all that apply.
- Private key
- Random number generator
- Digest
- Public key
Q9. To create a public key signature, you would use the __ key.
- Decryption
- Symmetric
- Private ;
- Public [INCORRECT]
Q10. Using an asymmetric cryptosystem provides which of the following benefits? Check all that apply.
- Non-repudiation
- Authenticity
- Hashing
- Confidentiality
Q11. If two different files result in the same hash, this is referred to as a __.
- Mistake
- Coincidence
- Key collision
- Hash collision
Q12. When authenticating a user’s password, the password supplied by the user is authenticated by comparing the __ of the password with the one stored on the system.
- Hash ;
- Plaintext
- Ciphertext
- Length
Q13. If a rainbow table is used instead of brute-forcing hashes, what is the resource trade-off?
- Rainbow tables use less computational resources and more storage space
- Rainbow tables use less RAM resources and more computational resources
- Rainbow tables use less storage space and more RAM resources
- Rainbow tables use less storage space and more computational resources
Q14. In a PKI system, what entity is responsible for issuing, storing, and signing certificates?
- Government
- Certificate Authority
- Intermediary Authority
- Registration Authority
Graded Assessment
https://drive.google.com/drive/folders/1lqShN0jVshRsnRfU1n7lZaMNPKO3XnIf?usp=sharing
Week 3: AAA Security Quiz Answers
Quiz 01: Authentication
Q1. How is authentication different from authorization?
- They’re the same thing.
- Authentication is verifying access to a resource; authorization is verifying an identity.
- Authentication is identifying a resource; authorization is verifying access to an identity.
- Authentication is verifying an identity; authorization is verifying access to a resource.
Q2. What are some characteristics of a strong password? Check all that apply,
- Contains dictionary words
- Includes numbers and special characters
- Is used across accounts and systems
- Is at least eight characters long
Q3. In a multi-factor authentication scheme, a password can be thought of as:
- something you know.
- something you have.
- something you use.
- something you are.
Q4. What are some drawbacks to using biometrics for authentication? Check all that apply.
- Biometric authentication is much slower than alternatives.
- Biometrics are easy to share.
- There are potential privacy concerns.
- Biometric authentication is difficult or impossible to change if compromised.
Q5. In what way are U2F tokens more secure than OTP generators?
- They’re password-protected.
- They can’t be cloned.
- They’re resistant to phishing attacks.
- They’re cheaper.
Q6. What elements of a certificate are inspected when a certificate is verified? Check all that apply.
- Trust of the signatory CA
- Certificate key size
- “Not valid after” date
- “Not valid before” date
Q7. What is a CRL?
- Certified Recursive Listener
- Certificate Revocation List
- Certificate Recording Language
- Caramel Raspberry Lemon
Q8. What are the names of similar entities that a Directory server organizes entities into?
- Clusters
- Groups
- Trees
- Organizational Units
Q9. True or false: The Network Access Server handles the actual authentication in a RADIUS scheme.
- True
- False
Q10. True or false: Clients authenticate directly against the RADIUS server
- True
- False
Q11. What does a Kerberos authentication server issue to a client that successfully authenticates?
- A ticket-granting ticket
- A master password
- An encryption key [INCORRECT]
- A digital certificate
Q12. What advantages does single sign-on offer? Check all that apply.
- It provides encrypted authentication.
- It reduces the total number of credentials,
- It enforces multifactor authentication.
- It reduces time spent authenticating.
Q13. What does OpenID provide?
- Certificate signing
- Digital signatures
- Authentication delegation
- Cryptographic hashing ;
Quiz 02: Authorization and Accounting
Q1. What role does authorization play?
- It determines whether or not an entity has access to a resource.
- It verifies an entity’s identity.
- It verifies passwords.
- It provides strong encryption.
Q2. What does OAuth provide?
- Confidentiality
- Integrity
- Access delegation
- Secure communications
Q3. How is auditing related to accounting?
- They’re not related.
- They’re the same thing.
- Accounting is reviewing records, while auditing is recording access and usage.
- Accounting is recording access and usage, while auditing is reviewing these records.
Graded Assessment
Week 4: Securing Your Networks Quiz Answers
Quiz 01: Network Monitoring
Q1. What does tcpdump do? Select all that apply.
- Encrypts your packets
- Analyzes packets and provides a textual analysis
- Captures packets
- Generates packets
Q2. What does wireshark do differently from tcpdump? Check all that apply.
- It can write packet captures to a file.
- It has a graphical interface.
- It understands more application-level protocols.
- It can capture packets and analyze them.
Q3. What factors should you consider when designing an IDS installation? Check all that apply.
- Internet connection speed
- Storage capacity
- OS types in use
- Traffic bandwidth
Q4. What is the difference between an Intrusion Detection System and an Intrusion Prevention System?
- An IDS can actively block attack traffic, while an IPS can only alert on detected attack traffic.
- An IDS can alert on detected attack traffic, but an IPS can actively block attack traffic.
- An IDS can detect malware activity on a network, but an IPS can’t
- They are the same thing.
Q5. What factors would limit your ability to capture packets? Check all that apply.
- Network interface not being in promiscuous or monitor mode
- Anti-malware software
- Encryption
- Access to the traffic in question
Quiz 02: Secure Network Architecture
Q1. Why is normalizing log data important in a centralized logging setup?
- Log normalizing detects potential attacks.
- Uniformly formatted logs are easier to store and analyze.
- The data must be decrypted before sending it to the log server.
- It’s difficult to analyze abnormal logs.
Q2. What type of attacks does a flood guard protect against? Check all that apply.
- Man-in-the-middle attacks
- Malware infections
- SYN floods
- DDoS attacks
Q3. What does DHCP Snooping protect against?
- Rogue DHCP server attacks
- DDoS attacks
- Brute-force attacks
- Data theft
Q4. What does Dynamic ARP Inspection protect against?
- Rogue DHCP server attacks
- Malware infections
- ARP poisoning attacks
- DDoS attacks
Q5. What does IP Source Guard protect against?
- IP spoofing attacks
- Brute-force attacks
- Rogue DHCP server attacks
- DDoS attacks
Q6. What does EAP-TLS use for mutual authentication of both the server and the client?
- Biometrics
- Usernames and passwords
- Digital certificates
- One-time passwords
Q7. Why is it recommended to use both network-based and host-based firewalls? Check all that apply.
- For protection for mobile devices, like laptops
- For protection against DDoS attacks
- For protection against compromised hosts on the same network
- For protection against man-in-the-middle attacks ;
Quiz 03: Wireless Security
Q1. What are some of the weaknesses of the WEP scheme? Check all that apply.
- Its small IV pool size
- Its use of ASCII characters for passphrases
- Its use of the RC4 stream cipher
- Its poor key generation methods
Q2. What symmetric encryption algorithm does
WPA2 use?
- DES
- DSA
- RSA
- AES
Q3. How can you reduce the likelihood of WPS brute-force attacks? Check all that apply.
- Implement lockout periods for incorrect attempts.
- Update firewall rules.
- Use a very long and complex passphrase.
- Disable WPS.
Q4. Select the most secure WiFi security configuration from below:
- WPA2 enterprise
- WEP 128 bit
- WPA personal
- WPA enterprise
- WPA2 personal
- None
Graded Assessment
Week 5: Defense in Depth Quiz Answers
Quiz 01: Application Hardening
Q1. Why is it important to keep software up-to-date?
- To address any security vulnerabilities discovered
- To ensure compatibility with other systems
- It’s not important. It’s just annoying.
- To ensure access to the latest features
Q2. What are some types of software that you’d want to have an explicit application policy for? Check all that apply.
- Software development kits
- Video games
- Filesharing software
- Word processors ;
Quiz 02: System Hardening
Q1. What is an attack vector?
- The classification of attack type
- The direction an attack is going in
- The severity of the attack
- A mechanism by which an attacker can interact with your network or systems
Q2. Disabling unnecessary components serves which purposes? Check all that apply.
- Reducing the attack surface
- Making a system harder to use
- Increasing performance
- Closing attack vectors
Q3. What’s an attack surface?
- The target or victim of an attack
- The payload of the attack
- The total scope of an attack
- The combined sum of all attack vectors in a system or network
Q4. A good defense in depth strategy would involve deploying which firewalls?
- No firewalls
- Network-based firewalls only
- Both host-based and network-based firewalls
- Host-based firewalls only
Q5. Using a bastion host allows for which of the following? Select all that apply.
- Running a wide variety of software securely
- Applying more restrictive firewall rules
- Having more detailed monitoring and logging
- Enforcing stricter security measures
Q6. What benefits does centralized logging provide? Check all that apply.
- It prevents database theft.
- It blocks malware infections.
- It helps secure logs from tampering or destruction.
- It allows for easier logs analysis.
Q7. What are some of the shortcomings of antivirus software today? Check all that apply.
- It can’t protect against unknown threats.
- It’s very expensive.
- It only detects malware, but doesn’t protect against it.
- It only protects against viruses.
Q8. How is binary whitelisting a better option than antivirus software?
- It’s cheaper.
- It can block unknown or emerging threats.
- It’s not better. It’s actually terrible.
- It has less performance impact.
Q9. What does full-disk encryption protect against? Check all that apply.
- Data theft
- IP spoofing attacks
- Malware infections
- Tampering with system files
Q10. What’s the purpose of escrowing a disk encryption key?
- Providing data integrity
- Protecting against unauthorized access
- Preventing data theft
- Performing data recovery
Graded Assessment
Week 6: Creating a Company Culture for Security Quiz Answers
Graded Assessment
.
Review:
Based on our knowledge, we urge you to enroll in this course so you can pick up new skills from specialists. It will be worthwhile, we trust.