Course quiz: Cybersecurity threat vectors and mitigation :Cybersecurity Threat Vectors and Mitigation (Microsoft Cybersecurity Analyst Professional Certificate) Answers 2025
1. Main benefit of incremental backup
❌ Faster restoration
❌ Better compression
❌ More comprehensive
✅ It only backs up changed data since the last backup.
Explanation:
Incremental backups save time & space by backing up only modified data.
2. Human error causes data breaches
✅ True
❌ False
3. Malware that can spread automatically
❌ Rootkits
❌ Trojans
❌ Ransomware
✅ Worms
✅ Viruses
Explanation:
Viruses & worms self-replicate; Trojans & rootkits do not.
4. Stuxnet groundbreaking attack
✅ True
❌ False
5. Techniques used in ransomware attacks
❌ Physical theft
❌ DDoS
✅ Exploiting vulnerabilities
✅ Phishing with malicious attachments
6. Malware that changes size & code but not encrypted
❌ Ransomware
❌ Fileless
❌ Polymorphic
✅ Metamorphic malware
Explanation:
Metamorphic malware rewrites its own code; polymorphic encrypts/decrypts it.
7. Best data recovery options when a file is deleted
❌ Recreate file
✅ Consult recovery service
✅ Check cloud/USB backup
✅ Stop using PC + recovery software
8. Strategies to keep personal data secure
✅ Update OS/software
❌ Install multiple antivirus
✅ Regular backups
❌ Use guessable passwords
9. Heuristic analysis more important than behavioral analysis
❌ True
✅ False
10. Asymmetric encryption for large data
❌ True
✅ False
Explanation:
Large data uses symmetric encryption (faster).
11. Encryption protocol for email
❌ PGP
✅ S/MIME
❌ SSH
❌ SSL
12. Hashing verifies integrity
✅ True
❌ False
13. Secure remote access using SSL/TLS
❌ Firewalls/antivirus
❌ Change passwords
✅ Use SSL/TLS certificates
❌ Encrypted email only
14. Centralized authentication complicates management
❌ True
✅ False
15. Kerberos uses __________ cryptography
✔ secret-key cryptography
(secret-key = symmetric)
16. Protocol used for AAA
❌ SNMP
❌ FTP
✅ RADIUS
❌ IMAP
17. Silent listening = transmission threat
✅ True
❌ False
18. Is a DDoS outage an APT?
❌ True
✅ False
19. IoT threat scenario
❌ Smart thermostat
❌ Fridge auto-order
❌ Voice assistant
✅ Unauthorized access to smart cameras
20. Which are endpoints?
✅ PCs/Laptops
❌ Switches/Routers
✅ Mobile devices
❌ Cloud servers
21. IDPS cannot prevent attacks
❌ True
✅ False
Explanation:
IDPS can detect and block threats.
22. Security fixes should be installed ASAP
✅ True
❌ False
23. Compliance protects ______
❌ Reputation
❌ Software
❌ Buildings
✅ Sensitive data
24. Final step in risk management
❌ Mitigate
❌ Identify
✅ Monitor and review
❌ Quantify
25. GDPR law that stops processing
❌ Right to be forgotten
✅ Right to restrict processing
❌ Right to object
❌ Right to rectify
26. GDPR cookie requirement
❌ Info only
❌ Customize only
✅ Explicit consent + option to reject
❌ Accept only
27. PCI-DSS secures:
✅ Financial transactions
❌ Personal ID
❌ Social media
❌ Emails
28. Identity is like a digital ______
❌ email
❌ avatar
✅ fingerprint
❌ stamp
29. SSO impact on admin costs
❌ No impact
❌ Increases costs
✅ Reduces costs by lowering password-related issues
❌ Increases help desk workload
30. OUs help ________ resources
❌ dissolve
❌ limit
❌ increase
✅ organize
🧾 SUMMARY TABLE
| Q | Answer | Q | Answer |
|---|---|---|---|
| 1 | Only backs up changed data | 16 | RADIUS |
| 2 | True | 17 | True |
| 3 | Worms, Viruses | 18 | False |
| 4 | True | 19 | Camera unauthorized access |
| 5 | Phishing + exploiting | 20 | PCs, Mobiles |
| 6 | Metamorphic | 21 | False |
| 7 | Recovery svc, cloud copy, recovery SW | 22 | True |
| 8 | Update OS, Backups | 23 | Sensitive data |
| 9 | False | 24 | Monitor & review |
| 10 | False | 25 | Right to restrict processing |
| 11 | S/MIME | 26 | Explicit consent + reject |
| 12 | True | 27 | Financial transactions |
| 13 | SSL/TLS | 28 | Fingerprint |
| 14 | False | 29 | Reduces admin costs |
| 15 | Secret-key | 30 | Organize |