Network Security & Database Vulnerabilities All Quiz Answer | Introduction to Databases | Week 3

Types of Data ( Practice Quiz )

Q1) True or False: If all of your organization's data is centralized in a small number of data centers, than focusing security on perimiter defense is adequate to assure your data is safe.

• False

Q2) Which two (2) of the following data source types are considered structured data ?

• Distributed databases
• Data warehouses

Q3) Data that has not been organized into a specialized repository, but does have associated information, such as metadata that makes it more amenable to processing than raw data, is an example of which data model type ?

• Semi-structured data

Q4) How are the tables in a relational database linked together ?

• Through the use of primary and foreign keys.

______________________________________________________________________________________________________________________

Securing Databases ( Practice Quiz )

Q1) In the video Securing the Crown Jewels, the "Identification and Baseline" phase contains which three (3) of the following items ?

• Vulnerability Assessment
• Discovery & Classification
• Entitlements Reporting

Q2) In the video Leveraging Security Industry Best Practices, which US Government agency is a co-publisher of the Database Security Requirements Guide (SRG) ?

• Department of Defense (DoD)

Q3) For added security, a firewall is often placed between which of these ?

• The database and the hardened data repository.

Q4) True or False: In a vulnerability assessment test, a new commercial database installed on a new instance of a major operating system should pass 80-90% of the vulnerability tests out-of-the-box unless there is a major flaw or breach.

• False

Q5) Which of these hosting environments requires the enterprise to manage the largest number of different data sources ?

• On Premises

Q6) While data security is an ongoing process, what is the correct order to consider these steps ?

• Discover, Harden, Monitor & Protect, Repeat

______________________________________________________________________________________________________________________

A Data Protection Solution Example, IBM Security Guardium Use Cases ( Practice Quiz )

Q1) In setting up policy rules for data monitoring, what is the purpose of "exclude" rules ?

• To exclude certain applications or safe activities from being logged.

Q2) True or False: Data monitoring products such as IBM Guardium can send access alerts to syslog for manual intervention by a security analyst but must be connected to addition applications if automated interventions are desired.

• False

Q3) To created auditable reports of data access using the IBM Guardium product, the administrator would do which of the following ?

• Use the Audit Process Builder feature to automate the reporting process.

Q4) True or False: The IBM Guardium monitoring applications is capable of monitoring activities in non-relational databases such as Hadoop, Cognos, and Spark.

• True

Q5) At a minimum, which 3 entities should be captured in any event log ?

• Who or what committed the activity.
• When the activity took place.
• What activity took place.

Q6) True of False: In the IBM Guardium data monitoring tool, the number of failed login attempts that would trigger an alert are always counted since the last successful login.

• False

Q7) Which activity should be considered suspicious and might indicate inappropriate activity is being attempted ?

• Attempts are made to access data using nonstandard tools, such as MS Excel or MS Access, rather than through the application the data belongs to.

Q8) Which two (2) activities should be considered suspicious and warrant further investigation ?

• Use of an Application ID from an IP that is different from what has been specified by the application owner.
• Use of an Application ID from a hostname that is different from what has been specified by the application owner.

______________________________________________________________________________________________________________________

Introduction to Databases ( Main Quiz )

Q1) Distributed databases, data warehouses, big data, and File shares are all classified as what ?

• Data source types

Q2) Hadoop, MongoDB, and BigTable are all examples of which data source type ?

• Big data databases

Q3) Data that has been organized into a formatted repository, typically a database, so its elements can be made addressable, is an example of which data model type ?

• Structured data

Q4) Which of the following is the primary difference between a flat file database and a relational database ?

• All the data in a flat file database is stored in a single table.

Q5) In the video Securing the Crown Jewels, the "Real-Time Monitor & Protection" phase contains which three (3) of the following items ?

• Activity Monitoring
• Blocking & Quarantine
• Dynamic Data Masking

Q6) In the video Leveraging Security Industry Best Practices, where would you turn to look for help on establishing security benchmarks for your database ?

• Center for Internet Security (CIS).

Q7) Most of the time, how do users access data ?

• Through an application.

Q8) True or False: In a vulnerability assessment test, it is not uncommon to fail more than 50% of the tests before the operating system and database are hardened.

• True

Q9) Which of these hosting environments requires the service provider to manage the largest number of different data sources ?

• SaaS

Q10) While data security is an ongoing process, what is the correct order to consider these steps ?

• Identification & Baseline, Raise the Bar, Real-time Monitor & Protection

Q11) To automatically terminate a session if an attempt is made to access data in a sensitive table, such as Social Security (SSN) ID numbers, you would set up which type of rule ?

• An Access rule.

Q12) True or False: Data monitoring products such as IBM Guarduim are fully capable of blocking access to sensitive data based upon access parameters configured in policy rules. 

• True

Q13) In which two (2) ways can security events collected by a data monitoring tool be logged to a security incident and event management (SIEM) system ?

• Configure bidirectional communication between the monitoring and SIEM systems, if available.
• Configure the monitoring system to write to the SIEM systems syslog file.

Q14) True or False: Data monitoring tools such as IBM Guardium are designed to monitor activities within a database, but external products, such as a privileged identity management (PIM) tool would be required to monitor changes to the data monitoring tool itself, such as the addition of new users or the alteration of existing user accounts.

• False

Q15) True or False: In the IBM Guardium data monitoring tool, it is possible to create a report that shows not only how many SQL unauthorized access attempts were made by an individual, but also exactly which SQL statements were disallowed.

• True

Q16) Which activity should be considered suspicious and might indicate inappropriate activity is being attempted ?

• Attempts are made to SELECT lists of usernames and passwords by a non-administrator account.

Q17) Which two (2) activities should be considered suspicious and warrant further investigation ?

• The data monitoring logging system was manually shut down.
• There were attempts to purge event logs.

______________________________________________________________________________________________________________________

Network Security & Database Vulnerabilities

• Network Security & Database Vulnerabilities all Quiz answer | TCP/IP Framework | Week 1

• Network Security & Database Vulnerabilities All Quiz Answer | Basics of IP Addressing and the OSI Model | Week 2

• Network Security & Database Vulnerabilities All Quiz Answer | Introduction to Databases | Week 3

• Network Security & Database Vulnerabilities All Quiz Answer | Deep Dive - Injection Vulnerability | Week 4