WGU C706 Master’s Course | Complete Study Guide and Verified Exam Solutions

Page 1




WGU C706 Master’s Course |
Complete Study Guide and Verified
Exam Solutions

, Page 2




What is a step for constructing a threat model for a project when using practical risk analysis?
t t t t t t t t t t t t t t t t




A Align your business goals
t t t t




B Apply engineering methods
t t t




C Estimate probability of project time
t t t t t




D Make a list of what you are trying to protect - ANSWER-D
t t t t t t t t t t t t




Which cyber threats are typically surgical by nature, have highly specific targeting, and are technologically
t t t t t t t t t t t t t t t




sophisticated?



A Tactical attacks
t t




B Criminal attacks
t t




C Strategic attacks
t t




D User-specific attacks - ANSWER-A
t t t t




Which type of cyberattacks are often intended to elevate awareness of a topic?
t t t t t t t t t t t t




A Cyberwarfare
t




B Tactical attacks
t t




C User-specific attacks
t t




D Sociopolitical attacks - ANSWER-D
t t t t




What type of attack locks a user's desktop and then requires a payment to unlock it?
t t t t t t t t t t t t t t t




A Phishing
t

, Page 3




B Keylogger
t




C Ransomware
t




D Denial-of-service - ANSWER-C
t t t




What is a countermeasure against various forms of XML and XML path injection attacks?
t t t t t t t t t t t t t




A XML name wrapping
t t t




B XML unicode encoding
t t t




C XML attribute escaping
t t t




D XML distinguished name escaping - ANSWER-C
t t t t t t




Whichcountermeasure is used to mitigate SQL injection attacks?
t t t t t t t t




A SQL Firewall
t t




B Projected bijection
t t




C Query parameterization
t t




D Progressive ColdFusion - ANSWER-C
t t t t




What is an appropriate countermeasure to an escalation of privilege attack?
t t t t t t t t t t




A Enforcing strong password policies
t t t t




B Using standard encryption algorithms and correct key sizes
t t t t t t t t




C Enabling the auditing and logging of all administration activities
t t t t t t t t t




D Restricting access to specific operations throughrole-based access controls - ANSWER-D
t t t t t t t t t t t

, Page 4




Whichconfiguration management securitycountermeasure implementsleast privilege access control?
t t t t t t t t t




A Following strong password policies to restrict access
t t t t t t t




B Restricting file access to users based on authorization
t t t t t t t t




C Avoiding clear text format for credentials and sensitive data
t t t t t t t t t




D Using AES 256 encryption for communications of a sensitive nature - ANSWER-B
t t t t t t t t t t t t




Which phase of the software development life cycle (SDL/SDLC) would be used to determine the
t t t t t t t t t t t t t t t




minimum set of privileges required to perform the targeted task and restrict the user to a domain with
t t t t t t t t t t t t t t t t t t




those privileges?
t




A Design
t




B Deploy
t




C Development
t




D Implementation - ANSWER-A
t t t




Which least privilege method is more granular in scope and grants specific processes only the privileges
t t t t t t t t t t t t t t t t




necessary to perform certain required functions, instead of granting them unrestricted access to the
t t t t t t t t t t t t t t




system?



A Entitlement privilege
t t




B Separation of privilege
t t t




C Aggregation of privileges
t t t




D Segregation of responsibilities - ANSWER-B
t t t t t




Why does privilege creep pose a potential security risk?
t t t t t t t t