Practical Cyber Security for Cyber Security Practitioners Nptel Week 3 Answers
Are you looking for Nptel Week 3 Answers Practical Cyber Security for Cyber Security Practitioners ? All weeks solutions of this Swayam course are available here.
Table of Contents
Nptel Week 3 Answers Practical Cyber Security for Cyber Security Practitioners (July-Dec 2025)
Course link: Click here to visit course on Nptel Website
Question 1. What is the primary purpose of an attack bridge simulation?
a) To simulate the creation of network topologies
b) To simulate the analysis of financial risks
c) To simulate new encryption methods
d) To simulate real-world cyber attacks for training and testing purposes
e) To simulate the design of physical security systems
Question 2. Which of the following is not a usage of the MITRE ATT&CK framework?
a) Threat Hunting
b) Authentication
c) Comparing two threat groups
d) Adversary Emulation
e) Attack Detection
Question 3. What does “Resource Development” refer to in the context of MITRE ATT&CK?
a) The phase where an attacker establishes persistence on a target system
b) The process of gathering public information about a target organization
c) The tactic where adversaries develop, purchase, or acquire resources needed for future operations
d) The stage of exploiting known vulnerabilities in target systems
e) The phase involving cleanup and anti-forensic actions after an attack
Question 4. Which of the following is associated with “Easy” difficulty in the Pyramid of Pain?
a) TTPs (Tactics, Techniques, and Procedures)
b) IP Addresses
c) Domain Names
d) Hash Values
e) Network/Host Artifacts
Question 5. How can we check if Command and Control (C&C) connections are happening?
a) Application log analysis
b) Host Intrusion Detection
c) Web server log monitoring
d) Network Intrusion Detection
e) Firewall configuration review
Question 6. The STIX format is used to communicate:
a) Software Licensing Information
b) Malware
c) Cyber Threat Intelligence
d) Networking protocol
e) Network Configurations
Question 7. Which of the following is not a technique for Initial Access in MITRE ATT&CK?
a) Drive-by Compromise
b) Exploit Public-Facing Application
c) Content Injection
d) Phishing
e) Active Scanning
Question 8. Which of the following is not a step in the process of mapping to ATT&CK?
a) Compare your results to other analysts
b) Develop new cybersecurity tools
c) Research the behavior
d) Understand ATT&CK
e) Find the behavior
Question 9. An attacker uses command injection to run a command on a web server host. Which MITRE ATT&CK tactic does this fall under?
a) Privilege Escalation
b) Initial Access
c) Persistence
d) Execution
e) Reconnaissance
Question 10. What is the difference in responsibilities between the red team and blue team in cybersecurity?
a) The red team finds vulnerabilities by simulating attacks, while the blue team responds to incidents and defends against attacks.
b) The red team emulates attacks to find vulnerabilities, while the blue team creates security policies.
c) The red team defends against cyber threats, while the blue team finds vulnerabilities by breaking through defenses
d) The red team monitors network traffic for threats, while the blue team responds to incidents and creates defenses.
e) The red team defends against attacks and responds to incidents, while the blue team simulates attacks to test defenses
These are Nptel Week 3 Answers Practical Cyber Security for Cyber Security Practitioners