WGU D315 - PRE-ASSESSMENT: NETWORK AND SECURITY – FOUNDATIONS ACTUAL REAL EXAM QUESTIONS AND ANSWERS

Which OSI layer is related to the function of the IP protocol suite? a. Transport b. Network c. Data Link d. Session - Network Which OSI layer is responsible for organizing how bits are passed over the physical layer between devices within the same collision domain? a. Frame b. Connection c. Transport d. Data Link - Data Link Which OSI layer would define the scope of a protocol that makes sure packets of data are received correctly and resends them if they are not? a. Validation b. Transmission c. Transport d. Connection - Transport Which protocol suite performs functions of OSI layer 4? a. IPX b. MAC c. CSMA/CD d. TCP - TCP Which type of Ethernet cable can maintain 10Gbps transmission speeds through the course of its maximum 100-meter length? a. CAT 5e b. CAT 5 c. CAT 3 d. CAT 6a - CAT 6a Which Internet access technology uses ordinary telephone wires for data transmission? a. DSL b. Cable c. Wi-Fi d. Hotspot - DSL Which device is used to organize network cables as they run between switches and other network devices? a. Jack b. Hub c. Patch Panel d. Router - Patch Panel Which network device is used to connect two or more network segments by performing OSI layer 3 functions like packet-forwarding? a. Router b. Repeater c. Wire d. Switch - Router Which network device is used to convert between digital information from a LAN and analog signals for transmission over a standard telephone wire? a. Repeater b. Modem c. Signal Generator d. Bit Stretcher - Modem Which device could be used to send commands to the mainframe for remote execution in early mainframe installations? a. Distributed Screens b. Dumb Terminals c. Execution Displays d. Command Receivers - Dumb Terminals Which device is responsible for implementing network address translation (NAT)? a. Modem b. Router c. NIC d. Switch - Router Which command produces the following output? Non-authoritative answer: Name: Address: 172.217.11.132 a. dig b. nslookup d. whois d. nmap - nslookup Which command should be used to manually enter the default gateway for a computer? a. route b. ipconfig c. arp d. netstat - route Which network diagnostic tool displays the path packets take between two endpoints? a. ifconfig b. traceroute c. ftp d. nslookup - traceroute Which network type is used to wire multiple PCs to a home router? a. LAN b. PAN c. MAN d. WAN - LAN An office's infrastructure connects network devices and printers through a central access point without the use of cabling. Which network type does this office use? a. WLAN b. WAN c. CAN d. SAN - WLAN What type of medium is commonly used within a 1000 Mbps Ethernet network? a. CAT 5 b. CAT5e c. Coax d. Wireless - CAT5e Which network topology is shown in the following diagram? a. Full mesh b. Star c. Bus d. Ring - Full Mesh Which network topology is being implemented when each node connects to exactly two other nodes, forming a single continuous pathway for signals through each node? a. Star b. Full Mesh c. Ring d. Bus - Ring In which physical LAN topology are nodes connected to each other with a backbone cable that loops around and ends at the same point it started? a. Ring b. Bus c. Star d. Tree - Ring Which OSI layer ensures error-free packets? a. Application b. Transport c. Session d. Presentation - Transport Which topology uses a switch or hub to connect to all devices in the same network? a. Mesh b. Ring c. Star d. Bus - Star Which cloud service provides hardware, operating systems, and web servers but not end-user applications? a. IaaS b. PaaS c. SaaS d. RaaS - PaaS Which cloud model provides an exclusive cloud computing service environment that is shared between two or more organizations? a. Public b. Private c. Community d. Hybrid - Community Which type of software is used to provide virtualization? a. Database b. Hypervisor c. Antivirus d. Spreadsheet - Hypervisor A user that does not want to be identified while communicating on a network uses an application to alter the computer's identity. Which type of exploit is being perpetrated? a. Denial-of-service b. ARP poisoning c. Smurf attack d. Spoofing - Spoofing An attacker attempts to misdirect traffic on a network back to the attacker by corrupting the network computer's cache of IP address to MAC address mappings that are cached. Which exploit is the attacker perpetrating? a. Port scanning b. Wiretapping c. Denial-of-service d. ARP poisoning - ARP poisoning Which exploit actually breaches the physical medium or uses devices to monitor signals from outside the physical medium itself? a. Spoofing b. Wiretapping c. Sniffing d. Port scanning - Wiretapping Which type of attack can overwhelm a web server by inserting more data into a web form than the system was configured to hold? a. Buffer overflow b. ARP poisoning c. Session hijacking d. Cross-site scripting - Buffer overflow Which type of attack sends an email claiming to be from a reputable business in order to entice the recipient to provide sensitive information? a. Denial-of-service b. Phishing c. Password attacks d. Man-in-the-middle - Phishing A user on a network is planning to launch an exploit against a coworker in a neighboring department. The user needs to identify the IP address of a coworker in the desired department. Which tool or utility will allow the user to watch network traffic in real time to identify a target? a. Port scan b. Antivirus software c. Sniffer d. Port redirection - Sniffer Which group of attackers is typically used for penetration testing? a. Red Team b. Blue Team c. White Team d. Gray Team - Red Team Which type of attack exploits an unpatched software vulnerability? a. Zero-day b. Brue-force c. Diffie-Hellman d. Man-in-the-middle - Zero-day A company has the policy that all new user passwords are P@ssw0rd but does not require new users to change their password. An employee randomly tries a coworker's account with the new user password to see if they can log in as the coworker. Which type of vulnerability does this create? a. BYOD b. Weak password c. Default password d. Misconfigured firewall rules - Default password An employee that does not want to miss emails from important clients sets up her cellular smartphone to allow her to check email. Unfortunately, she does not install antivirus software on the cellular phone. What type of vulnerability is represented? a. Industry threat b. Misconfigured firewall rules c. Weak passwords d. BYOD/Mobile - BYOD/Mobile What is the definition of vulnerability, in computer security? a. It is a weakness which can be exploited by a threat, such as an attacker, to perform unauthorized actions within a computer system. b. It is a possible danger that might exploit a weakness to breach security and therefore cause possible harm. c. It is an action taken by a threat that exploits a weakness that attempts to either block authorized access to an asset or to gain unauthorized access to an asset. d. It is the potential of a threat to exploit a weakness via an attack. - It is a weakness which can be exploited by a threat, such as an attacker, to perform unauthorized actions within a computer system. What is required to establish a secure connection to a remote network over an insecure link? a. Virtual Private Network (VPN) service b. Linux c. Command Line Interface d. TOR Network - Virtual Private Network (VPN) service An organization is concerned about brute force attacks. How should the organization counter this risk? a. Install a mantrap and biometric scanner at the entrance of its data center. b. Implement a system hardening policy that ensures operating system updates and software patches are installed regularly. c. Institute a log-in policy that locks users out of an account after three failed password attempts. d. Initiate role-based access to its systems to reduce the possibility of escalated privileges. - c. Institute a log-in policy that locks users out of an account after three failed password attempts. An organization suffers a social engineering attack that results in a cybercriminal gaining access to its networks and to its customers' private information. How can the organization mitigate this risk in the future? a. Update user antivirus software to the latest version b. Implement a stronger password policy c. Provide regular cybersecurity training for employees d. Install a sophisticated intrusion detection system - c. Provide regular cybersecurity training for employees An attacker plans to exploit flaws in an operating system to gain access to a user's computer system. What is a prevention mechanism for this type of attack? a. Firewall b. Patching c. Antivirus d. Virtual Private Network (VPN) - b. Patching An unauthorized third-party has gained access to a company network. How can they be prevented from deleting data? a. Access controls b. Physical controls c. Biometrics d. Man trap - a. Access controls An attacker has gained access to the passwords of several employees of a company through a brute force attack. Which authentication method would keep the attacker from accessing the employees' devices? a. MFA (multi-factor authentication) b. AAA (authentication, authorization, and accounting) c. PKI (public key infrastructure) d. TCP/IP (transmission control protocol/internet protocol - a. MFA (multi-factor authentication) After downloading a CD/DVD burning program, a user notices that someone is remotely accessing the computer during nighttime hours. Which type of malware is likely found in the CD/DVD software? a. Virus b. Adware c. Worm d. Trojan horse - d. Trojan horse A user is working on a home computer when another user seems to open an application to view documents on the same computer. The user immediately suspects that a back door into the computer exists.Which action should be taken first to deal with the problem? a. Close the application the remote user opened b. Begin running antivirus scans c. Unplug the PC's network connection d. Open task manager to determine which applications are running - c. Unplug the PC's network connection A user receives an email from an unknown bank saying that the user's account with the bank has been compromised. The user suspects that this is a phishing exploit. How should the user safely proceed? a. Click the link provided in the email to receive more information. b. Open a new browser page, navigate to the bank's website, and acquire legitimate contact information to report the email. c. Use antivirus software to scan the email. d. Report the bank to the appropriate Internet registrar. - b. Open a new browser page, navigate to the bank's website, and acquire legitimate contact information to report the email. A malicious user was able to lock a user's account after guessing the user's password multiple times unsuccessfully. Which category of the CIA triad did the malicious user target in this attack? a. Confidentiality b. Integrity c. Availability d. Accessibility - c. Availability Which category of the CIA triad is affected when an unauthorized user changes the data within a read-only file? a. Confidentiality b. Integrity c. Authenticity d. Accessibility - b. Integrity An analyst has identified an active denial of service attack. Which category of the CIA triad is affected? a. Confidentiality b. Availability c. Integrity d. Application - b. Availability While investigating a security incident, a technician discovers an unauthorized packet-capturing tool on the network. Which category of the CIA triad is being attacked? a. Authenticity b. Confidentiality c. Availability d. Integrity - b. Confidentiality Which type of firewall initiates a new connection on behalf of the client and presents its own IP to the server when a client initiates a connection to a server? a. Application level b. Packet filtering c. Circuit level d. Stateful inspection - c. Circuit level Which feature of a firewall allows an organization to use private non-routable networks while enabling communication to the internet? a. Port Address Translation (PAT) b. Border Gateway Protocol (BGP) c. Static routing d. Packet filtering - a. Port Address Translation (PAT) What is the meaning of "state" when referring to stateful inspection in firewalls? a. It refers to the connection state of a conversation between two computers. b. It refers to the connection state of a computer to the network. c. It refers to the two firewall rules needed, one for the sender and one for the recipient. d. It refers to the inspection of the traffic payload and forwarding on to its destination. - a. It refers to the connection state of a conversation between two computers. What can a user install to detect malicious software? a. Proxy b. Antivirus c. Firewall d. Patch - b. Antivirus Which feature of a network intrusion prevention system (NIPS) uses a lists of known bad IP addresses to protect the network? a. Reputation-based prevention b. Anomaly-based protection c. Behavior-based analysis d. Cloud-based sandbox environment - a. Reputation-based prevention Which attack tricks a client into mapping an IP address to a spoofed MAC address? a. ARP spoofing b. Evil-twin attack c. Rogue DHCP server d. IP starvation - a. ARP spoofing Which type of port has access to all VLANs by default in a traditional layer 2 switch? a. Uplink b. Downlink c. Trunk d. Console - c. Trunk A company provides access to employees' tax and personal information via a public-facing web portal. What should the company implement to encrypt employees' web access to this information? a. Transport layer security (TLS) b. Network intrusion detection system (NIDS) c. Advanced encryption standard (AES) d. Two-factor authentication (2FA) - a. Transport layer security (TLS) What is end-to-end encryption? a. Data is encrypted on the sender's system and only the recipient is able to decrypt it. b. Certificate authorities establish static routes for two systems to communicate. c. Temporary VPN is established to protect all data communications. d. Data is encrypted with a private pre-shared key and cannot be decrypted by the sender. - a. Data is encrypted on the sender's system and only the recipient is able to decrypt it. Which phrase describes unencrypted data? a. In the clear b. At rest c. In transit d. Ciphertext - a. In the clear Which type of wireless security protocol is the most secure? a. WPA2 + AES b. WEP c. WPA + TKIP d. TKIP + AES - a. WPA2 + AES Which statement is true when comparing AES encryption to Triple DES (3DES)? a. AES requires less CPU utilization and uses a larger block size than 3DES. b. 3DES requires less CPU utilization and uses a larger block size than AES. c. 3DES is a superior encryption protocol due to the triple nature. d. AES was designed to run on high-end hardware, ensuring speedy throughput. - a. AES requires less CPU utilization and uses a larger block size than 3DES. What is the best defense against fake access attacks? a. Never use unsecured Wi-Fi hotspots. b. Never open unsolicited offers. c. Never click on a link within an email. d. Never reply to an unsolicited email. - a. Never use unsecured Wi-Fi hotspots. Which cloud feature is used to prevent data loss and provide for data retrieval in the event of a disaster? a. Data backups and archives b. Database encryption c. Data cleansing and analytics d. Database monitoring - a. Data backups and archives Which cloud-hosting model provides exclusive cloud access for a single company? a. Private b. Public c. Community d. Hybrid - a. Private What should a cloud provider use to secure data in flight? a. Private key encryption b. Demilitarized zone c. Multifactor authentication d. Updated antivirus software - a. Private key encryption An administrator fails to configure protection for usernames and passwords transmitted across the network. Which component of the AAA model is weakened? a. Authentication b. Authorization c. Access d. Availability - a. Authentication A user is mistakenly granted access to customer accounts not required for his duties. Which component of the AAA model is violated? a. Authentication b. Authorization c. Availability d. Access - b. Authorization Which network device is usually placed in-line between a trusted network and an untrusted network? a. Switch b. Hub c. Firewall d. Repeater - c. Firewall Which type of firewall technology reads and analyzes the actual content of a message before forwarding to its destination? a. Proxy servers b. Stateful c. Stateless d. Router - a. Proxy servers An organization's IT department is concerned that malicious insiders may be using elevated access rights. Which security control can be used to draw attacks away from critical systems? a. Firewalls b. Honeypots c. IDS d. IPS - b. Honeypots What layer of the OSI model does a router operate? Layer 6 (Presentation) Layer 2 (Data Link) Layer 1 (Physical) Layer 3 (Network) Layer 7 (Application) - Layer 3 (Network) If a network admin needs to know if a computer is connected to the network and can respond what tool should the admin use? Traceroute Ping nmap netstat - Ping A bridge _________________________________________________ a. connects wireless devices to the network using AES b. connects storage systems using IP based connections c. connects two networks by forwarding traffic without analysis for which host receives the data d. provides a direct connection to devices on the same network - c. connects two networks by forwarding traffic without analysis for which host receives the data IP addressing is used on which layer of the OSI model to route source and destination IP traffic? Layer 3 Layer 4 Layer 7 Layer 5 Layer 2 - Layer 3 A network admin is configuring an application and needs to be sure that port 4432 is open what tool should the admin use? Ping netstat nmap TCP_Function - nmap (Network Mapper)