Cybersecurity Essentials Module 4 Quiz Answers
Module 4: Defending the Enterprise Quiz Question Answers
1. What type of side-channel attacks do cybercriminals launch by studying how long it takes an embedded system to respond to different inputs?
- Timing attacks
- DoS attacks
- Priority inversion
Explanation: Attacks against embedded systems exploit security vulnerabilities in the software and hardware components. They are susceptible to timing attacks, whereby attackers discover vulnerabilities by studying how long it takes the system to respond to different inputs. A timing attack is considered a side-channel attack.
2. What should you do to prevent attacks on SCADA systems?
- Integrate internal and external networks
- Segregate internal and external networks
Explanation: To prevent attacks on these systems, you should segregate internal and external networks to separate the SCADA network from the organization’s LAN.
3. What do organizations use deception technologies for? (Choose three correct answers)
- To provide basic encryption to prevent attacks
- To learn an attacker’s methods
- To warn of potential attacks that could be launched
- To distract attackers from production networks
Explanation: Organizations use deception technologies to distract attackers from production networks. They also use them to learn an attacker’s methods and to warn of potential attacks that could be launched against the network. Deception adds a fake layer to the organization’s infrastructure.
4. You want to use deception technology to push users away from malicious URLs. Which of the following should you use?
- A honeypot
- A DNS sinkhole
- A honeynet
- A honeyfile
Explanation: A DNS sinkhole prevents the resolution of hostnames for specified URLs and can push users away from malicious resources.
5. What occurs when too many virtualized, underutilized servers use up more resources and space than needed for the work they are doing?
- VM escape
- VM sprawl
Explanation: VM sprawl occurs when too many virtualized, underutilized servers use up more resources and space than needed for the work they are doing.
6. What key component of virtualization allows you to run multiple independent operating systems on one physical system?
- A container
- A hypervisor
- A VDI
Explanation: A hypervisor is a software or hardware program that allows you to run multiple independent operating systems on one physical system. It is a key component of virtualization.
7. What is geofencing used for?
- To identify a device based on its geographic location
- To trigger an action when a user enters or exits a geographic boundary
- To add an identifier to something based on the location
8. What protocol should be used when simple username/password authentication is needed?
- 802.1x
- TACACS+
- CHAP
- RADIUS
Explanation: When simple username/password authentication is needed, use RADIUS to either accept or deny access. RADIUS only encrypts the user’s password from the RADIUS client to the RADIUS server. The username, accounting and authorized services are transmitted in cleartext. When RADIUS is integrated into a product, security measures that protect against replay attacks are necessary.
9. What algorithm is used by governments to create digital signatures? Hint: It uses large number factorization.
- RSA
- ECDSA
- DSA
Explanation: The digital signature algorithm uses large number factorization. Governments use DSA to create digital signatures. DSA does not extend beyond the signature to the message itself.
10. Is the following statement true or false?
‘A digital certificate authenticates and verifies that a user sending a message is who they claim to be.’
- False
- True
Explanation: A digital certificate authenticates and verifies that a user sending a message is who they claim to be. Digital certificates can also provide confidentiality for the receiver as it enables them to encrypt a reply.