12/22/2018 Introduction to Cyber Attacks - Home | Coursera

Module 1 Quiz
Quiz, 10 questions

 Try again once you are ready. Back to Week 1

Required to pass: 80% or higher

1/1
 point

1. 
A malicious worm program is characterized by the following fundamental attribute:

Local installation with expert system administration

Multi-stage provisioning based on simple tools

Auto-propagation without human intervention

Correct 
Correct! A worm program is characterized by the ability to propagate automatically without the assistance of
a human being.

Simpler design than a Trojan horse program

All the above

0/1
 point

2. 
Embedding a trap door into a login program results in which of the following:

A login program that requires encryption support

A compliant version of the code with respect to some process frameworks

A trap door program with the potential to lock out authorized users

https://www.coursera.org/learn/intro-cyber-attacks/exam/bLFCT/module-1-quiz 1/6
12/22/2018 Introduction to Cyber Attacks - Home | Coursera

This should not be selected 

An improved version of the login program with enhanced secret access

A Trojan horse

0/1
 point

3. 
Learning the incredibly easy, but devastatingly e ective techniques for hacking an old soda machine is instructive,
because it exempli es which of the following properties of cyber security?

No system can ever be secure

This should not be selected 

Security xes might be simple and e ective

Security physical systems are simpler than you would think

Simple attacks might prompt complex redesigns

1/1
 point

4. 
Which of the following statements is true?

Dirty compilers never produce clean code.

Dirty code is sometimes produced by clean compilers.

Correct 
Correct! Developers might write dirty source code which would result in dirty code from a clean compiler.

Clean code has no real di erence from dirty code.

Dirty code is always produced by dirty developers.

https://www.coursera.org/learn/intro-cyber-attacks/exam/bLFCT/module-1-quiz 2/6
12/22/2018 Introduction to Cyber Attacks - Home | Coursera

Dirty compilers are always written from clean code.

1/1
 point

5. 
Cyber adversary motivation does not include which of the following:

Curiosity

Money

Politics

Fame

None of the above

Correct 
Correct! All the listed examples are clearly found as motivations for cyber adversaries.

1/1
 point

6. 
Remote exploitation of an unaltered vehicle by hackers is enabled by which of the following design decisions:

Being careless about the so-called “on-board bus architecture”

Not enforcing separation between on-board entertainment and safety systems

Using older, unsafe programming languages

All of the above

Correct 
Correct! Each of the vehicle design decisions listed contribute to the vulnerabilities exploited by hackers.

1/1
 point

https://www.coursera.org/learn/intro-cyber-attacks/exam/bLFCT/module-1-quiz 3/6
12/22/2018 Introduction to Cyber Attacks - Home | Coursera

7. 
Module 1 Quiz
Which of the following is a reasonable conclusion that one might draw by studying Unix kernel attacks such as the old
IFS10
Quiz, exploit?
questions

Seeing open source code might help one design an attack.

Correct 
Correct! The ability to freely peruse the source code of an OS kernel can be valuable in the design of an
e ective attack.

Setting variables by users of an OS should be encouraged

The object code for an OS runtime system cannot be understood

Set-uid-to-root should be used more extensively in OS design

Open source code cannot help in the design of an attack

0/1
 point

8. 
The root cause of some discovered cyber security vulnerability might reasonably be which of the following:

The developers didn’t invest enough money during development

The designers had too much technical training

The government regulators were smarter than the developers expected

It was hidden and therefore acceptable to leave in place

This should not be selected 

All of the above

1/1
 point

9. 
Bu er over ow attacks might best be avoided by which of the following preventive approaches:

https://www.coursera.org/learn/intro-cyber-attacks/exam/bLFCT/module-1-quiz 4/6
12/22/2018 Introduction to Cyber Attacks - Home | Coursera

Picking better variable names

Correct 
Correct! Strong type enforcement reduces the likelihood that declared variables might be stu ed with values
that do not t the de ned type.

Improving in-line comments

Replacing call-by-value with call-by-name

None of the above

1/1
 point

10. 
The integrity threat can be exempli ed by which of the following scenarios:

Every customer record is stolen by hackers

Every customer record is exposed by nation states

Customer records were hidden, but one might have been slightly garbled

Correct 
Correct! If any data has its correctness or validity degraded in any way, then an integrity threat has been
realized.

The entire company database was posted to the Internet

None of the above

https://www.coursera.org/learn/intro-cyber-attacks/exam/bLFCT/module-1-quiz 5/6
12/22/2018 Introduction to Cyber Attacks - Home | Coursera

https://www.coursera.org/learn/intro-cyber-attacks/exam/bLFCT/module-1-quiz 6/6