Module 1 challenge: Understanding Security Threats:IT Security: Defense against the digital dark arts(Google IT Support Professional Certificate) Answers:2025

Question 1

Which of the following is an example of the CIA triad’s confidentiality principle in action?

✅ Protecting online accounts with a password
❌ Preventing data loss
❌ Making sure data hasn’t been tampered with
❌ Preventing an unwanted download

Explanation:
The Confidentiality principle ensures that only authorized users can access information.
→ Passwords, encryption, and access controls protect confidentiality.

• Integrity = data not altered (tampering prevention)

• Availability = ensuring data is accessible

---

Question 2

Which of the following is an example of a zero-day vulnerability?

✅ A group of hackers finds a flaw in a new software product and takes advantage of it before the vendor or developer finds it.
❌ Voluntary bad download
❌ Adware
❌ Keylogger

Explanation:
A zero-day vulnerability is a security flaw unknown to the vendor, exploited before a patch exists — giving attackers “zero days” to fix it.

---

Question 3

What kind of malware can block access to data and decrease the availability of security by holding the system hostage?

✅ Ransomware
❌ Spyware
❌ Adware
❌ Logic bomb

Explanation:
Ransomware encrypts files and demands payment to restore access — impacting availability, one of the CIA triad components.

---

Question 4

An unhappy systems administrator installed malware that attacked after a timed event, rather than when it was installed. What type of malware does this describe?

✅ A logic bomb
❌ Spyware
❌ Ransomware
❌ Rootkit

Explanation:
A logic bomb is triggered by a specific condition or time, not immediately upon installation — often used for sabotage by insiders.

---

Question 5

A victim connects to a network they think is legitimate, but the network is really an identical network controlled by a hacker. What type of network attack are they a victim of?

✅ An evil twin
❌ Logic bomb
❌ DoS
❌ DNS cache poisoning

Explanation:
An evil twin is a rogue Wi-Fi access point mimicking a legitimate one to intercept sensitive data like passwords or financial info.

---

Question 6

Which one of the following is a type of DoS attack?

✅ A SYN flood attack
❌ Brute force attack
❌ DNS cache poisoning attack
❌ Rogue AP attack

Explanation:
A SYN flood overwhelms a server by sending excessive connection requests without completing them — a classic Denial of Service (DoS) method.

---

Question 7

An attacker sends a large number of SYN packets, but does not send any ACK messages back. The connection stays open and uses up the source’s resources. What is this attack called?

✅ A half-open attack
❌ DNS cache poisoning attack
❌ Ping flood
❌ Zero-day exploit

Explanation:
A half-open (SYN flood) attack exploits the TCP handshake process, leaving connections incomplete to exhaust server resources.

---

Question 8

Which of the following measures can prevent injection attacks?

✅ Input validation
✅ Data sanitization
❌ Flood guards
❌ Log analysis systems

Explanation:
SQL and code injection attacks occur when user input is not properly filtered.

• Input validation ensures only safe data is accepted.

• Data sanitization cleans potentially harmful characters or scripts.

---

Question 9

Which of the following best helps you strengthen your password?

✅ Incorporate symbols, numbers, and capital letters
❌ Pet’s name
❌ Precompiled list
❌ Movie title

Explanation:
Strong passwords are long, unique, and complex, using uppercase, lowercase, numbers, and special symbols — not easily guessed personal info.

---

Question 10

An attacker leaves a flash drive loaded with malware on a table. Someone plugs the drive into their computer to see what’s on it and accidentally installs malware. What kind of attack is this?

✅ Baiting
❌ Tailgating
❌ Phishing
❌ DDoS

Explanation:
Baiting uses physical or digital “lures” (like USB drives or fake downloads) to trick users into installing malware — a form of social engineering.

---

🧾 Summary Table