WGU D686 Operating Systems Exam
UPDATED ACTUAL QUESTIONS AND
CORRECT ANSWERS
What is a man-in-the-middle attack? - CORRECT ANSWER An attacker secretly
intercepts and possibly alters communications between two parties who believe they are
directly communicating with each other.
What is a logic bomb? - CORRECT ANSWER Malicious code that triggers a harmful
action when specific conditions are met.
What is a back door? - CORRECT ANSWER A hidden way to bypass normal
authentication and gain unauthorized access to a system.
What is session hijacking? - CORRECT ANSWER An attacker takes over a valid user
session, often by stealing session cookies or tokens.
What is social engineering? - CORRECT ANSWER Manipulating people into
divulging confidential information or performing actions that compromise security.
What is the difference between breach of confidentiality and breach of integrity? -
CORRECT ANSWER Confidentiality breach exposes private data; integrity breach
alters or corrupts data.
What is a denial-of-service (dos) attack? - CORRECT ANSWER An attack that
disrupts system services by overwhelming resources.
What is the difference between ransomware and spyware? - CORRECT
ANSWER Ransomware encrypts files, demanding payment; spyware secretly collects
user data.
, What is the difference between a boot virus and a rootkit virus? - CORRECT
ANSWER Boot virus infects boot sector; rootkit virus hides itself and grants
unauthorized access.
What is the difference between a virus and a worm? - CORRECT ANSWER Virus
attaches to files and needs user action; worm spreads automatically without user intervention.
What is a Trojan horse? - CORRECT ANSWER Malicious software disguised as
legitimate, often used to gain unauthorized access.
What is a code-injection attack? - CORRECT ANSWER Attacker inserts malicious
code into a program or system, often through input fields.
What is a sandbox? - CORRECT ANSWER Isolated environment for testing code
safely without affecting the system.
What is a hash? - CORRECT ANSWER A fixed-size value generated from data, used
for integrity checks and authentication.
What is a ddos attack? - CORRECT ANSWER Distributed Denial-of-Service—
multiple systems attack a target, overwhelming it.
What is defense in depth? - CORRECT ANSWER Multiple layers of security controls
throughout an IT system.
What is two-factor authentication? - CORRECT ANSWER Requires two forms of
verification, e.g., password and code sent to phone.
What is Dropbox? - CORRECT ANSWER A cloud-based file storage and sharing
service.
UPDATED ACTUAL QUESTIONS AND
CORRECT ANSWERS
What is a man-in-the-middle attack? - CORRECT ANSWER An attacker secretly
intercepts and possibly alters communications between two parties who believe they are
directly communicating with each other.
What is a logic bomb? - CORRECT ANSWER Malicious code that triggers a harmful
action when specific conditions are met.
What is a back door? - CORRECT ANSWER A hidden way to bypass normal
authentication and gain unauthorized access to a system.
What is session hijacking? - CORRECT ANSWER An attacker takes over a valid user
session, often by stealing session cookies or tokens.
What is social engineering? - CORRECT ANSWER Manipulating people into
divulging confidential information or performing actions that compromise security.
What is the difference between breach of confidentiality and breach of integrity? -
CORRECT ANSWER Confidentiality breach exposes private data; integrity breach
alters or corrupts data.
What is a denial-of-service (dos) attack? - CORRECT ANSWER An attack that
disrupts system services by overwhelming resources.
What is the difference between ransomware and spyware? - CORRECT
ANSWER Ransomware encrypts files, demanding payment; spyware secretly collects
user data.
, What is the difference between a boot virus and a rootkit virus? - CORRECT
ANSWER Boot virus infects boot sector; rootkit virus hides itself and grants
unauthorized access.
What is the difference between a virus and a worm? - CORRECT ANSWER Virus
attaches to files and needs user action; worm spreads automatically without user intervention.
What is a Trojan horse? - CORRECT ANSWER Malicious software disguised as
legitimate, often used to gain unauthorized access.
What is a code-injection attack? - CORRECT ANSWER Attacker inserts malicious
code into a program or system, often through input fields.
What is a sandbox? - CORRECT ANSWER Isolated environment for testing code
safely without affecting the system.
What is a hash? - CORRECT ANSWER A fixed-size value generated from data, used
for integrity checks and authentication.
What is a ddos attack? - CORRECT ANSWER Distributed Denial-of-Service—
multiple systems attack a target, overwhelming it.
What is defense in depth? - CORRECT ANSWER Multiple layers of security controls
throughout an IT system.
What is two-factor authentication? - CORRECT ANSWER Requires two forms of
verification, e.g., password and code sent to phone.
What is Dropbox? - CORRECT ANSWER A cloud-based file storage and sharing
service.
