OA Exams

  • California, TX 70240
  • Info@gmail.com
  • Office Hours: 8:00 AM – 7:45 PM
  • web.groovymark@gmail.com
  • December 3, 2024

Question 41

Which of the following best describes the role of encryption in cybersecurity?

A. To block unauthorized access
B. To verify user identity
C. To protect data confidentiality
D. To monitor network traffic

Correct Answer: C. To protect data confidentiality

Explanation: Encryption ensures data confidentiality by converting data into an unreadable format that can only be deciphered by authorized parties. It does not block access, verify identity, or monitor traffic.

Question 42

An attacker is attempting to intercept and modify data being transmitted between two parties. This is an example of which of the following attacks?

A. Phishing
B. SQL injection
C. Man-in-the-middle attack
D. Brute-force attack

Correct Answer: C. Man-in-the-middle attack

Explanation: A man-in-the-middle (MitM) attack involves intercepting and potentially altering communication between two parties. Phishing, SQL injection, and brute-force attacks use different methods.

Question 43

 Which of the following security measures should be implemented to ensure that an attacker cannot reuse a stolen password hash to gain access to a system?

A. Salting
B. Encryption
C. Two-factor authentication
D. Firewalls

Correct Answer: A. Salting

Explanation: Salting adds random data to a password before it is hashed, preventing attackers from reusing stolen password hashes to access systems.

Question 44

 A company wants to ensure that users accessing the internal network are using secure, encrypted connections. Which of the following should be used?

A. VPN
B. IDS
C. MAC filtering
D. Firewalls

Correct Answer: A. VPN

Explanation: A VPN (Virtual Private Network) provides secure, encrypted connections to the internal network, ensuring that data is protected. IDS, MAC filtering, and firewalls serve different purposes.

Question 45

Which of the following best describes the purpose of a digital signature?

A. To encrypt sensitive data
B. To verify the integrity of data and ensure non-repudiation
C. To monitor for suspicious traffic
D. To manage access control lists

Correct Answer: B. To verify the integrity of data and ensure non-repudiation

Explanation: A digital signature verifies the integrity of data and ensures non-repudiation, meaning the sender cannot deny sending the data. It does not encrypt data, monitor traffic, or manage access control lists.

Question 46

Which of the following best describes the function of an Intrusion Detection System (IDS)?

A. To block unauthorized access
B. To monitor for suspicious activity
C. To encrypt network traffic
D. To authenticate users

Correct Answer: B. To monitor for suspicious activity

Explanation: An IDS monitors network traffic for suspicious activity or potential security breaches. It does not block access, encrypt traffic, or authenticate users.

Question 47

An attacker is attempting to exploit a known vulnerability in software to gain access to a system. This is an example of which of the following?

A. SQL injection
B. Exploit
C. Phishing
D. Cross-site scripting

Correct Answer: B. Exploit

Explanation: An exploit takes advantage of a software vulnerability to gain unauthorized access to a system. SQL injection, phishing, and cross-site scripting are specific types of attacks.

Question 48

Which of the following is the best way to ensure that sensitive data on a lost or stolen laptop remains protected from unauthorized access?

A. Antivirus software
B. Full disk encryption
C. Firewalls
D. VPN

Correct Answer: B. Full disk encryption

Explanation: Full disk encryption ensures that data on a lost or stolen laptop is encrypted and cannot be accessed by unauthorized individuals. Antivirus, firewalls, and VPNs do not provide this level of protection.

Question 49

Which of the following attacks involves sending unsolicited, often malicious, messages over SMS?

A. Spam
B. Phishing
C. SMiShing
D. Spoofing

Correct Answer: C. SMiShing

Explanation: SMiShing is a type of phishing attack that uses SMS messages to deceive users into revealing sensitive information. Spam, phishing, and spoofing are different types of attacks.

Question 50

Which of the following terms refers to the practice of using a single authentication process to access multiple systems without needing to log in again?

A. Role-based access control
B. Single sign-on
C. Two-factor authentication
D. MAC filtering

Correct Answer: B. Single sign-on

Explanation: Single sign-on (SSO) allows users to authenticate once and gain access to multiple systems without needing to log in again. Role-based access control, two-factor authentication, and MAC filtering are unrelated security measures.

Complete the Captcha to view next question set.

Prev Post
WGU D329 Practice Exam Questions – Set 2 – Part 2
Next Post
WGU D329 Practice Exam Questions – Set 3 – Part 1