WGU D482 Performance Assessment (Secure
Network Design) – Questions & Accurate Answers
A laptop has been stolen, and the data has been seen for sale on the
darknet. Which process could have protected the confidentiality of
the data? Correct Answer - Hard Drive Encryption
Classify each attack method in relation to its direct impact on the
CIA triad. Correct Answer - Key Logger: Confidentiality
DNS Poisoning: Integrity
Covert Channels: Confidentiality
DDoS: Availability
A security administrator has configured a small keysize to protect
the VPN.
Which security objective does this affect? Correct Answer -
Confidentiality
A laptop has been stolen, and the data has been seen for sale on the
darknet.
Which process could have protected the confidentiality of the data?
Correct Answer - Hard Drive encryption
When browsing to a financial website, a user receives an error on
the browser that points to the certificate
on the website. The user reviews the certificate and maps it to a
known certificate authority.
Why did the user need to perform these actions? Correct Answer -
To establish a trust relationship
A team of scientists is working on a secure project. The network
administrator needs to configure a
,network for the team that is not routable from the Internet. A
firewall is protecting the scientists' network
and is using network address translation (NAT) to translate the
internal IP addresses to public IP
addresses.
Which IP address should the network administrator configure on
the inside interface of the firewall? Correct Answer -
10.14.15.16
An ad hoc network design team has just finished a presentation on
the latest updates to the organization's
network infrastructure. The team ensured that plenty of redundancy
has been built in and bottlenecks
have been eliminated.
Which security objective has the team bolstered through these
improvements? Correct Answer - Availability
A company has recently implemented a new email encryption
system that uses public key infrastructure
(PKI). The company is now requiring all employees to sign and
encrypt internal communication. An
employee wants to send a digitally signed message to the IT
director.
What does the IT director use to decode the employee's signature
under the new system? Correct Answer - The employee's
public key
An administrator at a small office is tasked with supporting a new
time clock that has been installed on the
network. The outsourced company managing the time clock states
that the connection protocol it uses
with the clock is encrypted, but it needs to allow incoming
connections from the Internet.
, Which action should allow the outsourced company to securely
manage the time clock with a minimal
amount of configuration effort? Correct Answer - Setting up a
port forward on the firewall from the outsourced company to the
time clock
A small nonprofit company has received several legacy wireless
access points (APs) as a donation. The
security administrator discovers that the encryption protocol the
devices use is not very secure. The encryption key can be discovered
by a malicious hacker in only a few minutes. After discussions with
other
security professionals, the administrator learns the APs can
implement a key protocol that can change the
encryption key every few seconds and provide a per-packet
verification at each side of the
communication.
Which security measure is the key protocol implemented to protect?
Correct Answer - Integrity of the key
A recently terminated employee from accounting used several
widely available programs in an amateur
attempt to exploit a company's database.
Which term describes the terminated employee? Correct Answer
- Script kiddies
An organization has recently undergone a period of growth, both in
terms of business operations and
personnel. The network infrastructure has kept pace, growing to
accommodate the new size and
structure. Mapping and auditing of the expanded network needs to
be done. One of the first findings is
that the router has permissive rights to all unassigned ports.
Network Design) – Questions & Accurate Answers
A laptop has been stolen, and the data has been seen for sale on the
darknet. Which process could have protected the confidentiality of
the data? Correct Answer - Hard Drive Encryption
Classify each attack method in relation to its direct impact on the
CIA triad. Correct Answer - Key Logger: Confidentiality
DNS Poisoning: Integrity
Covert Channels: Confidentiality
DDoS: Availability
A security administrator has configured a small keysize to protect
the VPN.
Which security objective does this affect? Correct Answer -
Confidentiality
A laptop has been stolen, and the data has been seen for sale on the
darknet.
Which process could have protected the confidentiality of the data?
Correct Answer - Hard Drive encryption
When browsing to a financial website, a user receives an error on
the browser that points to the certificate
on the website. The user reviews the certificate and maps it to a
known certificate authority.
Why did the user need to perform these actions? Correct Answer -
To establish a trust relationship
A team of scientists is working on a secure project. The network
administrator needs to configure a
,network for the team that is not routable from the Internet. A
firewall is protecting the scientists' network
and is using network address translation (NAT) to translate the
internal IP addresses to public IP
addresses.
Which IP address should the network administrator configure on
the inside interface of the firewall? Correct Answer -
10.14.15.16
An ad hoc network design team has just finished a presentation on
the latest updates to the organization's
network infrastructure. The team ensured that plenty of redundancy
has been built in and bottlenecks
have been eliminated.
Which security objective has the team bolstered through these
improvements? Correct Answer - Availability
A company has recently implemented a new email encryption
system that uses public key infrastructure
(PKI). The company is now requiring all employees to sign and
encrypt internal communication. An
employee wants to send a digitally signed message to the IT
director.
What does the IT director use to decode the employee's signature
under the new system? Correct Answer - The employee's
public key
An administrator at a small office is tasked with supporting a new
time clock that has been installed on the
network. The outsourced company managing the time clock states
that the connection protocol it uses
with the clock is encrypted, but it needs to allow incoming
connections from the Internet.
, Which action should allow the outsourced company to securely
manage the time clock with a minimal
amount of configuration effort? Correct Answer - Setting up a
port forward on the firewall from the outsourced company to the
time clock
A small nonprofit company has received several legacy wireless
access points (APs) as a donation. The
security administrator discovers that the encryption protocol the
devices use is not very secure. The encryption key can be discovered
by a malicious hacker in only a few minutes. After discussions with
other
security professionals, the administrator learns the APs can
implement a key protocol that can change the
encryption key every few seconds and provide a per-packet
verification at each side of the
communication.
Which security measure is the key protocol implemented to protect?
Correct Answer - Integrity of the key
A recently terminated employee from accounting used several
widely available programs in an amateur
attempt to exploit a company's database.
Which term describes the terminated employee? Correct Answer
- Script kiddies
An organization has recently undergone a period of growth, both in
terms of business operations and
personnel. The network infrastructure has kept pace, growing to
accommodate the new size and
structure. Mapping and auditing of the expanded network needs to
be done. One of the first findings is
that the router has permissive rights to all unassigned ports.
