WGU C172 Network and Security Fundamentals
questions with verified answers
A company has the policy that all new user passwords are P@ssw0rd but does not
require new users to change their password. An employee randomly tries a
coworker's account with the new user password to see if they can log in as the
coworker. Which type of vulnerability does this create? Ans✓✓✓-Default
password
A company provides access to employees' tax and personal information via a
public-facing web portal. What should the company implement to encrypt
employees' web access to this information? Ans✓✓✓-Transport layer security
(TLS)
A malicious user was able to lock a user's account after guessing the user's
password multiple times unsuccessfully. Which category of the CIA triad did the
malicious user target in this attack? Ans✓✓✓-Availability
A user is mistakenly granted access to customer accounts not required for his
duties. Which component of the AAA model is violated? Ans✓✓✓-Authorization
A user is working on a home computer when another user seems to open an
application to view documents on the same computer. The user immediately
suspects that a back door into the computer exists. Which action should be taken
first to deal with the problem? Ans✓✓✓-Unplug the PC's network connection
A user on a network is planning to launch an exploit against a coworker in a
neighboring department. The user needs to identify the IP address of a coworker
in the desired department. Which tool or utility will allow the user to watch
network traffic in real time to identify a target? Ans✓✓✓-Sniffer
, A user receives an email from an unknown bank saying that the user's account
with the bank has been compromised. The user suspects that this is a phishing
exploit. How should the user safely proceed? Ans✓✓✓-Open a new browser
page, navigate to the bank's website, and acquire legitimate contact information
to report the email.
A user that does not want to be identified while communicating on a network
uses an application to alter the computer's identity. Which type of exploit is being
perpetrated? Ans✓✓✓-Spoofing
After downloading a CD/DVD burning program, a user notices that someone is
remotely accessing the computer during nighttime hours. Which type of malware
is likely found in the CD/DVD software? Ans✓✓✓-Trojan horse
An administrator fails to configure protection for usernames and passwords
transmitted across the network. Which component of the AAA model is
weakened? Ans✓✓✓-Authentication
An analyst has identified an active denial of service attack. Which category of the
CIA triad is affected? Ans✓✓✓-Availability
An attacker attempts to misdirect traffic on a network back to the attacker by
corrupting the network computer's cache of IP address to MAC address mappings
that are cached. Which exploit is the attacker perpetrating? Ans✓✓✓-ARP
poisoning
An attacker has gained access to the passwords of several employees of a
company through a brute force attack. Which authentication method would keep
questions with verified answers
A company has the policy that all new user passwords are P@ssw0rd but does not
require new users to change their password. An employee randomly tries a
coworker's account with the new user password to see if they can log in as the
coworker. Which type of vulnerability does this create? Ans✓✓✓-Default
password
A company provides access to employees' tax and personal information via a
public-facing web portal. What should the company implement to encrypt
employees' web access to this information? Ans✓✓✓-Transport layer security
(TLS)
A malicious user was able to lock a user's account after guessing the user's
password multiple times unsuccessfully. Which category of the CIA triad did the
malicious user target in this attack? Ans✓✓✓-Availability
A user is mistakenly granted access to customer accounts not required for his
duties. Which component of the AAA model is violated? Ans✓✓✓-Authorization
A user is working on a home computer when another user seems to open an
application to view documents on the same computer. The user immediately
suspects that a back door into the computer exists. Which action should be taken
first to deal with the problem? Ans✓✓✓-Unplug the PC's network connection
A user on a network is planning to launch an exploit against a coworker in a
neighboring department. The user needs to identify the IP address of a coworker
in the desired department. Which tool or utility will allow the user to watch
network traffic in real time to identify a target? Ans✓✓✓-Sniffer
, A user receives an email from an unknown bank saying that the user's account
with the bank has been compromised. The user suspects that this is a phishing
exploit. How should the user safely proceed? Ans✓✓✓-Open a new browser
page, navigate to the bank's website, and acquire legitimate contact information
to report the email.
A user that does not want to be identified while communicating on a network
uses an application to alter the computer's identity. Which type of exploit is being
perpetrated? Ans✓✓✓-Spoofing
After downloading a CD/DVD burning program, a user notices that someone is
remotely accessing the computer during nighttime hours. Which type of malware
is likely found in the CD/DVD software? Ans✓✓✓-Trojan horse
An administrator fails to configure protection for usernames and passwords
transmitted across the network. Which component of the AAA model is
weakened? Ans✓✓✓-Authentication
An analyst has identified an active denial of service attack. Which category of the
CIA triad is affected? Ans✓✓✓-Availability
An attacker attempts to misdirect traffic on a network back to the attacker by
corrupting the network computer's cache of IP address to MAC address mappings
that are cached. Which exploit is the attacker perpetrating? Ans✓✓✓-ARP
poisoning
An attacker has gained access to the passwords of several employees of a
company through a brute force attack. Which authentication method would keep
