Pass the WGU Courses and Certificates Network-and-Security-Foundation Questions and answers with ValidTests

Theeconomy of mechanismprinciple states that security systems should beas simple and small as possible. Reducing complexity makes security mechanisms easier to understand, audit, and defend against attacks.

Least common mechanismreduces shared resources to limit security risks.

Least privilegerestricts access based on necessity.

Zero-trust modelassumes no implicit trust in users or devices.

Thedigcommand in Linux is used for DNS troubleshooting. It queries DNS records and provides detailed information about domain name resolutions.

traceroutetracks the path packets take to a destination but does not diagnose DNS.

netstatlists active connections, not DNS records.

ifconfigis used for managing network interfaces.

Aman-in-the-middle (MITM) attackoccurs when an attacker secretly intercepts and relays communication between two parties. This allows the attacker to steal data, modify messages, or inject malicious content without the victims' knowledge.

Credential stuffingreuses stolen login credentials but does not involve interception.

Social engineeringmanipulates users rather than intercepting messages.

Pharmingredirects users to fraudulent websites, but it does not intercept communication.

Restricting physical accessto data storage facilities is a critical part of database security. Even with strong cybersecurity measures,unauthorized physical accessto servers can lead to breaches. Security strategies includebiometric authentication, surveillance cameras, and restricted entry zones.

Disclosing breachesis required by compliance laws but does not protect data proactively.

Developing algorithmsimproves security but is not a fundamental checklist item.

Outsourcing data managementcan introduce security risks if not properly controlled.

Session hijackingoccurs when an attacker takes over an established connection between two devices, often by stealing session tokens or manipulating network traffic. This allows the attacker to impersonate a legitimate user and gain unauthorized access.

Dictionary attackinvolves password guessing, not hijacking active connections.

Social engineeringtricks users into providing information but does not hijack sessions.

IP address spoofingdisguises the attacker's identity but does not necessarily take over a session.

TheApplication layer(Layer 7 of the OSI model) includesHypertext Transfer Protocol (HTTP), which is used for web communication. This layer provides network services directly to applications and users.

Network layerdeals with IP addressing and packet routing.

Session layermanages connections but does not include HTTP.

Transport layerensures reliable data transmission but does not handle application protocols.

Accounting(also known asauditing or logging) is a network security concept that tracks user activities, includingsuccessful and failed authentication attempts, system changes, and resource access. This helps in detecting and mitigating security breaches.

Authenticationverifies user identity but does not track activity.

Availabilityensures systems remain operational.

Authorizationcontrols user permissions but does not log activities.

Awireless routeris designed to create an access point that allows wireless devices to connect to a network. It combines the functions of a traditional router with a wireless access point, enabling communication between wired and wireless devices. These routers use Wi-Fi standards (e.g., 802.11ac, 802.11ax) to transmit data wirelessly.

Broadband routersprimarily provide internet connectivity but do not necessarily include Wi-Fi functionality unless specified.

Core routershandle large-scale data routing in the backbone of networks but are not designed for access point creation.

Inter-provider border routersfunction at an ISP level for routing traffic between different networks, not for providing user access.