Module 3 Graded Quiz: Network, Application, and Data Security :Cybersecurity Architecture (IBM Cybersecurity Analyst Professional Certificate) Answers 2025
1. Question 1
What is micro-segmentation?
-
❌ Dividing network into macro/micro pieces
-
✅ Creating numerous small zones within your network
-
❌ Creating large zones
-
❌ Dividing into two segments
Explanation:
Micro-segmentation isolates workloads into very small segments, reducing lateral attack movement.
2. Question 2
Primary function of a firewall?
-
❌ Divide network
-
✅ Monitor and control incoming and outgoing traffic
-
❌ Increase speed
-
❌ Physical protection
Explanation:
A firewall enforces network security policies by filtering traffic.
3. Question 3
What does SASE deliver?
-
✅ Security and network capabilities from the cloud at the network’s edge
-
❌ Cloud from edge
-
❌ Network from edge
-
❌ Security from edge
Explanation:
SASE combines networking (SD-WAN) + security (CASB, FWaaS, ZTNA) into a single cloud-delivered model.
4. Question 4
What is white-box testing?
-
❌ White-colored interface
-
✅ Testing with full knowledge of the source code
-
❌ Testing without source code
-
❌ Testing in white room
Explanation:
White-box testers understand internal logic, architecture, and source code.
5. Question 5
Meaning of “shift left”?
-
❌ Move office location
-
❌ Assign tasks to less experienced developers
-
✅ Include security checks earlier in the development cycle
-
❌ Switch programming language
Explanation:
Shifting left means integrating security from the earliest stages (design → code → build).
6. Question 6
Why use both source-code and dynamic scanners?
-
❌ One is faster
-
❌ One is cheaper
-
❌ Both find same vulnerabilities
-
✅ They find different types of vulnerabilities
Explanation:
Static scanners find code-level flaws; dynamic scanners find runtime vulnerabilities.
7. Question 7
Potential downside of using chatbots for code generation?
-
✅ They can introduce vulnerabilities in the code
-
❌ Take long time
-
❌ Write outdated languages
-
❌ Require constant internet
Explanation:
AI tools may generate insecure, unvalidated code patterns.
8. Question 8
What ultimately needs to be protected?
-
✅ The data itself
-
❌ Servers
-
❌ Firewalls
-
❌ Source code
Explanation:
All security controls exist to protect data at the core.
9. Question 9
Why leverage OWASP?
-
❌ To learn latest trends (partially true but not primary)
-
❌ For networking
-
✅ To avoid repeating the same mistakes
-
❌ To keep making mistakes
Explanation:
OWASP highlights common vulnerabilities so developers can prevent them.
10. Question 10
Role of UBA in data security?
-
❌ Reward good behavior
-
❌ Team-building
-
❌ Ignore anomalies
-
✅ Detect misuse and abuse of data
Explanation:
UBA identifies unusual or risky user actions to detect insider threats & data misuse.
🧾 Summary Table
| Q | Correct Answer | Key Concept |
|---|---|---|
| 1 | Small segmented zones | Micro-segmentation |
| 2 | Monitor & control traffic | Firewall |
| 3 | Cloud-delivered security + networking | SASE |
| 4 | Test with source code | White-box testing |
| 5 | Early security integration | Shift-left |
| 6 | Find different vulnerabilities | Static vs dynamic scanning |
| 7 | May introduce vulnerabilities | AI code risks |
| 8 | Protect the data | Data security focus |
| 9 | Avoid repeating mistakes | OWASP learning |
| 10 | Detect misuse | User Behavior Analytics |