WGU C795 COMPREHENSIVE EXAM UPDATED QUESTIONS
AND SOLUTIONS RATED A+
✔✔Host-based IDS (HIDS) - ✔✔An intrusion detection system that is host based. An
alternative is an intrusion detection system that is network based.
✔✔host-based IDS - ✔✔An IDS system that primarily uses software installed on a
specific host such as a web server.
✔✔active response - ✔✔a response generated in real time
✔✔passive response - ✔✔A response option in intrusion detection in which the system
simply reports and records the problem detected, relying on the user to take subsequent
action
✔✔Behavior-Based Detection - ✔✔Behavior-based detection starts by creating a
baseline of normal activities and events on the system.
✔✔espionage - ✔✔spying
✔✔Employee Sabotage - ✔✔Destruction of hardware, software, or data
Plant time bomb or logic bomb on computer
✔✔Man-in-the-middle - ✔✔An attack that intercepts legitimate communication and
forges a fictitious response to the sender.
✔✔zero-day exploit - ✔✔A vulnerability that is exploited before the software
creator/vendor is even aware of its existence.
✔✔Land Attack - ✔✔DoS attack that uses a spoofed SYN packet that includes the
victim's IP address as both source and destination.
✔✔Teardrop Attack - ✔✔A type of DoS that sends mangled IP fragments with
overlapping and oversized payloads to the target machine.
✔✔Ping Flood Attack - ✔✔Ping utility used to send large number of echo request
messages and overwhelms server
✔✔Ping of Death Attack - ✔✔A crafted ICMP packet larger than the maximum 65,535
bytes; causes the recipient system to crash or freeze.
✔✔drive-by download - ✔✔Program which automatically downloads when a user visits
a web page, usually without their knowledge or consent.
, ✔✔Denial-of-service (DoS) attacks - ✔✔bombard servers and Web sites with traffic that
shuts down networks
✔✔Tape media - ✔✔When troubleshooting a failed backup, a technician runs the
backup using the same tape but on a different tape drive in the same tape library. The
backup fails again. Which of the following should be the FIRST item the technician
should examine as a failure?
✔✔Need-to-know principle - ✔✔The release-of-information principle based on the
minimum necessary standard that means that only the information needed by a specific
individual to perform a specific task should be released
✔✔Principle of Least Privilege - ✔✔A security discipline that requires that a particular
user, system, or application be given no more privilege than necessary to perform its
function or job.
✔✔Separation of duties and responsibilities - ✔✔ensures that no single person has total
control over a critical function/system
-two or more people must conspire/collude against the org, which increases the risk for
them
-this policy creates a checks-and-balances system where 2 or more users verify each
others actions
✔✔Separation of privilege - ✔✔This principle dictates that multiple conditions should be
required to achieve access to restricted resources or have a program perform some
action.
✔✔Data Owner - ✔✔Individuals, normally managers or directors, who have
responsibility .for the integrity, accurate reporting and use of computerized data.
✔✔system administrator - ✔✔A user who has an administrator account.
✔✔system users - ✔✔A "customer" who will use or is affected by an information system
on a regular basis - capturing, validating, entering, responding to, storing, and
exchanging data and information.
✔✔senior management - ✔✔Highest level of management
✔✔Security Administrator - ✔✔Installs, configures, and administers firewall security to
protect systems and proactively work to stop intrusions.
✔✔Vulnerability scanning techniques - ✔✔Connect
Discovery
AND SOLUTIONS RATED A+
✔✔Host-based IDS (HIDS) - ✔✔An intrusion detection system that is host based. An
alternative is an intrusion detection system that is network based.
✔✔host-based IDS - ✔✔An IDS system that primarily uses software installed on a
specific host such as a web server.
✔✔active response - ✔✔a response generated in real time
✔✔passive response - ✔✔A response option in intrusion detection in which the system
simply reports and records the problem detected, relying on the user to take subsequent
action
✔✔Behavior-Based Detection - ✔✔Behavior-based detection starts by creating a
baseline of normal activities and events on the system.
✔✔espionage - ✔✔spying
✔✔Employee Sabotage - ✔✔Destruction of hardware, software, or data
Plant time bomb or logic bomb on computer
✔✔Man-in-the-middle - ✔✔An attack that intercepts legitimate communication and
forges a fictitious response to the sender.
✔✔zero-day exploit - ✔✔A vulnerability that is exploited before the software
creator/vendor is even aware of its existence.
✔✔Land Attack - ✔✔DoS attack that uses a spoofed SYN packet that includes the
victim's IP address as both source and destination.
✔✔Teardrop Attack - ✔✔A type of DoS that sends mangled IP fragments with
overlapping and oversized payloads to the target machine.
✔✔Ping Flood Attack - ✔✔Ping utility used to send large number of echo request
messages and overwhelms server
✔✔Ping of Death Attack - ✔✔A crafted ICMP packet larger than the maximum 65,535
bytes; causes the recipient system to crash or freeze.
✔✔drive-by download - ✔✔Program which automatically downloads when a user visits
a web page, usually without their knowledge or consent.
, ✔✔Denial-of-service (DoS) attacks - ✔✔bombard servers and Web sites with traffic that
shuts down networks
✔✔Tape media - ✔✔When troubleshooting a failed backup, a technician runs the
backup using the same tape but on a different tape drive in the same tape library. The
backup fails again. Which of the following should be the FIRST item the technician
should examine as a failure?
✔✔Need-to-know principle - ✔✔The release-of-information principle based on the
minimum necessary standard that means that only the information needed by a specific
individual to perform a specific task should be released
✔✔Principle of Least Privilege - ✔✔A security discipline that requires that a particular
user, system, or application be given no more privilege than necessary to perform its
function or job.
✔✔Separation of duties and responsibilities - ✔✔ensures that no single person has total
control over a critical function/system
-two or more people must conspire/collude against the org, which increases the risk for
them
-this policy creates a checks-and-balances system where 2 or more users verify each
others actions
✔✔Separation of privilege - ✔✔This principle dictates that multiple conditions should be
required to achieve access to restricted resources or have a program perform some
action.
✔✔Data Owner - ✔✔Individuals, normally managers or directors, who have
responsibility .for the integrity, accurate reporting and use of computerized data.
✔✔system administrator - ✔✔A user who has an administrator account.
✔✔system users - ✔✔A "customer" who will use or is affected by an information system
on a regular basis - capturing, validating, entering, responding to, storing, and
exchanging data and information.
✔✔senior management - ✔✔Highest level of management
✔✔Security Administrator - ✔✔Installs, configures, and administers firewall security to
protect systems and proactively work to stop intrusions.
✔✔Vulnerability scanning techniques - ✔✔Connect
Discovery
