WGU C700 network security QUESTIONS AND
ANSWERS GRADED A
Which type of attack is primarily intended to disrupt the availability of critical business
functions?
A Man in the middle
B Denial of Service
C Eavesdropping
D Covert Channel Correct Answer: B Denial of Service
Classify each attack method in relation to its direct impact on the CIA triad.
Key Logger
DNS poisoning
Covert channels
DDoS Correct Answer: Key Logger: Confidentiality
DNS Poisoning: Integrity
Covert channels: Confidentiality
DDOS: Availability
A security administrator has configured a small keysize to protect the VPN.
Which security objective does this affect? C, I or A? Correct Answer: Confidentiality
A laptop has been stolen, and the data has been seen for sale on the darknet.
Which process could have protected the confidentiality of the data? Correct Answer: Hard drive
encryption
When browsing to a financial website, a user receives an error on the browser that points to the
certificate on the website. The user reviews the certificate and maps it to a known certificate
authority.
Why did the user need to perform these actions? Correct Answer: To establish a trust
relationship
A team of scientists is working on a secure project. The network administrator needs to configure
a network for the team that is not routable from the Internet. A firewall is protecting the
scientists' network and is using network address translation (NAT) to translate the internal IP
addresses to public IP addresses.
Which IP address should the network administrator configure on the inside interface of the
firewall? Correct Answer: 10.14.15.16
An ad hoc network design team has just finished a presentation on the latest updates to the
organization's network infrastructure. The team ensured that plenty of redundancy has been built
in and bottlenecks have been eliminated.
, Which security objective has the team bolstered through these improvements? Correct Answer:
Availability
A company has recently implemented a new email encryption system that uses public key
infrastructure (PKI). The company is now requiring all employees to sign and encrypt internal
communication. An employee wants to send a digitally signed message to the IT director.
What does the IT director use to decode the employee's signature under the new system? Correct
Answer: The employee's public key
An administrator at a small office is tasked with supporting a new time clock that has been
installed on the network. The outsourced company managing the time clock states that the
connection protocol it uses with the clock is encrypted, but it needs to allow incoming
connections from the Internet.
Which action should allow the outsourced company to securely manage the time clock with a
minimal amount of configuration effort? Correct Answer: Setting up a port forward on the
firewall from the outsourced company to the time clock
A small nonprofit company has received several legacy wireless access points (APs) as a
donation. The security administrator discovers that the encryption protocol the devices use is not
very secure. The encryption key can be discovered by a malicious hacker in only a few minutes.
After discussions with other security professionals, the administrator learns the APs can
implement a key protocol that can change the encryption key every few seconds and provide a
per-packet verification at each side of the communication.
Which security measure is the key protocol implemented to protect? Correct Answer: Integrity
of the key
A recently terminated employee from accounting used several widely available programs in an
amateur attempt to exploit a company's database.
Which term describes the terminated employee? Correct Answer: Script kiddies
A company has been the target of multiple social engineering attacks and is implementing a new
mandatory security awareness training program to reduce the risk of a future compromise. The
security administrator is mainly concerned with the following attack vectors:
Spoofed emails containing fake password reset links aimed at harvesting employees' passwords
Phone calls to the helpdesk by a malicious user pretending to be an employee needing a
password reset
A malicious user tailgating while impersonating a contractor to steal employees' mobile devices
What are the two vulnerabilities that the company needs to address to meet the above
requirements?
Choose 2 answers
- Disgruntled employees
- Weak passwords
ANSWERS GRADED A
Which type of attack is primarily intended to disrupt the availability of critical business
functions?
A Man in the middle
B Denial of Service
C Eavesdropping
D Covert Channel Correct Answer: B Denial of Service
Classify each attack method in relation to its direct impact on the CIA triad.
Key Logger
DNS poisoning
Covert channels
DDoS Correct Answer: Key Logger: Confidentiality
DNS Poisoning: Integrity
Covert channels: Confidentiality
DDOS: Availability
A security administrator has configured a small keysize to protect the VPN.
Which security objective does this affect? C, I or A? Correct Answer: Confidentiality
A laptop has been stolen, and the data has been seen for sale on the darknet.
Which process could have protected the confidentiality of the data? Correct Answer: Hard drive
encryption
When browsing to a financial website, a user receives an error on the browser that points to the
certificate on the website. The user reviews the certificate and maps it to a known certificate
authority.
Why did the user need to perform these actions? Correct Answer: To establish a trust
relationship
A team of scientists is working on a secure project. The network administrator needs to configure
a network for the team that is not routable from the Internet. A firewall is protecting the
scientists' network and is using network address translation (NAT) to translate the internal IP
addresses to public IP addresses.
Which IP address should the network administrator configure on the inside interface of the
firewall? Correct Answer: 10.14.15.16
An ad hoc network design team has just finished a presentation on the latest updates to the
organization's network infrastructure. The team ensured that plenty of redundancy has been built
in and bottlenecks have been eliminated.
, Which security objective has the team bolstered through these improvements? Correct Answer:
Availability
A company has recently implemented a new email encryption system that uses public key
infrastructure (PKI). The company is now requiring all employees to sign and encrypt internal
communication. An employee wants to send a digitally signed message to the IT director.
What does the IT director use to decode the employee's signature under the new system? Correct
Answer: The employee's public key
An administrator at a small office is tasked with supporting a new time clock that has been
installed on the network. The outsourced company managing the time clock states that the
connection protocol it uses with the clock is encrypted, but it needs to allow incoming
connections from the Internet.
Which action should allow the outsourced company to securely manage the time clock with a
minimal amount of configuration effort? Correct Answer: Setting up a port forward on the
firewall from the outsourced company to the time clock
A small nonprofit company has received several legacy wireless access points (APs) as a
donation. The security administrator discovers that the encryption protocol the devices use is not
very secure. The encryption key can be discovered by a malicious hacker in only a few minutes.
After discussions with other security professionals, the administrator learns the APs can
implement a key protocol that can change the encryption key every few seconds and provide a
per-packet verification at each side of the communication.
Which security measure is the key protocol implemented to protect? Correct Answer: Integrity
of the key
A recently terminated employee from accounting used several widely available programs in an
amateur attempt to exploit a company's database.
Which term describes the terminated employee? Correct Answer: Script kiddies
A company has been the target of multiple social engineering attacks and is implementing a new
mandatory security awareness training program to reduce the risk of a future compromise. The
security administrator is mainly concerned with the following attack vectors:
Spoofed emails containing fake password reset links aimed at harvesting employees' passwords
Phone calls to the helpdesk by a malicious user pretending to be an employee needing a
password reset
A malicious user tailgating while impersonating a contractor to steal employees' mobile devices
What are the two vulnerabilities that the company needs to address to meet the above
requirements?
Choose 2 answers
- Disgruntled employees
- Weak passwords
