WGU C836/D430 WGU Fundamentals of Information Security|
Complete Concept Breakdown & Revision Summary | 2026
Exploit framework - correct answer A group of tools that can include network mapping
tools, sniffers, and exploits
Exploits - correct answer small bits of software that take advantage of flaws in
software/applications in order to cause them to behave in ways that were not intended
by their creators
Metasploit, Immunity CANVAS, Core Impact - correct answer Name 3 examples of
exploit frameworks
Security in network design - correct answer This method of security involves a well-
configured and patched network, and incorporating elements such as network
segmentation, choke points, and redundancy
Network segmentation - correct answer The act of dividing a network into multiple
smaller networks, each acting as its own small network (subnet)
Choke points - correct answer certain points in the network, such as routers, firewalls,
or proxies, where we can inspect, filter, and control network traffic
Redundancy - correct answer a method of security that involves designing a network
to always have another route if something fails or loses connection
Firewall - correct answer a mechanism for maintaining control over the traffic that flows
into and out of our networks
Packet filtering - correct answer A firewall technology that inspects the contents of
each packet in network traffic individually and makes a gross determination (based on
source and destination IP address, port number, and the protocol being used) of
whether the traffic should be allowed to pass
,SPI (Stateful Packet Inspection) - correct answer a firewall that can watch packets and
monitor the traffic from a given connection
DPI (Deep Packet Inspection) - correct answer a firewall technology that can analyze
the actual content of the traffic that is flowing through
Proxy server - correct answer a specialized type of firewall that can serve as a choke
point, log traffic for later inspection, and provides a layer of security by serving as a
single source of requests for the devices behind it
DMZ (demilitarized zone) - correct answer a combination of a network design feature
and a protective device such as a firewall.
Often used for systems that need to be exposed to external networks but are connected
to our own network (such as a web server)
NIDS (Network intrusion detection system) - correct answer A system that monitors
network traffic and alerts for unauthorized activity
Signature-based IDS - correct answer An IDS that maintains a database of signatures
that might signal a particular type of attack and compares incoming traffic to those
signatures
Anomaly-based IDS - correct answer an IDS that takes a baseline of normal network
traffic and activity and measures current traffic against this baseline to detect unusual
events
VPN (Virtual Private Network) - correct answer an encrypted connection between two
points
SSH (Secure Shell) - correct answer protocol used to secure traffic in a variety of
ways, including file transfers and terminal access. Uses RSA encryption (asymmetric
encryption)
, BYOD (bring your own device) - correct answer a phrase that refers to an
organization's strategy and policies regarding the use of personal vs. Corporate devices
MDM (mobile device management) - correct answer a solution that manages security
elements for mobile devices in the workplace
Kismet - correct answer a well-known Linux sniffing tool used to detect wireless access
points
Netstumbler - correct answer A Windows tool used to detect wireless access points
Nmap - correct answer A well-known port scanner that can also search for hosts on a
network, identify the operating systems those hosts are running, detect the version of
the services running on any open ports, and more
Packet sniffer (aka network or protocol analyzer) - correct answer this type of tool can
intercept traffic on a network;
Listens for any traffic that the network interface of our computer or device can see
Tcpdump (windump for Windows) - correct answer classic, command-line sniffing tool
that monitors network activities, filters traffic, and more
Runs on UNIX systems
Wireshark - correct answer a graphical interface protocol sniffing tool that is capable of
filtering, sorting, & analyzing both wired and wireless traffic
- popular troubleshooting tool
Honeypot - correct answer A type of tool that deliberately displays vulnerabilities or
attractive data so it can detect, monitor, and sometimes tamper with the activities of an
attacker
Complete Concept Breakdown & Revision Summary | 2026
Exploit framework - correct answer A group of tools that can include network mapping
tools, sniffers, and exploits
Exploits - correct answer small bits of software that take advantage of flaws in
software/applications in order to cause them to behave in ways that were not intended
by their creators
Metasploit, Immunity CANVAS, Core Impact - correct answer Name 3 examples of
exploit frameworks
Security in network design - correct answer This method of security involves a well-
configured and patched network, and incorporating elements such as network
segmentation, choke points, and redundancy
Network segmentation - correct answer The act of dividing a network into multiple
smaller networks, each acting as its own small network (subnet)
Choke points - correct answer certain points in the network, such as routers, firewalls,
or proxies, where we can inspect, filter, and control network traffic
Redundancy - correct answer a method of security that involves designing a network
to always have another route if something fails or loses connection
Firewall - correct answer a mechanism for maintaining control over the traffic that flows
into and out of our networks
Packet filtering - correct answer A firewall technology that inspects the contents of
each packet in network traffic individually and makes a gross determination (based on
source and destination IP address, port number, and the protocol being used) of
whether the traffic should be allowed to pass
,SPI (Stateful Packet Inspection) - correct answer a firewall that can watch packets and
monitor the traffic from a given connection
DPI (Deep Packet Inspection) - correct answer a firewall technology that can analyze
the actual content of the traffic that is flowing through
Proxy server - correct answer a specialized type of firewall that can serve as a choke
point, log traffic for later inspection, and provides a layer of security by serving as a
single source of requests for the devices behind it
DMZ (demilitarized zone) - correct answer a combination of a network design feature
and a protective device such as a firewall.
Often used for systems that need to be exposed to external networks but are connected
to our own network (such as a web server)
NIDS (Network intrusion detection system) - correct answer A system that monitors
network traffic and alerts for unauthorized activity
Signature-based IDS - correct answer An IDS that maintains a database of signatures
that might signal a particular type of attack and compares incoming traffic to those
signatures
Anomaly-based IDS - correct answer an IDS that takes a baseline of normal network
traffic and activity and measures current traffic against this baseline to detect unusual
events
VPN (Virtual Private Network) - correct answer an encrypted connection between two
points
SSH (Secure Shell) - correct answer protocol used to secure traffic in a variety of
ways, including file transfers and terminal access. Uses RSA encryption (asymmetric
encryption)
, BYOD (bring your own device) - correct answer a phrase that refers to an
organization's strategy and policies regarding the use of personal vs. Corporate devices
MDM (mobile device management) - correct answer a solution that manages security
elements for mobile devices in the workplace
Kismet - correct answer a well-known Linux sniffing tool used to detect wireless access
points
Netstumbler - correct answer A Windows tool used to detect wireless access points
Nmap - correct answer A well-known port scanner that can also search for hosts on a
network, identify the operating systems those hosts are running, detect the version of
the services running on any open ports, and more
Packet sniffer (aka network or protocol analyzer) - correct answer this type of tool can
intercept traffic on a network;
Listens for any traffic that the network interface of our computer or device can see
Tcpdump (windump for Windows) - correct answer classic, command-line sniffing tool
that monitors network activities, filters traffic, and more
Runs on UNIX systems
Wireshark - correct answer a graphical interface protocol sniffing tool that is capable of
filtering, sorting, & analyzing both wired and wireless traffic
- popular troubleshooting tool
Honeypot - correct answer A type of tool that deliberately displays vulnerabilities or
attractive data so it can detect, monitor, and sometimes tamper with the activities of an
attacker
