roger
/
csis1
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
csis1/content/quizzes/week-4-graded.md

112 lines
7.7 KiB
Markdown
Raw Blame History

# Week 4 Graded Quiz: Internet, Email & Web
## Q1: Secure Browsing Scenario
Naomi is buying textbooks online. She notices the website URL starts with "http://" (no S) and there's no padlock icon in the address bar. She's about to enter her credit card number. What should she do?
A. Proceed — the padlock icon is just decorative and doesn't affect security
B. Do NOT enter payment information — the site isn't using HTTPS, so her data could be intercepted in transit
C. Switch to a different browser, which will automatically make the connection secure
D. It's fine as long as she's on her home WiFi network
**Answer:** B
**Explanation:** Without HTTPS, data travels unencrypted between her browser and the server. Anyone intercepting the traffic could read her credit card number. She should look for the same product on a site that uses HTTPS, or check if the site has an HTTPS version.
## Q2: Email Scenario
David receives an email from "IT-Department@his-company.com" asking him to click a link and verify his password within 24 hours or his account will be locked. The link goes to `http://his-company-verify.sketchy-site.com/login`. What should David do?
A. Click the link quickly since his account will be locked
B. Forward it to 10 coworkers so they can verify their passwords too
C. Do NOT click the link — the urgency, external domain, and password request are classic phishing red flags. Report it to actual IT.
D. Reply to the email and ask if it's legitimate
**Answer:** C
**Explanation:** This has multiple phishing red flags: artificial urgency ("24 hours"), a request for credentials, and a link to an external domain disguised to look legitimate. Legitimate IT departments don't ask for passwords via email. David should report it through official channels.
## Q3: Cloud Service Models
A startup needs servers to run their custom application. They don't want to buy physical hardware, but they want full control over the operating system, storage, and networking configuration. Which cloud model fits?
A. SaaS — they can just use an existing web app
B. PaaS — the platform manages everything automatically
C. IaaS — they rent virtual infrastructure and configure it themselves
D. On-premises — cloud can't provide this level of control
**Answer:** C
**Explanation:** IaaS (Infrastructure as a Service) provides virtualized computing resources (servers, storage, networking) that the customer manages. They get full control over the OS and configuration without buying physical hardware. AWS EC2 and Azure VMs are common IaaS examples.
## Q4: URL Analysis
A user sees the URL `https://accounts.google.com.login-verify.net/signin`. Is this actually a Google page?
A. Yes — it contains "accounts.google.com" so it must be Google
B. No — the actual domain is "login-verify.net," not google.com. The "accounts.google.com" part is a subdomain trick.
C. Yes — HTTPS guarantees the site is owned by Google
D. It's impossible to tell from the URL alone
**Answer:** B
**Explanation:** The actual domain is determined by reading right-to-left from the first single slash. Here, the domain is `login-verify.net`, and `accounts.google.com` is just a misleading subdomain. HTTPS means the connection is encrypted, not that the site is trustworthy or legitimate.
## Q5: Browser Developer Tools
Marcus is learning web design and wants to temporarily change the color of a heading on a live webpage to test how it looks — without editing the actual website files. Which browser feature lets him do this?
A. Bookmark the page and change the color in the bookmark settings
B. Use the browser's Developer Tools (Inspect Element) to modify the CSS in real time
C. Take a screenshot and edit it in Photoshop
D. Email the website owner and ask them to change it
**Answer:** B
**Explanation:** Browser Developer Tools (accessed via right-click → Inspect or F12) let you view and temporarily edit a page's HTML, CSS, and JavaScript in real time. Changes only affect your local view and disappear when you refresh — they don't modify the actual website.
## Q6: SMTP Journey
When you send an email from your Gmail to a friend's Outlook account, what is the correct order of protocols used?
A. IMAP sends it → SMTP receives it
B. Your Gmail uses SMTP to send it to Outlook's server → your friend's Outlook uses IMAP (or POP3) to retrieve it
C. HTTP sends the email directly to your friend's browser
D. FTP uploads the email to Outlook's server
**Answer:** B
**Explanation:** SMTP handles the outgoing journey — pushing your email from server to server until it reaches the recipient's mail server. Then your friend's email client uses IMAP or POP3 to pull (retrieve) the message from their server to their device.
## Q7: Cookie Scenario
After browsing for running shoes on an online store, Jasmine notices shoe advertisements appearing on completely different websites she visits. What technology is MOST likely responsible?
A. Viruses that the shoe website installed on her computer
B. Third-party tracking cookies that follow her browsing activity across multiple sites
C. The shoe company hacked the other websites to show her ads
D. Her ISP is selling her browsing history to shoe companies
**Answer:** B
**Explanation:** Third-party cookies are placed by advertisers and ad networks (not the site you're visiting) to track your browsing across multiple websites. This enables "retargeting" — showing you ads related to products you previously viewed. Many browsers now block third-party cookies by default.
## Q8: Web Architecture
When you type "canvas.gavilan.edu" into your browser and press Enter, what happens FIRST?
A. Your browser sends the HTML directly to the server
B. Your browser asks a DNS server to look up the IP address for "canvas.gavilan.edu"
C. The Canvas login page starts loading immediately
D. Your browser checks if you have a cookie, and only then contacts the server
**Answer:** B
**Explanation:** Before your browser can contact any server, it needs to know WHERE to send the request. DNS resolution happens first — translating the human-readable domain name into an IP address. Only then can your browser establish a connection and request the web page.
## Q9: Professional Email Composition
Rina needs to email her professor about a grade question. Which email is MOST appropriate?
A. Subject: "hey" / Body: "yo prof whats up with my grade?? fix it asap thx"
B. Subject: "Grade Question — CSIS 1, Section 01" / Body: "Dear Professor Lee, I have a question about my grade on the Week 3 quiz. Could we discuss this during your office hours? Thank you, Rina Patel"
C. Subject: (blank) / Body: "I think there's a mistake. Please check."
D. Subject: "URGENT!!! GRADE EMERGENCY!!!" / Body: "My grade is wrong. I need this fixed NOW or I'll fail."
**Answer:** B
**Explanation:** Professional emails include a clear, specific subject line; a respectful greeting; enough context for the recipient to understand the issue; a specific request; and a professional closing. This demonstrates email etiquette that's expected in academic and professional settings.
## Q10: SaaS vs PaaS vs IaaS
Match these real-world scenarios: (1) A teacher uses Google Docs to write a syllabus. (2) A developer deploys a Python web app to Heroku without managing any servers. (3) A company rents virtual machines from AWS and installs their own operating systems. Which cloud models do these represent?
A. (1) IaaS, (2) SaaS, (3) PaaS
B. (1) SaaS, (2) PaaS, (3) IaaS
C. (1) PaaS, (2) IaaS, (3) SaaS
D. All three are SaaS
**Answer:** B
**Explanation:** Google Docs is SaaS — a complete application used through a browser. Heroku is PaaS — developers deploy code without managing infrastructure. AWS virtual machines are IaaS — the company manages everything above the hardware. Each model gives a different level of control and responsibility.
Reference in New Issue View Git Blame Copy Permalink