Python Essentials 2: INTERMEDIATE


Module-2


                   

1. Which of the following methods is used to check the integrity of data?
a) Backup
b) Hashes or checksums
c) Encryption
d) Authentication

Solution: b) Hashes or checksums
Explanation: Integrity ensures that system information or processes are protected from intentional or accidental modification. One way to ensure integrity is to use a hash function or checksum.

2. Which of the following statements describes cyberwarfare?
a) Cyberwarfare is an attack carried out by a group of script kiddies
b) Cyberwarfare is simulation software for Air Force pilots that allows them to practice under a simulated war scenario
c) Cyberwarfare is a series of personal protective equipment developed for soldiers involved in nuclear war
d) Cyberwarfare is an Internet-based conflict that involves the penetration of information systems of other nations

Solution: d) Cyberwarfare is an Internet-based conflict that involves the penetration of information systems of other nations
Explanation: Cyberwarfare, as its name suggests, is the use of technology to penetrate and attack another nation’s computer systems and networks in an effort to cause damage or disrupt services, such as shutting down a power grid.

3. Which of the following methods can be used to ensure confidentiality of information? (Choose three correct answers)
a) Backup
b) Version control
c) Data encryption
d) File permission settings
e) Two-factor authentication
f) Username ID and password

Solution: c) Data encryption, d) File permission settings, e) Two-factor authentication
Explanation: Methods to ensure confidentiality include data encryption, identity proofing, and two-factor authentication.

4. Which of the following pieces of information would be classified as personal data? (Select three correct answers)
a) Social security number
b) Driver license number
c) Date and place of birth
d) Job title
e) IP address

Solution: a) Social security number, b) Driver license number, c) Date and place of birth
Explanation: Personal data describes any information about you, including your name, social security number, driver license number, date and place of birth, your mother’s maiden name, and even pictures or messages that you exchange with family and friends.

5. Why might internal security threats cause greater damage to an organization than external security threats?
a) Internal users have better hacking skills
b) Internal users have direct access to the infrastructure devices
c) Internal users can access the organizational data without authentication
d) Internal users can access the infrastructure devices through the Internet

Solution: b) Internal users have direct access to the infrastructure devices
Explanation: Internal threats have the potential to cause greater damage than external threats because internal users have direct access to the building and its infrastructure devices. Internal users may not have better hacking skills than external attackers. Both internal users and external users can access the network devices through the Internet. A well-designed security implementation should require authentication before corporate data is accessed, regardless of whether the access request is from within the corporate campus or from the outside network.

6. Which of the following is a key motivation of a white hat attacker?
a) Taking advantage of any vulnerability for illegal personal gain
b) Fine-tuning network devices to improve their performance and efficiency
c) Studying operating systems of various platforms to develop a new system
d) Discovering weaknesses of networks and systems to improve the security level of these systems

Solution: d) Discovering weaknesses of networks and systems to improve the security level of these systems

7. An individual user profile on a social network site is an example of an ______ identity.
a) Online
b) Offline

Solution: a) Online

8. Cybersecurity is the ongoing effort to protect individuals, organizations and governments from digital attacks by protecting networked systems and data from unauthorized use or harm. What level of cyber protection does each of the following factors require?
Your online identity – Personal
A customer database – Organizational
Economic stability – Government

Solution: Your online identity – Personal, A customer database – Organizational, Economic stability – Government

9. Your neighbor tells you that they don’t have an online identity. They have no social media accounts and only use the Internet to browse. Is your neighbor right?
a) Yes
b) No

Solution: b) No

10. What are the foundational principles for protecting information systems as outlined in the McCumber Cube? (Choose three correct answers)
a) Access
b) Integrity
c) Scalability
d) Availability
e) Confidentiality
f) Intervention

Solution: b) Integrity, d) Availability, e) Confidentiality

11. Can you identify why each of the following organizations might be interested in your online identity?
Internet service providers:
– They may be legally required to share your online information with government surveillance agencies or authorities

Advertisers:
– To monitor your online activities and send targeted ads your way

Social media platforms:
– To gather information based on your online activity, which is then shared with or sold to advertisers for a profit

Websites:
– To track your activities using cookies in order to provide a more personalized experience

12. Can you identify the cyber attacker type from the following descriptions?
Make political statements in order to raise awareness about issues that are important to them – Hacktivists
Gather intelligence or commit sabotage on specific goals on behalf of their government – State-sponsored attackers
Use existing tools on the Internet to launch a cyber attack – Script kiddies

13. Stuxnet malware was designed for which primary purpose?
a) To hijack and take control of targeted computers
b) To cause physical damage to equipment controlled by computers
c) To cause serious harm to workers in a nuclear enrichment plant

Solution: b) To cause physical damage to equipment controlled by computers
Explanation: Stuxnet malware was designed not just to hijack targeted computers but to actually cause physical damage to equipment controlled by computers.