Module 2 Graded Quiz: Access Management and Endpoint Security :Cybersecurity Architecture (IBM Cybersecurity Analyst Professional Certificate) Answers 2025
1. Question 1
What is UBA in cybersecurity?
-
✅ User Behavior Analytics
-
❌ Unified Business Analysis
-
❌ Unified Behavior Administration
-
❌ User Business Administration
Explanation:
UBA analyzes user behavior patterns to detect anomalies and potential threats.
2. Question 2
Purpose of federation capability?
-
❌ Encrypt data transfers
-
❌ Record user sessions
-
✅ Facilitate communication between different identity domains
-
❌ Manage user passwords
Explanation:
Federation allows identity sharing across trusted systems (e.g., SSO across domains).
3. Question 3
What does CIAM stand for?
-
❌ Customer Information Access Management
-
❌ Corporate Identity Approval Mechanism
-
❌ Centralized Information and Access Management
-
✅ Consumer Identity and Access Management
Explanation:
CIAM manages identities for customers/end-users of digital services.
4. Question 4
Focus of workforce identity management?
-
❌ Customers
-
❌ Corporate assets
-
❌ External partners
-
✅ Employees within an organization
Explanation:
It ensures the right employees have the right access at the right time.
5. Question 5
Most important first element in a BYOD program?
-
❌ Remote wipe
-
❌ Monitoring
-
✅ Consent
-
❌ Software requirements
Explanation:
Employees must agree to terms before a company can enforce BYOD controls.
6. Question 6
What should the policy state about monitoring?
-
❌ Monitor without informing employee
-
❌ No monitoring
-
❌ Monitor personal usage
-
✅ Monitor primarily corporate usage
Explanation:
BYOD policies should respect privacy and only monitor corporate-related activities.
7. Question 7
What right may a company reserve in BYOD for security?
-
❌ Wipe all data
-
✅ Remotely wipe only corporate data
-
❌ Monitor all activities
-
❌ Lock the device
Explanation:
Selective wipe protects corporate data while respecting employee privacy.
8. Question 8
Possible hardware restriction in BYOD?
-
✅ Only a specific device configuration is supported
-
❌ Only latest devices supported
-
❌ No restrictions
-
❌ Any device allowed
Explanation:
Companies often allow only devices meeting minimum security requirements.
9. Question 9
Main disadvantage of single-factor password-only authentication?
-
✅ It lacks an additional layer of security
-
❌ Impractical for banking
-
❌ Requires something user knows (true but not disadvantage)
-
❌ Involves biometrics
Explanation:
Passwords alone are easy to guess, steal, reuse, or brute-force.
10. Question 10
Why is biometric + token authentication not ideal for online banking?
-
❌ All users have biometric hardware
-
✅ Many users do not have required biometric hardware
-
❌ Provides high security
-
❌ Tokens are convenient
Explanation:
If customers lack the necessary devices, this method becomes impractical.
🧾 Summary Table
| Q | Correct Answer | Key Concept |
|---|---|---|
| 1 | User Behavior Analytics | UBA |
| 2 | Identity domain communication | Federation |
| 3 | Consumer Identity and Access Management | CIAM |
| 4 | Employees | Workforce identity |
| 5 | Consent | BYOD foundation |
| 6 | Monitor corporate usage | BYOD monitoring |
| 7 | Wipe only corporate data | BYOD security |
| 8 | Specific supported devices | BYOD hardware |
| 9 | No extra security layer | Password weakness |
| 10 | Not all users have biometric hardware | 2FA practicality |