SEC450.30808.B2 Firewalls and Network Security Weekly Quizzes 1-7, Answered correctly.

SEC450.30808.B2 Firewalls and Network Security Weekly Quizzes Week One 1. Are there any reasons not to take an extreme view of security if that view errs on the side of caution? a. No, there is no reason not to take such an extreme view b. Yes, that can lead to wasting on threats that are not likely c. Yes, if you're going to err, assume there are few if any realistic threats d. Yes, that can require that you increase your security skills in order to implement more rigorous defenses 2. Which of the following is the most accurate definition of a virus? a. Any program that spreads via e-mail b. Any program that carries a malicious payload c. Any program that attaches malicious code to a legitimate file or program, causing harm and spreading when the infected file is executed d. Any program that self-replicates 3. Blocking attacks seek to accomplish what? a. Install a virus on the target machine b. Shut down security measures c. Prevent legitimate users from accessing a system d. Break into a target system 4. Which of the following is the best definition for war-driving? a. Driving while hacking and seeking a computer job b. Driving while using a wireless connection to hack c. Driving looking for wireless networks to hack d. Driving and seeking rival hackers 5. Which of the following is the best definition of malware? a. Software that has some malicious purpose b. Software that self-replicates c. Software that damages your system d. Any software that is not properly configured for your system 6. Which of the following gives the best definition of spyware? a. Any software that logs keystrokes b. Any software used to gather intelligence c. Any software or hardware that monitors your system d. Any software that monitors which websites you visit 7. Which of the following is not one of the three major classes of threats? a. Denial of service attacksb. A computer virus or worm c. Actually intruding on a system d. Online auction fraud 8. When assessing threats to a system, what three factors should you consider? a. The system’s attractiveness, the information contained on the system, and how much traffic the system gets b. The skill level of the security team, the systems of attractiveness, and how much traffic the system gets c. How much traffic the system gets, the security budget, and the skill level of the security team d. The system's attractiveness, the information contained on the system, and the security budget 9. Which of the following best defines the primary difference between an ethical hacker and an auditor? a. There is no difference b. The ethical hacker tends to be less skilled c. The auditor tends to be less skilled d. The ethical hacker tends to use more unconventional methods 10. Which of the following is the best definition for non-repudiation? a. Security that does not allow the potential intruder to deny his attack b. Processes that verify which user performs what action c. It is another term for user authentication d. Access control 11. An intrusion-detection system is an example of: a. Proactive security b. Perimeter security c. Hybrid security d. Good security practices 12. Which of the following is the most basic security activity? a. Installing a firewall b. Authenticating users c. Controlling access to resources d. Using a virus scanner 13. What is the term for hacking a phone system? a. Telco-hacking b. Hacking c. Cracking d. Phreaking14. Which of the following is the best definition for the term ethical hacker? a. An amateur who hacks a system without being caught b. A person who hacks a system by faking A legitimate password c. A person who hacks a system to test its vulnerabilities d. An amateur hacker 15. The most desirable approach to security is one which is: a. Perimeter and dynamic b. Layered and dynamic c. Perimeter and static d. Layered and static 16. What are the three approaches to security? a. Perimeter, layered, and hybrid b. High security, medium security, and low security c. Internal, external, and hybrid d. Perimeter, complete, and none 17. Which of the following is the best definition of “sensitive information”? a. Military- or defense-related information b. Any information that is worth more than $1000 c. Any information that, if accessed by unauthorized personnel, could damage your organization in any way d. Any information that has monetary value and is protected by any privacy laws 18. Which of the following types of privacy laws affect computer security? a. Any state privacy law b. Any privacy law applicable to your organization c. Any privacy law d. Any federal privacy law 19. Which of the following would most likely be classified as misuse(s) of systems? a. Looking up information on a competitor using the web b. Getting an occasional personal e-mail c. Using your business computer to conduct your own (non-company) business d. Shopping on the web during lunch 20. The first computer incident response team is affiliated with what university? a. Princeton University b. Carnegie-Mellon University c. Harvard University d. Yale university 21. What kind of risk assessment is most likely to follow a serious security incident? a. Ad hocb. One-time c. Remediating d. Recurring 22. What best describes how risk tolerance differs from risk appetite? a. Risk appetite usually refers to financial risks b. Risk tolerance is typically used for controls impacting human safety c. Risk tolerance more often describes defined risk thresholds d. The primary difference is which risk management framework you use 23. A third-party team will formally examine your organization's overall security practices to ensure they meet regulatory compliance goals. Your organization may be fined if it fails. What would this verification process best be called? a. Assessment b. Audit c. Certification d. Evaluation 24. Which of the following tools are used primarily to gather OSINT? a. DNSenum b. Hashcat c. Netcat d. SN1per e. TheHarvester 25. You're conducting an organization-wide vulnerability assessment. Which kind of review are OSINT gathering and network scanning most useful for? a. Attack surface b. Baseline c. Control d. Design 26. Which of the following is a packet crafting utility useful to attackers and penetration testers? a. curl b. hping c. pathping d. scanless 27. What kind of penetration test involves A tester with full knowledge of your network configuration? a. Black box b. Black Hat c. White boxd. White hat 28. While conducting a penetration test, you’ve just managed to get access to a critical server. The main problem is that you got it through a session hijacking attack that took both luck and precise timing and might be cut off at anytime. Given limited time, what should your next step be? a. Escalate privileges b. Establish persistence c. Perform reconnaissance d. Pivot 29. Your supervisor wants to find missing or misconfigured security controls on a production network. Unfortunately, it has numerous critical services that are sensitive to excessive or non-standard traffic. Which of the following tests will be least intrusive while achieving your goal? a. Compliance scan b. Configuration review c. Credentialed scan d. Non-credentialed scan 30. You’re using a SCAP-compliant Scanner to verify that Linux system configurations meet the baseline defined by your security policy. What SCAP component would be most useful for designing configuration checklists? a. CVE b. CWE c. CVSS d. XCCDF 31. You've discovered a critical vulnerability in a web application vulnerability scan. Your supervisor informs you that the fix will take time to implement, but since it's an internal system, management has ordered increased monitoring and approved you to disregard the vulnerability. How should you mark the vulnerability on the scan report? a. Compensating control b. Exception c. Exemption d. False positive Week Two Quiz 1. Sarah, an IT security analyst, is investigating a potential malware infection in our organization's network. She discovers a malicious program that is running independently on a system and is not replicating itself. Which of the following categories of malware is she likely dealing with based on the provided information?a. Virus b. Bot c. Worm d. Trojan 2. Sophia, the Chief Information Security Officer (CISO) of a multinational corporation, has been monitoring the company's network for signs of cyberattacks. She noticed that the attacks were well-resourced and persistent and seemed to target specific business interests. Which of the following types of cyber dangers is Sophia likely dealing with based on the scenario? a. Ransomware b. Advanced Persistent Threat c. Malware d. Distributed Denial of Service 3. In the context of computer viruses and malware, which of the following terms is used to describe the event or condition that determines when the payload is activated or delivered? a. Infection vector b. Payload c. Trigger d. Replication mechanism 4. Sarah is working on her computer and receives an e-mail from an unknown sender with an attached file. Curious about the content, she opens the attachment. Later, she shares a USB stick with her colleague, John, who uses it to transfer files between their computers. A few days later, John started experiencing issues with his computer, and some of his files became corrupted. Which of the following could be the reason for these issues? a. John's computer is infected with a warmth that exploits network vulnerabilities. b. Sarah's computer is infected with a virus that spreads through e-mail attachments. c. Sarah's USB stick contains malware that infected John's computer when he used it. d. John's computer suffered a hardware failure unrelated to any malware. 5. The computer user notices that their system is behaving strangely. Files are unexpectedly becoming corrupted, and the computer’s performance is degrading. They suspect a virus infection and decide to run a malware scan. During the scan, it was identified that several files with scripting code were infected. Which of the following categories of virus is most likely responsible for this infection? a. Boot sector infectorb. File infector c. Macro virus d. Multipartite virus 6. A network administrator is investigating a sudden increase in network traffic and a spike in CPU usage on multiple servers. Upon investigation, they discovered that malware has affected several machines on the network. The malware is actively spreading and using software vulnerabilities to gain access to new systems. The administrator needs to take immediate action to stop the malware's propagation. Which of the following types of malware is most likely responsible for the scenario? a. Trojan horse b. Adware c. Rootkit d. Worm 7. Which of the following infamous computer worms, targeting Unix systems, aimed to discover other vulnerable hosts for propagation upon execution? a. Conficker b. ILOVEYOU c. Slammer d. Morris 8. A cybersecurity expert is analyzing a new worm that has recently been detected in the wild. This form is causing widespread concern due to its unique characteristics. It is not limited to attacking Windows machines but can also target popular Unix variants and exploit various document types. The worm is spreading rapidly, infecting systems through multiple exploits, and its code changes dynamically to evade detection. Furthermore, it exhibits different behaviors at different stages of propagation. Which of the following states of worm technologies is described in scenario? a. Multiexploit b. Ultrafast spreading c. Polymorphic d. Metamorphic 9. Sarah is a cyber security analyst working for a large e-commerce company. She received a report from one of her users who suspected they may have fallen victim to malicious online activity. The user describes an incident where they clicked on a seemingly harmless button on a website. Still, it resulted in the unintended action of adjusting computer settings. Which of the following attack types is likely to have occurred in this scenario? a. Phishing b. Ransomwarec. Clickjacking d. Brute force 10. Damon noticed that his e-mail inbox was inundated with a large volume of unwanted and irrelevant messages, many of which promoted products and services he had no interest in. This flood of messages is causing inconvenience and making it a challenging to find his important emails. Which of the following types of unwanted e-mail is described in the scenario? a. Phishing b. Malware-Infected c. Spam d. Spoofed 11. Alena receives an e-mail from an unknown sender with an attachment claiming to be a helpful software tool for optimizing her computer's performance. Upon opening the attachment and running the program, she noticed that it started to delete important files and disrupt the system's operation. Which of the following types of attacks is represented in the scenario? a. Phishing b. Ransomware c. Trojan horse d. Brute force 12. Which of the following notorious computer worms is known for targeting industrial control systems with specific Siemens software and configurations, resulting in equipment failure due to code replacement? a. Conficker b. Slammer c. Stuxnet d. Morris 13. In a cybersecurity investigation, Anna discovered that an attacker had gained unauthorized access to a victim's computer and was capturing keystrokes to retrieve sensitive information. Which of the following terms is commonly used to describe this activity? a. DDoS Attack b. Spamming c. Sniffing traffic d. Keylogging 14. A user receives an e-mail that directs them to a fraudulent website designed to collect their private information. The attacker intends to assume the user's identity formalicious purposes. Which of the following types of attack has been discussed in the scenario? a. Trojan horse b. Ransomware c. Phishing d. Brute force 15. An attacker has implanted a piece of code that provides a secret entry point into a system, allowing unauthorized access without going through standard security procedures. This code recognizes a special input sequence or certain user ID conditions. Which of the following security vulnerabilities is discussed in the scenario? a. Malware b. Phishing c. Rootkit d. Backdoor 16. Which of the following characteristics can be used to classify rootkits? a. Persistent b. Memory-based c. Payload-based d. Firmware e. External mode 17. Which of the following requirements for effective malware countermeasures emphasizes the need for a response that limits the number of affected programs or systems quickly? a. Generality b. Timeliness c. Resiliency d. Transparency 18. Which of the following generation of antivirus programs identifies malware by its actions rather than its structure in an infected program? a. First b. Second c. Third d. Fourth 19. A company's network experiences a severe disruption in service as its resources are overwhelmed, making it unable to provide services to its users. The attack primarily targets the data transmission capacity within the local network. Which of the following types of attack is described in the scenario? a. Man-in-the-middle b. Phishingc. Ransomware d. Distributed denial-of-service 20. Which of the following characterizes a reflector Distributed Denial of Service (DDoS) attack? a. Slave zombies construct packets with random IP addresses. b. Slave zombies construct packets requiring a response with the attacker's IP address as the source IP address in the packet’s IP header. c. Slave zombies construct packets requiring a response with the target's IP address as the source IP address in the packet’s IP header. d. Slave zombies construct packets without source IP addresses. Week 3 Quiz 1. Which of the following work at the session layer of the OSI model and monitor the TCP handshake between packets to determine whether or not the requested session is legitimate/authorized? a. Application firewall b. Connection tracking firewall c. Stateful packet inspection d. Hybrid firewalls 2. Why is an SPI firewall more resistant to flooding attacks? a. It automatically blocks large traffic from a single IP b. It requires user authentication c. It examines each packet in the context of previous packets d. It examines the destination IP of all packets 3. Why is an SPI firewall less susceptible to spoofing attacks? a. It examines the source IP of all packets b. It automatically blocks spoofed packets c. It requires user authentication d. It requires client application authentication 4. Why might a circuit-level gateway be inappropriate for some situations? a. It has no user authentication b. It blocks web traffic c. It requires client-side configuration d. It is simply too expensive5. Why might a proxy gateway be susceptible to a flood attack? a. It does not properly filter packets b. It does not require user authentication c. It allows multiple simultaneous connections d. Its authentication method takes more time and resources 6. What type of firewall requires individual client applications to be authorized to connect? a. Screened gateway b. Staple packet inspection c. Dual-homed d. Application gateway 7. What four rules must be set for packet filtering firewalls? a. Protocol type, source port, destination port, source IP b. Protocol version, destination IP, source port, username c. Username, password, protocol type, destination IP d. Source IP, destination IP, username, password 8. Which type of firewall is considered the most secure? a. Dual-homed b. Stateful packet inspection c. Circuit level gateway d. Packet screening 9. Which type of firewall creates a private virtual connection with the client? a. Bastion b. Dual-homed c. Application gateway d. Circuit level gateway 10. Which of the following are four basic types of firewalls? a. Screening, bastion, dual-homed, circuit level b. Application gateway, bastion, dual-homed, screening c. Packet filtering, application gateway, circuit level, stateful packet inspection d. Stateful packet inspection, gateway, bastion, screening 11. Which of the following solutions is actually a combination of firewalls?a. Screened firewalls b. Router-based firewalls c. Dual-homed firewalls d. Bastion host firewalls 12. Which of the following can be shipped preconfigured? a. Stateful packet inspection firewalls b. Network host-based firewalls c. Router-based firewalls d. Dual-homed firewalls 13. Which of the following is an advantage of the network host-based configuration? a. It is resistant to IP spoofing b. It is inexpensive or free c. It is more secure d. It has user authentication 14. What is the greatest danger in a network host-based configuration? a. SYN flood attacks b. Ping flood attacks c. IP spoofing d. Operating system security flaws 15. It should be routine for someone in the IT security staff to: a. Test the firewall by attempting a ping flood b. Review firewall logs c. Reboot the firewall d. Physically inspect the firewall 16. What is the most important security advantage to NAT? a. It blocks incoming ICMP packets b. It hides internal network addresses c. By default it blocks all ICMP packets d. By default it only allows outbound connections 17. A device that hides internal IP addresses is called: a. Screened host b. Bastion firewallc. Proxy server d. Dual-homed host 18. Should a home user block incoming ICMP traffic, and why or why not? a. It should be blocked because such traffic is often used to transmit a virus b. It should be blocked because such traffic is often used to do port scans and flood attacks c. It should not be blocked because it is necessary for network operations d. It should not be blocked because it is necessary for using the web 19. What tool does McAfee Personal Firewall offer? a. Firewall history b. NAT c. Strong encryption d. Vulnerability scanning 20. Should a home user with a firewall block incoming port 80, and why or why not? a. She should not because it would prevent her from using web pages b. She should because port 80 is a common attack point for hackers c. She should not because that will prevent her from getting updates and patches d. She should unless she is running a web server on her machine 21. What is Windows Defender? a. Windows built-in antivirus b. Windows built-in firewall c. Windows built-in complete security suite d. A third-party firewall for Windows 22. What is one complexity found in enterprise environments that is unlikely in small networks or SOHO environments? a. Multiple operating systems b. Diverse user groups c. Users running different applications d. Web vulnerabilities23. Which of the following is an important feature of D-Link 2560? a. Built-in IDS b. WEP encryption c. Vulnerability scanning d. Liberal licensing policy 24. NAT is a replacement for what technology? a. Firewall b. Proxy server c. Antivirus software d. IDS 25. Which type of encryption is included with the T Series? a. AES and 3DES b. WEP and DES c. PGP and AES d. WEP and PGP 26. What type of firewall is SonicWall TZ series? a. Packet screening b. Application gateway c. Circuit-level gateway d. Stateful packet inspection 27. Which of the following is found in Norton’s personal firewall but not in Windows Defender? a. NAT b. IDS/IPS c. Brower security d. Account protection 28. Which of the following is not a common feature of most single PC firewalls? a. Software-based b. Packet filtering c. Ease of use d. Built-in NAT 29. Which of the following is a benefit of Cisco firewalls? a. Extensive training available on the productb. Very low cost c. Built-in IDs on all products d. Built-in virus scanning on all products 30. What implementation is Check Point 5000 series firewall? a. Router-based b. Network-based c. Switch-based d. Host-based 31. What type of firewall is Check Point 5000 series firewall? a. Application gateway b. Packet filtering/application gateway hybrid c. SPI/application gateway hybrid d. Circuit-level gateway 32. Medium-sized networks have what problem? a. Lack of skilled technical personnel b. Diverse user group c. Need to connect multiple LANs into a single WAN d. Low budgets 33. What is an advantage of an enterprise environment? a. Multiple operating systems to deal with b. Skilled technical personnel available c. Lower security needs d. IDS systems not needed 34. Which of the following is a common problem when seeking information on firewalls? a. It is difficult to find information on the web b. Unbiased information might be hard to find c. Documentation is often incomplete d. Information often emphasizes price rather than features 35. Which of the following is not an advantage of the Norton Firewall? a. Ability to scan the system for vulnerabilities b. Easy to use and set up c. IDS-like featuresd. Low cost Week Four Quiz 1. IDS is an acronym for: a. Intrusion-detection system b. Intrusion-deterrence system c. Intrusion-deterrence service d. Intrusion-detection service 2. Which type of IDS is the Cisco Sensor? a. Anomaly detection b. Intrusion deflection c. Intrusion deterrence d. Anomaly deterrence 3. A profiling technique that monitors how applications use resources is called what? a. System monitoring b. Resource profiling c. Application monitoring d. Executable profiling 4. Setting up parameters for acceptable use, such as the number of login attempts, and watching to see if those levels are exceeded is referred to as what? a. Threshold monitoring b. Resource profiling c. System monitoring d. Executable profiling 5. Which of the following is not a profiling strategy used in anomaly detection? a. Threshold monitoring b. Resource profiling c. Executable profiling d. System monitoring 6. What is another term for preemptive blocking? a. Intrusion deflection b. Banishment vigilance c. User deflection d. Intruder blocking 7. Which of the following is a problem with the threshold monitoring approach? a. It is difficult to configure b. It misses many attacks c. It yields many false positivesd. It is resource intensive 8. Juan is responsible for network security at a mid-size company. He has several different servers and many workstations to secure. What device would be best for managing logs from all devices? a. IDS b. IPS c. Honeypot d. SIEM 9. Which of the following is NOT one of Snort’s modes? a. Sniffer b. Packet logger c. Network intrusion detection d. Packet filtering 10. Snort is which type of IDS? a. Router-based b. OS-based c. Host-based d. Client-based 11. Why might you run Specter in strange mode? a. It may confuse hackers and deter them from your systems. b. It will be difficult to determine whether the system is a honeypot. c. It might fascinate hackers and keep them online long enough to catch them. d. It will deter novice hackers. 12. Attempting to make your system appear less appealing is referred to as what? a. Intrusion deterrence b. Intrusion deflection c. System camouflage d. System deterrence 13. A system that is set up for attracting and monitoring intruders is called what? a. Fly paper b. Trap door c. Honeypot d. Hacker cage 14. Attempting to attract intruders to a system set up to monitor them is called what? a. Intrusion deterrence b. Intrusion deflection c. Intrusion banishment d. Intrusion routingWeek 5 Quiz 1. You’re receiving many unauthorized network scans using methods carefully designed to get by existing firewall rules. What device or feature would be the best way to recognize and block those scans? a. Application layer firewall b. IDS c. IPS d. Stateful firewall 2. What kind of proxy would you use to mediate communications between Internet-based clients and LAN-based servers? a. Anonymous b. Forward c. Reverse d. Transparent 3. You're comparing email servers to see which is the easiest to secure. Which of the following security features allows the strongest anti-phishing measures? a. DKIM b. DMARC c. S/MIME d. SPF 4. You're considering a web filtering solution that relies on reputation analysis. Which of the following is most likely to be an issue? a. Ability to protect devices that don't support an endpoint agent b. False positives following changes to system files c. Its effectiveness is limited by your threat intelligence program d. Needing to manually allow new sites as they become important for users to access 5. Which Wi-Fi feature should you disable to improve security? a. 802.1X b. MAC filtering c. VLAN d. WPS 6. Your WAP is currently secured with WPA2 Personal encryption using a shared key. Which of the following is true? a. Enabling WPS could increase security, but enabling 802.1X would reduce it b. Enabling 802.1X could increase security, but enabling WPS would reduce itc. Enabling either WPS or 802.1X could increase security d. Enabling either WPS or 802.1X would reduce security 7. On an IPSec VPN, what protocol negotiates security associations? a. AH b. ESP c. IKE d. L2TP 8. What secure protocols add SSL/TLS security to protocols that were insecure on their own? Each correct answer represents a complete solution. Choose all that apply. a. FTPS b. HTTPS c. FTP d. SNMPv3 e. LDAP 9. What security appliance is similar to an on-path attack but designed to enhance network security rather than disrupt it? a. Split tunnel b. SSL accelerator c. SSL decryptor d. VPN concentrator 10. What is microsegmentation primarily intended to control? a. Cloud interconnections b. East-west traffic c. North-west traffic d. VLAN traffic 11. In a Zero Trust Architecture (ZTA), what is the name of the decides whether to grant or deny access? a. PE b. SWG c. PEP d. PGP 12. What security feature is especially important for preventing rogue devices on the network? a. DMZ b. Loop protection c. Port security d. VPN13. A critical network service is hosted on a legacy server running an obsolete operating system, and you can't replace it until the next fiscal year. You just learned it is incredibly vulnerable to a new worm that's appeared on other computers on your network, but you can't update the server or install software that will protect it. What can you place between the server and the rest of the network to protect it? a. Air gap b. USB c. HIDS d. NIPS Week Six Quiz 1. What is the primary function of a firewall in network security? a. To continuously monitor traffic for suspicious behavior and respond to potential threats in real time. b. To regulate network access by enforcing security rules that determine whether data packets should be allowed or denied. c. To analyze deep packet contents for malware and abnormal traffic patterns. d. To act as the last line of defense against threats that have bypassed initial security measures. 2. Which of the following statements accurately describes the benefits of integrating a firewall with an Intrusion Prevention System (IPS)? Each correct answer represents a complete solution. Choose all that apply. a. Integrating a firewall with an IPS adds an extra layer of protection by inspecting traffic that has already been filtered. b. This integration eliminates the need for other security measures in the network. c. An IPS provides insights into the types of threats facing the network, aiding in an informed decision-making about security policies. d. The multi layered defense approach significantly reduces the risk of attacks breaching security perimeters. 3. Which of the following statements best describes the primary function of a SIEM system in a network security environment? a. They primarily focus on storing data without analyzing it for security threats. b. They aggregate logs from various sources to provide real time analysis and detect potential security incidents. c. They are only effective in small network environments and are not suitable for larger infrastructures.d. They rely solely on predefined rules and do not adapt to new threats or anomalies. 4. Which of the following enterprise monitoring and management tools offer features for comprehensive IT infrastructure oversight? Each correct answer represents a complete solution. Choose all that apply. a. CA Unicenter b. Microsoft Word c. Opsview d. IBM Tivoli Monitoring 5. Which statement accurately reflects the importance of Syslog servers in network security management? a. They are designed only to store logs without any analytical capabilities. b. They consolidate logs through the network devices, helping to filter and prioritize critical information for threat detection. c. They can replace all security measures, making additional security tools unnecessary. d. They are only useful for small networks and have limited applications and larger infrastructures. 6. What group permissions would a Linux file have if its permissions were displayed as -r- -rw-r--? a. Read and write b. Read-only c. Read, write, and execute d. Write-only 7. Which of the following identifies a principal, like a user or group? a. SID b. ACE c. DACL d. MAC 8. What access control model is used by network hardware such as routers? a. Discretionary b. Mandatory c. Role-based d. Rule-based 9. Which of the following is least likely to be part of a PAM solution? a. Credential vaults protected by MFA b. Ephemeral credentials used for a single actionc. Increased auditing for administrative actions d. Restricting all administrative actions to a single superuser account 10. In Active Directory, where is the best place to assign permissions? a. A domain local group b. A global group c. An individual user d. A universal group Week Seven Quiz 1. Which type of attack involves supplying malicious or incorrectly labeled data during the training phase to manipulate the model’s prediction? a. Poisoning b. Evasion c. Model Stealing d. Adversarial AI 2. A financial services company is experiencing an increase in unauthorized access attempts to its internal systems. The IT team decides to implement multi-factor authentication (MFA) to strengthen security. They want to ensure that access to sensitive data is protected by more than just a password. Which setup would best demonstrate the company’s implementation of MFA to enhance security? a. Users are required to enter a password and then a pre-set security question. b. Users are required to enter a password and receive a one-time security code on their mobile phone. c. Users are granted only the permission relevant to their roles, simplifying access management, especially in large organizations. d. Users are required to enter password and provide their date of birth for additional verification.