OA Exams

  • California, TX 70240
  • Info@gmail.com
  • Office Hours: 8:00 AM – 7:45 PM
  • web.groovymark@gmail.com
  • December 3, 2024

Question 21

Which of the following technologies allows users to securely connect to an internal corporate network from a remote location over the Internet?

A. Firewall
B. VPN
C. IDS
D. DNS

Correct Answer: B. VPN

Explanation: A Virtual Private Network (VPN) allows users to securely connect to an internal network over the Internet by encrypting the connection. Firewalls, IDS, and DNS do not provide remote access in the same way.

Question 22

An attacker attempts to gain access to a server by guessing multiple possible combinations of usernames and passwords. This attack is known as which of the following?

A. Denial of Service (DoS) attack
B. Dictionary attack
C. Man-in-the-middle attack
D. Phishing

Correct Answer: B. Dictionary attack

Explanation: A dictionary attack involves an attacker trying various combinations of commonly used usernames and passwords to gain access to a system. It is different from DoS, MitM, and phishing attacks, which have other objectives and methods.

Question 23

 A company wants to restrict access to its network based on device attributes such as MAC addresses. Which of the following is the best method to implement?

A. Role-based access control
B. MAC filtering
C. Two-factor authentication
D. IDS

Correct Answer: B. MAC filtering

Explanation: MAC filtering is a security method used to restrict network access based on the MAC addresses of devices. It ensures that only authorized devices can connect to the network. Role-based access control, two-factor authentication, and IDS do not provide the same type of control over network access.

Question 24

Which of the following encryption methods uses a public key to encrypt data and a private key to decrypt it?

A. Symmetric encryption
B. Hashing
C. Asymmetric encryption
D. Steganography

Correct Answer: C. Asymmetric encryption

Explanation: Asymmetric encryption uses a pair of keys—a public key for encryption and a private key for decryption. Symmetric encryption uses a single key for both, while hashing and steganography are not encryption methods.

Question 25

Which of the following would best protect sensitive data from being intercepted while being transmitted over a network?

A. Firewalls
B. Antivirus software
C. Encryption
D. Intrusion prevention system

Correct Answer: C. Encryption

Explanation: Encryption ensures that data transmitted over a network is secure, even if intercepted. Firewalls, antivirus software, and intrusion prevention systems do not directly protect data during transmission.

Question 26

Which of the following describes the primary function of an Intrusion Detection System (IDS)?

A. To block unauthorized access to the network
B. To detect suspicious or malicious activity on the network
C. To monitor traffic for performance issues
D. To manage encryption keys

Correct Answer: B. To detect suspicious or malicious activity on the network

Explanation: The primary function of an IDS is to detect suspicious or malicious activity on a network. It does not block access, monitor performance issues, or manage encryption keys.

Question 27

 A security analyst is reviewing firewall logs and notices a large number of outbound requests to an external IP address from a single workstation. The workstation user reports no knowledge of these requests. Which of the following is the most likely cause?

A. Trojan
B. Ransomware
C. Man-in-the-middle attack
D. Denial of service attack

Correct Answer: A. Trojan

Explanation: A Trojan is malicious software that can be used by attackers to remotely control a compromised machine and send data to external servers without the user's knowledge. Ransomware encrypts data, while a MitM attack intercepts communication, and DoS attacks overwhelm systems.

Question 28

 A system administrator wants to ensure that only authorized devices are able to connect to the company’s Wi-Fi network. Which of the following is the best method to implement?

A. MAC filtering
B. Firewalls
C. IDS
D. VPN

Correct Answer: A. MAC filtering

Explanation: MAC filtering restricts network access based on device MAC addresses, ensuring only authorized devices can connect to the Wi-Fi network. Firewalls, IDS, and VPNs do not provide this level of control for wireless access.

Question 29

Which of the following protocols is used to ensure the integrity and authenticity of email messages?

A. S/MIME
B. FTP
C. SSL
D. HTTP

Correct Answer: A. S/MIME

Explanation: S/MIME (Secure/Multipurpose Internet Mail Extensions) ensures the integrity and authenticity of email messages by enabling encryption and digital signatures. FTP, SSL, and HTTP serve different purposes and do not directly provide email security.

Question 30

 A company is concerned about protecting sensitive customer information stored on laptops that are frequently taken outside the office. Which of the following is the best solution to implement?

A. Full disk encryption
B. Antivirus software
C. VPN
D. Screen lock

Correct Answer: A. Full disk encryption

Explanation: Full disk encryption ensures that sensitive information on laptops is protected, even if the device is lost or stolen. Antivirus software, VPNs, and screen locks do not provide the same level of protection for stored data.

Question 31

An attacker compromises a trusted internal server and begins sending malicious traffic to other devices on the network. Which of the following is the best tool to detect this activity?

A. Firewall
B. VPN
C. IDS
D. MAC filtering

Correct Answer: C. IDS

Explanation: An Intrusion Detection System (IDS) can detect suspicious or malicious activity on a network, such as traffic originating from a compromised internal server. Firewalls block traffic based on predefined rules, while VPNs and MAC filtering are not designed to detect network anomalies.

Question 32

Which of the following methods is used to prevent unauthorized access to data stored on removable media?

A. Full disk encryption
B. File permissions
C. Antivirus software
D. Firewalls

Correct Answer: A. Full disk encryption

Explanation: Full disk encryption is used to protect data stored on removable media, such as USB drives, by ensuring that it cannot be accessed without the appropriate decryption key. File permissions, antivirus software, and firewalls do not provide adequate protection for data on removable media.

Question 33

 A company wants to allow employees to access internal resources from their mobile devices but needs to ensure that only company-issued devices can connect. Which of the following is the best solution?

A. Two-factor authentication
B. MAC filtering
C. Mobile device management
D. IDS

Correct Answer: C. Mobile device management

Explanation: Mobile Device Management (MDM) solutions allow companies to control and secure mobile devices, ensuring that only authorized company-issued devices can access internal resources. Two-factor authentication, MAC filtering, and IDS do not provide the same level of control over mobile devices.

Question 34

Which of the following best describes the function of a VPN in securing communication between remote users and internal network resources?

A. It encrypts all traffic between the remote user and the network
B. It authenticates the remote user using two-factor authentication
C. It filters traffic for malicious content
D. It allows remote users to bypass firewalls

Correct Answer: A. It encrypts all traffic between the remote user and the network

Explanation: A Virtual Private Network (VPN) encrypts all traffic between a remote user and the internal network, ensuring that sensitive data cannot be intercepted during transmission. It does not necessarily involve two-factor authentication, filtering for malicious content, or bypassing firewalls.

Question 35

Which of the following attacks involves an attacker sending falsified ARP messages to a local network to associate their MAC address with the IP address of another device, such as a gateway?

A. ARP poisoning
B. DNS poisoning
C. Man-in-the-middle attack
D. Smurf attack

Correct Answer: A. ARP poisoning

Explanation: ARP poisoning occurs when an attacker sends falsified ARP messages to a network, causing traffic intended for one device (such as a gateway) to be redirected to the attacker's machine. DNS poisoning and MitM attacks are different attack methods, and a Smurf attack involves ICMP traffic.

Question 36

Which of the following is an example of a strong password policy?

A. Requiring passwords to be at least six characters long
B. Allowing users to reuse their last five passwords
C. Mandating passwords be changed every 30 days
D. Using two-factor authentication

Correct Answer: C. Mandating passwords be changed every 30 days

Explanation: A strong password policy mandates frequent password changes to reduce the risk of unauthorized access. Requiring passwords to be at least eight characters long and preventing users from reusing passwords are also part of a strong policy. Two-factor authentication is a separate security measure.

Question 37

Which of the following types of malware encrypts a victim’s files and demands payment in exchange for the decryption key?

A. Virus
B. Trojan
C. Ransomware
D. Worm

Correct Answer: C. Ransomware

Explanation: Ransomware encrypts a victim's files and demands payment in exchange for the decryption key. A virus, Trojan, and worm are different types of malware with different behaviors.

Question 38

An attacker is able to send packets to a network device, causing it to exhaust its resources and crash. Which of the following best describes this type of attack?

A. Phishing
B. Brute-force attack
C. Denial of Service (DoS) attack
D. Man-in-the-middle attack

Correct Answer: C. Denial of Service (DoS) attack

Explanation: A Denial of Service (DoS) attack occurs when an attacker overwhelms a target device with traffic or resource requests, causing it to crash or become unavailable. Phishing, brute-force attacks, and MitM attacks are different attack types.

Question 39

Which of the following describes the main purpose of an Intrusion Prevention System (IPS)?

A. To block malicious traffic from entering the network
B. To monitor network traffic for suspicious activity
C. To encrypt traffic between endpoints
D. To manage network access control lists

Correct Answer: A. To block malicious traffic from entering the network

Explanation: An Intrusion Prevention System (IPS) actively blocks malicious traffic from entering the network, preventing attacks before they can affect systems. An IDS monitors traffic, encryption secures communication, and access control lists manage permissions.

Question 40

Which of the following is the best method to secure communication between a web server and client browser?

A. SSH
B. HTTPS
C. VPN
D. FTP

Correct Answer: B. HTTPS

Explanation: HTTPS (Hypertext Transfer Protocol Secure) is the best method to secure communication between a web server and client browser by encrypting data during transmission. SSH secures remote command-line access, while VPN and FTP are not used for web server communication.

Complete the Captcha to view next question set.

Prev Post
WGU D329 Practice Exam Questions – Set 1 – Part 1
Next Post
WGU D329 Practice Exam Questions – Set 1 – Part 3