Page |1
WGU C702 FORENSICS AND NETWORK INTRUSION EXAM
OBJECTIVE ASSESSMENT AND PRE- ASSESSMENT
2026/2027 BANK | QUESTIONS WITH DETAILED VERIFIED
ANSWERS / EXAM QUESTIONS AND VERIFIED ANSWERS
|ALREADY GRADED A+|
What tool enables you to retrieve information about event logs
and publishers in Windows 10? - ANSWER-Wevtutil.
Intruders attempting to gain remote access to a system try to find
the other systems connected to the network and visible to the
compromised system. - ANSWER-True.
________ command is used to display the network configuration
of the NICs on the system. - ANSWER-ipconfig /all
Investigators can use Linux commands to gather necessary
information from the system. Identify the following shell command
that is used to display the kernel ring buffer or information about
device drivers loaded into the kernel. - ANSWER-dmesg
, Page |2
What are the unique identification numbers assigned to Windows
user account for granting user access to particular resources? -
ANSWER-Microsoft security ID.
In the Windows Event Log File internals, the following file is used
to store the Databases related to the system: - ANSWER-
System.evtx
Thumbnails of images remain on computers even after files are
deleted. - ANSWER-True
What is NOT one of the three tiers a log management
infrastructure typically comprises? - ANSWER-Log rotation
Which is NOT a log management system function? - ANSWER-
Log generation.
What is NOT one of the three major concerns regarding log
management? - ANSWER-Log viewing
, Page |3
Which is a type of network-based attack? - ANSWER-
Eavesdropping
Which attack does NOT directly lead to unauthorized access? -
ANSWER-Denial of service
How can an attacker exploit a network? - ANSWER-Through
wired or wireless connections.
What is the primary reason for forensic investigators to examine
logs? - ANSWER-To gain an insight into events that occurred in
the affected devices/network.
Which is true about the transport layer in the TCP/IP model? -
ANSWER-It is the backbone for data flow between two devices in
a network.
What is an ongoing process that returns results simultaneously so
that the system or operators can respond to attacks immediately?
- ANSWER-Real time analysis
, Page |4
Which of the following is an internal network vulnerability? -
ANSWER-bottleneck
Which attack is specific to wireless networks? - ANSWER-
Jamming signal attack.
Where can congressional security standards and guidelines be
found, along with an emphasis for federal agencies to develop,
document, and implement organization-wide programs for
information security? - ANSWER-FISMA
What requires companies that offer financial products or services
to protect customer information against security threats? -
ANSWER-GLBA
Which of the following includes security standards for health
information? - ANSWER-HIPAA
WGU C702 FORENSICS AND NETWORK INTRUSION EXAM
OBJECTIVE ASSESSMENT AND PRE- ASSESSMENT
2026/2027 BANK | QUESTIONS WITH DETAILED VERIFIED
ANSWERS / EXAM QUESTIONS AND VERIFIED ANSWERS
|ALREADY GRADED A+|
What tool enables you to retrieve information about event logs
and publishers in Windows 10? - ANSWER-Wevtutil.
Intruders attempting to gain remote access to a system try to find
the other systems connected to the network and visible to the
compromised system. - ANSWER-True.
________ command is used to display the network configuration
of the NICs on the system. - ANSWER-ipconfig /all
Investigators can use Linux commands to gather necessary
information from the system. Identify the following shell command
that is used to display the kernel ring buffer or information about
device drivers loaded into the kernel. - ANSWER-dmesg
, Page |2
What are the unique identification numbers assigned to Windows
user account for granting user access to particular resources? -
ANSWER-Microsoft security ID.
In the Windows Event Log File internals, the following file is used
to store the Databases related to the system: - ANSWER-
System.evtx
Thumbnails of images remain on computers even after files are
deleted. - ANSWER-True
What is NOT one of the three tiers a log management
infrastructure typically comprises? - ANSWER-Log rotation
Which is NOT a log management system function? - ANSWER-
Log generation.
What is NOT one of the three major concerns regarding log
management? - ANSWER-Log viewing
, Page |3
Which is a type of network-based attack? - ANSWER-
Eavesdropping
Which attack does NOT directly lead to unauthorized access? -
ANSWER-Denial of service
How can an attacker exploit a network? - ANSWER-Through
wired or wireless connections.
What is the primary reason for forensic investigators to examine
logs? - ANSWER-To gain an insight into events that occurred in
the affected devices/network.
Which is true about the transport layer in the TCP/IP model? -
ANSWER-It is the backbone for data flow between two devices in
a network.
What is an ongoing process that returns results simultaneously so
that the system or operators can respond to attacks immediately?
- ANSWER-Real time analysis
, Page |4
Which of the following is an internal network vulnerability? -
ANSWER-bottleneck
Which attack is specific to wireless networks? - ANSWER-
Jamming signal attack.
Where can congressional security standards and guidelines be
found, along with an emphasis for federal agencies to develop,
document, and implement organization-wide programs for
information security? - ANSWER-FISMA
What requires companies that offer financial products or services
to protect customer information against security threats? -
ANSWER-GLBA
Which of the following includes security standards for health
information? - ANSWER-HIPAA
