WGU C795 EXAM OA REAL EXAM 250 QUESTIONS AND
CORRECT ANSWERS/WGU 795 CYBERSECURITY
MANAGEMENT II TACTICAL OA EXAM(VERIFIED
ANSWERS)|AGRADE
A web server is at near 100% utilization, and it is suggested that several web servers run the
same site, sharing traffic from the internet. Which system resilience method would this be?
Network load balancing
Failover clustering
Electronic vaulting
Remote journaling – ANSWER- Network load balancing
Which RAID array performs striping and uses mirroring for fault tolerance?
RAID 0
RAID 1
RAID 5
RAID 10 – ANSWER- RAID 10
Which kind of disaster recovery site typically consists of self-contained trailers?
Mobile
Hot
Warm
Cold – ANSWER- Mobile
How often should a BCP be reviewed?
At least annually or when changes occur
If and when the company gets audited
When a disaster occurs
Every 5 years or when a law changes – ANSWER- At least annually or when changes occur
Which database disaster recovery strategy transfers copies of database transaction logs to another
location?
Electronic vaulting
Remote journaling
Disk Mirroring
Floating parity – ANSWER- Remote journaling
A company develops a BCP in addition to an emergency communication plan. What should be
included in the company’s emergency communication plan? Choose two
Alternate means of contact
Backup people for each role
The best time to call each person
Employee’s phone service providers – ANSWER- Alternate means of contact
Backup people for each role
Which type of backup solution should be incorporated in an organization that has high-capacity
backup data requirements in the terabytes?
Disk-to-disk
Tape
Optical media
High-capacity CD-RW – ANSWER- Disk-to-disk
Which data recovery strategy should be used to mitigate the risk of a natural disaster?
Perform a full local backup
store tapes in a secure room
Hold backups on a shared drive
Back up data to a remote cloud provider – ANSWER- Back up data to a remote cloud provider
Which two data recovery components will back up a file and change the archive bit to 0? Choose
two.
Full backup
Differential backup
Incremental backup
Copy backup – ANSWER- Full backup
Incremental backup
Disaster recovery team members are requested to do more than just review the disaster recovery
plan but not actually test the individual parts of the plan. Which type of test would suit this
request?
Read through
Structured walk through
Parallel
Full interruption – ANSWER- Structured walk through
When should formal change management be used to manage updates to a DRP? – ANSWERWhen the IT infrastructure changes, all related disaster recovery documentation should be
changed to match the environment
A company presents team members with a disaster recovery scenario, asks members to develop
an appropriate response, and then tests some of the technical responses without shutting down
operations at the primary site. Which type of disaster recovery test is being performed?
Read-through
Structured walk through
Simulation
Full-interruption – ANSWER- Simulation
Which defense-in-depth practices allow an organization to locate an intruder on its internal
network?
Whitelisting applications and blacklisting processes
Antivirus and IPS
SIEM and IDS
Sandboxing applications and penetration testing – ANSWER- SIEM and IDS
A company is concerned that disgruntled employees are sending sensitive data to its competitors.
Which defense-in-depth practices assist a company in identifying an insider threat?
DLP and audit logs
Antivirus and IDS
DLP and IDS
Antivirus and audit logs – ANSWER- DLP and audit logs
A company is hit with a number of ransomeware attacks. These attacks are causing a significant
amount of downtime and data loss since users with access to sensitive company documents are
being targeted. These attacks have prompted management to invest in new technical controls to
prevent ransomware.
Which defense-in-depth practices should this company implement?
Password resets and a log review
Mandatory vacations and job rotation
Spam filtering and antimalware
Encryption and an internal firewall – ANSWER- Spam filtering and antimalware
A company’s database administrator requires access to a database server to perform maintenance.
The director of information technology will provide the database administrator access to the
database server but will not provide the database administrator access to all the data within the
server’s database.
Which defense-in-depth practice enhances the company’s need-to-know data access strategy?
Using compartmented mode systems and least privilege
Using compartmented mode systems and two-person control
Using dedicated mode systems and least privilege
Using dedicated mode systems and two-person control – ANSWER- Using compartmented mode
systems and least privilege
A company has signed a contract with third party vendor to use the vendor’s inventory
management system hosted in a cloud. For convince, the vendor set up the application to use
LDAP queries but did not enable secure LDAP queries or implement a SSL on the application’s
web server. The vendor does not have the ability to secure the system, and company
management insists on using the application. Which defense-in-depth practices should the
company implement to minimize the likelihood of an account compromise due to insecure setup
by the vendor?
Location-based access control and multifactor authentication
IPS and honeypot systems
Antivirus and IDS
Password hashing and authentication encryption – ANSWER- Location-based access control and
multifactor authentication
A company is terminating several employees with high levels of access. The company wants to
protect itself from possible disgruntled employees who could become potential insider threats.
Which defense-in-depth practices should be applied?
Account revocation and conducting a vulnerability assessment
Account revocation and conducting a full backup of critical data
A mandatory 90-day password change and conducting a full backup of critical data
A mandatory 90-day password change and conducting a vulnerability assessment – ANSWERAccount revocation and conducting a vulnerability assessment
A hacker is sitting between a corporate user and the email server that the user is currently
accessing. The hacker is trying to intercept and capture any data the user is sending through the
email application. How should a system administrator protect the company’s email server from
this attack?
Encrypt network traffic with VPNs
Add antimalware to the email server
Implement a firewall
Whitelist the sites the are trusted – ANSWER- Encrypt network traffic with VPNs
A company wants to prevent cybercriminals from gaining easy access into its email server. The
company wants to know which user is accessing which resources and to prevent hackers from
easily gaining access to the server. Which defense-in-depth strategy should be used?