WGU C795 EXAM Questions and Answers (2022) (Verified Answers)
10 views 0 purchase
Module
WGU C795
Institution
Western Governors University
WGU C795 EXAM Questions and Answers (2022) (Verified Answers)
A company's main asset is a physical working prototype stored in the research and development department. The prototype is not currently connected to the company's network.
Which privileged user activity should be monitored?
Acces...
wgu c795 exam questions and answers 2022 verified answers a companys main asset is a physical working prototype stored in the research and development department the prototype is not current
Written for
Western Governors University
WGU C795
All documents for this subject (48)
Seller
Follow
ACADEMICAIDSTORE
Reviews received
Content preview
WGU C795 EXAM Questions and Answers (2022)
(Verified Answers)
A company's main asset is a physical working prototype stored in the research
and development department. The prototype is not currently connected to the
company's network.
Which privileged user activity should be monitored?
Accessing camera logs
A company performs a data audit on its critical information every six months.
Company policy states that the audit cannot be conducted by the same employee
within a two-year time frame.
Which principle is this company following?
Job rotation
A user is granted access to restricted and classified information but is supplied
only with the information for a current assignment.
Which type of authorization mechanism is being applied in this scenario?
Need to know
Which two data recovery components will back up a file and change the archive
bit to 0?
Choose 2 answers.
Full backup, Incremental backup
A company wants to monitor the inbound and outbound flow of packets and not
the content.
Which defense-in-depth strategy should be implemented?
Traffic and trend analyses should be installed on the router.
A penetration tester identifies a SQL injection vulnerability in a business-critical
web application. The security administrator discusses this finding with the
application developer, and the developer insists that the issue would take two
months to remediate.
Which defense-in-depth practice should the security administrator use to prevent
an attacker from exploiting this weakness before the developer can implement a
fix?
Implement a web-application firewall
A company is concerned about securing its corporate network, including its
wireless network, to limit security risks.
Which defense-in-depth practice represents an application of least privilege?
Disable wireless access to users who do not need it
, A technician notifies her supervisor that the nightly backup of a critical system
failed during the previous night's run. Because the system is critical to the
organization, the technician raised the issue in order to make management aware
of the missing backup. The technician is looking for guidance on whether
additional actions should be taken on the single backup failure.
Which role is responsible for making the final decision on how to handle the
incomplete backup?
Data owner
A company relies exclusively on a system for critical functions. An audit is
performed, and the report notes that there is no log review performed on the
system. Management has been tasked with selecting the appropriate person to
perform the log reviews in order to correct the deficiency.
Which role is responsible for reviewing and auditing logs in order to detect any
malicious behavior?
Security Administrator
A company's main asset is its client list stored in the company database, which is
accessible to only specific users. The client list contains Health Insurance
Portability and Accountability Act (HIPAA) protected data.
Which user activity should be monitored?
Privilege escalation
An employee is transferring data onto removable media. The company wants to
reduce the likelihood of fraud, and transferring data onto removable media is
limited to special cases.
Which security principle should the company execute as a policy to reduce
fraud?
Two person control
An executive is using a cell phone to view sensitive data.
Which control would protect the sensitive data stored on the phone from being
exposed due to loss or theft?
Encryption
A company has identified a massive security breach in its healthcare records
department. Over 50% of customers' personally identifiable information (PII) has
been stolen. The customers are aware of the breach, and the company is taking
actions to protect customer assets through the personal security policy, which
addresses PII data.
Which preventive measure should the company pursue to protect against future
attacks?
Use network-based and host-based firewalls
An organization needs to improve the security of the systems it is monitoring. It
has determined that the systems need regularly scheduled vulnerability scans.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller ACADEMICAIDSTORE. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £9.00. You're not tied to anything after your purchase.