Securing Software, Data, and End Points Coursera Quiz Answers 2022 [💯Correct Answer]

Hello Peers, Today we are going to share all week’s assessment and quiz answers of the Securing Software, Data, and End Points course launched by Coursera totally free of cost✅✅✅. This is a certification course for every interested student.

In case you didn’t find this course for free, then you can apply for financial ads to get this course for totally free.

Check out this article – “How to Apply for Financial Ads?”

About The Coursera

Coursera, India’s biggest learning platform launched millions of free courses for students daily. These courses are from various recognized universities, where industry experts and professors teach very well and in a more understandable way.

---

Here, you will find Securing Software, Data, and End Points Exam Answers in Bold Color below.

These answers are updated recently and are 100% correct✅ answers of all week, assessment, and final exam answers of Securing Software, Data and End Points from Coursera Free Certification Course.

Use “Ctrl+F” To Find Any Questions Answer. & For Mobile User, You Just Need To Click On Three dots In Your Browser & You Will Get A “Find” Option There. Use These Option to Get Any Random Questions Answer.

About Securing Software, Data, and End Points Course

Hello, and welcome to Course 4. As we all know, most attacks on systems take advantage of flaws in the software that runs the hardware. Attackers may also take advantage of flaws in the underlying hardware, especially if that hardware is meant to be safe from being stolen or accessed by people who shouldn’t be able to use it.

Course Apply Link – Securing Software, Data, and End Points

Securing Software, Data, and End Points Quiz Answers

Week 01: Securing Software, Data and End Points Coursera Quiz Answers

Knowledge Check: Open Source versus Proprietary Software

Q1. For many years, the debate has raged in the software development community about what software is best: proprietary software or open source software. While there is no authoritative answer to this, it is an opportunity to compare the advantages and disadvantages of both.  Directions: Read each question and determine whether the advantage or disadvantage described applies to either open source or proprietary software.  (D1, L4.1)

More developers are contributing to the development and testing. This is considered an advantage of _____.

• Open source
• Proprietary

Q.2. If the vendor makes a mistake (bugs) or decides to add “unknown” features, these are more difficult to detect. This is considered a disadvantage of _____.

• Open source
• Proprietary

Q.3. Everyone has the ability to see the source code, including a potential threat actor. This is considered a disadvantage of _____.

• Proprietary

Q.4. Source code is not available for general consumption. This is considered an advantage of _____.

• Open source
• Proprietary

Q.5. How do most vulnerabilities get into software systems?   (D7, L4.1)

• Malware installation and execution
• Social engineering manipulation
• Stress induced by overuse, overheating or electromagnetic interference (EMI) 
• Errors made by designers, coders, installers and maintainers 

Data Vulnerability Hunting Quiz Answer

Q.1. Organizations are typically in possession of huge amounts of data, much of which is subject to legal and regulatory protection requirements. While we know that an attacker may have many motives and might try to attack an organization in a variety of ways, an organization’s data is still the high-value target that drives many attacks. Different organizations and industries have a variety of valuable data that could potentially be vulnerable to attack.   Consider the following industries:  

• Healthcare 
• Finance (Banking)
• Manufacturing 
• Legal (Law enforcement) 

Much of the data will actually be common across all sectors such as employee and tax records. Generally speaking, while there is an obvious business need, there is also a legal obligation to protect such records. Look again at each of the industries listed and consider the unique data times and regulations to each by answering the following questions.   Directions: For each question, identify the industry based on the list of vulnerable data provided. (D7, L4.2) 

Statistics on population and wellness, research and development data, as well as administrative enrollment and billing records. 

• Healthcare
• Finance (Banking)
• Manufacturing
• Legal (Law enforcement)

Q.2. Records including debit or credit card transactions and distribution methods and patterns.

• Healthcare
• Finance (Banking) 
• Manufacturing
• Legal (Law enforcement) 

Q.3. Sensitive data such as details of ongoing investigations, evidence, criminal record history and case files.

• Healthcare
• Finance (Banking)
• Manufacturing
• Legal (Law enforcement)

Q.4. Records regarding customers, shipping logs and financial transitions. 

• Healthcare
• Finance (Banking) 
• Manufacturing
• Legal (Law enforcement)

Q.5 How do most vulnerabilities get into software systems?   (D7, L4.1)

• Malware installation and execution
• Social engineering manipulation
• Stress induced by overuse, overheating or electromagnetic interference (EMI) 
• Errors made by designers, coders, installers and maintainers 

Q.6. What are view-based access controls (VBACs) an example of? (D7, L4.2) 

• Audit control 
• Constrained user interface
• Temporal constraint
• Side channel

Week 02: Securing Software, Data and End Points Coursera Quiz Answers

Activity 2: Key Concepts Quiz Answer

Q.1. Directions: Match the type of malware to its description or potential impact.  (D7, L4.3)

The mechanism that the malware uses to target new victims and propagate.

• Logic Bomb
• Keylogger
• Trojan
• Payload
• Worm
• Vector
• File Infector
• Dropper

Q.2. The portion of the malware that actually carries out the malicious activity.  

• Logic Bomb
• Keylogger
• Trojan
• Payload
• Worm
• Vector
• File Infector

Q.3. Malicious code that can release personal data, crash systems, etc.  

• Logic Bomb
• Keylogger
• Trojan
• Payload
• Bot
• Worm
• Vector
• File Infector
• Virus
• Dropper

Q.4. A form of Trojan that can be used to stop backups and open remote access backdoor. 

• Logic Bomb
• Keylogger
• Trojan
• Payload
• Bot
• Worm
• Vector
• File Infector
• Virus
• Dropper

Q.5 Malware often used in social engineering attacks. 

• Logic Bomb
• Keylogger
• Trojan
• Payload
• Bot
• Worm
• Vector
• File Infector
• Virus
• Dropper

Q.6. Can be used as a delivery agent for viruses to create “backdoors” into system and software.

• Logic Bomb
• Keylogger
• Trojan
• Payload
• Bot
• Worm
• File Infector
• Virus
• Dropper

Q.7. A form of Trojan that captures, records and forwards all keyboard strokes to an attacker.

• Logic Bomb
• Keylogger
• Trojan
• Payload
• Bot
• Worm
• Vector
• File Infector
• Virus
• Dropper

Q.8. Used in script viruses to deliver malware. 

• Logic Bomb
• Keylogger
• Trojan
• Payload
• Bot
• Vector
• File Infector
• Virus
• Dropper

Q.9. Can be attached to .exe files to deliver malware payload.

• Logic Bomb
• Keylogger
• Trojan
• Payload
• Bot
• Worm
• Vector
• File Infector
• Virus
• Dropper

Q.10 Attaches to network-enabled services to rapidly spread.

• Logic Bomb
• Keylogger
• Trojan
• Payload
• Bot
• Worm
• Vector
• File Infector
• Virus
• Dropper

Knowledge Check: Vulnerable Web Applications Quiz Answer

Q.1. Match the following (D7, L4.3). The table displays the answer option and corresponding description. Refer to this table when answering the questions below.

Option	Description
A	A portion of SQL code. This verbose error message might contain details of the database controlling the logins.
B	Craft an attack where incorrect or untrusted data will create an injection attack.
C	An error message, such as an invalid login.
D	A security misconfiguration that has occurred because of a lack of output sanitization.

• A
• B
• C
• D

What should you see?

Q.2. What are you seeing?

• A
• B
• C
• D

Q.3. What vulnerability does it indicate?

• A
• B
• C
• D

Q.4. What might a malicious actor do next?

• A
• B
• C
• D

Knowledge Check: Malicious Code Countermeasures Quiz Answer

Q.1. Scenario: You are the SSCP for a small engineering company that manufactures parts for the automotive industry. Computerized numerical control (CNC) systems are used in much of the production equipment. You are considering the best way to protect the potential attack surface of the computers and servers that control the CNC machines when a colleague asks if you could answer a few questions regarding malicious code countermeasures. Directions: Provide your colleague with a yes or no answer for each question. (D7, L4.3)

Would hardening the systems be a good starting point?

• Yes
• No

Q.2. s there really an advantage to installing antivirus software on the CNC systems?

• Yes
• No

Q.3.Patching is an essential step to reduce the possibility of malware attacks. Do we need to wait to apply patches?

• Yes
• No

Which statement best describes a zero-day exploit?   (D7, L4.3) 

An attack performed using a vulnerability whose existence has just been published or reported on in CVE databases that day. 

An exploit of a vulnerability not known to the general user community, for which an attacker develops and uses an exploit as part of an attack. 

An exploit that doesn’t use forged security credentials but attempts to use genuine credentials. 

A term overused by news media in sensationalizing ransomware attacks.

Applied Scenario 1: Implement and Operate Endpoint Security Quiz Answer

Q.1. What risks might IMI be exposed to? Select all that apply. (D7, L4.4) 

• Malware
• Ransomware
• Theft of sensitive or confidential data
• Disruption to building controls
• Tampering with the production and distribution process

Q.2. What IMI business units must be considered when it comes to implementing endpoint security? Select all that apply. (D7, L4.4)

• Human Resources (HR)
• Finance
• Research and Development (R&D)
• Design
• Manufacturing 
• Testing 
• Quality Assurance 
• Warehousing and Shipping
• Marketing 

Q.3. How do we protect IMI’s systems against these risks? Select all that apply. (D7, L4.4) 

• Audit IMI’s systems and perform a risk assessment 
• Harden all endpoints 
• Increase use of cryptographic protections 
• Perform a physical risk assessment 
• Formulate a risk management policy
• Monitor and log all activity 
• Establish SLAs with third parties 
• Move to cloud-based solutions
• Train users

Q.4. Scenario: You are working for an intercity bus company that provides its passengers with on-bus Wi-Fi service, supported by the same high-capacity link connection that allows the operations managers to monitor the vehicle’s location, speed, conditions, etc. This link also supports CCTV security of the interior and around the bus, and driver and conductor communications with the operations manager.  Which sets of endpoint security problems and solutions do you think are most critical to address?    (D7, L4.4) 

• MDM, EDR and IoT 
• ICS, BYOD and MDM 
• IoT and BYOD 
• SCADA, ICS and IoT 

Week 03: Securing Software, Data and End Points Coursera Quiz Answers

Chapter 4 Quiz: Securing Software, Data and Endpoints. Quiz Answer

Q.1 This quiz will help you to confirm your understanding and retention of concepts for this chapter. Please complete it by answering all questions, reviewing correct answers and feedback, and revisiting any chapter material you feel you need extra time with.

1. This Assessment contains 10 objective item questions.
2. Recommended time limit is 20 minutes, 2 minutes per question.
3. Choose the best answer(s) for each question.
4. You have unlimited attempts and may complete this assessment as many times as you would like.
5. Passing grade for this quiz is 70%.
6. Score of highest attempt will be calculated.

Your score and quiz report

1. Each question carries 1 point.
2. For each question, a 1/1 point indicates correct answer and 0/1 point indicates incorrect answer which you see upon quiz submission.
3. Upon completion, you will be able to see your total number of attempts along with the score for each attempt.
4. Your overall grade reflects the score of your highest attempt.
5. Click on each attempt to view the completed quiz.

• What is the key difference between a worm and a virus?​ (D7, L4.3)
• A virus doesn’t require user assistance​ to replicate.
• A worm doesn’t require user assistance​ to replicate.
• A virus always causes physical damage​.
• A worm always causes physical damage.

Q.2. What is software escrow service?​ (D7, L4.1)

• A third-party contract to hold software source code​
• A third party who holds decryption keys​
• A financial agreement
• A legal process

Q.3. What is the purpose of a software restriction policy?​ (D7, L4.1)

• To make life harder for remote workers​
• Because the organization had a purchase agreement with one vendor in place​
• To prevent unlicensed software from being installed​
• To support an SaaS agreement

Q.4. Which of the following is NOT a physical mechanism for data deletion? (D7, L4.2)

• Shredders for paper records
• Deleting or reformatting
• Degaussing
• Crypto-shredding

Q.5. Which of the following is NOT an advantage of application allowed/blocked listing?   (D7, L4.3)

• Requires very little effort
• Blocks most current malware
• Prevents use of unauthorized applications
• Does not require daily definition updates

Q.6. hy would we use a sandbox?​ (D7, L4.3)

• It is a useful tool to de-stress in​.
• It provides an isolated environment for testing.
• It’s built into most software.
• It’s required by law.

Q.7. What is a rootkit?​ (D7, L4.3)

• A dental tool
• An example of a worm
• A type of virus
• A type of remote access Trojan

Q.8. Which of the following is a security strategy for endpoints? (D7, L4.4)

• Containerization
• Encryption
• Mobile application management (MAM)
• All of these

Q.9 What type of attack is hyperjacking?​  (D7, L4.3)

• A rootkit
• A trogon
• A virus
• A worm

Q.10. Why is a social engineering attack most often successful?​ (D7, L4.3)

• People are not interested in security
• Users are lazy
• People are too trusting
• Users lack training

More About This Course

Course 4 is about keeping software, data, and endpoints safe.

Hello, and welcome to Course 4. As we all know, most attacks on systems take advantage of flaws in the software that runs the hardware. Attackers may also take advantage of flaws in the underlying hardware, especially if that hardware is meant to be safe from being stolen or accessed by people who shouldn’t be able to use it.

However, their real goal and all the tax is the data. So, it’s very important that all of the software that runs the business logic and processes of an organization be kept safe. In this chapter, we’ll see that the software offers a layered environment. Starting with a core or kernel of trusted functions and going all the way up to the mobile code and executable content.

This gives all web apps and remote data access the ability to work. Security professionals need to understand that securing software involves two major tasks that are very different from each other but are closely related.

They need to make sure that the Security Posture of that software is known and understood, and that the software is installed, maintained, and used in ways that are consistent with Security Posture or that improve it over time.

As we talked about in the last chapter, the Security Posture of an asset or system is the set of risks, vulnerabilities, controls, and residual risks.

We summarize how safe or risky it is to use an asset and how much you can count on the results in a certain situation or context. In this course, we’ll build on that foundation by looking more closely at how the data can be the target of an attack and used to take advantage of other weaknesses in the system.

We’ll talk about what security professionals who aren’t programmers can do to make these kinds of attacks less likely. In course two, we also talked about the idea of a “non-human user” as a general way to look at the management and security of devices and software entities in order to protect those entities from threats to their integrity and to protect the whole system and each asset from what those “non-human users” do that isn’t allowed.

In this chapter, we’ll build on those ideas as we look at Endpoint Security Issues and Approaches.

Goals for learning in Course 4

When a person finishes this course, he or she will be able to:

L4.1: Talk about the security of software systems and applications.
L4.2: Understand the ideas and skills behind data security.
L4.3: Find malicious code and ways to stop it.
L4.4: Evaluate mobile device management (MDM) and security issues with endpoints that can move around on their own.
L4.5: Look over attacks on virtual machines and how to defend against them.

Course Agenda

Module 1: Securing Software (Domain 1: Security Operations and Administration, Domain 3: Risk Identification, Monitoring, and Analysis, and Domain 7: Systems and Application Security)
Module 2: Protecting Data (Domain 1: Security Operations and Administration, Domain 7: Systems and Application Security)
Module 3: Find and analyze malicious code and activity (Domain 7: Systems and Application Security)
Module 4: Put endpoint security in place and run it (Domain 7: Systems and Application Security)
Module 5: Run and protect virtual environments (Domain 7: Systems and Application Security, Domain 6: Network and Communications Security).

Beginners should take this course.

Experience Required: No prior experience is required

Conclusion

Hopefully, this article will be useful for you to find all the Week, final assessment, and Peer Graded Assessment Answers of the Securing Software, Data and End Points Quiz of Coursera and grab some premium knowledge with less effort. If this article really helped you in any way then make sure to share it with your friends on social media and let them also know about this amazing training. You can also check out our other course Answers. So, be with us guys we will share a lot more free courses and their exam/quiz solutions also, and follow our Techno-RJ Blog for more updates.