❖ Spring Semester 2026 – WGU C172 Network and Security
Foundations Comprehensive Study Guide | 150+ Practice Questions
with Verified Answers and Detailed Rationales | Network
Fundamentals, Security Principles, Protocols, Firewalls, Encryption,
Risk Management, and IT Security Applications
Question 1:
What does the term "VPN" stand for?
• A) Virtual Private Network
• B) Virtual Public Network
• C) Variable Private Network
• D) Verified Private Network
Correct Option: A) Virtual Private Network
Rationale:
A VPN (Virtual Private Network) creates a secure connection over a less secure network,
such as the Internet. It encrypts the data transmitted, providing privacy and anonymity
by masking the user's IP address. This is critical for maintaining confidentiality and
security in data transmission.
Question 2:
Which of the following is a common method of encrypting data in transit?
• A) FTP
• B) HTTPS
• C) HTTP
• D) Telnet
Correct Option: B) HTTPS
Rationale:
HTTPS (HyperText Transfer Protocol Secure) is an extension of HTTP that uses SSL/TLS
to encrypt data between the client and server. This encryption helps protect sensitive
information such as login credentials and personal data from interception by malicious
entities during transmission, ensuring secure communication over the web.
Question 3:
What is the primary function of a firewall in network security?
• A) To create a secure network
, • B) To monitor network traffic
• C) To filter incoming and outgoing traffic
• D) To encrypt data
Correct Option: C) To filter incoming and outgoing traffic
Rationale:
Firewalls act as a barrier between a trusted network and untrusted networks, primarily
filtering incoming and outgoing traffic based on predetermined security rules. This
filtering helps to prevent unauthorized access and attacks while allowing legitimate
communication to pass through, thus protecting the integrity of a network.
Question 4:
Which protocol is used to translate domain names into IP addresses?
• A) FTP
• B) HTTP
• C) DNS
• D) SMTP
Correct Option: C) DNS
Rationale:
DNS (Domain Name System) is responsible for translating human-friendly domain
names (like www.example.com) into IP addresses that computers use to identify each
other on the network. It is essential for the proper functioning of the internet, enabling
users to access websites without needing to memorize numerical IP addresses.
Question 5:
What does the principle of "least privilege" mean in network security?
• A) Users should have no permissions
• B) Users should have maximum access
• C) Users should have only the minimum access needed
• D) Users should have flexible access
Correct Option: C) Users should have only the minimum access needed
Rationale:
The principle of least privilege is a security concept that restricts users' access rights to
the bare minimum permissions necessary to perform their functions. This minimizes
,potential exposure, reducing the risk of accidental or malicious misuse of sensitive
systems or data. By enforcing this principle, organizations can better protect
themselves from security breaches.
Question 6:
Which type of attack involves overwhelming a network or server with traffic?
• A) Phishing
• B) Man-in-the-Middle
• C) DDoS
• D) Social Engineering
Correct Option: C) DDoS
Rationale:
A DDoS (Distributed Denial of Service) attack aims to make a machine or network
resource unavailable to its intended users by overwhelming it with a flood of traffic from
multiple sources. This disrupts services and can lead to significant downtime and loss
of resources.
Question 7:
Which of the following is a widely used wireless security protocol?
• A) WPA2
• B) FTP
• C) HTTP
• D) IMAP
Correct Option: A) WPA2
Rationale:
WPA2 (Wi-Fi Protected Access II) is a standard for securing wireless networks, using
stronger encryption than its predecessor, WPA. It ensures that only authorized users
can access the network while protecting the integrity of the data transferred over the
wireless connection.
Question 8:
What does "social engineering" in cybersecurity refer to?
• A) Manipulating individuals to divulge confidential information
• B) Educating users about cybersecurity practices
, • C) Analyzing security systems
• D) Using technical means to break into a system
Correct Option: A) Manipulating individuals to divulge confidential information
Rationale:
Social engineering exploits human psychology to trick individuals into revealing
confidential information. Attackers may impersonate trusted entities or create
scenarios to persuade victims to share credentials, making it one of the most effective
techniques for breaching security.
Question 9:
What is the primary purpose of multi-factor authentication (MFA)?
• A) To ensure passwords are strong
• B) To require multiple forms of verification for access
• C) To eliminate the need for passwords
• D) To simplify the login process
Correct Option: B) To require multiple forms of verification for access
Rationale:
Multi-factor authentication enhances security by requiring users to provide two or more
verification factors to gain access to a resource. Combining something the user knows
(a password) with something the user has (a security token) significantly reduces the
likelihood of unauthorized access.
Question 10:
What is a common consequence of a security breach?
• A) Increased user engagement
• B) Loss of data and reputation
• C) Lower operational costs
• D) Improved customer trust
Correct Option: B) Loss of data and reputation
Rationale:
Security breaches can lead to severe consequences such as data loss, financial loss,
and damage to the organization's reputation. Customers may lose trust in the affected
entity, leading to reduced business and a damaged brand image.
Foundations Comprehensive Study Guide | 150+ Practice Questions
with Verified Answers and Detailed Rationales | Network
Fundamentals, Security Principles, Protocols, Firewalls, Encryption,
Risk Management, and IT Security Applications
Question 1:
What does the term "VPN" stand for?
• A) Virtual Private Network
• B) Virtual Public Network
• C) Variable Private Network
• D) Verified Private Network
Correct Option: A) Virtual Private Network
Rationale:
A VPN (Virtual Private Network) creates a secure connection over a less secure network,
such as the Internet. It encrypts the data transmitted, providing privacy and anonymity
by masking the user's IP address. This is critical for maintaining confidentiality and
security in data transmission.
Question 2:
Which of the following is a common method of encrypting data in transit?
• A) FTP
• B) HTTPS
• C) HTTP
• D) Telnet
Correct Option: B) HTTPS
Rationale:
HTTPS (HyperText Transfer Protocol Secure) is an extension of HTTP that uses SSL/TLS
to encrypt data between the client and server. This encryption helps protect sensitive
information such as login credentials and personal data from interception by malicious
entities during transmission, ensuring secure communication over the web.
Question 3:
What is the primary function of a firewall in network security?
• A) To create a secure network
, • B) To monitor network traffic
• C) To filter incoming and outgoing traffic
• D) To encrypt data
Correct Option: C) To filter incoming and outgoing traffic
Rationale:
Firewalls act as a barrier between a trusted network and untrusted networks, primarily
filtering incoming and outgoing traffic based on predetermined security rules. This
filtering helps to prevent unauthorized access and attacks while allowing legitimate
communication to pass through, thus protecting the integrity of a network.
Question 4:
Which protocol is used to translate domain names into IP addresses?
• A) FTP
• B) HTTP
• C) DNS
• D) SMTP
Correct Option: C) DNS
Rationale:
DNS (Domain Name System) is responsible for translating human-friendly domain
names (like www.example.com) into IP addresses that computers use to identify each
other on the network. It is essential for the proper functioning of the internet, enabling
users to access websites without needing to memorize numerical IP addresses.
Question 5:
What does the principle of "least privilege" mean in network security?
• A) Users should have no permissions
• B) Users should have maximum access
• C) Users should have only the minimum access needed
• D) Users should have flexible access
Correct Option: C) Users should have only the minimum access needed
Rationale:
The principle of least privilege is a security concept that restricts users' access rights to
the bare minimum permissions necessary to perform their functions. This minimizes
,potential exposure, reducing the risk of accidental or malicious misuse of sensitive
systems or data. By enforcing this principle, organizations can better protect
themselves from security breaches.
Question 6:
Which type of attack involves overwhelming a network or server with traffic?
• A) Phishing
• B) Man-in-the-Middle
• C) DDoS
• D) Social Engineering
Correct Option: C) DDoS
Rationale:
A DDoS (Distributed Denial of Service) attack aims to make a machine or network
resource unavailable to its intended users by overwhelming it with a flood of traffic from
multiple sources. This disrupts services and can lead to significant downtime and loss
of resources.
Question 7:
Which of the following is a widely used wireless security protocol?
• A) WPA2
• B) FTP
• C) HTTP
• D) IMAP
Correct Option: A) WPA2
Rationale:
WPA2 (Wi-Fi Protected Access II) is a standard for securing wireless networks, using
stronger encryption than its predecessor, WPA. It ensures that only authorized users
can access the network while protecting the integrity of the data transferred over the
wireless connection.
Question 8:
What does "social engineering" in cybersecurity refer to?
• A) Manipulating individuals to divulge confidential information
• B) Educating users about cybersecurity practices
, • C) Analyzing security systems
• D) Using technical means to break into a system
Correct Option: A) Manipulating individuals to divulge confidential information
Rationale:
Social engineering exploits human psychology to trick individuals into revealing
confidential information. Attackers may impersonate trusted entities or create
scenarios to persuade victims to share credentials, making it one of the most effective
techniques for breaching security.
Question 9:
What is the primary purpose of multi-factor authentication (MFA)?
• A) To ensure passwords are strong
• B) To require multiple forms of verification for access
• C) To eliminate the need for passwords
• D) To simplify the login process
Correct Option: B) To require multiple forms of verification for access
Rationale:
Multi-factor authentication enhances security by requiring users to provide two or more
verification factors to gain access to a resource. Combining something the user knows
(a password) with something the user has (a security token) significantly reduces the
likelihood of unauthorized access.
Question 10:
What is a common consequence of a security breach?
• A) Increased user engagement
• B) Loss of data and reputation
• C) Lower operational costs
• D) Improved customer trust
Correct Option: B) Loss of data and reputation
Rationale:
Security breaches can lead to severe consequences such as data loss, financial loss,
and damage to the organization's reputation. Customers may lose trust in the affected
entity, leading to reduced business and a damaged brand image.
