WGU MASTER'S COURSE C795-MANAGEMENT II
TACTICAL QUESTIONS AND CORRECT DETAILED
ANSWERS (VERIFIED ANSWERS) |ALREADY
GRADED A+
A chief information officer (CIO) recently read an article involving a similar company that
was hit with ransomware due to ineffective patch-management practices. The CIO tasks
a security professional with gathering metrics on the effectiveness of the company's
patch-management program to avoid a similar incident.
Which method enables the security professional to gather current, accurate metrics?
A Review authenticated vulnerability scan reports
B Review reports from Windows Update
C Review patch history on nonproduction systems
D Review patch tickets in the change control system - Answer A
A combined mail server and calendaring server environment contains no secure
sockets layer (SSL) certificate.
Which security principle of the CIA triad is affected by the lack of an SSL certificate?
A Confidentiality
B Integrity
C Authentication
D Availability - Answer A
A company develops a business continuity plan in addition to an emergency
communication plan.
What should be included in the company's emergency communication plan? (Choose 2)
A Alternate means of contact
B Backup people for each role
C The best time to call each person
D Employee's phone service providers - Answer AB
A company does not have a disaster recovery plan (DRP) and suffers a multiday power
outage.
Which provisioning should the company perform to provide stable power for a long
period of time?
A Purchase generators
,B Purchase additional servers
C Create a RAID array
D Create a failover cluster - Answer A
A company has identified a massive security breach in its healthcare records
department. Over 50% of customers' personally identifiable information (PII) has been
stolen. The customers are aware of the breach, and the company is taking actions to
protect customer assets through the personal security policy, which addresses PII data.
Which preventive measure should the company pursue to protect against future
attacks?
A Require cognitive passwords
B Employ password tokens
C Use network-based and host-based firewalls
D Install auditing tools - Answer C
A company has signed a contract with a third-party vendor to use the vendor's inventory
management system hosted in a cloud. For convenience, the vendor set up the
application to use Lightweight Directory Access Protocol (LDAP) queries but did not
enable secure LDAP queries or implement a secure sockets layer (SSL) on the
application's web server. The vendor does not have the ability to secure the system,
and company management insists on using the application.
Which defense-in-depth practices should the company implement to minimize the
likelihood of an account compromise due to insecure setup by the vendor?
A Location-based access control and multifactor authentication
B Intrusion prevention system (IPS) and honeypot systems
C Antivirus and intrusion detection system (IDS)
D Password hashing and authentication encryption - Answer A
A company has user credentials compromised through a phishing attack.
Which defense-in-depth practice will reduce the likelihood of misuse of the user's
credentials?
A Configure firewall rules
B Deploy multifactor authentication
C Deploy RADIUS authentication
D Configure encryption protocols - Answer B
A company hires several contractors each year to augment its IT workforce. The
contractors are granted access to the internal corporate network, but they are not
provided laptops containing the corporate image. Instead, they are required to bring
their own equipment.
,Which defense-in-depth practice should be required for contractor laptops to ensure that
contractors do not connect infected laptops to the internal corporate network?
A Enable command-line audit logging on contractor laptops
B Configure devices to not autorun content
C Configure antimalware scanning of removable devices
D Ensure antimalware software and signatures are updated - Answer D
A company is concerned about loss of data on removable media when media are lost or
stolen.
Which standard should this company implement on all flash drives?
A Maximum password age
B Encryption
C Awareness training
D Layer 2 tunneling protocol - Answer B
A company is concerned about securing its corporate network, including its wireless
network, to limit security risks.
Which defense-in-depth practice represents an application of least privilege?
A Implement mutual multifactor authentication
B Configure Wi-Fi-Protected Access for encrypted communication
C Disable wireless access to users who do not need it
D Implement an intrusion detection system - Answer C
A company is concerned about unauthorized network traffic.
Which procedure should the company implement to block FTP traffic?
A Install a packet sniffer
B Update the DNS
C Filter ports 20 and 21 at the firewall
D Decrease the network bandwidth - Answer C
A company is concerned about unauthorized programs being used on network devices.
Which defense-in-depth strategy would help eliminate unauthorized software on
network devices?
A Develop an acceptable use policy and update all network device firmware
B Use application controls tools and update AppLocker group policies
C Limit administrative access to devices and create DHCP scope options
, D Upgrade to a 64-bit operating system and install an antimalware application - Answer
B
A company is concerned about unneeded network protocols being available on the
network.
Which two defense-in-depth practices should the company implement to detect whether
FTP is being used?Choose 2 answers.
A Install BIOS firmware updates
B Perform automated packet scanning
C Implement application firewalls
D Physically segment the network - Answer BC
A company is concerned that disgruntled employees are sending sensitive data to its
competitors.
Which defense-in-depth practices assist a company in identifying an insider threat?
A Data loss prevention (DLP) and audit logs
B Antivirus and intrusion detection systems (IDS)
C Data loss prevention (DLP) and intrusion detection systems (IDS)
D Antivirus and audit logs - Answer A
A company is hit with a number of ransomware attacks. These attacks are causing a
significant amount of downtime and data loss since users with access to sensitive
company documents are being targeted. These attacks have prompted management to
invest in new technical controls to prevent ransomware.
Which defense-in-depth practices should this company implement?
A Password resets and a log review
B Mandatory vacations and job rotation
C Spam filtering and antimalware
D Encryption and an internal firewall - Answer C
A company is implementing a defense-in-depth approach that includes capturing audit
logs. The audit logs need to be written in a manner that provides integrity.
Which defense-in-depth strategy should be applied?
A Write the data to a write-once, read-many (WORM) drive
B Write the data to an encrypted hard drive
C Write the data to an encrypted flash drive
D Write the data to an SD card and store the SD card in a safe - Answer A
TACTICAL QUESTIONS AND CORRECT DETAILED
ANSWERS (VERIFIED ANSWERS) |ALREADY
GRADED A+
A chief information officer (CIO) recently read an article involving a similar company that
was hit with ransomware due to ineffective patch-management practices. The CIO tasks
a security professional with gathering metrics on the effectiveness of the company's
patch-management program to avoid a similar incident.
Which method enables the security professional to gather current, accurate metrics?
A Review authenticated vulnerability scan reports
B Review reports from Windows Update
C Review patch history on nonproduction systems
D Review patch tickets in the change control system - Answer A
A combined mail server and calendaring server environment contains no secure
sockets layer (SSL) certificate.
Which security principle of the CIA triad is affected by the lack of an SSL certificate?
A Confidentiality
B Integrity
C Authentication
D Availability - Answer A
A company develops a business continuity plan in addition to an emergency
communication plan.
What should be included in the company's emergency communication plan? (Choose 2)
A Alternate means of contact
B Backup people for each role
C The best time to call each person
D Employee's phone service providers - Answer AB
A company does not have a disaster recovery plan (DRP) and suffers a multiday power
outage.
Which provisioning should the company perform to provide stable power for a long
period of time?
A Purchase generators
,B Purchase additional servers
C Create a RAID array
D Create a failover cluster - Answer A
A company has identified a massive security breach in its healthcare records
department. Over 50% of customers' personally identifiable information (PII) has been
stolen. The customers are aware of the breach, and the company is taking actions to
protect customer assets through the personal security policy, which addresses PII data.
Which preventive measure should the company pursue to protect against future
attacks?
A Require cognitive passwords
B Employ password tokens
C Use network-based and host-based firewalls
D Install auditing tools - Answer C
A company has signed a contract with a third-party vendor to use the vendor's inventory
management system hosted in a cloud. For convenience, the vendor set up the
application to use Lightweight Directory Access Protocol (LDAP) queries but did not
enable secure LDAP queries or implement a secure sockets layer (SSL) on the
application's web server. The vendor does not have the ability to secure the system,
and company management insists on using the application.
Which defense-in-depth practices should the company implement to minimize the
likelihood of an account compromise due to insecure setup by the vendor?
A Location-based access control and multifactor authentication
B Intrusion prevention system (IPS) and honeypot systems
C Antivirus and intrusion detection system (IDS)
D Password hashing and authentication encryption - Answer A
A company has user credentials compromised through a phishing attack.
Which defense-in-depth practice will reduce the likelihood of misuse of the user's
credentials?
A Configure firewall rules
B Deploy multifactor authentication
C Deploy RADIUS authentication
D Configure encryption protocols - Answer B
A company hires several contractors each year to augment its IT workforce. The
contractors are granted access to the internal corporate network, but they are not
provided laptops containing the corporate image. Instead, they are required to bring
their own equipment.
,Which defense-in-depth practice should be required for contractor laptops to ensure that
contractors do not connect infected laptops to the internal corporate network?
A Enable command-line audit logging on contractor laptops
B Configure devices to not autorun content
C Configure antimalware scanning of removable devices
D Ensure antimalware software and signatures are updated - Answer D
A company is concerned about loss of data on removable media when media are lost or
stolen.
Which standard should this company implement on all flash drives?
A Maximum password age
B Encryption
C Awareness training
D Layer 2 tunneling protocol - Answer B
A company is concerned about securing its corporate network, including its wireless
network, to limit security risks.
Which defense-in-depth practice represents an application of least privilege?
A Implement mutual multifactor authentication
B Configure Wi-Fi-Protected Access for encrypted communication
C Disable wireless access to users who do not need it
D Implement an intrusion detection system - Answer C
A company is concerned about unauthorized network traffic.
Which procedure should the company implement to block FTP traffic?
A Install a packet sniffer
B Update the DNS
C Filter ports 20 and 21 at the firewall
D Decrease the network bandwidth - Answer C
A company is concerned about unauthorized programs being used on network devices.
Which defense-in-depth strategy would help eliminate unauthorized software on
network devices?
A Develop an acceptable use policy and update all network device firmware
B Use application controls tools and update AppLocker group policies
C Limit administrative access to devices and create DHCP scope options
, D Upgrade to a 64-bit operating system and install an antimalware application - Answer
B
A company is concerned about unneeded network protocols being available on the
network.
Which two defense-in-depth practices should the company implement to detect whether
FTP is being used?Choose 2 answers.
A Install BIOS firmware updates
B Perform automated packet scanning
C Implement application firewalls
D Physically segment the network - Answer BC
A company is concerned that disgruntled employees are sending sensitive data to its
competitors.
Which defense-in-depth practices assist a company in identifying an insider threat?
A Data loss prevention (DLP) and audit logs
B Antivirus and intrusion detection systems (IDS)
C Data loss prevention (DLP) and intrusion detection systems (IDS)
D Antivirus and audit logs - Answer A
A company is hit with a number of ransomware attacks. These attacks are causing a
significant amount of downtime and data loss since users with access to sensitive
company documents are being targeted. These attacks have prompted management to
invest in new technical controls to prevent ransomware.
Which defense-in-depth practices should this company implement?
A Password resets and a log review
B Mandatory vacations and job rotation
C Spam filtering and antimalware
D Encryption and an internal firewall - Answer C
A company is implementing a defense-in-depth approach that includes capturing audit
logs. The audit logs need to be written in a manner that provides integrity.
Which defense-in-depth strategy should be applied?
A Write the data to a write-once, read-many (WORM) drive
B Write the data to an encrypted hard drive
C Write the data to an encrypted flash drive
D Write the data to an SD card and store the SD card in a safe - Answer A
