Risk Management: Use of Access Controls to Protect Assets Coursera Quiz Answers 2022 [💯Correct Answer]

Hello Peers, Today we are going to share all week’s assessment and quiz answers of the Risk Management: Use of Access Controls to Protect Assets course launched by Coursera totally free of cost✅✅✅. This is a certification course for every interested student.

In case you didn’t find this course for free, then you can apply for financial ads to get this course for totally free.

Check out this article – “How to Apply for Financial Ads?”

About The Coursera

Coursera, India’s biggest learning platform launched millions of free courses for students daily. These courses are from various recognized universities, where industry experts and professors teach very well and in a more understandable way.

---

Here, you will find Risk Management: Use of Access Controls to Protect Assets Exam Answers in Bold Color below.

These answers are updated recently and are 100% correct✅ answers of all week, assessment, and final exam answers of Risk Management: Use of Access Controls to Protect Assets from Coursera Free Certification Course.

Use “Ctrl+F” To Find Any Questions Answer. & For Mobile User, You Just Need To Click On Three dots In Your Browser & You Will Get A “Find” Option There. Use These Option to Get Any Random Questions Answer.

About Risk Management: Use of Access Controls to Protect Assets Course

In this course, we will focus on understanding risk management options and the use of access controls to protect assets. We will start by examining the basic steps that must be in place to develop a security culture within the organization and impact policies.

Course Apply Link – Risk Management: Use of Access Controls to Protect Assets

Risk Management: Use of Access Controls to Protect Assets Quiz Answers

Week 01: Risk Management: Use of Access Controls to Protect Assets Quiz Answers

password policy Quiz Answers

Match the components of a password policy with their definitions.

Q.1. Used to effectively create, maintain, and protect passwords and to establish any guidelines.

• Protection
• Creation
• Overview
• Aging
• Scope

Q.2. To whom the policy applies, e.g., all employees, contractors, and affiliates of IMI, and governs the acceptable password type and length used on all systems.

• Protection
• Creation
• Overview
• Aging
• Scope

Q.3. user and admin passwords must be at least [define] characters in length. Longer passphrases are strongly encouraged.  Dictionary words and phrases should be avoided to prevent the use of common and easily cracked passwords.

• Protection
• Creation
• Overview
• Aging
• Scope

Q.4. User passwords must be changed every [define length] months. Previously used passwords may not be reused. System-level passwords must be changed on a [define period].

• Protection
• Creation
• Overview
• Aging
• Scope

Q.5. Passwords must not be shared with anyone (including coworkers and supervisors) and must not be revealed or sent electronically.

• Protection
• Creation
• Overview
• Aging
• Scope

Q.6. From the user’s perspective, which might be the best type of password?

• Short, complex
• Long, complex
• Long, simple
• Long, with slight complexity
• Knowledge Check: Document, Implement, and Maintain Functional Controls

Applied Scenario 1 Review: Governance and Policies Quiz Answers

Q.1 Which of the following is a type of a security control? (D1, L2.1)

• Administrative (or Managerial)
• Technical (or Logical)
• Physical (or Operational)
• All of these

Q.2 What are some of the governing policies and requirements to which IMI will have to conform? (D1, L2.1)

• HIPAA
• GDPR
• Taxation
• All of these and more

Q.3 True or False: All policies come from governance requirements.  (D1, L2.1)

• True
• False

Q.4 Does allowing users to access news feeds such as BBC and CNN from corporate systems and sites conflict with IMI’s AUP? (D1, L2.1)

• Yes, definitely
• No, certainly not
• Yes, potentially

Applied Scenario 2: Access Controls Quiz Answers

Q.1 Match the area of concern with the control that IMI should implement to address it. (D2, L2.2)

• People
• Areas of concern
• Servers
• Rooms or sites
• Data access
• Network access

Q.2. Need-to-know aligned to clearance levels and permissions 

• People
• Areas of concern
• Servers
• Rooms or sites
• Data access
• Network access

Q.3. Identity management

• People
• Areas of concern
• Servers
• Rooms or sites
• Data access
• Network access

Q.4 Permissions

• People
• Areas of concern
• Servers
• Rooms or sites
• Data access
• Network access

Q.5.Physical isolation

• People
• Areas of concern
• Servers
• Rooms or sites
• Data access
• Network access

Q.6. Mantraps or turnstiles

• People
• Areas of concern
• Servers
• Rooms or sites
• Data access
• Network access

Q.7. What are the two primary types of access control systems, and what is one way that access control systems are maintained? (D2, L2.2)  

• Physical and network; due diligence
• Deterrent and corrective; due care and due diligence
• Integrity and availability; by as much security as can be safely applied
• Logical and physical; central administration of access control systems  

Week 02: Risk Management: Use of Access Controls to Protect Assets Quiz Answers

Knowledge Check: Certificates and Tokens

Q.1 What is the difference between a synchronous and asynchronous password token? (D1, L2.1)

• Asynchronous tokens contain a password that is physically hidden and then transmitted for each authentication while synchronous tokens do not.
• Synchronous tokens are generated with the use of a timer while asynchronous tokens do not use a clock for generation.
• Synchronous tokens contain a password that is physically hidden and then transmitted for each authentication while asynchronous tokens do not.
• Asynchronous tokens are generated with the use of a timer while synchronous tokens do not use a clock for generation.

Activity 2: Biometric Identification

Q.1. Match the technology to the correct description (D1, L2.1) 

Typically requires seven characteristics or matching points to either enroll a new access control subject or to verify an existing access control subject.

• Retinal Scan
• Voice Recognition
• Hand Geometry
• Facial Recognition
• Fingerprint
• Iris Scan

Q.2 The person’s identity is verified based upon the location of a number of key points.

• Retinal Scan
• Voice Recognition
• Hand Geometry
• Facial Recognition
• Fingerprint
• Iris Scanx

Q.3. This system acquires images of the iris in both the visible wavelength and the electromagnetic spectrum. 

• Retinal Scan
• Voice Recognition
• Hand Geometry
• Facial Recognition
• Fingerprint
• Iris Scan

Q.4 Dating back to 1930, this biometric system simply maps the blood vessels.

• Retinal Scan
• Voice Recognition
• Hand Geometry
• Facial Recognition
• Fingerprint
• Iris Scan

Q.5 This system uses a mathematical geometric model of certain landmarks such as socket orientation and measures the distance between them.

• Retinal Scan
• Voice Recognition
• Hand Geometry
• Facial Recognition
• Fingerprint

Q.6 Starts by creating a template of the user’s identity software then splits the input into various frequencies.  

• Retinal Scan
• Voice Recognition
• Hand Geometry
• Facial Recognition
• Fingerprint
• Iris Scan

Case Study: Biometrics Data Transmission

Q.1 Would EBTS work for your client? (D1, L2.1) 

• Yes
• No

q.2 What advantages might it provide?  (D1, L2.1)

• Centralized biometric storage
• Decentralized biometric storage
• Hybrid biometric storage
• None of these

Knowledge Check: Identity Management Maintenance

Q.1. True or False? Your SSCP qualifications could be considered as part of your identity. (D2, L2.3) 

• True
• False

Q.2 True or False? Within an identity store such as Microsoft’s Active Directory, your name (first, last) is sufficient to uniquely identify you as a valid user. (D2, L2.3)

• True
• False

Q.3 True or False? Identity management and access management are closely related. (D2, L2.3) 

• True
• False

Knowledge Check: Privileged Access and Associated Risks

Q.1 True or False? Privileged users require a high level of access and are obviously trustworthy and don’t require any special consideration. (D2, L2.3)

• True
• False

Q.2 True or False? The best course of action to take with privileged types of users to reduce the possible risk is to reduce their access rights. (D2, L2.3)

• True
• False

Q.3 True or False? Auditing will provide sufficient protection against misuse.  (D2, L2.3)

• True
• False

Knowledge Check: Identity Management

Q.1 True or False? Accounting is the last phase in the identity management lifecycle process. (D2, L2.3) 

• True
• False

Q.2 True or False? Authentication and authorization bypass attacks are the same.  (D2, L2.3)

• True
• False

Q.3 True or False? Sponsorship occurs when an authorized entity sponsors a claimant for a credential with a CSP. (D2, L2.3)

• True
• False

Knowledge Check: Identity Management Lifecycle

Q.1 What are three types of behavioral biometrics? (D2, L2.3)

• Signature, voice pattern, keystroke dynamics
• Voice pattern, iris scan, retinal scan
• Facial, signature, keystroke
• Token, voice pattern, facial

Knowledge Check: Access Configuration

Q.1 Now, having considered access configuration requirements, answer the following questions:   True or False? The IAAA system can be secured (protected) using biometrics. (D2, L2.4) 

• True
• False

Q.2 True or False? A combination of ABAC, RuBAC, risk-based and RBAC is the best approach for protecting the data and metadata about the IAAA system.  (D2, L2.4)

• True
• False

Q.3 True or False? Adopting a purely MAC approach is effective for protecting the data and metadata about the IAAA system.

• True
• False

Knowledge Check: Authentication Methods

Q.1. What are the three roles within Security Assertion Markup Language (SAML)?​ (D2, L2.4) 

• Identity provider, relying party, service provider
• Identity provider, relying party, user​
• Identity provider, service provider, relative token
• Attributes, principal, bindings

Q.2. Name two roles related to Open Authorization (OAuth).​ (D2, L2.4) 

• Resource provider, resource server
• Resource provider, resource relying party
• Authorization server, authorization owner
• Authorization server, resource server

Chapter 2 Quiz: Understanding Risk Management Options and the Use of Access Controls to Protect Assets

Q.1. What is the purpose of countermeasures (D1, L2.1)?

• React to an incident
• Prevent an incident
• Deter an incident
• Manage an incident

Q.2. Which of the following is a basic requirement the security kernel must meet? (D2, L2.2)

• Completeness
• Isolation
• Verifiability
• All of these

Q.3 What function does an access control system NOT perform? (D2, L2.1)

• Perform the same way every time
• Make access control decisions
• Identify all subjects and objects
• Provide complete mediation

Q.4 . A list of company-restricted websites would best be handled in the first instance by what type of control? (D2, L2.1)

• Physical
• Administrative
• Environmental
• Technical

Q.5 What mechanism is used to verify a user’s claim to an identity? (D2, L2.4)

• Proofing
• Entitlement
• Authentication
• Provisioning

Q.6 Which system security model emphasizes system and data integrity as the highest priority security characteristic? (D2, L2.2)

• Biba
• MAC
• Bell-LaPadula
• DAC

Q.7. Which encryption method does Kerberos use to encrypt the exchange of messages between users, key distribution centers (KDC) and the applications? (D2, L2.4)

• Asymmetric
• Symmetric
• Advanced Encryption Standard (AES)
• All of these

Q.8. In the data security lifecycle, in which stage is data protected in accordance with its classification level and baseline controls? (D2, L2.2) 

• Create
• Store
• Use
• Share

Q.9. In biometrics, a Type II error is what? (D2, L2.3)

• Never acceptable
• False acceptance
• A false rejection
• The point at which false acceptances and rejections are equal

Q.10 When referring to RADIUS solutions, we talk about the three A’s. What are they? (D2, L2.4)

• Authentication, authorization, and accounting
• Auditing, authentication, and availability
• Access, accounting, and authentication
• Access, availability, and authorization

More About This Course

Course 2: Understanding Risk Management Options and the Use of Access Controls to Protect Assets

In this course, we will focus on understanding risk management options and the use of access controls to protect assets. We will start by examining the basic steps that must be in place to develop a security culture within the organization and impact policies. We will also look into how to write and use them to enforce security requirements. Then we will move on to the actual business of controlling how our systems, services, resources, and data can be accessed safely by authorized persons. We will also cover access control models like MAC, DAC, and RBAC, and conclude the chapter with an examination of both LAN and WAN identity management.

Course 2 Learning Objectives After completing this course, the participant will be able to: 

L2.1 – Provide examples of the types of functional security controls and policies for identified scenarios. 
L2.2 – Classify various access control models. 
L2.3 – Identify components of the identity management lifecycle. 
L2.4 – Recognize access control and authentication methods.

Course Agenda

Module 1: Document, Implement, and Maintain Functional Security Controls (Domain 1 – Security Operations and Administration)
Module 2: Access Controls Models (Domain 1 – Security Operations and Administration, Domain 2 – Access Controls)
Module 3: Identity Management Lifecycle (Domain 2 – Access Controls)
Module 4: Implement and Maintain Authentication Methods (Domain 2 – Access Controls, Domain 6 – Network and Communication Security)

Who Should Take This Course:

Beginners

Experience Required:

No prior experience required

SKILLS YOU WILL GAIN

• Risk Management
• Access Control

Conclusion

Hopefully, this article will be useful for you to find all the Week, final assessment, and Peer Graded Assessment Answers of the Risk Management: Use of Access Controls to Protect Assets Quiz of Coursera and grab some premium knowledge with less effort. If this article really helped you in any way then make sure to share it with your friends on social media and let them also know about this amazing training. You can also check out our other course Answers. So, be with us guys we will share a lot more free courses and their exam/quiz solutions also, and follow our Techno-RJ Blog for more updates.