Network-and-Security-Foundation Exam Dumps - WGU Courses and Certificates Questions and Answers

Social engineeringinvolves manipulating people into divulging confidential information, often by impersonation, deception, or psychological tactics. Using aforged ID cardto gain trust and extract sensitive information is a classic example of social engineering.

Brute-force attackattempts to guess passwords through automated methods.

Man-in-the-middle attackintercepts communication but does not rely on deception.

Pharmingtricks users into visiting fraudulent websites but does not involve impersonation.

Pharmingis an attack that manipulates theDomain Name System (DNS)to redirect users to fraudulent websites without their knowledge. Attackers poison DNS records or compromise routers to reroute traffic to malicious sites designed to steal information.

Brute-force attackinvolves password guessing, not domain manipulation.

IP address spoofingdisguises a device’s identity but does not alter DNS records.

Session hijackingtakes over active user sessions but does not redirect websites.

TheTransport layerin the TCP/IP model includes theUser Datagram Protocol (UDP)andTransmission Control Protocol (TCP). UDP is a connectionless protocol used for fast, lightweight data transmission where reliability is not the priority (e.g., video streaming, VoIP).

Application layerhandles end-user services but not transport mechanisms.

Network or internet layerdeals with IP addressing and routing, not UDP.

Physical or network access layerconcerns hardware transmission methods.

Having restoration policies in placeensures that in the event of data breaches, ransomware, or system failures, data can be quickly restored from secure backups. This minimizes downtime and data loss.

Using a variable network topologydoes not directly improve data security.

Changing passwords weeklymay lead to weaker security due to password fatigue.

WEPis obsolete and does not provide strong encryption for data protection.

Detecting code vulnerabilitiesthroughregular security audits, code reviews, and static analysis toolshelps prevent buffer overflow attacks. Developers should implementbounds checking,memory-safe programming languages, and input validationto mitigate risks.

Disabling cachingdoes not prevent buffer overflow attacks.

Server-side validationhelps with input security but does not directly address buffer overflows.

Intrusion protection softwaremay detect attacks but does not prevent vulnerabilities in code.

PIPEDArequires businesses in Canada to protectpersonal informationthrough security measures andproper disposal practices. This includessecure deletion of personal data when no longer neededto prevent unauthorized access.

Compensating individuals for data salesis not a legal requirement.

Notifying individuals of each data accessis unnecessary unless required by a breach.

Disclosing security softwareis not mandated by PIPEDA.

AType 2 hypervisor(hosted hypervisor) runs on top of an existing operating system and allows for the creation of virtual machines. Examples include VMware Workstation and Oracle VirtualBox.

Type 1 hypervisorsrun directly on hardware without an OS (e.g., VMware ESXi, Microsoft Hyper-V).

Open-source and proprietarydescribe licensing models, not hypervisor types.

Role-Based Access Control (RBAC)assigns permissions based on a user's role within an organization, such as department, job function, or hierarchy. This ensures that usersonly have access to resources necessary for their duties.

Attribute-based access control (ABAC)considers dynamic attributes like time, location, and device.

Context-based access controlrestricts access based on environmental conditions.

Discretionary access control (DAC)allows data owners to determine access rights.

TheTransport layer(Layer 4 of the OSI model) includes theTransmission Control Protocol (TCP), which provides reliable, connection-oriented communication. TCP ensures error-checking, sequencing, and retransmission of lost packets.

Application layerdeals with end-user protocols like HTTP and FTP.

Session layermanages communication sessions but not transport protocols.

Network layerfocuses on IP addressing and routing, not transport mechanisms.

Credential stuffingis a cyberattack where attackers use stolen username-password combinations from one breach to try logging into other services, exploiting users who reuse passwords. Automated tools test multiple credentials against multiple sites, leading to unauthorized access.

Brute-force attacksystematically tries all possible passwords but does not use breached data.

Session hijackingintercepts active user sessions but does not use stolen credentials.

Social engineeringmanipulates users into revealing credentials, rather than using breached data.