WGU D315 V2 Section 2 Study plan Quiz

WGU D315 V2 Section 2 Study plan Quiz Leave the first rating Students also studied Terms in this set (40) Western Governors UniversityD 315 Save WGU-D315 V2 Section 3 Study Plan ...40 terms mindy_benson Preview

WGU D315 - PRE-ASSESSMENT: NET...

205 terms Mira_PakPreview D315 - Things I Need to Study that w...43 terms The_Nice_Kween Preview Practic 40 terms kris Practice questions for this set Learn1 / 7Study using Learn Which risk management strategy involves implementing security measures to decrease the probability of a risk happening or to lessen its effects should it occur?Grey Hat HackerA person who enjoys the challenge of breaching networks and bypassing security measures for the thrill, without malicious intent and sometimes pointing out flaws

to the affected parties, can be termed a:

Choose an answer 1Grey Hat Hacker2An exploit 3Risk Mitigation4Risk Don't know?

AvailabilityDuring a network upgrade, an administrator mistakenly cuts off the backup data center from the main network. This error leaves the organization without a failover option in case of a primary data center failure. What aspect of the CIA triad has been compromised?IntegrityDuring an IT audit, it's discovered that an employee has been modifying sales records in the company's database to inflate commission payments. Which aspect of the CIA triad has been breached?A type of passive attackIn the context of IT security, wiretapping is considered RiskWhich term refers to the combination of the probability and potential consequences of a threat taking advantage of a vulnerability?External ThreatAn attacker is trying to infiltrate the network from an offsite location. What type of threat does this attacker represent?Increased risk of malware infectionWhich of the following best describes the most significant risk of allowing personal devices on company networks without a proper security policy?Risk MitigationWhich risk management strategy involves implementing security measures to decrease the probability of a risk happening or to lessen its effects should it occur?SQL InjectionWhich type of attack involves manipulating a database by entering malicious code into input fields?Using firewalls to block unnecessary portsHow can organizations reduce the risk associated with port scanning attacks?AvailabilityA healthcare provider's patient portal becomes inaccessible due to a misconfigured firewall that blocks incoming patient traffic. This scenario primarily compromises which principle of the CIA triad?RedSam was just hired to work on the security team that will be attempting to compromise the company's network to discover what vulnerability exist. Which team did he get hired to?Risk AvoidanceWhich risk management approach entails removing the threat or vulnerability altogether to entirely negate the related risk?An exploitA hacker uses a script that automatically injects SQL commands into web forms to

steal data from a database. This script is an example of:

Social engineeringDuring a phone call, an individual claiming to be from the IT department asks for

your password to address a system issue. This is an example of:

Brute Force AttackIn cybersecurity, what type of attack involves systematically trying all possible combinations of letters, numbers, and special characters to compromise a password

Card key access system to the server roomAn organization wants to ensure that only authorized personnel can access the server room. Which of the following is the most effective solution?HoneypotWhich of the following is a fake device designed to tempt intruders with unpatched and unprotected security vulnerabilities and false data?It significantly reduces the chance of unauthorized access How does changing default passwords on new devices and software installations improve security?Zero DayIn cybersecurity, what term refers to a software vulnerability that is exploited before the software vendor releases a patch?Regularly applying software updates and patches What is the most effective method to reduce the risk posed by known software vulnerabilities?Script KiddieWhat term is used to describe individuals who use pre-written hacking scripts or tools without necessarily understanding how they work?Insider ThreatA user is upset that he has just been fired and decides to perform a ping flood attack on the email server. What type of attacker would this user be considered?Smurf AttackWhat type of attack floods a network with ICMP echo request packets, amplifying the attack by using a large number of hosts?IntegrityA malicious actor gains unauthorized access to a company's database and alters financial records, changing the amounts of several transactions. What principle of the CIA Triad is violated in this situation?AvailabilityA distributed denial of service (DDoS) attack overwhelms a popular e-commerce website, causing it to crash. Which element of the CIA Triad is directly impacted?Nation-StateA government-sponsored group launches cyber-attacks against another country's critical infrastructure to destabilize its economy. This group is best described as: White Hat HackerA cybersecurity expert is legally hired by a corporation to find vulnerabilities in its

network and strengthen its defenses. This expert is known as a:

Risk AcceptanceWhich risk management strategy is illustrated by continuing to use a network device with a known risk without implementing any mitigating security measures?ConfidentialityAn attacker uses a zero-day exploit to install spyware on a corporate network, allowing them to monitor all internal communications. This attack compromises which principle of the CIA triad?Black Hat HackerSomeone who breaks into digital systems with the intention of creating and

spreading malware for financial gain would be considered a:

ConfidentialityAn employee loses a laptop containing unencrypted personal data of clients.Which principle of the CIA triad is primarily compromised?

IntegrityA banking system's transaction log is altered by an attacker to erase evidence of unauthorized fund transfers. This action directly compromises which principle of the CIA triad?ThreatDue to its location in a coastal area, a data center's operational continuity is at risk

from hurricanes. This natural event is categorized as a:

ConfidentialityAn employee at a financial institution accidentally emails a spreadsheet containing sensitive customer information to the wrong recipient. Which aspect of the CIA Triad is compromised in this scenario?A weakness or flaw in hardware, software, or facilities that can be taken advantage of to compromise security Which of the following is the best definition of a security Vulnerability?PhishingWhich type of attack send emails claiming to be your bank and asking you to verify that your username and password are correct?HacktivistAn activist group infiltrates and defaces a corporate website to draw attention to

an environmental issue. The group's members are best described as:

Isolate the infected computer from the network Upon discovering a malware infection on a computer, what is the FIRST action that should be taken?ARP PoisoningWhat type of attack involves modifying network tables to associate the attacker's MAC address with the IP address of a legitimate user?