EX FINAL 2 - IBM Cybersecurity Analyst Professional Certificate Assessment Exam - Coursera
EX FINAL 2 - IBM Cybersecurity Analyst Professional Certificate Assessment Exam - Coursera
EX FINAL 2 - IBM Cybersecurity Analyst Professional Certificate Assessment Exam - Coursera
1. Select the answer that fills in the blanks in the correct order. 0 / 1 punto
A weakness in a system is a/an ____. The potential danger associated with this
is a/an ____ that becomes a/an ____ when attacked by a bad actor.
Incorrecto
Incorrect, this material was covered in the course Introduction to
Cybersecurity Tools & Cyber Attacks, Week 1 - History of Cybersecurity
Preventative
Administrative
Deterrent
Corrective
Incorrecto
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-exa… 1/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
3. How would you classify a piece of malicious code that can replicate itself and 0 / 1 punto
spread to new systems?
Spyware
A virus
A worm
A Trojan Horse
Incorrecto
Incorrect, this material was covered in the course Introduction to
Cybersecurity Tools & Cyber Attacks, Week 2 - A brief overview of types
of actors and their motives
4. To engage in packet sniffing, you must implement promiscuous mode on which 1 / 1 punto
device?
A Promiscuous Gateway
A network card
A sniffing router
Correcto
Correct!
5. Which mechanism would help assure the integrity of a message, but not do 1 / 1 punto
much to assure confidentiality or availability.
Mirroring
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-exa… 2/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Hashing
Encrypting
Audit logs
Correcto
Correct!
Operational
Physical
Correcto
Partially correct! This is 1 of the 2 correct answers
Administrative
Correcto
Partially correct! This is 1 of the 2 correct answers
Technical
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-exa… 3/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Incorrecto
Incorrect, this material was covered in the course Introduction to
Cybersecurity Tools & Cyber Attacks, Week 4 - An overview of key
security tools
Incorrecto
Incorrect, this material was covered in the course Introduction to
Cybersecurity Tools & Cyber Attacks, Week 4 - An overview of key
security tools
9. Which position is in charge of testing the security and effectiveness of computer 0 / 1 punto
information systems?
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-exa… 4/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Incorrecto
Incorrect, this material was covered in the course Cybersecurity Roles,
Processes & Operating System Security, Week 1 - People Process &
Technology
10. Which three (3) roles are typically found in an Information Security organization? 0 / 1 punto
(Select 3)
Correcto
Partially correct! This is 1 of the 3 correct answers
Finance
Security Guard
Penetration Tester
Correcto
Partially correct! This is 1 of the 3 correct answers
Vulnerability Assessor
Correcto
Partially correct! This is 1 of the 3 correct answers
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-exa… 5/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Incorrecto
Incorrect, this material was covered in the course Cybersecurity Roles,
Processes & Operating System Security, Week 1 - People Process &
Technology
12. Alice sends a message to Bob that is intercepted by Trudy. Which scenario 0 / 1 punto
describes a confidentiality violation?
Incorrecto
Incorrect, this material was covered in the course Cybersecurity Roles,
Processes & Operating System Security, Week 2 - Examples & Principles
of the CIA Triad
13. What does the "A" in the CIA Triad stand for? 0 / 1 punto
Availability
Authenticity
Accountability
Architecture
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-exa… 6/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Incorrecto
Incorrect, this material was covered in the course Cybersecurity Roles,
Processes & Operating System Security, Week 2 - Examples & Principles
of the CIA Triad
14. Multifactor authentication (MFA) requires more than one authentication method 0 / 1 punto
to be used before identity is authenticated. Which three (3) are authentication
methods? (Select 3)
Correcto
Partially correct! This is 1 of the 3 correct answers
Something a person is
Correcto
Partially correct! This is 1 of the 3 correct answers
15. The encryption and protocols used to prevent unauthorized access to data are 1 / 1 punto
examples of which type of access control?
Administrative
Physical
Technical
Embedded
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-exa… 7/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Correcto
Correct!
\Program Files
\System
\System32
Incorrecto
Incorrect, this material was covered in the course Cybersecurity Roles,
Processes & Operating System Security, Week 4 - Windows Operating
System Security Basics
17. In a Linux file system, which files are contained in the \bin folder? 0 / 1 punto
Incorrecto
Incorrect, this material was covered in the course Cybersecurity Roles,
Processes & Operating System Security, Week 5 - Linux Operating
System Security Basics
18. A small and underfunded startup company should consider using which type of 1 / 1 punto
cloud first?
Public cloud
Hybrid cloud
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-exa… 8/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Universal cloud
Private cloud
Correcto
Correct!
After moving the workloads to the cloud but before they are open to users
It does not matter; these steps require approximately the same amount of
work no matter when you elect to do them
Incorrecto
Incorrect, this material was covered in the course Cybersecurity Roles,
Processes & Operating System Security, Week 7 - Overview of
Virtualization
Physical
Operational
Virtual
Technical
Incorrecto
Incorrect, this material was covered in the course Cybersecurity
Compliance Framework & System Administration, Week 1 - Compliance
Frameworks and Industry Standards
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-exa… 9/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
21. Island hopping is an attack method commonly used in which scenario? 0 / 1 punto
Incorrecto
Incorrect, this material was covered in the course Cybersecurity
Compliance Framework & System Administration, Week 2 - Client
System Administration, Endpoint Protection and Patching
22. What is the most common patch remediation frequency for most organizations? 0 / 1 punto
Weekly
Monthly
Annually
Incorrecto
Incorrect, this material was covered in the course Cybersecurity
Compliance Framework & System Administration, Week 2 - Client
System Administration, Endpoint Protection and Patching
23. Granting access to a user account only those privileges necessary to perform its 0 / 1 punto
intended functions is known as what?
Incorrecto
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 10/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
24. What is the primary authentication protocol used by Microsoft in Active 0 / 1 punto
Directory?
Kerberos
Incorrecto
Incorrect, this material was covered in the course Cybersecurity
Compliance Framework & System Administration, Week 3 - Server and
User Administration
25. Symmetric key encryption by itself ensures which of the following? 0 / 1 punto
Confidentiality only
Incorrecto
Incorrect, this material was covered in the course Cybersecurity
Compliance Framework & System Administration, Week 4 - Cryptography
and Compliance Pitfalls
26. Why is hashing not a common method used for encrypting data? 0 / 1 punto
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 11/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
There are too few unique hashing algorithms available for widespread use
as a general encryption tool
The length of the hash string is proportional to the length of the input so the
approximate message length can be derived from a hash
Incorrecto
Incorrect, this material was covered in the course Cybersecurity
Compliance Framework & System Administration, Week 4 - Cryptography
and Compliance Pitfalls
The original message can be retrieved from the hash if you have the
encryption key
If you have two hashes that differ only by a single character, you can infer
that the original messages also differed very little
Correcto
Correct!
28. Which statement about encryption is True for data in use. 0 / 1 punto
Data should always be kept encrypted since modern CPUs are fully
capable of operating directly on encrypted data
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 12/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Incorrecto
Incorrect, this material was covered in the course Cybersecurity
Compliance Framework & System Administration, Week 4 - Cryptography
and Compliance Pitfalls
29. A small company with 25 computers wishes to connect them to the Internet 1 / 1 punto
using a NAT router. How many Public IP addresses will this company need to
assure all 25 computers can communicate with each other and other systems on
the Internet if they implement Port Address Translations?
25
26
Correcto
Correct!
30. Which statement best describes configuring a NAT router to use dynamic 0 / 1 punto
mapping?
The NAT router uses each computer's IP address for both internal and
external communication
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 13/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Incorrecto
Incorrect, this material was covered in the course Network Security &
Database Vulnerabilities, Week 1 - TCP/IP Framework
31. If a computer needs to send a message to a system that is not part of the local 0 / 1 punto
network, where does it send the message?
Incorrecto
Incorrect, this material was covered in the course Network Security &
Database Vulnerabilities, Week 1 - TCP/IP Framework
32. In IPv4, how many of the 4 octets are used to define the network portion of the 0 / 1 punto
address in a Class B network?
Incorrecto
Incorrect, this material was covered in the course Network Security &
Database Vulnerabilities, Week 2 - Basics of IP Addressing and the OSI
Model
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 14/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
33. Which three (3) of these statements about the UDP protocol are True? (Select 3) 0 / 1 punto
Correcto
Partially correct! This is 1 of the 3 correct answers
Correcto
Partially correct! This is 1 of the 3 correct answers
UDP is connectionless
Correcto
Partially correct! This is 1 of the 3 correct answers
34. Signature-based detection and statistical anomaly detection are found on what 1 / 1 punto
type of device?
A Stateful Firewall
A Stateless Firewall
Correcto
Correct!
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 15/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
35. If you have to rely upon metadata to work with the data at hand, you are 1 / 1 punto
probably working with which type of data?
Structured data
Semi-structured data
Unstructured data
Meta-structured data
Correcto
Correct!
36. Hassan is an engineer who works a normal day shift from his company's 1 / 1 punto
headquarters in Austin, TX USA. Which two (2) of these activities raise the most
cause for concern? (Select 2)
One evening, Hassan downloads all of the files associated with the new
product he is working on
Correcto
Partially correct! This is 1 of the 2 correct answers
Hassan has started logging in from home for an hour or so most evenings
Each night Hassan logs into his account from an ISP in China
Correcto
Partially correct! This is 1 of the 2 correct answers
37. Which three (3) of the following are considered safe coding practices? (Select 3) 0 / 1 punto
Correcto
Partially correct! This is 1 of the 3 correct answers
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 16/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Correcto
Partially correct! This is 1 of the 3 correct answers
Correcto
Partially correct! This is 1 of the 3 correct answers
38. Which three (3) items should be included in the Planning step of a penetration 1 / 1 punto
test? (Select 3)
Correcto
Partially correct! This is 1 of the 3 correct answers
Establishing Boundaries
Correcto
Partially correct! This is 1 of the 3 correct answers
Setting Objectives
Correcto
Partially correct! This is 1 of the 3 correct answers
39. Which portion of the pentest report would cover the risk ranking, 0 / 1 punto
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 17/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Rules of Engagement
Technical Review
Executive Summary
Incorrecto
Incorrect, this material was covered in the course Penetration Testing,
Incident Response and Forensics, Week 1 - Penetration Testing
40. Which Incident Response Team model describes a team that runs all incident 0 / 1 punto
response activities for a company?
Coordinating
Distributed
Control
Central
Incorrecto
Incorrect, this material was covered in the course Penetration Testing,
Incident Response and Forensics, Week 2 - Incident Response
41. NIST recommends considering a number of items, including a high level of 1 / 1 punto
testing and monitoring, during which stage of a comprehensive Containment,
Eradication & Recovery strategy?
Recovery
Containment
Eradication
Correcto
Correct!
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 18/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
42. True or False. Digital forensics is effective in solving cyber crimes but is not 0 / 1 punto
considered effective in solving violent crimes such as rape and murder.
True
False
Incorrecto
Incorrect, this material was covered in the course Penetration Testing,
Incident Response and Forensics, Week 3 - Digital Forensics
43. In digital forensics documenting the chain of custody of evidence is critical. 0 / 1 punto
Which of these should be included in your chain of custody log?
The names of every person who has physical custody of any piece of
evidence
Documenting the actions that are performed on the evidence and at what
time
Incorrecto
Incorrect, this material was covered in the course Penetration Testing,
Incident Response and Forensics, Week 3 - Digital Forensics
Windows
UNIX
Mac OS X
Linux
Incorrecto
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 19/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
45. Which three (3) of the following are considered scripting languages? (Select 3) 0 / 1 punto
C++
FORTRAN
Bash
Correcto
Partially correct! This is 1 of the 3 correct answers
Perl
Correcto
Partially correct! This is 1 of the 3 correct answers
Python
Correcto
Partially correct! This is 1 of the 3 correct answers
pi="3"
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 20/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
int
float
bool
str
Incorrecto
Incorrect, this material was covered in the course Penetration Testing,
Incident Response and Forensics, Week 4 - Introduction to Scripting
47. Which two (2) of these Python libraries provides useful statistical functions? 0 / 1 punto
(Select 2)
NumPy
Matplotlib
Scikit-learn
Correcto
Partially correct! This is 1 of the 2 correct answers
StatsModels
Correcto
Partially correct! This is 1 of the 2 correct answers
Pandas
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 21/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Seaborn
48. Which country had the highest average cost per breach in 2018 at $8.19M 1 / 1 punto
United States
Germany
China
United Kingdom
Russia
Japan
Correcto
Correct!
49. Activities performed as a part of security intelligence can be divided into pre- 0 / 1 punto
exploit and post-exploit activities. Which two (2) of these are post-exploit
activities? (Select 2)
Correcto
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 22/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Correcto
Partially correct! This is 1 of the 2 correct answers
Detect deviations from the norm that indicate early warnings of APTs
50. Which three (3) of these are among the top 12 capabilities that a good data 0 / 1 punto
security and protection solution should provide? (Select 3)
Tokenization
Correcto
Partially correct! This is 1 of the 3 correct answers
Real-time alerting
Correcto
Partially correct! This is 1 of the 3 correct answers
Event correlation
Vulnerability assessment
Correcto
Partially correct! This is 1 of the 3 correct answers
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 23/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
51. There are many good reasons for maintaining comprehensive backups of critical 1 / 1 punto
data. Which aspect of the CIA Triad is most impacted by an organization's
backup practices?
Integrity
Availability
Authorization
Confidentiality
Correcto
Correct!
52. Which three (3) of these are among the 5 common pitfalls of data security? 1 / 1 punto
(Select 3)
Correcto
Partially correct! This is 1 of the 3 correct answers
Correcto
Partially correct! This is 1 of the 3 correct answers
Correcto
Partially correct! This is 1 of the 3 correct answers
53. Which type of scan is quieter than other TCP scans and can get around firewalls, 0 / 1 punto
but can be detected with newer IDSs?
Stealth scan
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 24/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
TCP Connect
Incorrecto
Incorrect, this material was covered in the course Cyber Threat
Intelligence, Week 4 - Scanning
54. In which component of a Common Vulnerability Score (CVSS) would privileges 0 / 1 punto
required be reflected?
Environmental Score
Temporal Score
Base-Impact Subscore
Base-Exploitability Subscore
Incorrecto
Incorrect, this material was covered in the course Cyber Threat
Intelligence, Week 4 - Scanning
55. The Decommission step in the DevSecOps Release, Deploy & Decommission 1 / 1 punto
phase contains which of these activities?
Versioning of infrastructure
Correcto
Correct!
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 25/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
56. Which form of penetration testing allows the testers partial knowledge of the 1 / 1 punto
systems they are trying to penetrate in advance of their attack to streamline
costs and focus efforts?
Correcto
Correct!
57. Which type of application attack would include User denies performing an 0 / 1 punto
operation, attacker exploits an application without trace, and attacker covers her
tracks?
Authentication
Input validation
Authorization
Incorrecto
Incorrect, this material was covered in the course Cyber Threat
Intelligence, Week 5 - Application Security and Testing
58. Which three (3) of these are Solution Building Blocks (SBBs)? (Select 3) 1 / 1 punto
Virus Protection
Correcto
Partially correct! This is 1 of the 3 correct answers
Application Firewall
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 26/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Correcto
Partially correct! This is 1 of the 3 correct answers
Spam Filter
Correcto
Partially correct! This is 1 of the 3 correct answers
59. A robust cybersecurity defense includes contributions from 3 areas, human 1 / 1 punto
expertise, security analytics and artificial intelligence. Rapidly analyzing large
quantities of unstructured data lends itself best to which of these areas?
Security analytics
Human expertise
Artificial intelligence
Correcto
Correct!
60. The partnership between security analysts and technology can be said to be 0 / 1 punto
grouped into 3 domains, human expertise, security analytics and artificial
intelligence. The human expertise domain would contain which three (3) of these
topics?
Anomaly detection
Pattern identification
Abstraction
Correcto
Partially correct! This is 1 of the 3 correct answers
Morals
Correcto
Partially correct! This is 1 of the 3 correct answers
Dilemmas
Correcto
Partially correct! This is 1 of the 3 correct answers
Machine Learning
61. True or False. If you have no better place to start hunting threats, start with a 1 / 1 punto
view of the global threat landscape and then drill down to a regional view,
industry view and finally a view of the threats specific to your own organization.
True
False
Correcto
Correct!
62. The cyber hunting team and the SOC analysts are informally referred to as the 0 / 1 punto
____ and ____ teams, respectively.
Blue Red
Red, Blue
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 28/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Attack, Defense
Visitors, Home
Incorrecto
Incorrect, this material was covered in the course Cyber Threat
Intelligence, Week 7 - Threat Hunting
63. A Coordinating incident response team model is characterized by which of the 1 / 1 punto
following?
This term refers to a structure that assures the incident response team’s
activities are coordinated with senior management and all appropriate
departments within and organization
Correcto
Correct!
64. True or False. Communications of a data breach should be handled by a team 1 / 1 punto
composed of members of the IR team, legal personnel and public relations.
True
False
Correcto
Correct!
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 29/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
65. The business impact of data breaches varies considerably. Which selection best 1 / 1 punto
fills in the 3 blanks in the following statement?
The average cost of a data breach is ____. The costs of a breach are highest in
____ and in the ____ sector.
Correcto
Correct!
66. Which three (3) of these are PCI-DSS requirements for any company handling, 0 / 1 punto
processing or transmitting credit card data? (Select 3)
Correcto
Partially correct! This is 1 of the 3 correct answers
Correcto
Partially correct! This is 1 of the 3 correct answers
Correcto
Partially correct! This is 1 of the 3 correct answers
All employees with direct access to cardholder data must change their
passwords monthly
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 30/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
67. Which three (3) are malware types commonly used in PoS attacks to steal credit 0 / 1 punto
card data? (Select 3)
Stuxnet
Alina
Correcto
Partially correct! This is 1 of the 3 correct answers
vSkimmer
Correcto
Partially correct! This is 1 of the 3 correct answers
BlackPOS
Correcto
Partially correct! This is 1 of the 3 correct answers
68. According to a 2019 Ponemon study, what percent of consumers indicated they 0 / 1 punto
would be willing to pay more for a product or service from a provider with better
security?
12%
24%
52%
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 31/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
92%
Incorrecto
Incorrect, this material was covered in the course Cybersecurity
Capstone: Breach Response Case Studies, Week 4 - 3rd Party Breach
69. You are looking very hard on the web for the lowest mortgage interest load you 0 / 1 punto
can find and you come across a rate that is so low it could not possibly be true.
You check out the site to see what the terms are and quickly find you are the
victim of a ransomware attack. What was the likely attack vector used by the bad
actors?
Malicious Links
Software Vulnerabilities
Phishing
Incorrecto
Incorrect, this material was covered in the course Cybersecurity
Capstone: Breach Response Case Studies, Week 5 - Ransomware
70. Which ransomware tormented victims by deleting files incrementally with each 0 / 1 punto
hour the ransom was not paid?
Bad Rabbit
WannaCry
Jigsaw
GoldenEye
Incorrecto
Incorrect, this material was covered in the course Cybersecurity
Capstone: Breach Response Case Studies, Week 5 - Ransomware
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 32/33
25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 33/33