Module 1 Graded Quiz: Cybersecurity Architecture Overview :Cybersecurity Architecture (IBM Cybersecurity Analyst Professional Certificate) Answers 2025
1. Question 1
Main issue with overly complex security measures:
-
❌ More expensive to maintain
-
✅ They can complicate the process for good users, leading to subversion
-
❌ Too difficult to implement
-
❌ More easily hacked
Explanation:
When security becomes too complex, users bypass it, reducing overall security.
2. Question 2
What is security by obscurity?
-
❌ Intentionally complex system
-
✅ Security reliant on secret knowledge
-
❌ Hidden system
-
❌ Only creators understand it
Explanation:
Obscurity alone is not strong security—it relies on secrecy instead of real protection.
3. Question 3
How does RBAC enforce least privilege?
-
❌ Delegates work to all users
-
✅ Assigns permissions based on user roles
-
❌ Individual permissions for all tasks
-
❌ Allows access to all data
Explanation:
RBAC ensures users only get the access needed for their role.
4. Question 4
How does PAM uphold least privilege?
-
❌ Randomizes credentials for all users
-
❌ Gives privileged access to all
-
❌ Provides open access
-
✅ Identifies, secures, and monitors privileged accounts and verifies access rights before granting access
Explanation:
PAM controls and monitors high-privilege accounts.
5. Question 5
What threatens availability & how to ensure it?
-
❌ Malware + encryption
-
❌ Phishing + authentication
-
✅ Hardware failure: fail-safes, backups, disaster recovery
-
❌ Tampering + checksums
Explanation:
Availability is protected by redundancy and recovery mechanisms.
6. Question 6
What is a DoS attack?
-
❌ Gain control
-
✅ Flood victim with overwhelming data
-
❌ Steal data
-
❌ Modify data
Explanation:
DoS attacks overwhelm systems so legitimate users can’t access services.
7. Question 7
What is a DDoS attack?
-
❌ Flooded from multiple directions
-
✅ Attacker uses multiple devices to flood victim’s system
-
❌ Multiple attackers collaborating
-
❌ Multiple systems attacked
Explanation:
DDoS uses many compromised systems (botnet) simultaneously.
8. Question 8
What is a SYN flood attack?
-
❌ Single SYN then silent
-
❌ Single SYN then ACK
-
✅ Multiple SYN messages then silent
-
❌ Multiple SYN then ACK
Explanation:
Attackers open many half-open connections, exhausting server resources.
9. Question 9
What is a botnet in a DDoS attack?
-
❌ Network of bots used for attack (partially true but incomplete)
-
❌ Software for defense
-
✅ A server that the attacker uses to control compromised computers
-
❌ Attack software
Explanation:
A botnet is controlled by a command-and-control (C2) server to launch attacks.
10. Question 10
What are Indicators of Compromise (IoCs)?
-
❌ Tools for attackers
-
❌ Signs system has already been compromised
-
❌ Software solutions
-
✅ Red flags pointing to a potential or ongoing attack
Explanation:
IoCs help detect early warning signs of malicious activity.
🧾 Summary Table
| Q | Correct Answer | Key Concept |
|---|---|---|
| 1 | Complex security = user subversion | Usability vs security |
| 2 | Reliance on secret knowledge | Security by obscurity |
| 3 | RBAC assigns permissions by role | Least privilege |
| 4 | PAM secures & monitors privileged accounts | Access control |
| 5 | Hardware failure → backups & DR | Availability |
| 6 | DoS = flooding | DoS attack |
| 7 | DDoS = multiple devices flooding | Distributed attack |
| 8 | Multiple SYN packets then silent | SYN flood |
| 9 | C2 server controlling bots | Botnet |
| 10 | Red flags of attacks | IoCs |