WGU C795 Cybersecurity Management II (Tactical) OA ACTUAL EXAM 2025/2026 COMPLETE QUESTIONS WITH CORRECT DETAILED ANSWERS || 100% GUARANTEED PASS BRAND NEW VERSION

WGU C795 Cybersecurity Management II (Tactical) OA ACTUAL EXAM 2025/2026 COMPLETE QUESTIONS WITH CORRECT DETAILED ANSWERS || 100% GUARANTEED PASS BRAND NEW VERSION 1. ____________are another area of wireless security concern. Headsets for cell phones, mice, keyboards, Global Positioning System (GPS) devices, and many other interface devices and peripherals are connected via Bluetooth. - ANSWER a. Bluetooth, or IEEE 802.15, personal area networks (PANs) 2. _____________ is a tracking technology based on the ability to power a radio transmitter using current generated in an antenna when placed in a magnetic field. RFID can be triggered/powered and read from a considerable distance away (often hundreds of meters). RFID can be attached to devices or integrated into their structure, such as notebook computers, tablets, routers, switches, USB flash drives, portable hard drives, and so on. This can allow for quick inventory tracking without having to be in direct physical proximity of the device. Simply walking into a room with an RFID reader can collect the information transmitted by the activated chips in the area. - ANSWER Radio Frequency Identification (RFID) 3. _______ is a standard that establishes radio communications between devices in close proximity (like a few inches versus feet for passive RFID). It lets you perform a type of automatic synchronization and association between devices by touching them together or bringing them within inches of each other. NFC is a derivative technology from RFID and is itself a form of field-powered or triggered device. - ANSWER Near-field communication (NFC) 4. ___________ represent an often-overlooked security issue. Cordless phones are designed to use any one of the unlicensed frequencies, in other words, 900 MHz, 2.4 GHz, or 5 GHz. These three unlicensed frequency ranges are employed by many different types of devices, from cordless phones and baby monitors to Bluetooth and wireless networking devices. The issue that is often overlooked is that someone could easily eavesdrop on a conversation on a cordless phone since its signal is rarely encrypted. - ANSWER Cordless phones 5. __________ is defined by the IEEE 802.11 standard. It was designed to provide the same level of security and encryption on wireless networks as is found on wired or cabled networks. WEP provides protection from packet sniffing and eavesdropping against wireless transmissions 6. WEP was cracked almost as soon as it was released. Today, it is possible to crack WEP in less than a minute, thus rendering it a worthless security precaution - ANSWER Wired Equivalent Privacy (WEP) 7. ____________ was designed as the replacement for WEP; it was a temporary fix until the new 802.11i amendment was completed. The process of crafting the new amendment took years, and thus WPA established a foothold in the marketplace and is still widely used today. Additionally, WPA can be used on most devices, whereas the features of 802.11i exclude some lower-end hardware. - ANSWER Wi-Fi Protected Access (WPA) 8. Eventually, a new method of securing wireless was developed that is still generally considered secure. This is the amendment known as 802.11i or ___________ It is a new encryption scheme known as the Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP), which is based on the AES encryption scheme - ANSWER Wi-Fi Protected Access 2 (WPA2). 9. Both WPA and WPA2 support the enterprise authentication known as __________ a standard port-based network access control that ensures that clients cannot communicate with a resource until proper authentication has taken place. Effectively, 802.1X is a hand-off system that allows the wireless network to leverage the existing network infrastructure's authentication services - ANSWER 802.1X/EAP 10. ______________ is not a specific mechanism of authentication; rather it is an authentication framework. Effectively, EAP allows for new authentication technologies to be compatible with existing wireless or point to-point connection technologies - ANSWER Extensible Authentication Protocol (EAP) 11. _________ encapsulates EAP methods within a TLS tunnel that provides authentication and potentially encryption. Since EAP was originally designed for use over physically isolated channels and hence assumed secured pathways, EAP is usually not encrypted. So PEAP can provide encryption for EAP methods. - ANSWER Protected Extensible Authentication Protocol (PEAP) 12. _____________ is a Cisco proprietary alternative to TKIP for WPA - ANSWER Lightweight Extensible Authentication Protocol (LEAP) 13. ________________ was designed as the replacement for WEP without requiring replacement of legacy wireless hardware. TKIP was implemented into 802.11 wireless networking under the name WPA (Wi-Fi Protected Access). - ANSWER Temporal Key Integrity Protocol (TKIP) 14. ______________ was created to replace WEP and TKIP/WPA. CCMP uses AES (Advanced Encryption Standard) with a 128-bit key. CCMP is the preferred standard security protocol of 802.11 wireless networking indicated by 802.11i. To date, no attacks have yet been successful against the AES/CCMP encryption. - ANSWER CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) 15. __________ is a type of geek graffiti that some wireless hackers used during the early years of wireless (). It's a way to physically mark an area with information about the presence of a wireless network - ANSWER War chalking 16. _____________are standby facilities large enough to handle the processing load of an organization and equipped with appropriate electrical and environmental support systems. They may be large warehouses, empty office buildings, or other similar structures. However, a cold site has no computing facilities (hardware or software) preinstalled and also has no active broadband communications links. Many cold sites do have at least a few copper telephone lines, and some sites may have standby links that can be activated with minimal notification. - ANSWER a. Cold sites 17. What is a vulnerability assessment? - ANSWER often include results from vulnerability scans, but the assessment will do more; sometimes used to indicate a risk assessment or risk analysis 18. What are the two categories of incident sources? - ANSWER Internal and external sources 19. What is an internal incident source? - ANSWER Incidents are usually identified by the information technology (IT) teams such as the network, desktop, or IT surveillance teams, the users through the help desk, or even IT partners. 20. What is an external incident source - ANSWER usually originate from coworkers, external partners, or law enforcement, which may contact the information security team to declare an incident 21. What is the goal of the CCM? - ANSWER Cyber Crisis Management aims to implement a set of specific organizational and technical measures to allow specially mobilized staff to deploy quickly, effectively, and efficiently during the crisis and respond to potentially unknown situations 22. What is a CDU? - ANSWER Crisis decision-making unit 23. What are the Cyber Crisis Management Steps? - ANSWER Alert & qualification, crisis handling, execution and surveillance, and crisis closure 24. What is the key difference between cyber and general crisis management? - ANSWER the cyber specificities, especially regarding how to stop the attack 25. Define an organization and what is it influenced by? - ANSWER Organizations are social systems that are influenced by human factors. Social systems are influenced by drivers such as individual values, thoughts, beliefs, biases, actions, and interactions 26. What are examples of security controls that are implemented in organizations to mitigate risk? - ANSWER These include controls such as activity log monitoring, nondisclosure agreements, security training, and security service-level agreement (SLA) 27. T/F - Cyber security only deals with technology issues - ANSWER False - includes social, cultural, emotional, and behavioral issues 28. What is organizational culture? - ANSWER Organizational culture is a result of multiple factors, such as regional factors, values, style, decision styles, and ethical standards of leaders 29. T/F - Security policies alone are enough to promote security - ANSWER False - security policies are essential but not sufficient to promote security 30. A combination of what three things is essential for security controls to be effective and successful? - ANSWER A combination of technology, process, and people is essential for a security control to be effective and successful. 31. What is an insider threat? - ANSWER Insider threats result from the actions or omission of employees, former staff and others who are internal to the organization. 32. What is social engineering? - ANSWER an approach employed by attackers to manipulate human behavior in order to breach organization security 33. What is the purpose of training? - ANSWER to create awareness, build knowledge, transform behavior, and align employees to a consistent organizational culture. 34. What are the three leading cybersecurity frameworks and standards? - ANSWER A useful way to address human factors is considered in the three leading cybersecurity frameworks and standards—ISO 27001:2013, business model for information security (BMIS) and National Institute of Standards and Technology (NIST) 35. What is ISO 27001:2013? - ANSWER A globally accepted standard for Information Security Management Systems (ISMS) 36. What are the five functions of the core National Institute of Standards and Technology (NIST) framework? - ANSWER The core framework defines five functions: identify, protect, detect, respond, and recover. 37. What is a key risk indicator (KRI)? - ANSWER a metric that permits a business to monitor changes in the level of risk in order to take action 38. What is a key performance indicator (KPI)? - ANSWER a metric that evaluates how a business is performing against objectives. 39. What is a key control indicator (KCI)? - ANSWER a metric that evaluates the effectiveness level of a control (or set of controls) that have been implemented to reduce or mitigate a given risk exposure. 40. What is inherent risk? - ANSWER before controls are taken into account 41. What is residual risk? - ANSWER after controls are taken into account 42. What is NIST SP 800-137? - ANSWER Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations 43. What are the two main types of mechanical locks? - ANSWER warded locks and tumbler locks 44. What is a warded lock? - ANSWER Basic padlocks; the lock has wards (metal projections around the keyhole), and only a particular key will work with the wards to unlock the lock. 45. What is a tumbler lock? - ANSWER A tumbler lock has more pieces than a warded lock; the key fits into the cylinder, raising the lock pieces to the correct height. 46. What are the three types of tumbler locks? - ANSWER pin, wafer, and lever 47. T/F - A combination lock is a mechanical lock - ANSWER false, combination locks are not considered to be mechanical locks according to (ISC)2 48. What is the flaw hypothesis methodology? - ANSWER used to analyze operating system vulnerabilities in a penetration testing project; the flaw hypothesis methodology refers to a system analysis and penetration technique in which the specifications and documentation for an operating system are analyzed to compile a list of possible flaws. 49. What is port control? - ANSWER a device lock that prevents access to hard drives or unused ports in a computer 50. What is a proximity detector? - ANSWER an IDS that uses a magnetic field to detect intrusions; also called an electrostatic IDS. 51. What is a photoelectric system? - ANSWER detects light changes and should only be used in windowless rooms 52. What is a passive infrared system? - ANSWER detects changes in heat waves 53. What is an acoustical detection system? - ANSWER uses microphones installed throughout a room to detect sound 54. What is MTTF? - ANSWER Mean time to failure is the number of times media can be reused or the number of years you can expect to keep it. 55. What is MTBF? - ANSWER Mean time between failures is the estimated amount of time that a piece of equipment should remain operational before failure 56. What is MTTR? - ANSWER Mean time to repair is the amount of time that it will take to repair a piece of equipment when failure occurs 57. What is an audit-reduction tool? - ANSWER used to limit the amount of audit log information by discarding information that is not needed by the security professional; this tool discards mundane information that is not needed 58. What is the difference between implicit & explicit right? - ANSWER an implicit right occurs when a user inherits a permission based on group membership, can also occur due to role assignment; an explicit right occurs when a user is given a permission directly 59. What is slack space? - ANSWER refers to an unused space in a disk cluster 60. What is a message digest? - ANSWER a fixed output created by using a one-way hash function; a message digest is created from a variable set of input, also referred to as a checksum 61. What is a memory dump? - ANSWER it contains the latest state of the system before the attack occurred; are admissible in the court of law as evidence to prosecute a suspect. 62. What does is it mean if a file server is experiencing unscheduled initial program loads (IPLs)? - ANSWER the system is rebooting 63. Unauthorized changes directly affect what in the CIA Triad? - ANSWER Availability 64. Define an incidient. - ANSWER Any event that has a negative effect on the confidentiality, integrity, or availability of an organization's assets. 65. What is a computer security incident? - ANSWER Commonly refers to an incident that is the result of an attack, or the result of malicious or intentional actions on the part of users 66. What is the business continuity planning (BCP)? - ANSWER The art of helping an organization assess priorities and design resilient processes that will allow continued operations in the event of a disaster.