100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
WGU C172 Network and Security study Guide Questions with verified Answers updated 2024/2025 $12.99   Add to cart

Exam (elaborations)

WGU C172 Network and Security study Guide Questions with verified Answers updated 2024/2025

 6 views  0 purchase
  • Course
  • WGU C172 Network & Security
  • Institution
  • WGU C172 Network & Security

WGU C172 Network and Security study Guide Questions with verified Answers updated 2024/2025 Spoofing - correct answer convinces system it is communicating with a known trusted entity. Gives attacker access to system. Denial-of-service - correct answer prevent legitimate users from accessing t...

[Show more]

Preview 4 out of 39  pages

  • November 2, 2024
  • 39
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • WGU C172 Network & Security
  • WGU C172 Network & Security
avatar-seller
KieranKent55
WGU C172 Network and Security study Guide
Questions with verified Answers updated
2024/2025

Spoofing - correct answer convinces system it is communicating with a known trusted
entity. Gives attacker access to system.


Denial-of-service - correct answer prevent legitimate users from accessing the
resource by sending an overwhelming amount of data to the target server


Ping of Death - correct answer a trick whereby the attacker would send the victim a
malformed ICMP packet that would cause the victim's computer to crash or stop
functioning on the network.


Ping flood - correct answer overwhelms a victim's computer with an immense volume
of ICMP echo-request packets, all containing a forged, randomized source address.


Smurf - correct answer IP spoofing attacks ICMP, causes to ping indefinitely.


Social engineering (hack a human) - correct answer the art of manipulating human
trust to gain access or information


Phishing - correct answer Emails appear to be from trusted source. Spear phishing is
more personal and relevant.


Vulnerabilities - correct answer -Poor security measures
-Weak or default passwords
-Misconfigured Firewall Rules
-Personal devices on within the network
-Advanced persistent threats

,-Zero-day


Man-in-the-middle (MitM) attack - correct answer A hacker hijacks a session between
trusted client and network server.


Session hijacking - correct answer Attacking computer substitutes its IP address for IP
client. Server keeps going with communication.


IP spoofing - correct answer convinces system it is communicating with a known
trusted entity. Gives attacker access to system.


Replay: - correct answer Attacker intercepts old messages and tries to send them later,
impersonating a participant.


Brute-force - correct answer Method of using a random approach to gain access


Dictionary - correct answer Method of using common passwords to gain access


SQL Injection attack - correct answer Common issue with database-driven websites.
Malefactor executes SQL query to database via the input data from client to server SQL.


Trojans - correct answer malware that hides in a useful program


CIA Triad - correct answer -Confidentiality: the access to information should be granted
only on a need-to-know basis.
-Integrity: the information should not be tampered with from source to destination.
-Availability: The services of an organization should be available.


VPN - correct answer device creates an encrypted tunnel between itself and a same
keyed partner across the internet or insecure channel.

,Firewall - correct answer -A part of a computer system or network designed to block
unauthorized access while permitting outward communication.
-protection for one network from another.


Packet Filter Firewall - correct answer -Operates at layers 3 and 4 or the OSI network
model
-Protocol (typically IP)
-Source IP address
-Destination IP address
-Source TCP or UDP port number
-Destination TCP or UDP port number


Circuit-Level Gateways - correct answer a device that operates as a middleman
between two or more systems to help conceal the true identity of the client and server


Stateful Inspection - correct answer -Operates at OSI layers 3-5
-allows a firewall to identify traffic as conversational and automatically create temporary
firewall rules to permit the response traffic to flow back to the sender


Application Level Firewall - correct answer Layer-7 because application is the seventh
layer of the OSI mode


IDS - correct answer designed to monitor both inbound and outbound data traffic and
report on any suspicious activity that could indicate an attack.


IPS - correct answer has the capability to stop or prevent malicious attacks that it
detects in real time by interacting with the firewall


RPC attack solution - correct answer Layer5 attack; mitigate with regular OS and
application patching

, SQL (Structured Query Language) Injection attack solution - correct answer Layer 7
attack; mitigate by leveraging a reverse proxy system and scanning incoming packets
for malicious behavior


MITMA (man in the middle attack) solution - correct answer Layer 6 attack; mitigate by
using an application-layer proxy or an IPS, and train users about fake security certicates


Port scanner solution - correct answer Layer 4 attack; mitigate by using a packet-
filtering firewall


Ping sweep solution - correct answer Layer 3 attack; mitigate by using a packet-
filtering firewall


VLAN hopping solution - correct answer Layer 2 attack; mitigate by configuring VLAN
tagging per the switch vendor's recommendations


Wiretapping solution - correct answer Layer 1 attack; mitigate by looking for physical
vulnerabilities, check locks on doors, racks, and wiring closets


Intrusion Detection System Differences - correct answer -Monitors the network to
detect threats
-Listens passively on the network
-Alerts network admin of any detected suspicious behavior


Intrusion Preventions System Differences - correct answer -Intercepts and blocks
threats
-Has many network ports to operate as input/output pairs
-Has cables routed physically through devices to create chock points


IDS and IPS Similarities - correct answer -Identifies malicious traffic
-Available as virtual and host-based applications

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller KieranKent55. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $12.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

70055 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$12.99
  • (0)
  Add to cart