sound the alarm detection and response coursera weekly challenge 2 answers

Test your knowledge: The incident response lifecycle

1. How do indicators of compromise (IoCs) help security analysts detect network traffic abnormalities?

  • They define the attacker’s intentions.
  • They provide a way to identify an attack.
  • They capture network activity.
  • They confirm that a security incident happened.

2. Fill in the blank: Data _____ is the term for unauthorized transmission of data from a system.

  • pivoting
  • exfiltration
  • infiltration
  • network traffic

3. An attacker has infiltrated a network. Next, they spend time exploring it in order to expand and maintain their access. They look for valuable assets such as proprietary code and financial records. What does this scenario describe?

  • Large internal file transfer
  • Phishing
  • Lateral movement
  • Network data

4. What can security professionals use network traffic analysis for? Select three answers.

  • To understand network traffic patterns
  • To identify malicious activity
  • To secure critical assets
  • To monitor network activity

Test your knowledge: Capture and view network traffic

5. Which component of a packet contains the actual data that is intended to be sent to its destination?

  • Protocol
  • Header
  • Payload
  • Footer

6. Fill in the blank: A _____ is a file that contains data packets that have been intercepted from an interface or a network.

  • packet capture
  • network protocol analyzer
  • network statistic
  • protocol

7. Which field of an IP header is used to identify whether IPv4 or IPv6 is used?

  • Type of Service
  • Options
  • Flags
  • Version

8. Which network protocol analyzer is accessed through a graphical user interface?

  • TShark
  • Wireshark
  • tcpdump
  • Libpcap

Shuffle Q/A 1

Test your knowledge: Packet inspection

9. Which tcpdump option is used to specify the network interface?

  • -n
  • -i
  • -v
  • -c

10. What is needed to access the tcpdump network protocol analyzer?

  • Command-line interface
  • Packet capture
  • Output
  • Graphical user interface

Leave a Reply