WGU C172 Pre-Assessment Questions with verified
answers
A company has the policy that all new user passwords are P@ssw0rd but does not
require new users to change their password. An employee randomly tries a
coworker's account with the new user password to see if they can log in as the
coworker.
Which type of vulnerability does this create? Ans✓✓✓-Default password
A malicious user was able to lock a user's account after guessing the user's
password multiple times unsuccessfully.
Which category of the CIA triad did the malicious user target in this attack?
Ans✓✓✓-Availability
A malicious user was able to obtain contact information for top-level company
executives and IT staff from multiple public websites.
Which strategy should the company adopt to reduce the risk from similar future
attacks? Ans✓✓✓-Implement a social media policy
A school district discovers that students have been accessing inappropriate
content on the internet.
How should the district address this risk? Ans✓✓✓-Install a network filtering
appliance
, A server is out of storage and fails to write to the log files. Administrators are still
able to remotely log in and review logs.
Which category of AAA is affected in this scenario? Ans✓✓✓-Accounting
A user is mistakenly granted access to customer accounts not required for his
duties.
Which component of the AAA model is violated? Ans✓✓✓-Authorization
A user is working on a home computer when another user seems to open an
application to view documents on the same computer. The user immediately
suspects that a back door into the computer exists.
Which action should be taken first to deal with the problem? Ans✓✓✓-Unplug
the PC's network connection
A user notices that data seems to be missing or altered and computer settings are
sometimes changed randomly. The user knows that no one else has physical
access to the computer, and antivirus software scans do not detect any culprits.
Which action should be taken to identify the problem? Ans✓✓✓-Install software
to look for and remove rootkits
A user on a network is planning to launch an exploit against a coworker in a
neighboring department. The user needs to identify the IP address of a coworker
in the desired department.
answers
A company has the policy that all new user passwords are P@ssw0rd but does not
require new users to change their password. An employee randomly tries a
coworker's account with the new user password to see if they can log in as the
coworker.
Which type of vulnerability does this create? Ans✓✓✓-Default password
A malicious user was able to lock a user's account after guessing the user's
password multiple times unsuccessfully.
Which category of the CIA triad did the malicious user target in this attack?
Ans✓✓✓-Availability
A malicious user was able to obtain contact information for top-level company
executives and IT staff from multiple public websites.
Which strategy should the company adopt to reduce the risk from similar future
attacks? Ans✓✓✓-Implement a social media policy
A school district discovers that students have been accessing inappropriate
content on the internet.
How should the district address this risk? Ans✓✓✓-Install a network filtering
appliance
, A server is out of storage and fails to write to the log files. Administrators are still
able to remotely log in and review logs.
Which category of AAA is affected in this scenario? Ans✓✓✓-Accounting
A user is mistakenly granted access to customer accounts not required for his
duties.
Which component of the AAA model is violated? Ans✓✓✓-Authorization
A user is working on a home computer when another user seems to open an
application to view documents on the same computer. The user immediately
suspects that a back door into the computer exists.
Which action should be taken first to deal with the problem? Ans✓✓✓-Unplug
the PC's network connection
A user notices that data seems to be missing or altered and computer settings are
sometimes changed randomly. The user knows that no one else has physical
access to the computer, and antivirus software scans do not detect any culprits.
Which action should be taken to identify the problem? Ans✓✓✓-Install software
to look for and remove rootkits
A user on a network is planning to launch an exploit against a coworker in a
neighboring department. The user needs to identify the IP address of a coworker
in the desired department.
