NPTEL Cyber Security and Privacy Week 1 Assignment Answers 2024

admin
By admin

NPTEL Cyber Security and Privacy Week 1 Assignment Answers 2024

1. A malicious email attack targeting a specific user or group of users, appearing to originate from a trusted source is:

  • Spear Phishing
  • Man in the Middle Attack
  • Smurf Attack
  • Social media phishing
Answer :- For Answer Click Here

2. A malicious attack where hackers encrypt an organization’s data and demand payment to restore access is known as:

  • Spyware
  • Ransomware
  • Whaling
  • Watering hole attack
Answer :- 

3. Which of the following characteristics are most likely to be found in a phishing email?

  • Sense of urgency and immediate action requests.
  • Unusual or inappropriate requests
  • Incorrect sender name or email address.
  • All of the above.
Answer :- For Answer Click Here

4. From a managerial perspective, Information Security is generally understood as a:

  • Product
  • Technology
  • Process
  • Product, Technology and Process
Answer :- 

5. The practice of keeping an organization’s network infrastructure secure from unauthorized access is known as:

  • Data Security
  • Network Security
  • Information Security
  • Operations Security
Answer :- For Answer Click Here

6. Which of the following statements most accurately reflects the complex role of technology in cybersecurity?

  • Technology acts as both a source of threats and a tool for defense.
  • Technology is solely a source of threats and vulnerabilities.
  • Technology plays a triple role: source of threats, asset to protect, and defense weapon.
  • Technology solely serves as a defense weapon against cyberattacks.
Answer :- 

7. ___________ is a manipulation technique that exploits human weakness to gain private information, access, or valuables

  • Spyware
  • Logic Bomb
  • Social Engineering
  • Man in the Middle Attack
Answer :- For Answer Click Here

8. True or False: The word “Cyber” in “Cybernetics” originates from the French language.

  • True
  • False
Answer :- 

9. The impact of a cyber security incident on organizations can include:

  • Financial Loss
  • Reputation Damage
  • Regulatory fine
  • All the above
Answer :- For Answer Click Here

10. True or False: A Vendor guarantees that their IoT solutions are 100% safe from cyberattacks. This statement can be

  • True
  • False
Answer :- 

NPTEL Cyber Security and Privacy Week 4 Assignment Answer 2023

1. Which term is used to describe detailed statements of what must be done to comply with policy?

  • Policies
  • Standards
  • Ethics
  • Governance
Answer :- For Answer Click Here

2. Management must use ——————-as the basis for all information security planning, design, and deployment.

  • Standards
  • Procedures
  • Policies
  • Best business practices
Answer :- 

3. Which type of planning ensures that critical business functions continue if a catastrophic incident or disaster occurs?

  • Business continuity planning (BCP)
  • Contingency planning (CP)
  • Business resumption planning (BRP)
  • Disaster recovery planning (DRP)
Answer :- For Answer Click Here

4. ————– policy can be separated into two general groups (a) managerial guidance and (b) technical specifications. Select the correct options

  • Systems-Specific Security
  • Issue-Specific Security
  • Enterprise Information Security
  • None of these
Answer :- 

5. The actions taken during and after a disaster falls under —————-

  • Impact assessment
  • Risk management
  • Crisis management
  • Both (a) & (b)
Answer :- 

5. The actions taken during and after a disaster falls under —————-

  • Impact assessment
  • Risk management
  • Crisis management
  • Both (a) & (b)
Answer :- 

6. Special Publication 800-14 of the National Institute of Standards and Technology (NIST) defines three types of security policy and chooses the

  • Violations of Policy, Business continuity planning, Response planning
  • A disaster recovery, Incident response planning, and Business continuity planning
  • Issue-specific security, Systems-specific security, Enterprise information security
  • Enterprise information security, Violations of Policy, Response planning
Answer :- 

7. What are the elements of a business impact analysis?

  1. Threat attack identification
  2. Business unit analysis
  3. Attack success scenario development
  4. Potential damage assessment
  5. Subordinate plan classification
  6. Risk management
  7. Disaster management

The elements of a business impact analysis are:

1,2,3,4,5 correct
1,2,3,5,6 correct
2,3,5,6,7 correct
All are correct

Answer :- 

8. Access control lists (ACLs) that govern the rights and privileges of users consist of the

  1. User access lists,
  2. Matrices,
  3. Capability, and
  4. Dedicated hardware

Choose the correct answer

1,2,3,4 are true
1,2,3 are true
Only 4 is true
All are true

Answer :- For Answer Click Here

9. The instructions a system administrator codes into a server, networking device, or a device to specify how it operates is called

  • Administration rule
  • Configuration rules
  • Networking rules
  • Security rule
Answer :- 

10. Information security safeguards focus on administrative planning, organizing, leading, and controlling and that are designed by strategic planners and implemented by the organization’s security administration. These safeguards include governance and risk management together known as

  • Managerial controls
  • Operational controls
  • Technical controls
  • None of these
Answer :- 

11. A lattice-based access control with rows of attributes associated with a particular subject such as a user is called

  • Access control matrix
  • Capabilities table
  • Configuration table
  • All of above
Answer :-  

NPTEL Cyber Security and Privacy Week 3 Assignment Answer 2023

1. Which of the following terms best describe the specification of a model to be followed during the design, selection, and initial and ongoing implementation of all subsequent security controls?

  1. Blueprint
  2. NIST handbook
  3. An information security framework
  4. Security plan
Answer :-  For Answer Click Here

2. True or False: SP 800-18, Guide for Developing Security Plans, is considered the foundation for a comprehensive security blueprint and framework.

  1. True
  2. False
Answer :- 

3. One of the foundations of security architectures is the requirement to implement security in layers. This layered approach is referred to as:

  1. managerial controls
  2. security domain
  3. redundancy
  4. defense in depth
Answer :- 

4. Control Objectives for Information and Related Technologies is a framework created by —— for information technology (IT) management and ————-

  1. HIPPA, & Information officer
  2. ISO, & Security officer
  3. ISACA, & IT governance
  4. CISO, & Chief officer
Answer :- 

5. Three approaches to cyber security management are

  • Governance-Risk-Compliance (GRC) approach
  • ——————————————————–
  1. rganizational planning approach
  2. Information-driven approach
  3. Security-driven approach
  4. Standards-driven approach
  5. Procedure-driven approach
Answer :- 

6. ISO/IEC 27032:2012 involves guidelines for —————–

  1. Network security
  2. Cyber security
  3. Risk Management
  4. Governance of information security
Answer :- 

7. The five goals of information security governance are

  1. —————–of information security with business strategy to support organizational objectives
  2. —————- by executing appropriate measures to manage and mitigate threats to information resources
  3. —————–by utilizing information security knowledge and infrastructure efficiently and effectively
  4. —————–by measuring, monitoring, and reporting information security governance metrics to ensure that organizational objectives are achieved
  5. —————–by optimizing information security investments in support of organizational objectives.

A. Strategic alignment
B. Risk management
C. Resource management
D. Performance measurement
E. Value delivery

Match the following

  • 1-B,2-C,3-D,4-C,5-A,
  • 1-C,2-B,3-A,4-B,5-E
  • 1-E,2-C,3-A,4-B,5-D
  • 1-A,2-B,3-C,4-D,5-E,
Answer :- 

8. Match ISO Series with the corresponding topic

(A) 27000 (1)Series Overview and Terminology
(B) 27003 (2)Information Security Management Systems Implementation Guidelines
(C) 27004 (3) Information Security Measurements and Metrics
(D) 27005 (4) ISMS Risk Management
(E) 27006 (5) Requirements for Bodies Providing Audit and Certification of ISMS

  • A-1, B-2,C-3, D-4, E-5
  • A-4, B-2, C-3, D-1, E-5
  • A-2,B-1,C-3,D-5,E-4
  • A-3,B-2,C-1,D-5,E-4
Answer :- 

9. (1)—————— is authorized by policy from senior management and is usually carried out by senior IT and information security executives, such as the(2)———and-(3)——-

1- ISG 2- CIO, 3- CISO
1-CO,2, 2-CIO,3- CISO
1-CISO, 2-CIO, 3-CO
1-CISO, 2-ISG, 3-CO

Answer :- For Answer Click Here

NPTEL Cyber Security and Privacy Week 2 Assignment Answer 2023

1. What term describes the quality or state of ownership or control of information?

  • confidentiality
  • possession
  • authenticity
  • integrity
Answer :- possession

2. Fill in the blanks
The McCumber Cube has ——————-dimensions with ——-cells representing areas that must be addressed to secure today’s information systems.

  • 7 and 21
  • 4 and 27
  • 3 and 18
  • 3 and 27
Answer :- 3 and 27

3. ——————is a weakness or fault in a system or protection mechanism that opens it to attack or damage.

  • Threat
  • Vulnerability
  • Risk
  • Attack
Answer :- Vulnerability

4. Which of the following is not a component of an organization’s Information System?
(1) Software (2) Vendors (3) People (4) Government (5) ISPs

  • 1&3
  • 1,2 &4
  • 4 & 5
  • 2,4, & 5
Answer :- 2,4, & 5

5. True or False:
The person responsible for the storage, maintenance, and protection of information is the data custodian.

  • True
  • False
Answer :- True

6. Biometric data collected from users is used for—————————- process.

  • Authentication
  • Authorization
  • Accountability
  • Privacy
Answer :- Authentication

7. Select the right options of the C.I.A. triad
(1) Assurance that information is shared only among authorized people or organizations
(2) Assurance that the information is complete and uncorrupted
(3) Assurance that information systems and the necessary data are not available for use when needed

  • (1) True (2) False (3) True
  • (1) False (2) False (3) True
  • (1) True (2) True (3) True
  • (1) True (2) True (3) False
Answer :- (1) True (2) True (3) False

8. Match the following:

a2q8
  • A-1, B-3, C-4, D-2, E-5
  • A-3, B-4, C-5, D-1, E-2
  • A-5, B-4, C-3, D-2, E-1
  • A-1, B-2, C-3, D-4, E-5
Answer :- A-5, B-4, C-3, D-2, E-1

9. Who are responsible for the security and use of a particular set of information?

  • Data users
  • Data exporter
  • Data custodians
  • Data owner
Answer :- Data custodians

10. True or False:
If information has a state of being genuine or original and is not a fabrication, it has the characteristic of authenticity.

  • True
  • False
Answer :- True

NPTEL Cyber Security and Privacy Week 1 Assignment Answer 2023

1. Security is a state or quality of being secure to be free from————-.

  • Vulnerability
  • Threat
  • Attack
  • Danger
Answer :- d (Danger)

2. Which term among the following is correct?

  • Cybersecurity
  • Cyber-security
  • Cyber security
  • All are correct
Answer :- d (All are correct) 

3. What does “cyber” meanin the context of Information Technology?

  • Software
  • Hardware
  • Network
  • Online World
Answer :- D (Online World)

4. Cyber security affects individuals, organizations, society and ——————–.

  • Government
  • Institution
  • Department
  • Firms
Answer :- a (Government)

5. Choose the odd one

  • Phishing attack
  • Denial of Service attack
  • SQL Injection
  • Man in the middle attack
  • Importing data
Answer :- e (Importing data)

6. Restricting unauthorized access and misuse of physical assets helps in achieving physical security of an organization.

  • True
  • False
Answer :- a (True)

7. Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment , organization and

  • users’ cyber assets
  • user personal information
  • cyberspace
  • resource
Answer :- a (users’ cyber assets)

8. The general security objectives comprise —–————-,Availability and Integrity

  • Confidentiality
  • Accountability
  • Authorization
  • Authentication
Answer :- 8 (Confidentiality)

9. Network security involves protection of items, objects, or facilities.

  • True
  • False
Answer :- b (False)

Share This Article
Leave a comment