C701 ETHICAL HACKING (WGU MASTER’S) 2025 PRACTICE EXAM WITH CORRECT ANSWERS GRADED A+

MINDPLUG SOLUTIONS — EMPOWERING MINDS, BUILDING FUTURES




C701 ETHICAL HACKING (WGU MASTER’S) 2025
PRACTICE EXAM WITH CORRECT ANSWERS GRADED
A+
Which of the following information security elements guarantees that the sender of a
message cannot later deny having sent the message and the recipient cannot deny having
received the message?



A Confidentiality

B Non-repudiation

C Availability

D Integrity

B




Which of the following is a serverless security risk due to the poor design of identity and
access controls, paving the way for attackers to identify missing resources, such as open
APIs and public cloud storage, and leading to system business logic breakage and
execution flow disruption?



A Injection

B Broken authentication

C Sensitive data exposure

D XML external entities (XXE)

B




EDUCATIONAL SUPPORT • ACADEMIC RESOURCES • PROFESSIONAL GUIDANCE

,MINDPLUG SOLUTIONS — EMPOWERING MINDS, BUILDING FUTURES


In which of the following attacks does an attacker exploit the vulnerability residing in a
bare-metal cloud server and use it to implant a malicious backdoor in its firmware?



A Wrapping attack

B Cloudborne attack

C Cryptanalysis attack

D Cross-site scripting attack

B




Which of the following information does an attacker enumerate by analyzing the AWS error
messages that reveal information regarding the existence of a user?



A Enumerating AWS account IDs

B Enumerating S3 buckets

C Enumerating IAM roles

D Enumerating bucket permissions

C




An attacker is using DumpsterDiver, an automated tool, to identify potential secret leaks
and hardcoded passwords in target cloud services.



Which of the following flags is set by the attacker to analyze the files using rules specified in
"rules.yaml"?



A -r, --remove


EDUCATIONAL SUPPORT • ACADEMIC RESOURCES • PROFESSIONAL GUIDANCE

,MINDPLUG SOLUTIONS — EMPOWERING MINDS, BUILDING FUTURES


B -a, --advance

C -s, --secret

D -o OUTFILE

B




Which of the following encryption algorithms is a large tweakable symmetric-key block
cipher with equal block and key sizes of 256, 512, or 1024 and involves only three
operations, that is, addition-rotation-XOR?



A RC4

B Twofish

C RC5

D Threefish

D




Which of the following symmetric-key block ciphers has either 18 rounds for 128-bit keys or
24 rounds for 256-bit keys and uses four 8 × 8-bit S-boxes that perform affine
transformations and logical operations?



A RSA

B Diffie-Hellman

C Camellia

D YAK

C




EDUCATIONAL SUPPORT • ACADEMIC RESOURCES • PROFESSIONAL GUIDANCE

, MINDPLUG SOLUTIONS — EMPOWERING MINDS, BUILDING FUTURES




Which of the following components of public key infrastructure acts as a verifier for the
certificate authority?



A Authentication authority

B Registration authority

C Certificate management system

D Validation authority

B




Which of the following protocols is often used for data compression, digital signing,
encryption and decryption of messages, emails, files, and directories as well as to enhance
the privacy of email communications?



A EAP

B PGP

C CHAP

D HMAC

B




Which of the following is an attack where an attacker intercepts the communication
between a client and server, negotiates cryptographic parameters to decrypt the encrypted
content, and obtains confidential information such as system passwords?



A Chosen-key attack


EDUCATIONAL SUPPORT • ACADEMIC RESOURCES • PROFESSIONAL GUIDANCE