WGU C172 Network and Security study Guide Questions with verified Answers updated 2024/2025
6 views 0 purchase
Course
WGU C172 Network & Security
Institution
WGU C172 Network & Security
WGU C172 Network and Security study Guide Questions with verified Answers updated 2024/2025
Spoofing - correct answer convinces system it is communicating with a known trusted entity. Gives attacker access to system.
Denial-of-service - correct answer prevent legitimate users from accessing t...
WGU C172 Network and Security study Guide
Questions with verified Answers updated
2024/2025
Spoofing - correct answer convinces system it is communicating with a known trusted
entity. Gives attacker access to system.
Denial-of-service - correct answer prevent legitimate users from accessing the
resource by sending an overwhelming amount of data to the target server
Ping of Death - correct answer a trick whereby the attacker would send the victim a
malformed ICMP packet that would cause the victim's computer to crash or stop
functioning on the network.
Ping flood - correct answer overwhelms a victim's computer with an immense volume
of ICMP echo-request packets, all containing a forged, randomized source address.
Smurf - correct answer IP spoofing attacks ICMP, causes to ping indefinitely.
Social engineering (hack a human) - correct answer the art of manipulating human
trust to gain access or information
Phishing - correct answer Emails appear to be from trusted source. Spear phishing is
more personal and relevant.
Vulnerabilities - correct answer -Poor security measures
-Weak or default passwords
-Misconfigured Firewall Rules
-Personal devices on within the network
-Advanced persistent threats
,-Zero-day
Man-in-the-middle (MitM) attack - correct answer A hacker hijacks a session between
trusted client and network server.
Session hijacking - correct answer Attacking computer substitutes its IP address for IP
client. Server keeps going with communication.
IP spoofing - correct answer convinces system it is communicating with a known
trusted entity. Gives attacker access to system.
Replay: - correct answer Attacker intercepts old messages and tries to send them later,
impersonating a participant.
Brute-force - correct answer Method of using a random approach to gain access
Dictionary - correct answer Method of using common passwords to gain access
SQL Injection attack - correct answer Common issue with database-driven websites.
Malefactor executes SQL query to database via the input data from client to server SQL.
Trojans - correct answer malware that hides in a useful program
CIA Triad - correct answer -Confidentiality: the access to information should be granted
only on a need-to-know basis.
-Integrity: the information should not be tampered with from source to destination.
-Availability: The services of an organization should be available.
VPN - correct answer device creates an encrypted tunnel between itself and a same
keyed partner across the internet or insecure channel.
,Firewall - correct answer -A part of a computer system or network designed to block
unauthorized access while permitting outward communication.
-protection for one network from another.
Packet Filter Firewall - correct answer -Operates at layers 3 and 4 or the OSI network
model
-Protocol (typically IP)
-Source IP address
-Destination IP address
-Source TCP or UDP port number
-Destination TCP or UDP port number
Circuit-Level Gateways - correct answer a device that operates as a middleman
between two or more systems to help conceal the true identity of the client and server
Stateful Inspection - correct answer -Operates at OSI layers 3-5
-allows a firewall to identify traffic as conversational and automatically create temporary
firewall rules to permit the response traffic to flow back to the sender
Application Level Firewall - correct answer Layer-7 because application is the seventh
layer of the OSI mode
IDS - correct answer designed to monitor both inbound and outbound data traffic and
report on any suspicious activity that could indicate an attack.
IPS - correct answer has the capability to stop or prevent malicious attacks that it
detects in real time by interacting with the firewall
RPC attack solution - correct answer Layer5 attack; mitigate with regular OS and
application patching
, SQL (Structured Query Language) Injection attack solution - correct answer Layer 7
attack; mitigate by leveraging a reverse proxy system and scanning incoming packets
for malicious behavior
MITMA (man in the middle attack) solution - correct answer Layer 6 attack; mitigate by
using an application-layer proxy or an IPS, and train users about fake security certicates
Port scanner solution - correct answer Layer 4 attack; mitigate by using a packet-
filtering firewall
Ping sweep solution - correct answer Layer 3 attack; mitigate by using a packet-
filtering firewall
VLAN hopping solution - correct answer Layer 2 attack; mitigate by configuring VLAN
tagging per the switch vendor's recommendations
Wiretapping solution - correct answer Layer 1 attack; mitigate by looking for physical
vulnerabilities, check locks on doors, racks, and wiring closets
Intrusion Detection System Differences - correct answer -Monitors the network to
detect threats
-Listens passively on the network
-Alerts network admin of any detected suspicious behavior
Intrusion Preventions System Differences - correct answer -Intercepts and blocks
threats
-Has many network ports to operate as input/output pairs
-Has cables routed physically through devices to create chock points
IDS and IPS Similarities - correct answer -Identifies malicious traffic
-Available as virtual and host-based applications
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller KieranKent55. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.