Exam Prep with 200 Past Real Exam Questions and
Correct Answers Review/ WGU D315 Network and
Security Foundations Exam Prep 2026 (New!)
What is the definition of vulnerability, in computer security?
a. It is a weakness which can be exploited by a threat, such as an attacker, to
perform unauthorized actions within a computer system.
b. It is a possible danger that might exploit a weakness to breach security and
therefore cause possible harm.
c. It is an action taken by a threat that exploits a weakness that attempts to either
block authorized access to an asset or to gain unauthorized access to an asset.
d. It is the potential of a threat to exploit a weakness via an attack. - ANSWER-It
is a weakness which can be exploited by a threat, such as an attacker, to perform
unauthorized actions within a computer system.
What is required to establish a secure connection to a remote network over an
insecure link?
a. Virtual Private Network (VPN) service
b. Linux
c. Command Line Interface
d. TOR Network - ANSWER-Virtual Private Network (VPN) service
Which type of attack sends an email claiming to be from a reputable business in
order to entice the recipient to provide sensitive information?
pg. 1
,a. Denial-of-service
b. Phishing
c. Password attacks
d. Man-in-the-middle - ANSWER-Phishing
An organization is concerned about brute force attacks.
How should the organization counter this risk?
a. Install a mantrap and biometric scanner at the entrance of its data center.
b. Implement a system hardening policy that ensures operating system updates and
software patches are installed regularly.
c. Institute a log-in policy that locks users out of an account after three failed
password attempts.
d. Initiate role-based access to its systems to reduce the possibility of escalated
privileges. - ANSWER-c. Institute a log-in policy that locks users out of an
account after three failed password attempts.
An organization suffers a social engineering attack that results in a cybercriminal
gaining access to its networks and to its customers' private information.
How can the organization mitigate this risk in the future?
a. Update user antivirus software to the latest version
b. Implement a stronger password policy
c. Provide regular cybersecurity training for employees
d. Install a sophisticated intrusion detection system - ANSWER-c. Provide regular
cybersecurity training for employees
pg. 2
,An attacker plans to exploit flaws in an operating system to gain access to a user's
computer system. What is a prevention mechanism for this type of attack?
a. Firewall
b. Patching
c. Antivirus
d. Virtual Private Network (VPN) - ANSWER-b. Patching
An unauthorized third-party has gained access to a company network.
How can they be prevented from deleting data?
a. Access controls
b. Physical controls
c. Biometrics
d. Man trap - ANSWER-a. Access controls
Which topology uses a switch or hub to connect to all devices in the same
network?
a. Mesh
b. Ring
c. Star
d. Bus - ANSWER-Star
pg. 3
, Which cloud service provides hardware, operating systems, and web servers but
not end-user applications?
a. IaaS
b. PaaS
c. SaaS
d. RaaS - ANSWER-PaaS
Which cloud model provides an exclusive cloud computing service environment
that is shared between two or more organizations?
a. Public
b. Private
c. Community
d. Hybrid - ANSWER-Community
Which type of software is used to provide virtualization?
a. Database
b. Hypervisor
c. Antivirus
d. Spreadsheet - ANSWER-Hypervisor
A user that does not want to be identified while communicating on a network uses
an application to alter the computer's identity. Which type of exploit is being
perpetrated?
pg. 4