WGU C172 Network And Security Foundations
Pre-Assessment.
A user on a network is planning to launch an exploit against a coworker in a neighboring
department. The
user needs to identify the IP address of a coworker in the desired department.
Which tool or utility will allow the user to watch network traf c in real time to identify a
target?
Sniffer
Which group of attackers is typically used for penetration testing?
Red team
Which type of attack exploits an unpatched software vulnerability?
Zero-day
A company has the policy that all new user passwords are Passw0rd but does not require new
users to
change their password. An employee randomly tries a coworker's account with the new user
password to
see if they can log in as the coworker.
Which type of vulnerability does this create?
Default password
What is required to establish a secure connection to a remote network over an insecure link?
Virtual Private Network (VPN) service
An employee that does not want to miss emails from important clients sets up her cellular
smartphone to
allow her to check email. Unfortunately, she does not install antivirus software on the cellular
phone.
What type of vulnerability is represented?
BYOD(Bring your own device)/Mobile
An organization is concerned about brute force attacks.
How should the organization counter this risk?
, Institute a log-in policy that locks users out of an account after three failed password
attempts.
An organization suffers a social engineering attack that results in a cybercriminal gaining
access to its
networks and to its customers' private information.
How can the organization mitigate this risk in the future?
Provide regular cybersecurity training for employees
An attacker plans to exploit flaws in an operating system to gain access to a user's computer
system.
What is a prevention mechanism for this type of attack?
Patching(bugfixes in software)
An unauthorized third-party has gained access to a company network.
How can they be prevented from deleting data?
Access controls
An attacker has gained access to the passwords of several employees of a company through a
brute force
attack.
Which authentication method would keep the attacker from accessing the employees'
devices?
MFA (multi-factor authentication)
After downloading a CD/DVD burning program, a user notices that someone is remotely
accessing the
computer during nighttime hours.
Which type of malware is likely found in the CD/DVD software?
Trojan horse
A user is working on a home computer when another user seems to open an application to
view documents
on the same computer. The user immediately suspects that a back door into the computer
exists.
Which action should be taken first to deal with the problem?
Unplug the PC's network connection
Pre-Assessment.
A user on a network is planning to launch an exploit against a coworker in a neighboring
department. The
user needs to identify the IP address of a coworker in the desired department.
Which tool or utility will allow the user to watch network traf c in real time to identify a
target?
Sniffer
Which group of attackers is typically used for penetration testing?
Red team
Which type of attack exploits an unpatched software vulnerability?
Zero-day
A company has the policy that all new user passwords are Passw0rd but does not require new
users to
change their password. An employee randomly tries a coworker's account with the new user
password to
see if they can log in as the coworker.
Which type of vulnerability does this create?
Default password
What is required to establish a secure connection to a remote network over an insecure link?
Virtual Private Network (VPN) service
An employee that does not want to miss emails from important clients sets up her cellular
smartphone to
allow her to check email. Unfortunately, she does not install antivirus software on the cellular
phone.
What type of vulnerability is represented?
BYOD(Bring your own device)/Mobile
An organization is concerned about brute force attacks.
How should the organization counter this risk?
, Institute a log-in policy that locks users out of an account after three failed password
attempts.
An organization suffers a social engineering attack that results in a cybercriminal gaining
access to its
networks and to its customers' private information.
How can the organization mitigate this risk in the future?
Provide regular cybersecurity training for employees
An attacker plans to exploit flaws in an operating system to gain access to a user's computer
system.
What is a prevention mechanism for this type of attack?
Patching(bugfixes in software)
An unauthorized third-party has gained access to a company network.
How can they be prevented from deleting data?
Access controls
An attacker has gained access to the passwords of several employees of a company through a
brute force
attack.
Which authentication method would keep the attacker from accessing the employees'
devices?
MFA (multi-factor authentication)
After downloading a CD/DVD burning program, a user notices that someone is remotely
accessing the
computer during nighttime hours.
Which type of malware is likely found in the CD/DVD software?
Trojan horse
A user is working on a home computer when another user seems to open an application to
view documents
on the same computer. The user immediately suspects that a back door into the computer
exists.
Which action should be taken first to deal with the problem?
Unplug the PC's network connection
