D315 V2 Section 3 Practice Quiz

D315 V2 Section 3 Practice Quiz Leave the first rating Students also studied Terms in this set (40) Western Governors UniversityD 315 Save

WGU D315 - PRE-ASSESSMENT: NET...

205 terms Mira_PakPreview D315 V2 Section 1 Practice Quiz 40 terms Phant0mDeku Preview

D315 PA

189 terms Plaguedoctor2674 Preview Networ 120 term amx Place the wireless encryptions in order from the weakest to the strongest 1 WEP 2 WPA 3 WPA2 4 WPA3 Why is multi-factor authentication crucial in securing systems?-To improve the performance of systems -To facilitate easier logins -To streamline the process of logging in -To ensure higher security through multiple verification mechanisms To ensure higher security through multiple verification mechanisms A university's IT department suspects a rogue access point may be operating on campus. What should they implement?-Mandatory VPN for all students -A Wireless Intrusion Prevention System (WIPS) -Personal antivirus solutions for all devices -Decreased Wi-Fi signal strength around the perimeter A Wireless Intrusion Prevention System (WIPS)

Tom accesses his workplace computer using a fingerprint scan. The security system he interacts with uses which type of authentication?-Something you know -Something you have -Something you are -Somewhere you are Something you are At a software company, which of the following practices best exemplifies separation of duties in incident response?-The same team responsible for network operations also handles all incident investigations.-One team detects and reports security incidents, while a different team analyzes and responds to these incidents.-Incident detection, response, and recovery are all outsourced to a single external vendor.-The IT director takes sole responsibility for managing incident response to maintain confidentiality.One team detects and reports security incidents, while a different team analyzes and responds to these incidents.A user must enter a security question answer to retrieve a

forgotten password. This form of authentication relies on:

-Something you know -Something you have -Something you are -Somewhere you are Something you know A company's security policy requires that all incoming and outgoing messages be inspected for harmful content like viruses and spyware before they reach the desktops.Which firewall should they deploy?-Packet filtering firewall -Stateful inspection firewall -Application level firewall -Circuit level gateway Application level firewall Which of the following is NOT typically considered a part of device hardening?-Changing default passwords -Disabling unnecessary services -Increasing the number of open ports -Applying security patches Increasing the number of open ports

A company develops an encryption software that uses a simple, well-understood algorithm instead of multiple complex algorithms. This strategy primarily enhances security through which principle?-Least privilege -Fail-safe -Least common mechanism -Economy of Mechanism Economy of Mechanism In an information security policy document, what must each sub-policy clearly contain to meet compliance and clarity requirements?-An impact score for the sub-policy -A directory of associated sub-policies -The specific compliance obligations the sub-policy fulfills -Information about the local government office The specific compliance obligations the sub-policy fulfills What is a primary reason attackers set up rogue access points in public places like cafes and airports?-To provide complimentary Wi-Fi access to patrons -To promote their own services or products -To capture personal and financial information from unsuspecting users -To gather information for breaching the network's security protocols To capture personal and financial information from unsuspecting users What does HIPAA primarily protect?-Consumer credit information -Educational records -Health information -Children's online activity Health information A software developer attempts to access the customer database but is denied. What part of the AAA framework is responsible for this decision?-Authentication -Authorization -Accounting -Availability Authorization

What layer of protection could be considered the last line of defense in a well-implemented security in depth strategy?-Perimeter firewall -Intrusion detection systems -Data encryption at rest -Antivirus software Data encryption at rest An organization is adjusting its information security policies to adhere to the requirements of the Personal Information Protection and Electronic Documents Act

(PIPEDA).

Under PIPEDA, what is the organization required to do?-Provide financial benefits to individuals from the revenue generated through their personal information -Establish adequate security measures for the protection of stored personal data -Announce the type of security used for protecting personal data -Restrict the storage of personal information to a single physical location Establish adequate security measures for the protection of stored personal data A network firewall analyzes each packet against a set of security criteria, such as source IP Address, destination IP address, or port number before deciding to allow or

block. This approach is known as:

-Discretionary Access Control -Role-Based Access Control -Rule-Based Access Control -Attribute-Based Access Control Rule-Based Access Control An organization is setting up a firewall capable of analyzing individual packets and the association in which these packets are grouped. Which type of access control is being utilized?-Rule-based -Discretionary -Attribute-based -Context-based Context-based A large number of ICMP Echo requests originating from a spoofed IP address are flooding a network. What traditional network security tool can help mitigate this type of ICMP Ping flood attack?-Application gateway -Firewall with ICMP filtering capabilities -Data loss prevention system -Intrusion detection system Firewall with ICMP filtering capabilities