Network-and-Security-Foundation Exam Dumps - WGU Courses and Certificates Questions and Answers

Integrityin theCIA (Confidentiality, Integrity, Availability) triadensures that data is not altered in an unauthorized manner. In networking, integrity mechanisms such as checksums, message authentication codes (MACs), and digital signatures verify that transmitted data has not been tampered with. If an IP packet has an invalid checksum, the system detects corruption and requests retransmission, ensuring data integrity.

Confidentialityprotects against unauthorized access but does not ensure data consistency.

Availabilityensures that resources are accessible but does not verify data correctness.

Consistencyis not a formal component of the CIA triad.

Data encryptionprotects sensitive information by encoding it into an unreadable format, ensuring that even if attackers intercept the data, they cannot decipher it without the proper decryption key. This is crucial forprotecting stored and transmitted data.

RBACcontrols user access but does not secure data in transit.

2FAstrengthens authentication but does not secure stored or transmitted data.

Patch managementfixes software vulnerabilities but does not directly protect intercepted data.

Data modification attacksinvolve unauthorized changes to stored data, altering information to mislead, disrupt, or destroy integrity. Attackers may modify logs, transactions, or records for fraud or sabotage.

Launch pointis when a system is used to attack others.

Data exportis the theft of data.

Denial of availabilitymakes data inaccessible, but does not necessarily modify it.

Infrastructure as a Service (IaaS)provides virtualized computing resources, including virtual machines, storage, and networking, while allowing users full control over operating systems and applications. Examples include AWS EC2 and Google Compute Engine.

SaaSprovides ready-to-use applications (e.g., Google Docs).

FaaSruns code in response to events (e.g., AWS Lambda).

PaaSprovides development environments but not full infrastructure control.

AWireless Local Area Network (WLAN)enables wireless connectivity within a defined geographic area, such as a library, office, or coffee shop. WLANs use Wi-Fi technology to allow users to access the internet without physical cables.

Storage Area Networks (SANs)are used for data storage and do not provide internet connectivity to users.

Metropolitan Area Networks (MANs)cover larger areas, such as cities, and are not used within a single building.

Personal Area Networks (PANs)connect personal devices like smartphones and laptops over short distances, such as via Bluetooth, but do not support public internet access.

Integrityin IT security ensures that data remains accurate, unaltered, and trustworthy throughout its lifecycle. This means that data transmission should occurwithout errorsand should not be modified by unauthorized parties. Mechanisms like checksums, hashing, and digital signatures help maintain integrity.

Encryption (B)enhances confidentiality, not integrity.

Accessibility (C and D)relates to availability, not integrity.

Confidentialityprotects data from unauthorized access, includingpassive attackslike eavesdropping, wiretapping, and packet sniffing. Encryption, access controls, and secure authentication mechanisms help enforce confidentiality.

Availabilityensures uptime and system accessibility.

Integrityensures data accuracy but does not prevent interception.

Adaptationis not part of the CIA triad.

Server-side validationhelps preventSQL injection, command injection, and other input-based attacksby ensuring that user input is properly sanitized before being processed by the system.Parameterized queries and input validationshould also be implemented to further reduce risk.

Detecting code vulnerabilitiesis helpful but not a direct mitigation technique.

Decreasing wireless rangedoes not affect injection attacks.

Using WPA2secures wireless networks but does not prevent injection attacks.