WGU C172 WGU COMPLETE v3(VERSION 3) Updated 2023.

Occupational Safety and Health Act - Answer OSH Act Occupational Safety and Health Administration - Answer OSHA National Fire Protection Association - Answer NFPA; creates standards and codes to help form safe environments and prevent accidents Code of Federal Regulations - Answer CFR Emergency action plan - Answer EAP Fire prevention plan - Answer FPP Safety data sheets - Answer SDS; required documentation that identifies potential hazards; formerly MSDS (material SDS) Biometric Systems - Answer Systems that measure and analyze specific characteristics of the human body for the purpose of authentication FERPA (Family Educational Rights and Privacy Act) - Answer federal law that requires all educational institutions to protect the privacy of student education records FISMA (Federal Information Security Management Act) - Answer a federal law that was developed to protect government information, operations, and assets against security threats GLBA (Gramm-Leach-Bliley Act) - Answer federal law that requires all financial institutions to protect customer financial information data, to safeguard the financial information against security threats, and to deny any unwarranted access to financial data HIPAA (Health Insurance Portability and Accountability Act) - Answer federal law that requires all health-related agencies to protect the personally identifiable information (PII) of patients PCI DSS (Payment Card Industry Data Security Standard) - Answer standard set by the Payment Card Industry that holds banks and merchants accountable for any credit card breach MOU (memorandum of understanding) - Answer a formal agreement between two or more parties to establish official service partnerships; sometimes called letter of intent (LOI) SLA (Service Level Agreement) - Answer a formal agreement typically between a service provider and a client or end user that defines the level of service expected from the provider MSA (master service agreement) - Answer an overarching document that creates a framework for multiple service level agreements; facilitates the creation of future agreements MLA (Master license agreement) - Answer defines the owner rights, terms, and conditions related to intellectual property NDA (Non-Disclosure Agreement) - Answer a legal agreement to bind a party or parties to not disclose or share specific information SOW (Statement of work) - Answer a document often used in conjunction with an MSA that contains all the specifics of the service; includes deliverables, schedules, responsibilities AUP (Acceptable Use Policy) - Answer outlines the acceptable use of IT equipment and related services incident response policy - Answer 1. preparation 2. identification 3. containment 4. eradication 5. recovery 6. follow-up privileged user agreement - Answer establishes expectations for the conduct of individuals granted privileged access to an organization's enterprise systems and services SOP (Standard Operating Procedure) - Answer a procedure document that describes routine operations accompanied by step-by-step instructions showing how to perform routine activities; ensures quality and consistency of operations password policy - Answer sets rules for computing passwords for an organization MTBF (Mean Time Between Failures) - Answer measures the system's reliability by identifying the average time between failures MTTF (mean time to failure) - Answer predicts the equipment runtime before a failure requires the equipment to be replaced MTTR (mean time to recover or repair) - Answer measures the average time it takes to bring a system back from failure full backup - Answer most complete type of backup, where all data is copied to a designed backup location or medium differential backup - Answer includes all data that has changed since the last full backup incremental backup - Answer only include data that has changed since the previous backup copy; takes the least time and the least storage space HA (High Availability) - Answer describes systems that are in continuous operation for a long time, with minimal downtime cold site - Answer empty facility with only power and cooling, but no equipment or racks hot site - Answer full-blown operational facility with power, cooling, and equipment racked and powered up and connected to the network; a duplicate of the current data center warm site - Answer a not-yet-operational facility with power, cooling, and rack space; equipment is onsite but not racked or powered up asset management (inventory management) - Answer protect assets and prevent misuse/loss of assets by establishing self-inventory that can be used in the audit process; from the procurement stage to assignment stage to disposal stage core - Answer An independent processing unit that is responsible for reading and executing program instructions cache - Answer A block of memory set aside for temporary storage of information Virtualization - Answer A technology concept that involves creating a virtual computer virtual machine - Answer VM, guest machine, guest VM Host Machine - Answer Another name for a physical machine or virtual host Hypervisor - Answer Software that is used for managing and controlling the underlying physical hardware and associated virtual hardware Virtual machine monitor - Answer VMM Type 1 Hypervisor (bare-metal hypervisor) - Answer A hypervisor that is loaded directly on hardware to abstract the hardware to the virtualization layer and that is commonly used on servers Type 2 Hypervisor (hosted hypervisor) - Answer A hypervisor that is loaded on an operating system and abstracts the virtualization layer through its host operating system and is commonly used on personal computers vMotion, XenMotion, Live Migration - Answer Different vendor options for moving a designated host server in the event of a physical server failure Hyper-V (a type 1 hypervisor) - Answer A virtualization program that is part of Windows operating systems virtual switch - Answer A software-based switch that is used for establishing connections between virtual and physical networks vSwitch (type 1 virtual switch; standard virtual switch) - Answer typical virtual switch that is dedicated to one specific host and must be managed from that host dvSwitch (type 2 virtual switch; distributed virtual switch) - Answer virtual switch that can span multiple host VMs, connecting their virtual networks together and needs to communicate with central control plane Cloud - Answer Another name for Internet-based services Outsourcing - Answer Obtaining goods or services from an outside source rather than an internal source cloud computing (cloud service) - Answer An outsourced and hosted computing environment that delivers IT services to users via a network MX (mail exchange) record - Answer The mail exchange record, which points to the incoming email servers of the organization CNAME record (canonical name record) - Answer used to specify that a domain name is an alias for another domain (alias for a hostname) IaaS (Infrastructure as a Service) - Answer A service that focuses on the facilities and infrastructure in the data center and the virtualization and abstraction layer that exists on top of the physical facilities and infrastructure PaaS (Platform as a Service) - Answer A service that focuses on application development on any desired platform utilizing cloud computing SaaS (Software as a Service) - Answer A service that focuses on application delivery public cloud - Answer cloud infrastructure operated by the cloud service company but made available for general public use private cloud - Answer cloud infrastructure operated by the organization and made available only to members of the organization community cloud - Answer cloud infrastructure that offers two or more organizations exclusive access to the infrastructure and computing resources hybrid cloud - Answer cloud infrastructure that offers a combination of at least one private cloud and one public cloud SAN (storage area network) - Answer a block-level data storage located across a network; a typical enterprise storage solution LUN (Logical Unit Number) - Answer unique identifiers for a SAN; IP addresses of the file servers Fibre Channel (FC) - Answer The original high-speed technology used to connect data storage to servers; uses fiber-optic cables to connect storage devices into a network IB (Infiniband) - Answer A technology that provides high performance and high throughput with low latency; fastest storage interface, with speed of 200Gbps FCoE (Fibre Channel over Ethernet) - Answer A technology that encapsulates Fibre Channel frames over Ethernet networks allowing FC to use 10Gbps (or higher) Ethernet networks while preserving the FC protocol; jumbo frame supported iSCSI (Internet Small Computer Systems Interface) - Answer technology that enables the SCSI protocol to communicate over IP networks NAS (Network Attached Storage) - Answer a file-level storage device that can be accessed on a network; available on FTP, NFS, AFP, SMB Social Engineering - Answer A process by which an intruder obtains enough information from people to gain access to the network Password Cracking - Answer An attack in which the attacker tries to guess the user's password Dictionary Attack - Answer An attack that uses known passwords and many variations (upper- and lowercase and combinations) to try to log in to an account Brute-Force Attack - Answer An attack in which the attacker uses every possible combination of characters to guess the password Packet Sniffing - Answer A technique in which the contents of data packets are watched IPSec (Internet Protocol Security) - Answer layer 3 protocol in which each packet is encrypted prior to transmission across the network link Man-in-the-Middle - Answer An attack in which an attacker can seamlessly place itself in the middle of a conversation between others in order to become the recipient of all information sent by victim computers ARP Cache Poisoning - Answer An attack in which an attacker changes the MAC addresses of the ARP cache, or "poisons the ARP cache" of victims to the MAC address of the attacker so that conversations get redirected to the attacker Evil Twin - Answer A situation in which a rogue wireless access point poses as a legitimate one by broadcasting a legitimate SSID and eavesdrops on the wireless network Session Hijacking - Answer Exploiting web session control by stealing a session cookie and using it to establish a session with a remote server that still thinks the session is valid Buffer Overflow - Answer A situation that occurs when a program tries to put more data into a buffer than it was configured to hold netstat -a - Answer The command used to display the ports currently open on a Windows operating system netstat -b - Answer The command used to display the executable involved in creating the connection or listening port nmap - Answer A Linux and Windows port scanner Penetration Testing - Answer Evaluating the security of a user's network by trying to exploit vulnerabilities