WGU C725 - Questions With Complete Solutions (A+)
Which two passwords are the weakest?
Pa$$w0Rd%^78
Love@$MySon80
C@1Il@VEm1
Password1234 Right Ans - Password1234
Love@$MySon80
Which two secure methods should be used to keep track of passwords?
- Encrypt text files of them on the user's workstation
- Store them on a sticky note in a convenient spot
- Share them with a trusted manager or coworker
- Organization-approved password storage software Right Ans - Encrypt
text files of them on the user's workstation
Organization-approved password storage software
A company is considering which controls to buy to protect an asset. What
should the price of the controls be in relation to the cost of the asset?
Less than the annual loss expectancy
More than the annual loss expectancy
Equal to the cost of the asset
More than the cost of the asset Right Ans - Less than the annual loss
expectancy
,How many keys are used in asymmetric encryption?
No keys are used to encrypt and decrypt a message.
One key is used to encrypt and decrypt a message.
Two keys are used to encrypt and decrypt a message.
Three keys are used to encrypt and decrypt a message. Right Ans - Two
keys are used to encrypt and decrypt a message.
Which groups typically report to the chief security officer (CSO)?
Security engineering and operations
Physical and software security
Audit and incident response
Facilities and information technology functions Right Ans - Security
engineering and operations
Which protocol is a variant of a standard web transfer protocol that adds a
layer of security on the data in transit using a secure socket layer?
HTTPS
HTTP
FTP
SFTP Right Ans - HTTPS
Which description characterizes symmetric cryptography?
The same key is used to lock and unlock the cipher.
Two separate but unrelated keys are used to unlock the cipher.
Two separate and related keys are used to unlock the cipher.
, Keys are unnecessary when using symmetric cryptography to unlock a cipher.
Right Ans - The same key is used to lock and unlock the cipher.
An employee uses a secure hashing algorithm for message integrity. The
employee sends a plain text message with the embedded hash to a colleague.
A rogue device receives and retransmits the message to its destination. Once
received and checked by the intended recipient, the hashes do not match.
Which STRIDE concept has been violated?
Tampering
Repudiation
Elevation of privilege
Denial-of-service Right Ans - Tampering
An attacker accesses private emails between the company's CISO and board
members. The attacker then publishes the emails online.
Which type of an attack is this, according to the STRIDE model?
Repudiation
Information disclosure
Elevation of privilege
Tampering Right Ans - Information disclosure
A security guard at the front desk of a building checks every employee's name
badge with their photo before they are allowed in the building.
Which two factors have been checked to verify identity?
Something you have, something you are
Something you have, something you know
Which two passwords are the weakest?
Pa$$w0Rd%^78
Love@$MySon80
C@1Il@VEm1
Password1234 Right Ans - Password1234
Love@$MySon80
Which two secure methods should be used to keep track of passwords?
- Encrypt text files of them on the user's workstation
- Store them on a sticky note in a convenient spot
- Share them with a trusted manager or coworker
- Organization-approved password storage software Right Ans - Encrypt
text files of them on the user's workstation
Organization-approved password storage software
A company is considering which controls to buy to protect an asset. What
should the price of the controls be in relation to the cost of the asset?
Less than the annual loss expectancy
More than the annual loss expectancy
Equal to the cost of the asset
More than the cost of the asset Right Ans - Less than the annual loss
expectancy
,How many keys are used in asymmetric encryption?
No keys are used to encrypt and decrypt a message.
One key is used to encrypt and decrypt a message.
Two keys are used to encrypt and decrypt a message.
Three keys are used to encrypt and decrypt a message. Right Ans - Two
keys are used to encrypt and decrypt a message.
Which groups typically report to the chief security officer (CSO)?
Security engineering and operations
Physical and software security
Audit and incident response
Facilities and information technology functions Right Ans - Security
engineering and operations
Which protocol is a variant of a standard web transfer protocol that adds a
layer of security on the data in transit using a secure socket layer?
HTTPS
HTTP
FTP
SFTP Right Ans - HTTPS
Which description characterizes symmetric cryptography?
The same key is used to lock and unlock the cipher.
Two separate but unrelated keys are used to unlock the cipher.
Two separate and related keys are used to unlock the cipher.
, Keys are unnecessary when using symmetric cryptography to unlock a cipher.
Right Ans - The same key is used to lock and unlock the cipher.
An employee uses a secure hashing algorithm for message integrity. The
employee sends a plain text message with the embedded hash to a colleague.
A rogue device receives and retransmits the message to its destination. Once
received and checked by the intended recipient, the hashes do not match.
Which STRIDE concept has been violated?
Tampering
Repudiation
Elevation of privilege
Denial-of-service Right Ans - Tampering
An attacker accesses private emails between the company's CISO and board
members. The attacker then publishes the emails online.
Which type of an attack is this, according to the STRIDE model?
Repudiation
Information disclosure
Elevation of privilege
Tampering Right Ans - Information disclosure
A security guard at the front desk of a building checks every employee's name
badge with their photo before they are allowed in the building.
Which two factors have been checked to verify identity?
Something you have, something you are
Something you have, something you know
