WGU D315 V2 SECTION 2 STUDY
PLAN QUIZ QUESTIONS & VERIFIED
CORRECT ANSWERS
A person who enjoys the challenge of breaching networks and bypassing security measures for
the thrill, without malicious intent and sometimes pointing out flaws to the affected parties, can
be termed a: - correct answer ✔✔Grey Hat Hacker
During a network upgrade, an administrator mistakenly cuts off the backup data center from the
main network. This error leaves the organization without a failover option in case of a primary
data center failure. What aspect of the CIA triad has been compromised? - correct answer
✔✔Availability
During an IT audit, it's discovered that an employee has been modifying sales records in the
company's database to inflate commission payments. Which aspect of the CIA triad has been
breached? - correct answer ✔✔Integrity
In the context of IT security, wiretapping is considered - correct answer ✔✔A type of passive
attack
Which term refers to the combination of the probability and potential consequences of a threat
taking advantage of a vulnerability? - correct answer ✔✔Risk
An attacker is trying to infiltrate the network from an offsite location. What type of threat does
this attacker represent? - correct answer ✔✔External Threat
Which of the following best describes the most significant risk of allowing personal devices on
company networks without a proper security policy? - correct answer ✔✔Increased risk of
malware infection
, Which risk management strategy involves implementing security measures to decrease the
probability of a risk happening or to lessen its effects should it occur? - correct answer ✔✔Risk
Mitigation
Which type of attack involves manipulating a database by entering malicious code into input
fields? - correct answer ✔✔SQL Injection
How can organizations reduce the risk associated with port scanning attacks? - correct answer
✔✔Using firewalls to block unnecessary ports
A healthcare provider's patient portal becomes inaccessible due to a misconfigured firewall that
blocks incoming patient traffic. This scenario primarily compromises which principle of the CIA
triad? - correct answer ✔✔Availability
Sam was just hired to work on the security team that will be attempting to compromise the
company's network to discover what vulnerability exist. Which team did he get hired to? -
correct answer ✔✔Red
Which risk management approach entails removing the threat or vulnerability altogether to
entirely negate the related risk? - correct answer ✔✔Risk Avoidance
A hacker uses a script that automatically injects SQL commands into web forms to steal data
from a database. This script is an example of: - correct answer ✔✔An exploit
During a phone call, an individual claiming to be from the IT department asks for your password
to address a system issue. This is an example of: - correct answer ✔✔Social engineering
PLAN QUIZ QUESTIONS & VERIFIED
CORRECT ANSWERS
A person who enjoys the challenge of breaching networks and bypassing security measures for
the thrill, without malicious intent and sometimes pointing out flaws to the affected parties, can
be termed a: - correct answer ✔✔Grey Hat Hacker
During a network upgrade, an administrator mistakenly cuts off the backup data center from the
main network. This error leaves the organization without a failover option in case of a primary
data center failure. What aspect of the CIA triad has been compromised? - correct answer
✔✔Availability
During an IT audit, it's discovered that an employee has been modifying sales records in the
company's database to inflate commission payments. Which aspect of the CIA triad has been
breached? - correct answer ✔✔Integrity
In the context of IT security, wiretapping is considered - correct answer ✔✔A type of passive
attack
Which term refers to the combination of the probability and potential consequences of a threat
taking advantage of a vulnerability? - correct answer ✔✔Risk
An attacker is trying to infiltrate the network from an offsite location. What type of threat does
this attacker represent? - correct answer ✔✔External Threat
Which of the following best describes the most significant risk of allowing personal devices on
company networks without a proper security policy? - correct answer ✔✔Increased risk of
malware infection
, Which risk management strategy involves implementing security measures to decrease the
probability of a risk happening or to lessen its effects should it occur? - correct answer ✔✔Risk
Mitigation
Which type of attack involves manipulating a database by entering malicious code into input
fields? - correct answer ✔✔SQL Injection
How can organizations reduce the risk associated with port scanning attacks? - correct answer
✔✔Using firewalls to block unnecessary ports
A healthcare provider's patient portal becomes inaccessible due to a misconfigured firewall that
blocks incoming patient traffic. This scenario primarily compromises which principle of the CIA
triad? - correct answer ✔✔Availability
Sam was just hired to work on the security team that will be attempting to compromise the
company's network to discover what vulnerability exist. Which team did he get hired to? -
correct answer ✔✔Red
Which risk management approach entails removing the threat or vulnerability altogether to
entirely negate the related risk? - correct answer ✔✔Risk Avoidance
A hacker uses a script that automatically injects SQL commands into web forms to steal data
from a database. This script is an example of: - correct answer ✔✔An exploit
During a phone call, an individual claiming to be from the IT department asks for your password
to address a system issue. This is an example of: - correct answer ✔✔Social engineering
