25/2/2020 IoT Security 1.

1 Chapter 6 Quiz: ELECTRO-S5-G18-IoT_SeC-P55-JD

IoT Security 1.1 Chapter 6 Quiz

Due No due date Points 30 Questions 15 Time Limit None
Allowed Attempts Unlimited

Instructions
This quiz covers the content presented in IoT Security chapter 6. This quiz is designed for practice.
You will be allowed multiple attempts and the grade does not appear in the gradebook.

There are multiple task types that may be available in this quiz. In some task types, partial credit
scoring is allowed to foster learning. Please note that on tasks with multiple answers, points can be
deducted for selecting incorrect options.

At the completion of the quiz, some items may display feedback. The feedback will reference the
source of the content. Example: "Refer to curriculum topic: 1.2.3" - indicates that the source of the
material for this task is located in chapter 1, section 2, topic 3.

Form: 36406

Take the Quiz Again

Attempt History
Attempt Time Score
LATEST Attempt 1 22 minutes 30 out of 30

Score for this attempt: 30 out of 30

Submitted Feb 25 at 12:41pm
This attempt took 22 minutes.

Question 1 2 / 2 pts

Which type of password attack is inefficient because it attempts to use

every possible combination of letters, numbers, and symbols to access
a system?

rainbow tables

https://1302556.netacad.com/courses/977984/quizzes/8804239 1/11
25/2/2020 IoT Security 1.1 Chapter 6 Quiz: ELECTRO-S5-G18-IoT_SeC-P55-JD

Correct! brute force

dictionary attack

password sniffing and cracking

Refer to curriculum topic: 6.1.2

A brute force attack is inefficient because it is very time
consuming and attempts every possible combination of letters,
numbers, and symbols to challenge logins.

Question 2 2 / 2 pts

What is the name of the first block that is created in a blockchain?

nonce block

block 0

Correct! genesis block

root block

Refer to curriculum topic: 6.3.2

The first block in a blockchain is the genesis block and has an
index value of 0.

Question 3 2 / 2 pts

Which statement describes the Common Vulnerability Scoring System

(CVSS)?

https://1302556.netacad.com/courses/977984/quizzes/8804239 2/11
25/2/2020 IoT Security 1.1 Chapter 6 Quiz: ELECTRO-S5-G18-IoT_SeC-P55-JD

It is an evaluation system for vulnerability mitigation.

It is a vulnerability assessment system.

It is a comprehensive security solution for IoT systems.

Correct! It is a risk assessment system.

Refer to curriculum topic: 6.2.1

The Common Vulnerability Scoring System (CVSS) is a risk
assessment designed to convey the common attributes and
severity of vulnerabilities in computer hardware and software
systems.

Question 4 2 / 2 pts

When hiring a third party team to perform a black box vulnerability

assessment for an organization, how much information is commonly
provided to the team?

specific knowledge of current vulnerabilities

Correct! no knowledge of current network architecture

full knowledge of current network architecture

limited knowledge of current network architecture

https://1302556.netacad.com/courses/977984/quizzes/8804239 3/11
25/2/2020 IoT Security 1.1 Chapter 6 Quiz: ELECTRO-S5-G18-IoT_SeC-P55-JD

Refer to curriculum topic: 6.1.2

A black box vulnerability assessment is commonly characterized
by the following:
This assessment is the closest to an actual attack.
The assessors have no knowledge of the network
architecture prior to conducting their assessment.

Question 5 2 / 2 pts

Which problem associated with transactions is solved by blockchain

technology?

key sharing

encryption

Correct! trust

fee collection

Refer to curriculum topic: 6.3.1

Blockchain is a technology that solves the problem of trust in
transactions. This includes trusting the identity of the person
making the transaction, that all transactions are accurate, and
that there are no illegal transactions.

Question 6 2 / 2 pts

What describes proof of work as it is used in a blockchain technology?

https://1302556.netacad.com/courses/977984/quizzes/8804239 4/11
25/2/2020 IoT Security 1.1 Chapter 6 Quiz: ELECTRO-S5-G18-IoT_SeC-P55-JD

an algorithm calculated by computers that is used to create the link

between blocks

Correct! a process to validate transactions between blocks

a key used to authenticate the individual who created a message

a mathematical scheme for authenticating digital information

Refer to curriculum topic: 6.3.2

Proof of work is a process to validate transactions between
blocks.

Question 7 2 / 2 pts

What is the purpose of performing a vulnerability assessment?

Correct! Identify vulnerabilities that are likely to be exploited by threat actors.

Examine off-the-shelf tools to discover, investigate, and disseminate

threat information.

Research recent patches and updates that have become available.

Analyze risks so that they may be prioritized and addressed

accordingly.

https://1302556.netacad.com/courses/977984/quizzes/8804239 5/11
25/2/2020 IoT Security 1.1 Chapter 6 Quiz: ELECTRO-S5-G18-IoT_SeC-P55-JD

Refer to curriculum topic: 6.1.1

Performing a vulnerability assessment allows a security
researcher to identify vulnerabilities that are likely to be
exploited by threat actors. These vulnerability assessments may
be automated or manually performed.

Question 8 2 / 2 pts

Which password attack method uses a list that contains hashed values
and clear text equivalents in order to speed up the process of gaining
entry to a system?

password sniffing and cracking attack

brute force

dictionary attack

Correct! rainbow tables

Refer to curriculum topic: 6.1.2

Rainbow tables contain hashed values and clear text
equivalents which allow intercepted hashes to be looked up
without actually unencrypting the hashed password.

Question 9 2 / 2 pts

What is proof of work as it relates to blockchain?

It is the security certificate issued.

https://1302556.netacad.com/courses/977984/quizzes/8804239 6/11
25/2/2020 IoT Security 1.1 Chapter 6 Quiz: ELECTRO-S5-G18-IoT_SeC-P55-JD

It is a list of all the devices or people that have touched the transaction.

Correct!
It is an algorithm used for transaction validation.

It is a process that includes a risk factor value that can change as the
transaction moves through the process.

Refer to curriculum topic: 6.3.2

Proof of work (PoW) uses an algorithm (hash) or a block added
to the blockchain to validate transactions. Each block is a list of
transactions with a hash of the previous block (prior PoW) and a
hash of the current block.

Question 10 2 / 2 pts

Which statement describes the purpose of a data flow diagram (DFD)

of an IoT system?

A DFD uses zones to limit the exposure of different parts of the system
to vulnerabilities associated with each zone.

A DFD includes entry points into an IoT system, but not the people
using those entry points.

Correct!
A DFD depicts the pathways that data will take between different
functional components of the system.

A DFD uses regular flowchart symbols to depict data flow pathways.

https://1302556.netacad.com/courses/977984/quizzes/8804239 7/11
25/2/2020 IoT Security 1.1 Chapter 6 Quiz: ELECTRO-S5-G18-IoT_SeC-P55-JD

Refer to curriculum topic: 6.2.2

Data flow diagrams (DFDs) are useful for visualizing an IoT
system. DFDs depict the pathways that data will take between
different functional components of the system, including entry
points into the system and the devices and people using those
entry points. DFDs also label the kind of data flows and the
protocols in use.

Question 11 2 / 2 pts

Which three steps of the defense-centric threat modeling process are

concerned with understanding the IoT system? (Choose three.)

Correct!
Identify security objectives.

Correct!
Document the IoT system architecture.

Recommend mitigation.

Correct!
Decompose the IoT system.

Develop mitigation processes.

Identify and rate threats.

Refer to curriculum topic: 6.2.2

The three steps concerned with understanding the IoT system
are identify security objectives, document the IoT system
architecture, and decompose the IoT system.

Question 12 2 / 2 pts

https://1302556.netacad.com/courses/977984/quizzes/8804239 8/11
25/2/2020 IoT Security 1.1 Chapter 6 Quiz: ELECTRO-S5-G18-IoT_SeC-P55-JD

What is a disruptive technology?

Correct!
a technology that can displace competitors because it uses a very
different approach

a technology that cannot be used outside of the public sector

a technology that causes negative consequences in the stock market

a technology that negatively affects the global environment

Refer to curriculum topic: 6.3.1

A disruptive technology is a product or service that has a vastly
different approach and that can displace competitors or cause
new markets. Some consider IoT and blockchain disruptive
technologies.

Question 13 2 / 2 pts

Which blockchain feature is used to track the transaction process?

T-V pairing

algorithm for reaching consensus

Correct!
decentralized ledger

digital signature

https://1302556.netacad.com/courses/977984/quizzes/8804239 9/11
25/2/2020 IoT Security 1.1 Chapter 6 Quiz: ELECTRO-S5-G18-IoT_SeC-P55-JD

Refer to curriculum topic: 6.3.2

A blockchain uses four main technologies and features:
Digital signatures for authentication
A decentralized ledger to track the transaction process
An algorithm for reaching consensus so it is easy for others
to verify a transaction
A hash of the previous block thus forming a blockchain

Question 14 2 / 2 pts

Which type of security tool is used to discover hosts on the network,

locate open ports, and identify the operating system running on a host?

password vulnerability tools

web application vulnerability tools

risk assessment tools

Correct!
port mapping tools

Refer to curriculum topic: 6.1.2

Port mapping tools are invaluable for discovering open ports on
end systems and network devices. They are able to discover
hosts on the network and report not only on the open ports, but
also identify the operating systems that are running on hosts.

Question 15 2 / 2 pts

Match the CVSS metric group with the correct description.

https://1302556.netacad.com/courses/977984/quizzes/8804239 10/11
25/2/2020 IoT Security 1.1 Chapter 6 Quiz: ELECTRO-S5-G18-IoT_SeC-P55-JD

Correct! Base metric group represents the characte

Correct! Temporal metric group

measures the character

Correct! Environmental metric

measures the aspects o
group

Refer to curriculum topic: 6.2.1

Quiz Score: 30 out of 30

https://1302556.netacad.com/courses/977984/quizzes/8804239 11/11