WGU C795 CYBER SECURITY
MANAGEMENT II TACTICAL
QUESTIONS AND ANSWERS 100% PASS
A company's main asset is a physical working prototype stored in the research and
development department. The prototype is not currently connected to the company's network.
Which privileged user activity should be monitored?
• Accessing camera logs
• Adding accounts to the administrator group
• Running scripts in PowerShell
• Disabling host firewall Correct Answer-a
A company performs a data audit on its critical information every six months. Company policy
states that the audit cannot be conducted by the same employee within a two-year time frame.
Which principle is this company following?
• Job rotation
• Two person control
• Least privilege
• Need to know Correct Answer-a
A user is granted access to restricted and classified information but is supplied only with the
information for a current assignment.
Which type of authorization mechanism is being applied in this scenario?
,• Need to know
• Constrained interface
• Duty separation
d Access control list Correct Answer-a
Which two data recovery components will back up a file and change the archive bit to 0?
Choose 2 answers.
• Full backup
• Differential backup
• Incremental backup
• Copy backup Correct Answer-a, c
A company wants to monitor the inbound and outbound flow of packets and not the content.
Which defense-in-depth strategy should be implemented?
• The organization should use egress filtering on the network.
• Traffic and trend analyses should be installed on the router.
• The administrator should configure network data loss prevention.
• RADIUS authentication should be used on the bastion host. Correct Answer-b
A penetration tester identifies a SQL injection vulnerability in a business-critical web
application. The security administrator discusses this finding with the application developer,
and the developer insists that the issue would take two months to remediate.
Which defense-in-depth practice should the security administrator use to prevent an attacker
from exploiting this weakness before the developer can implement a fix?
• Perform daily vulnerability scans
, • Implement a web-application firewall
• Submit an urgent change control ticket
• Deploy an anti malware agent to the web server Correct Answer-b
A company is concerned about securing its corporate network, including its wireless network, to
limit security risks.
Which defense-in-depth practice represents an application of least privilege?
• Implement mutual multifactor authentication
• Configure Wi-Fi-Protected Access for encrypted communication
• Disable wireless access to users who do not need it
• Implement an intrusion detection system Correct Answer-c
A technician notifies her supervisor that the nightly backup of a critical system failed during the
previous night's run. Because the system is critical to the organization, the technician raised the
issue in order to make management aware of the missing backup. The technician is looking for
guidance on whether additional actions should be taken on the single backup failure.
Which role is responsible for making the final decision on how to handle the incomplete
backup?
• Senior management
• Data owner
• Supervisor
• Application administrator Correct Answer-b
A company relies exclusively on a system for critical functions. An audit is performed, and
the report notes that there is no log review performed on the system. Management has been
tasked with selecting the appropriate person to perform the log reviews in order to correct
the deficiency.
MANAGEMENT II TACTICAL
QUESTIONS AND ANSWERS 100% PASS
A company's main asset is a physical working prototype stored in the research and
development department. The prototype is not currently connected to the company's network.
Which privileged user activity should be monitored?
• Accessing camera logs
• Adding accounts to the administrator group
• Running scripts in PowerShell
• Disabling host firewall Correct Answer-a
A company performs a data audit on its critical information every six months. Company policy
states that the audit cannot be conducted by the same employee within a two-year time frame.
Which principle is this company following?
• Job rotation
• Two person control
• Least privilege
• Need to know Correct Answer-a
A user is granted access to restricted and classified information but is supplied only with the
information for a current assignment.
Which type of authorization mechanism is being applied in this scenario?
,• Need to know
• Constrained interface
• Duty separation
d Access control list Correct Answer-a
Which two data recovery components will back up a file and change the archive bit to 0?
Choose 2 answers.
• Full backup
• Differential backup
• Incremental backup
• Copy backup Correct Answer-a, c
A company wants to monitor the inbound and outbound flow of packets and not the content.
Which defense-in-depth strategy should be implemented?
• The organization should use egress filtering on the network.
• Traffic and trend analyses should be installed on the router.
• The administrator should configure network data loss prevention.
• RADIUS authentication should be used on the bastion host. Correct Answer-b
A penetration tester identifies a SQL injection vulnerability in a business-critical web
application. The security administrator discusses this finding with the application developer,
and the developer insists that the issue would take two months to remediate.
Which defense-in-depth practice should the security administrator use to prevent an attacker
from exploiting this weakness before the developer can implement a fix?
• Perform daily vulnerability scans
, • Implement a web-application firewall
• Submit an urgent change control ticket
• Deploy an anti malware agent to the web server Correct Answer-b
A company is concerned about securing its corporate network, including its wireless network, to
limit security risks.
Which defense-in-depth practice represents an application of least privilege?
• Implement mutual multifactor authentication
• Configure Wi-Fi-Protected Access for encrypted communication
• Disable wireless access to users who do not need it
• Implement an intrusion detection system Correct Answer-c
A technician notifies her supervisor that the nightly backup of a critical system failed during the
previous night's run. Because the system is critical to the organization, the technician raised the
issue in order to make management aware of the missing backup. The technician is looking for
guidance on whether additional actions should be taken on the single backup failure.
Which role is responsible for making the final decision on how to handle the incomplete
backup?
• Senior management
• Data owner
• Supervisor
• Application administrator Correct Answer-b
A company relies exclusively on a system for critical functions. An audit is performed, and
the report notes that there is no log review performed on the system. Management has been
tasked with selecting the appropriate person to perform the log reviews in order to correct
the deficiency.
