WGU D415 SOFTWARE-DEFINED
NETWORKING
(SDN) | OBJECTIVE ASSESSMENT (OA) | 2026
UPDATE | QUESTIONS AND ANSWERS | WITH
COMPLETE SOLUTION.
Question 1
What is a function of the bastion host in a screened subnet firewall
architecture?
A. To protect the perimeter and internal networks from the internet
B. To perform most of the data packet filtering for the firewall
C. To define a clear boundary between trusted and untrusted domains
D. To serve as the main point of contact for incoming connections
✅ Correct Answer: D
Rationale:
A bastion host is a hardened system exposed to untrusted networks such as the
internet. Its primary role is to act as the main point of contact for incoming
connections, such as web or email services. Because it is directly accessible, it
is configured with strict security controls and minimal services. This reduces
the attack surface and protects internal systems from direct exposure.
Question 2
How are security threats that happen within a computer network classified?
A. As detectable and unknown
B. As malicious and robust
C. As divisive and destructive
D. As intentional and unintentional
✅ Correct Answer: D
Rationale:
Network security threats are commonly categorized based on intent. Intentional
threats include insider attacks, malware, and deliberate breaches, while
unintentional threats include misconfigurations, human error, and accidental
WGU D415
,data exposure. This classification helps organizations apply appropriate
preventive and corrective controls. Understanding intent is critical for designing
effective security policies.
Question 3
Which module of OpenStack should be used to improve efficiency and
scalability of user storage and unstructured data?
A. Swift
B. Neutron
C. Ironic
D. Congress
✅ Correct Answer: A
Rationale:
OpenStack Swift is an object storage system designed for scalability and
durability. It is ideal for storing large amounts of unstructured data such as
backups, images, and media files. Swift distributes data across multiple nodes,
improving fault tolerance and performance. Unlike block storage, it does not
rely on a single point of failure.
Question 4
Which approach improves the strength of software-defined networking
(SDN) security and intrusion tolerance?
A. Controller diversity
B. Controller consolidation
C. Logging
D. Virtualization
✅ Correct Answer: A
Rationale:
Controller diversity involves using multiple SDN controllers from different
vendors or configurations. This reduces the risk of a single vulnerability
compromising the entire network. If one controller is attacked or fails, others
can continue to operate. Diversity enhances fault tolerance and resilience
against targeted attacks.
WGU D415
,Question 5
What is a primary security concern in SDN environments?
A. Hardware dependency
B. Compromised controller security
C. Lack of routing protocols
D. Increased latency ✅ Correct Answer: B
Rationale:
The SDN controller is the centralized “brain” of the network, making it a
highvalue target. If compromised, attackers could manipulate traffic flows,
disable services, or exfiltrate data. Protecting the controller through
authentication, encryption, and redundancy is critical. Centralization improves
manageability but increases risk if not secured properly.
Question 6
What is the primary function of the SDN control plane?
A. Forward packets at wire speed
B. Encrypt transmitted data
C. Make network-wide routing and policy decisions
D. Provide physical network connectivity
✅ Correct Answer: C
Rationale:
The control plane determines how traffic should flow through the network. In
SDN, this logic is centralized in the controller rather than distributed across
devices. The controller programs forwarding devices based on policies and
network conditions. This separation improves flexibility and centralized
management.
Question 7
Which SDN plane is responsible for actual packet forwarding?
A. Management plane
WGU D415
, B. Control plane
C. Application plane
D. Data plane ✅ Correct Answer: D
Rationale:
The data plane consists of switches and routers that forward packets based on
instructions from the control plane. These devices do not make routing
decisions themselves. Instead, they follow flow rules provided by the SDN
controller. This separation allows simpler and faster forwarding hardware.
Question 8
What protocol is commonly used for communication between SDN
controllers and switches?
A. SNMP
B. BGP
C. OSPF
D. OpenFlow ✅ Correct Answer: D
Rationale:
OpenFlow is a foundational SDN protocol that enables communication between
the controller and network devices. It allows the controller to define how
packets should be handled by switches. OpenFlow supports centralized traffic
management and dynamic flow control. This protocol is key to SDN’s
programmability.
Question 9
Which SDN benefit allows rapid deployment of network services?
A. Hardware abstraction
B. Network programmability
C. Physical segmentation
D. Static routing ✅ Correct Answer: B
Rationale:
Network programmability allows administrators to configure and deploy
services through software rather than manual device configuration. Changes can
be applied dynamically across the entire network. This reduces deployment time
and human error. Programmability is one of SDN’s most significant advantages.
WGU D415
NETWORKING
(SDN) | OBJECTIVE ASSESSMENT (OA) | 2026
UPDATE | QUESTIONS AND ANSWERS | WITH
COMPLETE SOLUTION.
Question 1
What is a function of the bastion host in a screened subnet firewall
architecture?
A. To protect the perimeter and internal networks from the internet
B. To perform most of the data packet filtering for the firewall
C. To define a clear boundary between trusted and untrusted domains
D. To serve as the main point of contact for incoming connections
✅ Correct Answer: D
Rationale:
A bastion host is a hardened system exposed to untrusted networks such as the
internet. Its primary role is to act as the main point of contact for incoming
connections, such as web or email services. Because it is directly accessible, it
is configured with strict security controls and minimal services. This reduces
the attack surface and protects internal systems from direct exposure.
Question 2
How are security threats that happen within a computer network classified?
A. As detectable and unknown
B. As malicious and robust
C. As divisive and destructive
D. As intentional and unintentional
✅ Correct Answer: D
Rationale:
Network security threats are commonly categorized based on intent. Intentional
threats include insider attacks, malware, and deliberate breaches, while
unintentional threats include misconfigurations, human error, and accidental
WGU D415
,data exposure. This classification helps organizations apply appropriate
preventive and corrective controls. Understanding intent is critical for designing
effective security policies.
Question 3
Which module of OpenStack should be used to improve efficiency and
scalability of user storage and unstructured data?
A. Swift
B. Neutron
C. Ironic
D. Congress
✅ Correct Answer: A
Rationale:
OpenStack Swift is an object storage system designed for scalability and
durability. It is ideal for storing large amounts of unstructured data such as
backups, images, and media files. Swift distributes data across multiple nodes,
improving fault tolerance and performance. Unlike block storage, it does not
rely on a single point of failure.
Question 4
Which approach improves the strength of software-defined networking
(SDN) security and intrusion tolerance?
A. Controller diversity
B. Controller consolidation
C. Logging
D. Virtualization
✅ Correct Answer: A
Rationale:
Controller diversity involves using multiple SDN controllers from different
vendors or configurations. This reduces the risk of a single vulnerability
compromising the entire network. If one controller is attacked or fails, others
can continue to operate. Diversity enhances fault tolerance and resilience
against targeted attacks.
WGU D415
,Question 5
What is a primary security concern in SDN environments?
A. Hardware dependency
B. Compromised controller security
C. Lack of routing protocols
D. Increased latency ✅ Correct Answer: B
Rationale:
The SDN controller is the centralized “brain” of the network, making it a
highvalue target. If compromised, attackers could manipulate traffic flows,
disable services, or exfiltrate data. Protecting the controller through
authentication, encryption, and redundancy is critical. Centralization improves
manageability but increases risk if not secured properly.
Question 6
What is the primary function of the SDN control plane?
A. Forward packets at wire speed
B. Encrypt transmitted data
C. Make network-wide routing and policy decisions
D. Provide physical network connectivity
✅ Correct Answer: C
Rationale:
The control plane determines how traffic should flow through the network. In
SDN, this logic is centralized in the controller rather than distributed across
devices. The controller programs forwarding devices based on policies and
network conditions. This separation improves flexibility and centralized
management.
Question 7
Which SDN plane is responsible for actual packet forwarding?
A. Management plane
WGU D415
, B. Control plane
C. Application plane
D. Data plane ✅ Correct Answer: D
Rationale:
The data plane consists of switches and routers that forward packets based on
instructions from the control plane. These devices do not make routing
decisions themselves. Instead, they follow flow rules provided by the SDN
controller. This separation allows simpler and faster forwarding hardware.
Question 8
What protocol is commonly used for communication between SDN
controllers and switches?
A. SNMP
B. BGP
C. OSPF
D. OpenFlow ✅ Correct Answer: D
Rationale:
OpenFlow is a foundational SDN protocol that enables communication between
the controller and network devices. It allows the controller to define how
packets should be handled by switches. OpenFlow supports centralized traffic
management and dynamic flow control. This protocol is key to SDN’s
programmability.
Question 9
Which SDN benefit allows rapid deployment of network services?
A. Hardware abstraction
B. Network programmability
C. Physical segmentation
D. Static routing ✅ Correct Answer: B
Rationale:
Network programmability allows administrators to configure and deploy
services through software rather than manual device configuration. Changes can
be applied dynamically across the entire network. This reduces deployment time
and human error. Programmability is one of SDN’s most significant advantages.
WGU D415
