Week 5 – Defense in Depth

it security defense against the digital dark arts week 5 answers

System Hardening

1. What is an attack vector?

  • The classification of attack type
  • The direction an attack is going in
  • A mechanism by which an attacker can interact with your network or systems
  • The severity of the attack

2. Disabling unnecessary components serves which purposes? Check all that apply.

  • Closing attack vectors
  • Increasing performance
  • Making a system harder to use
  • Reducing the attack surface

3. What's an attack surface?

  • The total scope of an attack
  • The payload of the attack
  • The combined sum of all attack vectors in a system or network
  • The target or victim of an attack

4. A good defense in depth strategy would involve deploying which firewalls?

  • No firewalls
  • Both host-based and network-based firewalls
  • Network-based firewalls only
  • Host-based firewalls only

5. Using a bastion host allows for which of the following? Select all that apply.

  • Enforcing stricter security measures
  • Having more detailed monitoring and logging
  • Applying more restrictive firewall rules
  • Running a wide variety of software securely

6. What benefits does centralized logging provide? Check all that apply.

  • It blocks malware infections.
  • It prevents database theft.
  • It allows for easier logs analysis.
  • It helps secure logs from tampering or destruction.

7. What are some of the shortcomings of antivirus software today? Check all that apply.

  • It can’t protect against unknown threats.
  • It only detects malware, but doesn’t protect against it.
  • It’s very expensive.
  • It only protects against viruses.

8. How is binary whitelisting a better option than antivirus software?

  • It can block unknown or emerging threats.
  • It has less performance impact.
  • It’s cheaper.
  • It’s not better. It’s actually terrible.

9. What does full-disk encryption protect against? Check all that apply.

  • Data theft
  • Malware infections
  • Tampering with system files
  • IP spoofing attacks

10. What's the purpose of escrowing a disk encryption key?

  • Providing data integrity
  • Preventing data theft
  • Performing data recovery
  • Protecting against unauthorized access
Next

Devendra Kumar

Project Management Apprentice at Google

Leave a Reply