WGU Master's Course C702 - Forensics and
Network Intrusion OBEJECTIVE ASSESSMENT
ACTUAL EXAM PREP 2025/2026 QUESTIONS BANK AND
CORRECT DETAILED ANSWERS WITH RATIONALES ||
100% GUARANTEED PASS
<RECENT VERSION>
1. Aspects of Organizational Security - ANSWER ✔ IT Security;
Physical Security;
Financial Security;
Legal Security;
2. IT Security - ANSWER ✔ Consists of:
Application security;
Computing security:
Data security:
Information security;
Network security;
3. Application Security [IT Security] - ANSWER ✔ Applications should be
secured to overcome security weaknesses, vulnerabilities, and threats. Any
loopholes in Web-based and other custom applications serve as opportunities
for attackers.
4. Computing Security [IT Security] - ANSWER ✔ Computers should be
secured from threats like viruses, Trojans, and intruders. organizations must
have an effective security policy which involves security management,
systems engineering, protection against insider threats, and general
workplace policies, standards, guidelines, and procedures.
5. Data Security [IT Security] - ANSWER ✔ important information about the
organization. It is important to secure data to avoid any manipulation of
data, data loss, or threats to data secrecy. Any change in the identity of data
or any loss of data causes a huge amount of damage, financial loss, and loss
of goodwill for the organization.
,6. Information Security [IT Security] - ANSWER ✔ Securing information
protects information and information systems from illegal access, use,
modification, or destruction. It ensures confidentiality, integrity, and
availability of data.
7. Network Security [IT Security] - ANSWER ✔ Networks are used to send
important and private data from one system to another. Networks should be
secured for safe transfer of data. Damage to the network makes the data
transfer vulnerable and may crash the system.
8. Physical Security - ANSWER ✔ Consists of:
Facilities security:
Human security:
Border security;
Biometric security;
9. Facilities Security [Physical Security] - ANSWER ✔ Facilities and an
organization's equipment should be properly and highly secured. Damage to
facilities can cause physical harm such as a system crash or power failure.
10.Human Security [Physical Security] - ANSWER ✔ The employees of an
organization should be given security awareness training and be involved in
the entire business security process in order to gain their trust and
acceptance of the security policy. Ignoring human security concerns can
cause employees to leave, leading to loss of business.
11.Financial Security - ANSWER ✔ Consists of:
Security from frauds;
Phishing attacks;
Botnets;
Threats from cyber criminals;
Credit card fraud;
12.Security from fraud [Financial Security] - ANSWER ✔ To function properly
and negate losses, an organization must be financially secure from both
internal and external threats. Security breaches may be caused by data
manipulations, system vulnerabilities and threats, or data theft.
,13.Legal Security - ANSWER ✔ Consists of:
National security;
Public security;
Defamation;
Copyright information;
Sexual harassment;
14.GLBA - ANSWER ✔ Requires companies that offer financial products or
services to protect customer information against security threats.
15.HIPAA - ANSWER ✔ Includes security standards for health information.
16.U.S. Congress act - ANSWER ✔ The act passed by the U.S. Congress to
protect investors from the possibility of fraudulent accounting activities by
corporations.
17.Which documentation should a forensic examiner prepare prior to a dynamic
analysis? - ANSWER ✔ The full path and location of the file being
investigated
18.What allows for a lawful search to be conducted without a warrant or
probable cause? - ANSWER ✔ Consent of person with authority
19.A forensic investigator is tasked with retrieving evidence where the primary
server has been erased. The investigator needs to rely on network logs and
backup tapes to base their conclusions on while testifying in court. Which
information found in rules of evidence, Rule 1001, helps determine if this
testimony is acceptable to the court? - ANSWER ✔ Definition of original
evidence
20.When can a forensic investigator collect evidence without formal consent? -
ANSWER ✔ When properly worded banners are displayed on the computer
screen
21.Who determines whether a forensic investigation should take place if a
situation is undocumented in the standard operating procedures? - ANSWER
✔ Decision maker
, 22.Which situation leads to a civil investigation? - ANSWER ✔ Disputes
between two parties that relate to a contract violation
23.Which rule does a forensic investigator need to follow? - ANSWER ✔ Use
well-known standard procedures
24.What is the focus of Locard's exchange principle? - ANSWER ✔ Anyone
entering a crime scene takes something with them and leaves something
behind.
25.What is the focus of the enterprise theory of investigation (ETI)? -
ANSWER ✔ Solving one crime can tie it back to a criminal organization's
activities.
26.A forensic investigator is searching a Windows XP computer image for
information about a deleted Word document. The investigator already
viewed the sixth file that was deleted from the computer. Two additional
files were deleted. What is the name of the last file the investigator opens? -
ANSWER ✔ $R7.doc
27.What is a benefit of a web application firewall (WAF)? - ANSWER ✔ Acts
as a reverse proxy to inspect all HTTP traffic
28.How does a hacker bypass a web application firewall (WAF) with the toggle
case technique? - ANSWER ✔ By randomly capitalizing some of the
characters
29.During a recent scan of a network, a network administrator sent ICMP echo
8 packets to each IP address being used in the network. The ICMP echo 8
packets contained an invalid media access control (MAC) address. Logs
showed that one device replied with ICMP echo 0 packets. What does the
reply from the single device indicate? - ANSWER ✔ The machine is in
promiscuous mode.
30.What is the goal for an attacker using a directory traversal attack? -
ANSWER ✔ To access areas in the system in which the attacker should not
have access
Network Intrusion OBEJECTIVE ASSESSMENT
ACTUAL EXAM PREP 2025/2026 QUESTIONS BANK AND
CORRECT DETAILED ANSWERS WITH RATIONALES ||
100% GUARANTEED PASS
<RECENT VERSION>
1. Aspects of Organizational Security - ANSWER ✔ IT Security;
Physical Security;
Financial Security;
Legal Security;
2. IT Security - ANSWER ✔ Consists of:
Application security;
Computing security:
Data security:
Information security;
Network security;
3. Application Security [IT Security] - ANSWER ✔ Applications should be
secured to overcome security weaknesses, vulnerabilities, and threats. Any
loopholes in Web-based and other custom applications serve as opportunities
for attackers.
4. Computing Security [IT Security] - ANSWER ✔ Computers should be
secured from threats like viruses, Trojans, and intruders. organizations must
have an effective security policy which involves security management,
systems engineering, protection against insider threats, and general
workplace policies, standards, guidelines, and procedures.
5. Data Security [IT Security] - ANSWER ✔ important information about the
organization. It is important to secure data to avoid any manipulation of
data, data loss, or threats to data secrecy. Any change in the identity of data
or any loss of data causes a huge amount of damage, financial loss, and loss
of goodwill for the organization.
,6. Information Security [IT Security] - ANSWER ✔ Securing information
protects information and information systems from illegal access, use,
modification, or destruction. It ensures confidentiality, integrity, and
availability of data.
7. Network Security [IT Security] - ANSWER ✔ Networks are used to send
important and private data from one system to another. Networks should be
secured for safe transfer of data. Damage to the network makes the data
transfer vulnerable and may crash the system.
8. Physical Security - ANSWER ✔ Consists of:
Facilities security:
Human security:
Border security;
Biometric security;
9. Facilities Security [Physical Security] - ANSWER ✔ Facilities and an
organization's equipment should be properly and highly secured. Damage to
facilities can cause physical harm such as a system crash or power failure.
10.Human Security [Physical Security] - ANSWER ✔ The employees of an
organization should be given security awareness training and be involved in
the entire business security process in order to gain their trust and
acceptance of the security policy. Ignoring human security concerns can
cause employees to leave, leading to loss of business.
11.Financial Security - ANSWER ✔ Consists of:
Security from frauds;
Phishing attacks;
Botnets;
Threats from cyber criminals;
Credit card fraud;
12.Security from fraud [Financial Security] - ANSWER ✔ To function properly
and negate losses, an organization must be financially secure from both
internal and external threats. Security breaches may be caused by data
manipulations, system vulnerabilities and threats, or data theft.
,13.Legal Security - ANSWER ✔ Consists of:
National security;
Public security;
Defamation;
Copyright information;
Sexual harassment;
14.GLBA - ANSWER ✔ Requires companies that offer financial products or
services to protect customer information against security threats.
15.HIPAA - ANSWER ✔ Includes security standards for health information.
16.U.S. Congress act - ANSWER ✔ The act passed by the U.S. Congress to
protect investors from the possibility of fraudulent accounting activities by
corporations.
17.Which documentation should a forensic examiner prepare prior to a dynamic
analysis? - ANSWER ✔ The full path and location of the file being
investigated
18.What allows for a lawful search to be conducted without a warrant or
probable cause? - ANSWER ✔ Consent of person with authority
19.A forensic investigator is tasked with retrieving evidence where the primary
server has been erased. The investigator needs to rely on network logs and
backup tapes to base their conclusions on while testifying in court. Which
information found in rules of evidence, Rule 1001, helps determine if this
testimony is acceptable to the court? - ANSWER ✔ Definition of original
evidence
20.When can a forensic investigator collect evidence without formal consent? -
ANSWER ✔ When properly worded banners are displayed on the computer
screen
21.Who determines whether a forensic investigation should take place if a
situation is undocumented in the standard operating procedures? - ANSWER
✔ Decision maker
, 22.Which situation leads to a civil investigation? - ANSWER ✔ Disputes
between two parties that relate to a contract violation
23.Which rule does a forensic investigator need to follow? - ANSWER ✔ Use
well-known standard procedures
24.What is the focus of Locard's exchange principle? - ANSWER ✔ Anyone
entering a crime scene takes something with them and leaves something
behind.
25.What is the focus of the enterprise theory of investigation (ETI)? -
ANSWER ✔ Solving one crime can tie it back to a criminal organization's
activities.
26.A forensic investigator is searching a Windows XP computer image for
information about a deleted Word document. The investigator already
viewed the sixth file that was deleted from the computer. Two additional
files were deleted. What is the name of the last file the investigator opens? -
ANSWER ✔ $R7.doc
27.What is a benefit of a web application firewall (WAF)? - ANSWER ✔ Acts
as a reverse proxy to inspect all HTTP traffic
28.How does a hacker bypass a web application firewall (WAF) with the toggle
case technique? - ANSWER ✔ By randomly capitalizing some of the
characters
29.During a recent scan of a network, a network administrator sent ICMP echo
8 packets to each IP address being used in the network. The ICMP echo 8
packets contained an invalid media access control (MAC) address. Logs
showed that one device replied with ICMP echo 0 packets. What does the
reply from the single device indicate? - ANSWER ✔ The machine is in
promiscuous mode.
30.What is the goal for an attacker using a directory traversal attack? -
ANSWER ✔ To access areas in the system in which the attacker should not
have access
