EX FINAL 2 - IBM Cybersecurity Analyst Professional Certificate Assessment Exam - Coursera

25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera
Intenta nuevamente una vez que estés listo

Calificación recibida 31,42 %
Calificación del último envío 31,43 %
Para Aprobar 80 % o más
Volver a realizar la tarea en 24 h
1. Select the answer that fills in the blanks in the correct order. 0 / 1 punto
A weakness in a system is a/an ____. The potential danger associated with this
is a/an ____ that becomes a/an ____ when attacked by a bad actor.
risk, exploit, threat
threat actor, vulnerability, exposure
threat, exposure, risk
vulnerability, threat, exploit
Incorrecto
Incorrect, this material was covered in the course Introduction to
Cybersecurity Tools & Cyber Attacks, Week 1 - History of Cybersecurity
2. Requiring all employees to complete annual security awareness training is an 0 / 1 punto

example of which type of control?
Preventative
Administrative
Deterrent
Corrective
Incorrecto
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-exa… 1/33

Cybersecurity Tools & Cyber Attacks, Week 2 - A brief overview of types
of actors and their motives
3. How would you classify a piece of malicious code that can replicate itself and 0 / 1 punto
spread to new systems?
Spyware
A virus
A worm
A Trojan Horse
Incorrecto
Cybersecurity Tools & Cyber Attacks, Week 2 - A brief overview of types
of actors and their motives
4. To engage in packet sniffing, you must implement promiscuous mode on which 1 / 1 punto
device?
A Promiscuous Gateway
A network card
A sniffing router
An Intrusion Detection System (IDS)
Correcto
Correct!
5. Which mechanism would help assure the integrity of a message, but not do 1 / 1 punto
much to assure confidentiality or availability.
Mirroring
Hashing
Encrypting
Audit logs
Correcto
Correct!
6. An organization wants to restrict employee after-hours access to its systems so it 0 / 1 punto

publishes a policy forbidding employees to work outside of their assigned hours,
and then makes sure the office doors remain locked on weekends. What two (2)
types of controls are they using? (Select 2)
Operational
Esto no debería estar seleccionado

Cybersecurity Tools & Cyber Attacks, Week 3 - An overview of key
security concepts
Physical
Correcto
Partially correct! This is 1 of the 2 correct answers
Administrative
Correcto
Technical

security concepts
7. Which factor contributes most to the strength of an encryption system? 0 / 1 punto
The number of private keys used by the system
The length of the encryption key used
The secrecy of the encryption algorithm used
How many people have access to your public key
Incorrecto
security tools
8. Trying to break an encryption key by trying every possible combination of 0 / 1 punto

characters is called what?
A known cyphertext attack
A social engineering attack
A brute force attack
A rainbow table attack
Incorrecto
security tools
9. Which position is in charge of testing the security and effectiveness of computer 0 / 1 punto
information systems?
Information Security Auditor
Chief Information Officer (CIO)
Information Security Architect
Information Security Analyst
Incorrecto
Incorrect, this material was covered in the course Cybersecurity Roles,
Processes & Operating System Security, Week 1 - People Process &
Technology
10. Which three (3) roles are typically found in an Information Security organization? 0 / 1 punto
(Select 3)
Chief Information Security Officer (CISO)
Correcto
Finance

Technology
Security Guard

Technology
Penetration Tester
Correcto
Vulnerability Assessor
Correcto
11. ITIL is best described as what? 0 / 1 punto
Privacy regulations for IT systems
A collection of IT Service Management best practices
A collection of IT Service Management controls
A framework for the development of information systems audit procedures
Incorrecto
Technology
12. Alice sends a message to Bob that is intercepted by Trudy. Which scenario 0 / 1 punto
describes a confidentiality violation?
Trudy changes the message and then forwards it on
Trudy cannot read it because it is encrypted but allows it to be delivered to

Bob in its original form
Trudy reads the message
Trudy deletes the message without forwarding it
Incorrecto
Processes & Operating System Security, Week 2 - Examples & Principles
of the CIA Triad
13. What does the "A" in the CIA Triad stand for? 0 / 1 punto
Availability
Authenticity
Accountability
Architecture
Incorrecto
Processes & Operating System Security, Week 2 - Examples & Principles
of the CIA Triad
14. Multifactor authentication (MFA) requires more than one authentication method 0 / 1 punto
to be used before identity is authenticated. Which three (3) are authentication
methods? (Select 3)
Something a person has
Correcto
Something a person knows
Somewhere a person is located

Processes & Operating System Security, Week 3 - Authentication and
Access Control
Something a person is
Correcto
15. The encryption and protocols used to prevent unauthorized access to data are 1 / 1 punto
examples of which type of access control?
Administrative
Physical
Technical
Embedded
Correcto
Correct!
16. Windows 10 stores 64-bit applications in which directory? 0 / 1 punto
\Program Files
\System
\Program Files (x86)
\System32
Incorrecto
Processes & Operating System Security, Week 4 - Windows Operating
System Security Basics
17. In a Linux file system, which files are contained in the \bin folder? 0 / 1 punto
All user binary files, their libraries and headers
Executable files such as grep and ping
Directories such as /home and /usr
Configuration files such as fstab and inittab
Incorrecto
Processes & Operating System Security, Week 5 - Linux Operating
System Security Basics
18. A small and underfunded startup company should consider using which type of 1 / 1 punto
cloud first?
Public cloud
Hybrid cloud
Universal cloud
Private cloud
Correcto
Correct!
19. Consolidating and virtualizing workloads should be done when? 0 / 1 punto
After moving the workloads to the cloud but before they are open to users
It does not matter; these steps require approximately the same amount of
work no matter when you elect to do them
Before moving the workloads to the cloud
Gradually as you generate usage metrics
Incorrecto
Processes & Operating System Security, Week 7 - Overview of
Virtualization
20. Security training for IT staff is what type of control? 0 / 1 punto
Physical
Operational
Virtual
Technical
Incorrecto
Incorrect, this material was covered in the course Cybersecurity
Compliance Framework & System Administration, Week 1 - Compliance
Frameworks and Industry Standards
21. Island hopping is an attack method commonly used in which scenario? 0 / 1 punto
Compromising a corporate VIP
Blocking access to a website for all users
Trojan Horse attacks
Supply Chain Infiltration
Incorrecto
Compliance Framework & System Administration, Week 2 - Client
System Administration, Endpoint Protection and Patching
22. What is the most common patch remediation frequency for most organizations? 0 / 1 punto
As soon as they are released
Weekly
Monthly
Annually
Incorrecto
Compliance Framework & System Administration, Week 2 - Client
System Administration, Endpoint Protection and Patching
23. Granting access to a user account only those privileges necessary to perform its 0 / 1 punto
intended functions is known as what?
The principle of top-down control
The principle of unified access control
Role Based Access Control (RBAC)
The principle of least privileges
Incorrecto
https://www.coursera.org/learn/ibm-cybersecurity-analyst-assessment/exam/jt3xU/ibm-cybersecurity-analyst-professional-certificate-assessment-ex… 10/33

Compliance Framework & System Administration, Week 3 - Server and
User Administration
24. What is the primary authentication protocol used by Microsoft in Active 0 / 1 punto
Directory?
Kerberos
Password Authentication Protocol (PAP)
Transport Layer Security (TLS)
Incorrecto
Compliance Framework & System Administration, Week 3 - Server and
User Administration
25. Symmetric key encryption by itself ensures which of the following? 0 / 1 punto
Confidentiality only
Confidentiality and Integrity
Confidentiality, Integrity and Availability
Confidentiality and Availability
Incorrecto
Compliance Framework & System Administration, Week 4 - Cryptography
and Compliance Pitfalls
26. Why is hashing not a common method used for encrypting data? 0 / 1 punto
Hashes are becoming easier to reverse engineer since computers are

becoming more powerful
Hashing is a one-way process so the original data cannot be reconstructed

from a hash value
There are too few unique hashing algorithms available for widespread use
as a general encryption tool
The length of the hash string is proportional to the length of the input so the
approximate message length can be derived from a hash
Incorrecto
27. Which of the following statements about hashing is True? 1 / 1 punto
The original message can be retrieved from the hash if you have the
encryption key
A weakness of hashing is that the hash is proportional in length to the

original message
If you have two hashes that differ only by a single character, you can infer
that the original messages also differed very little
Hashing uses algorithms that are known as “one-way” functions
Correcto
Correct!
28. Which statement about encryption is True for data in use. 0 / 1 punto
It is vulnerable to theft and should be decrypted only for the briefest

possible time while it is being operated on
Data should always be kept encrypted since modern CPUs are fully
capable of operating directly on encrypted data
Short of orchestrating a memory dump from a system crash, there is no

practical way for malware to get at the data being processed, so dump logs
are your only real concern
Data in active memory registers are not at risk of being stolen
Incorrecto
29. A small company with 25 computers wishes to connect them to the Internet 1 / 1 punto
using a NAT router. How many Public IP addresses will this company need to
assure all 25 computers can communicate with each other and other systems on
the Internet if they implement Port Address Translations?
25
26
Correcto
Correct!
30. Which statement best describes configuring a NAT router to use dynamic 0 / 1 punto
mapping?
Unregistered IP addresses are mapped to registered IP addresses as they

are needed
The organization will need as many registered IP addresses as it has

computers that need Internet access
Many registered IP addresses are mapped to a single registered IP

address using different port numbers
The NAT router uses each computer's IP address for both internal and
external communication
Incorrecto
Incorrect, this material was covered in the course Network Security &
Database Vulnerabilities, Week 1 - TCP/IP Framework
31. If a computer needs to send a message to a system that is not part of the local 0 / 1 punto
network, where does it send the message?
To the system's domain name
To the system's IP address
To the system's MAC address
The network's DHCP server address
The network's default gateway address
The network's DNS server address
Incorrecto
Database Vulnerabilities, Week 1 - TCP/IP Framework
32. In IPv4, how many of the 4 octets are used to define the network portion of the 0 / 1 punto
address in a Class B network?
Incorrecto
Database Vulnerabilities, Week 2 - Basics of IP Addressing and the OSI
Model
33. Which three (3) of these statements about the UDP protocol are True? (Select 3) 0 / 1 punto
UDP is faster than TCP
Correcto
UDP packets are reassembled by the receiving system in whatever order

they are received
Correcto
UDP is more reliable than TCP

Database Vulnerabilities, Week 2 - Basics of IP Addressing and the OSI
Model
UDP is connectionless
Correcto
34. Signature-based detection and statistical anomaly detection are found on what 1 / 1 punto
type of device?
A Next Generation Firewall (NGFW)
A Stateful Firewall
An Intrusion Prevention System (IPS)
A Stateless Firewall
Correcto
Correct!
35. If you have to rely upon metadata to work with the data at hand, you are 1 / 1 punto
probably working with which type of data?
Structured data
Semi-structured data
Unstructured data
Meta-structured data
Correcto
Correct!
36. Hassan is an engineer who works a normal day shift from his company's 1 / 1 punto
headquarters in Austin, TX USA. Which two (2) of these activities raise the most
cause for concern? (Select 2)
One evening, Hassan downloads all of the files associated with the new
product he is working on
Correcto
Hassan runs a lot of SQL queries that contain invalid syntax
Hassan has started logging in from home for an hour or so most evenings
Each night Hassan logs into his account from an ISP in China
Correcto
37. Which three (3) of the following are considered safe coding practices? (Select 3) 0 / 1 punto
Use library functions in place of OS commands
Correcto
Avoid running commands through a shell interpreter
Correcto
Avoid using OS commands whenever possible
Correcto
Use blacklists but avoid whitelists when processing input data

Database Vulnerabilities, Week 4 - Deep Dive - Injection Vulnerability
38. Which three (3) items should be included in the Planning step of a penetration 1 / 1 punto
test? (Select 3)
Informing Need-to-know employees
Correcto
Establishing Boundaries
Correcto
Notifying appropriate law enforcement and regulatory agencies
Setting Objectives
Correcto
39. Which portion of the pentest report would cover the risk ranking, 0 / 1 punto
recommendations and roadmap?
Rules of Engagement
Technical Review
Recommendations for Remediation
Executive Summary
Incorrecto
Incorrect, this material was covered in the course Penetration Testing,
Incident Response and Forensics, Week 1 - Penetration Testing
40. Which Incident Response Team model describes a team that runs all incident 0 / 1 punto
response activities for a company?
Coordinating
Distributed
Control
Central
Incorrecto
Incident Response and Forensics, Week 2 - Incident Response
41. NIST recommends considering a number of items, including a high level of 1 / 1 punto
testing and monitoring, during which stage of a comprehensive Containment,
Eradication & Recovery strategy?
Recovery
Containment
Eradication
Correcto
Correct!
42. True or False. Digital forensics is effective in solving cyber crimes but is not 0 / 1 punto
considered effective in solving violent crimes such as rape and murder.
True
False
Incorrecto
Incident Response and Forensics, Week 3 - Digital Forensics
43. In digital forensics documenting the chain of custody of evidence is critical. 0 / 1 punto
Which of these should be included in your chain of custody log?
The names of every person who has physical custody of any piece of
evidence
Documenting the actions that are performed on the evidence and at what
time
Documenting how the evidence was stored when not in use
All of the above
Incorrecto
Incident Response and Forensics, Week 3 - Digital Forensics
44. PowerShell is a configuration management framework for which operating 0 / 1 punto

system?
Windows
UNIX
Mac OS X
Linux
Incorrecto

Incident Response and Forensics, Week 4 - Introduction to Scripting
45. Which three (3) of the following are considered scripting languages? (Select 3) 0 / 1 punto
C++

FORTRAN

Bash
Correcto
Perl
Correcto
Python
Correcto
46. In the Python statement 0 / 1 punto
pi="3"
What data type is the data type of the variable pi?
int
float
bool
str
Incorrecto
47. Which two (2) of these Python libraries provides useful statistical functions? 0 / 1 punto
(Select 2)
NumPy

Matplotlib

Scikit-learn
Correcto
StatsModels
Correcto
Pandas

Seaborn

48. Which country had the highest average cost per breach in 2018 at $8.19M 1 / 1 punto
United States
Germany
China
United Kingdom
Russia
Japan
Correcto
Correct!
49. Activities performed as a part of security intelligence can be divided into pre- 0 / 1 punto
exploit and post-exploit activities. Which two (2) of these are post-exploit
activities? (Select 2)
Prioritize vulnerabilities to optimize remediation processes and close

critical exposures

Incorrect, this material was covered in the course Cyber Threat
Intelligence, Week 1 - Threat Intelligence
Gather full situational awareness through advanced security analytics
Correcto
Perform forensic investigation
Correcto
Detect deviations from the norm that indicate early warnings of APTs

Intelligence, Week 1 - Threat Intelligence
50. Which three (3) of these are among the top 12 capabilities that a good data 0 / 1 punto
security and protection solution should provide? (Select 3)
Tokenization
Correcto
Real-time alerting
Correcto
Event correlation

Intelligence, Week 3 - Data Loss Prevention and Mobile Endpoint
Protection
Vulnerability assessment
Correcto
51. There are many good reasons for maintaining comprehensive backups of critical 1 / 1 punto
data. Which aspect of the CIA Triad is most impacted by an organization's
backup practices?
Integrity
Availability
Authorization
Confidentiality
Correcto
Correct!
52. Which three (3) of these are among the 5 common pitfalls of data security? 1 / 1 punto
(Select 3)
Failure to recognize the need for centralized data security
Correcto
Failure to hire an adequately skilled workforce
Failure to define who owns responsibility for the data itself
Correcto
Failure to move beyond compliance
Correcto
53. Which type of scan is quieter than other TCP scans and can get around firewalls, 0 / 1 punto
but can be detected with newer IDSs?
Stealth scan
UDP port scan
TCP/Half Open Scan (aka a SYN scan)
TCP Connect
Ping (ICMP Echo Request)
Incorrecto
Intelligence, Week 4 - Scanning
54. In which component of a Common Vulnerability Score (CVSS) would privileges 0 / 1 punto
required be reflected?
Environmental Score
Temporal Score
Base-Impact Subscore
Base-Exploitability Subscore
Incorrecto
Intelligence, Week 4 - Scanning
55. The Decommission step in the DevSecOps Release, Deploy & Decommission 1 / 1 punto
phase contains which of these activities?
Centralized Key-Value & Secret stores
IAM controls to regulate authorization
Creation of Immutable images
Versioning of infrastructure
Correcto
Correct!
56. Which form of penetration testing allows the testers partial knowledge of the 1 / 1 punto
systems they are trying to penetrate in advance of their attack to streamline
costs and focus efforts?
Gray Box Testing
White Box testing
Red Box Testing
Black Box Testing
Correcto
Correct!
57. Which type of application attack would include User denies performing an 0 / 1 punto
operation, attacker exploits an application without trace, and attacker covers her
tracks?
Authentication
Input validation
Auditing and logging
Authorization
Incorrecto
Intelligence, Week 5 - Application Security and Testing
58. Which three (3) of these are Solution Building Blocks (SBBs)? (Select 3) 1 / 1 punto
Virus Protection
Correcto
Application Firewall
Correcto
Spam Filter
Correcto
Identity and Access Management
59. A robust cybersecurity defense includes contributions from 3 areas, human 1 / 1 punto
expertise, security analytics and artificial intelligence. Rapidly analyzing large
quantities of unstructured data lends itself best to which of these areas?
Security analytics
Human expertise
Artificial intelligence
Correcto
Correct!
60. The partnership between security analysts and technology can be said to be 0 / 1 punto
grouped into 3 domains, human expertise, security analytics and artificial
intelligence. The human expertise domain would contain which three (3) of these
topics?
Anomaly detection

Intelligence, Week 6 - SIEM Platforms
Pattern identification

Abstraction
Correcto
Morals
Correcto
Dilemmas
Correcto
Machine Learning

61. True or False. If you have no better place to start hunting threats, start with a 1 / 1 punto
view of the global threat landscape and then drill down to a regional view,
industry view and finally a view of the threats specific to your own organization.
True
False
Correcto
Correct!
62. The cyber hunting team and the SOC analysts are informally referred to as the 0 / 1 punto
____ and ____ teams, respectively.
Blue Red
Red, Blue
Attack, Defense
Visitors, Home
Incorrecto
Intelligence, Week 7 - Threat Hunting
63. A Coordinating incident response team model is characterized by which of the 1 / 1 punto
following?
Multiple incident response teams within an organization all of whom

coordinate their activities only within their country or department
Multiple incident response teams within an organization but one with

authority to assure consistent policies and practices are followed across all
teams
This term refers to a structure that assures the incident response team’s
activities are coordinated with senior management and all appropriate
departments within and organization
Multiple incident response teams within an organization with specific

technology in place, such as shared databases, to assure threat and
response knowledge is shared peer-to-peer across all teams
Correcto
Correct!
64. True or False. Communications of a data breach should be handled by a team 1 / 1 punto
composed of members of the IR team, legal personnel and public relations.
True
False
Correcto
Correct!
65. The business impact of data breaches varies considerably. Which selection best 1 / 1 punto
fills in the 3 blanks in the following statement?
The average cost of a data breach is ____. The costs of a breach are highest in
____ and in the ____ sector.
$2000, Canada, government
$150, United States, healthcare
$40, France, banking sector
$22m, China, technology
Correcto
Correct!
66. Which three (3) of these are PCI-DSS requirements for any company handling, 0 / 1 punto
processing or transmitting credit card data? (Select 3)
Restrict physical access to cardholder data
Correcto
Assign a unique ID to each person with computer access
Correcto
Restrict access to cardholder data by business need-to-know
Correcto
All employees with direct access to cardholder data must change their
passwords monthly

Capstone: Breach Response Case Studies, Week 3 - Point of Sale
Breach
67. Which three (3) are malware types commonly used in PoS attacks to steal credit 0 / 1 punto
card data? (Select 3)
Stuxnet

Capstone: Breach Response Case Studies, Week 3 - Point of Sale
Breach
Alina
Correcto
vSkimmer
Correcto
BlackPOS
Correcto
68. According to a 2019 Ponemon study, what percent of consumers indicated they 0 / 1 punto
would be willing to pay more for a product or service from a provider with better
security?
12%
24%
52%
92%
Incorrecto
Capstone: Breach Response Case Studies, Week 4 - 3rd Party Breach
69. You are looking very hard on the web for the lowest mortgage interest load you 0 / 1 punto
can find and you come across a rate that is so low it could not possibly be true.
You check out the site to see what the terms are and quickly find you are the
victim of a ransomware attack. What was the likely attack vector used by the bad
actors?
Malicious Links
Software Vulnerabilities
Remote Desktop Protocol (RDP)
Phishing
Incorrecto
Capstone: Breach Response Case Studies, Week 5 - Ransomware
70. Which ransomware tormented victims by deleting files incrementally with each 0 / 1 punto
hour the ransom was not paid?
Bad Rabbit
WannaCry
Jigsaw
GoldenEye
Incorrecto
Capstone: Breach Response Case Studies, Week 5 - Ransomware

EX FINAL 2 - IBM Cybersecurity Analyst Professional Certificate Assessment Exam - Coursera

Uploaded by

Copyright:

Available Formats

EX FINAL 2 - IBM Cybersecurity Analyst Professional Certificate Assessment Exam - Coursera

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

EX FINAL 2 - IBM Cybersecurity Analyst Professional Certificate Assessment Exam - Coursera

Uploaded by

Copyright:

Available Formats

25/9/22, 11:51 IBM Cybersecurity Analyst Professional Certificate Assessment Exam | Coursera

Intenta nuevamente una vez que estés listo

Volver a realizar la tarea en 24 h

risk, exploit, threat

threat actor, vulnerability, exposure

threat, exposure, risk

vulnerability, threat, exploit

2. Requiring all employees to complete annual security awareness training is an 0 / 1 punto

Incorrect, this material was covered in the course Introduction to

An Intrusion Detection System (IDS)

6. An organization wants to restrict employee after-hours access to its systems so it 0 / 1 punto

Esto no debería estar seleccionado

Esto no debería estar seleccionado

7. Which factor contributes most to the strength of an encryption system? 0 / 1 punto

The number of private keys used by the system

The length of the encryption key used

The secrecy of the encryption algorithm used

How many people have access to your public key

8. Trying to break an encryption key by trying every possible combination of 0 / 1 punto

A known cyphertext attack

A social engineering attack

A brute force attack

A rainbow table attack

Information Security Auditor

Chief Information Officer (CIO)

Information Security Architect

Information Security Analyst

Chief Information Security Officer (CISO)

Esto no debería estar seleccionado

Esto no debería estar seleccionado

11. ITIL is best described as what? 0 / 1 punto

Privacy regulations for IT systems

A collection of IT Service Management best practices

A collection of IT Service Management controls

A framework for the development of information systems audit procedures

Trudy changes the message and then forwards it on

Trudy cannot read it because it is encrypted but allows it to be delivered to

Trudy reads the message

Trudy deletes the message without forwarding it

Something a person has

Something a person knows

Somewhere a person is located

Esto no debería estar seleccionado

16. Windows 10 stores 64-bit applications in which directory? 0 / 1 punto

\Program Files (x86)

All user binary files, their libraries and headers

Executable files such as grep and ping

Directories such as /home and /usr

Configuration files such as fstab and inittab

19. Consolidating and virtualizing workloads should be done when? 0 / 1 punto

Before moving the workloads to the cloud

Gradually as you generate usage metrics

20. Security training for IT staff is what type of control? 0 / 1 punto

Compromising a corporate VIP

Blocking access to a website for all users

Trojan Horse attacks

Supply Chain Infiltration

As soon as they are released