WGU D482 PERFOMANCE ASSESSMENT (Secure Network Design - D482) Questions and
Correct Answers Latest Update 2026
A laptop has been stolen, and the data has been seen for sale on the darknet. Which process
could have protected the confidentiality of the data? - Answers Hard Drive Encryption
Classify each attack method in relation to its direct impact on the CIA triad. - Answers Key
Logger: Confidentiality
DNS Poisoning: Integrity
Covert Channels: Confidentiality
DDoS: Availability
A security administrator has configured a small keysize to protect the VPN.
Which security objective does this affect? - Answers Confidentiality
A laptop has been stolen, and the data has been seen for sale on the darknet.
Which process could have protected the confidentiality of the data? - Answers Hard Drive
encryption
When browsing to a financial website, a user receives an error on the browser that points to the
certificate
on the website. The user reviews the certificate and maps it to a known certificate authority.
Why did the user need to perform these actions? - Answers To establish a trust relationship
A team of scientists is working on a secure project. The network administrator needs to
configure a
network for the team that is not routable from the Internet. A firewall is protecting the scientists'
network
and is using network address translation (NAT) to translate the internal IP addresses to public
IP
addresses.
Which IP address should the network administrator configure on the inside interface of the
firewall? - Answers 10.14.15.16
An ad hoc network design team has just finished a presentation on the latest updates to the
organization's
,network infrastructure. The team ensured that plenty of redundancy has been built in and
bottlenecks
have been eliminated.
Which security objective has the team bolstered through these improvements? - Answers
Availability
A company has recently implemented a new email encryption system that uses public key
infrastructure
(PKI). The company is now requiring all employees to sign and encrypt internal communication.
An
employee wants to send a digitally signed message to the IT director.
What does the IT director use to decode the employee's signature under the new system? -
Answers The employee's public key
An administrator at a small office is tasked with supporting a new time clock that has been
installed on the
network. The outsourced company managing the time clock states that the connection protocol
it uses
with the clock is encrypted, but it needs to allow incoming connections from the Internet.
Which action should allow the outsourced company to securely manage the time clock with a
minimal
amount of configuration effort? - Answers Setting up a port forward on the firewall from the
outsourced company to the
time clock
A small nonprofit company has received several legacy wireless access points (APs) as a
donation. The
security administrator discovers that the encryption protocol the devices use is not very secure.
The encryption key can be discovered by a malicious hacker in only a few minutes. After
discussions with other
security professionals, the administrator learns the APs can implement a key protocol that can
change the
encryption key every few seconds and provide a per-packet verification at each side of the
communication.
, Which security measure is the key protocol implemented to protect? - Answers Integrity of the
key
A recently terminated employee from accounting used several widely available programs in an
amateur
attempt to exploit a company's database.
Which term describes the terminated employee? - Answers Script kiddies
An organization has recently undergone a period of growth, both in terms of business
operations and
personnel. The network infrastructure has kept pace, growing to accommodate the new size
and
structure. Mapping and auditing of the expanded network needs to be done. One of the first
findings is
that the router has permissive rights to all unassigned ports.
What is this finding an example of? - Answers A vulnerability
A company has been the target of multiple social engineering attacks and is implementing a
new
mandatory security awareness training program to reduce the risk of a future compromise. The
security
administrator is mainly concerned with the following attack vectors:
Spoofed emails containing fake password reset links aimed at harvesting employees'
passwords
Phone calls to the helpdesk by a malicious user pretending to be an employee needing a
password reset
A malicious user tailgating while impersonating a contractor to steal employees' mobile devices
What are the two vulnerabilities that the company needs to address to meet the above
requirements? - Answers Untrained users and Lack of Secure access control
An email link takes a user to an online store. After clicking the link, the user is redirected to a
spoofed
online store.
Which type of attack is occurring? - Answers Cross-site scripting
Correct Answers Latest Update 2026
A laptop has been stolen, and the data has been seen for sale on the darknet. Which process
could have protected the confidentiality of the data? - Answers Hard Drive Encryption
Classify each attack method in relation to its direct impact on the CIA triad. - Answers Key
Logger: Confidentiality
DNS Poisoning: Integrity
Covert Channels: Confidentiality
DDoS: Availability
A security administrator has configured a small keysize to protect the VPN.
Which security objective does this affect? - Answers Confidentiality
A laptop has been stolen, and the data has been seen for sale on the darknet.
Which process could have protected the confidentiality of the data? - Answers Hard Drive
encryption
When browsing to a financial website, a user receives an error on the browser that points to the
certificate
on the website. The user reviews the certificate and maps it to a known certificate authority.
Why did the user need to perform these actions? - Answers To establish a trust relationship
A team of scientists is working on a secure project. The network administrator needs to
configure a
network for the team that is not routable from the Internet. A firewall is protecting the scientists'
network
and is using network address translation (NAT) to translate the internal IP addresses to public
IP
addresses.
Which IP address should the network administrator configure on the inside interface of the
firewall? - Answers 10.14.15.16
An ad hoc network design team has just finished a presentation on the latest updates to the
organization's
,network infrastructure. The team ensured that plenty of redundancy has been built in and
bottlenecks
have been eliminated.
Which security objective has the team bolstered through these improvements? - Answers
Availability
A company has recently implemented a new email encryption system that uses public key
infrastructure
(PKI). The company is now requiring all employees to sign and encrypt internal communication.
An
employee wants to send a digitally signed message to the IT director.
What does the IT director use to decode the employee's signature under the new system? -
Answers The employee's public key
An administrator at a small office is tasked with supporting a new time clock that has been
installed on the
network. The outsourced company managing the time clock states that the connection protocol
it uses
with the clock is encrypted, but it needs to allow incoming connections from the Internet.
Which action should allow the outsourced company to securely manage the time clock with a
minimal
amount of configuration effort? - Answers Setting up a port forward on the firewall from the
outsourced company to the
time clock
A small nonprofit company has received several legacy wireless access points (APs) as a
donation. The
security administrator discovers that the encryption protocol the devices use is not very secure.
The encryption key can be discovered by a malicious hacker in only a few minutes. After
discussions with other
security professionals, the administrator learns the APs can implement a key protocol that can
change the
encryption key every few seconds and provide a per-packet verification at each side of the
communication.
, Which security measure is the key protocol implemented to protect? - Answers Integrity of the
key
A recently terminated employee from accounting used several widely available programs in an
amateur
attempt to exploit a company's database.
Which term describes the terminated employee? - Answers Script kiddies
An organization has recently undergone a period of growth, both in terms of business
operations and
personnel. The network infrastructure has kept pace, growing to accommodate the new size
and
structure. Mapping and auditing of the expanded network needs to be done. One of the first
findings is
that the router has permissive rights to all unassigned ports.
What is this finding an example of? - Answers A vulnerability
A company has been the target of multiple social engineering attacks and is implementing a
new
mandatory security awareness training program to reduce the risk of a future compromise. The
security
administrator is mainly concerned with the following attack vectors:
Spoofed emails containing fake password reset links aimed at harvesting employees'
passwords
Phone calls to the helpdesk by a malicious user pretending to be an employee needing a
password reset
A malicious user tailgating while impersonating a contractor to steal employees' mobile devices
What are the two vulnerabilities that the company needs to address to meet the above
requirements? - Answers Untrained users and Lack of Secure access control
An email link takes a user to an online store. After clicking the link, the user is redirected to a
spoofed
online store.
Which type of attack is occurring? - Answers Cross-site scripting
