Pass the WGU Courses and Certificates Network-and-Security-Foundation Questions and answers with ValidTests

Data encryptionprotects sensitive information by encoding it into an unreadable format, ensuring that even if attackers intercept the data, they cannot decipher it without the proper decryption key. This is crucial forprotecting stored and transmitted data.

RBACcontrols user access but does not secure data in transit.

2FAstrengthens authentication but does not secure stored or transmitted data.

Patch managementfixes software vulnerabilities but does not directly protect intercepted data.

Multifactor authentication (MFA)requires users to verify their identity usingmultiple factors, such assomething they know (password), something they have (a token or phone), or somewhere they are (geolocation-based access control). Requiring both location verification andpassword authentication demonstrates MFA.

Certificate verificationchecks digital certificates for security but does not use multiple authentication factors.

User-based accountinglogs user activities but does not verify identity.

Single sign-on (SSO)allows access to multiple systems with one login but is not necessarily MFA.

TheNetwork or Internet layerof the TCP/IP model is responsible for addressing, routing, and delivering packets across networks. TheInternet Protocol (IP)operates at this layer, ensuring thatdata is correctly routed from the source to the destination.

Physical or network access layerdeals with hardware transmission (e.g., Ethernet, Wi-Fi).

Application layerincludes end-user services (e.g., HTTP, FTP).

Transport layermanages data flow using protocols like TCP and UDP but does not handle IP addressing.

ARing topologyis a network setup where each device is connected to two adjacent devices, forming a circular path for data transmission. This topology ensures that data travels in a single orbidirectional loop.

Point-to-pointtopology refers to a direct connection between two devices without forming a larger network structure.

Bus topologyhas all devices connected to a single central cable, rather than forming a ring.

Star topologyfeatures a central hub or switch that connects all devices, rather than direct device-to-device links.

TheTransport layer(Layer 4 of the OSI model) includes theTransmission Control Protocol (TCP), which provides reliable, connection-oriented communication. TCP ensures error-checking, sequencing, and retransmission of lost packets.

Application layerdeals with end-user protocols like HTTP and FTP.

Session layermanages communication sessions but not transport protocols.

Network layerfocuses on IP addressing and routing, not transport mechanisms.

Integrityin IT security ensures that data remains accurate, unaltered, and trustworthy throughout its lifecycle. This means that data transmission should occurwithout errorsand should not be modified by unauthorized parties. Mechanisms like checksums, hashing, and digital signatures help maintain integrity.

Encryption (B)enhances confidentiality, not integrity.

Accessibility (C and D)relates to availability, not integrity.

AType 2 hypervisor(hosted hypervisor) runs on top of an existing operating system and allows for the creation of virtual machines. Examples include VMware Workstation and Oracle VirtualBox.

Type 1 hypervisorsrun directly on hardware without an OS (e.g., VMware ESXi, Microsoft Hyper-V).

Open-source and proprietarydescribe licensing models, not hypervisor types.

Disabling ESSID broadcastingprevents the Wi-Fi network name from being publicly visible,making it harder for attackers to discover and target the network. While this is not a foolproof security measure, it adds an additional layer of protection against unauthorized access.

Trusting local hosts by defaultis risky and not a security best practice.

Adding more access pointsimproves coverage but does not enhance security.

WEPis outdated and highly vulnerable to attacks; WPA2 or WPA3 should be used instead.

Configuring switch port tracinghelps detect unauthorized devices, such as rogue access points, that are connected to the network. Network administrators can useport securityandintrusion detection systems (IDS)to monitor and block unauthorized access points.

Decreasing wireless rangemay limit exposure but does not actively detect rogue APs.

Disabling unnecessary servicesimproves security but does not prevent rogue APs.

Monitoring traffic patternshelps detect anomalies but does not directly stop rogue APs.

Anaccess point (AP)is a network device that extends the coverage of a wireless network by acting as a bridge between wired and wireless devices. It allows users to connect to a network without needing a direct wired connection. APs are particularly useful in large office spaces where Wi-Fi signals may not reach all areas.

Routersprimarily manage network traffic but do not directly extend network range unless they include built-in AP functionality.

Serversare used for hosting applications and storing data but do not extend network connectivity.

Switchesconnect wired devices within a local network but do not extend wireless network range.