WGU C172 OA NETWORK AND SECURITY EXAM QUESTIONS AND ANSWERS RATED A+ 2023

WGU C172 OA NETWORK AND SECURITY EXAM
QUESTIONS AND ANSWERS RATED A+ 2023
A password history value of three means which of the following?

A. Three different passwords are used before one can be reused.

B. A password cannot be reused once changed for three years.

C. After three hours a password must be re-entered to continue.

D. The server stores passwords in the database for three days. - ANSWER: A

In order to provide flexible working conditions, a company has decided to allow
some employees remote

access into corporate headquarters. Which of the following security technologies
could be used to provide

remote access? (Select TWO).

A. Subnetting

B. NAT

C. Firewall

D. NAC

E. VPN - ANSWER: CE

Which of the following devices is BEST suited for servers that need to store private
keys?

A. Hardware security module

B. Hardened network firewall

C. Solid state disk drive

D. Hardened host firewall - ANSWER: A

All of the following are valid cryptographic hash functions EXCEPT:

A. RIPEMD.

,B. RC4.

C. SHA-512.

D. MD4. - ANSWER: B

Which of the following can prevent an unauthorized person from accessing the
network by plugging into an

open network jack?

A. 802.1x

B. DHCP

C. 802.1q

D. NIPS - ANSWER: A

A targeted email attack sent to Sara, the company's Chief Executive Officer (CEO), is
known as which of the

following?

A. Whaling

B. Bluesnarfing

C. Vishing

D. Dumpster diving - ANSWER: A

After verifying that the server and database are running, Jane, the administrator, is
still unable to make a TCP

connection to the database. Which of the following is the MOST likely cause for this?

A. The server has data execution prevention enabled

B. The server has TPM based protection enabled

C. The server has HIDS installed

D. The server is running a host-based firewall - ANSWER: D

In regards to secure coding practices, why is input validation important?

,A. It mitigates buffer overflow attacks.

B. It makes the code more readable.

C. It provides an application configuration baseline.

D. It meets gray box testing standards. - ANSWER: A

Which of the following steps should follow the deployment of a patch?

A. Antivirus and anti-malware deployment

B. Audit and verification

C. Fuzzing and exploitation

D. Error and exception handling - ANSWER: B

Which of the following would be used when a higher level of security is desired for
encryption key storage?

A. TACACS+

B. L2TP

C. LDAP

D. TPM - ANSWER: D

A security administrator needs to determine which system a particular user is trying
to login to at various times

of the day. Which of the following log types would the administrator check?

A. Firewall

B. Application

C. IDS

D. Security - ANSWER: D

Which of the following MUST be updated immediately when an employee is
terminated to prevent unauthorized

access?

, A. Registration

B. CA

C. CRL

D. Recovery agent - ANSWER: C

Employee badges are encoded with a private encryption key and specific personal
information. The encoding

is then used to provide access to the network. Which of the following describes this
access control type?

A. Smartcard

B. Token

C. Discretionary access control

D. Mandatory access control - ANSWER: A

Which of the following devices would MOST likely have a DMZ interface?

A. Firewall

B. Switch

C. Load balancer

D. Proxy - ANSWER: A

A security administrator is observing congestion on the firewall interfaces and a high
number of half open

incoming connections from different external IP addresses. Which of the following
attack types is underway?

A. Cross-site scripting

B. SPIM

C. Client-side

D. DDoS - ANSWER: D