OA Exams

  • California, TX 70240
  • Info@gmail.com
  • Office Hours: 8:00 AM – 7:45 PM
  • web.groovymark@gmail.com
  • December 2, 2024

Question 01

What is the primary purpose of a firewall?

a) To physically secure a server room
b) To monitor and control incoming and outgoing network traffic
c) To encrypt data in transit
d) To back up data

Correct Answer: b) To monitor and control incoming and outgoing network traffic

Explanation: Firewalls act as a barrier between trusted and untrusted networks, filtering traffic based on predetermined security rules.

Question 02

What does “two-factor authentication” (2FA) provide?

a) Increased password length
b) An additional layer of security requiring two forms of verification
c) A method for encrypting emails
d) A firewall rule

Correct Answer: b) An additional layer of security requiring two forms of verification

Explanation: 2FA enhances security by requiring users to provide two different types of information for authentication.

Question 03

What is a “phishing attack”?

a) A method to secure sensitive data
b) An attempt to acquire sensitive information by masquerading as a trustworthy entity
c) A type of firewall
d) A form of data encryption

Correct Answer: b) An attempt to acquire sensitive information by masquerading as a trustworthy entity

Explanation: Phishing attacks often occur through emails or fake websites, tricking users into providing personal information.

Question 04

What is the role of a “data loss prevention” (DLP) solution?

a) To encrypt data in transit
b) To prevent sensitive data from being lost, misused, or accessed by unauthorized users
c) To back up data
d) To monitor network performance

Correct Answer: b) To prevent sensitive data from being lost, misused, or accessed by unauthorized users

Explanation: DLP solutions help organizations identify and protect sensitive information, ensuring compliance with regulations.

Question 05

What does “encryption” do?

a) Increases the size of files
b) Converts data into a coded format to prevent unauthorized access
c) Backups data to a remote server
d) Secures physical access to servers

Correct Answer: b) Converts data into a coded format to prevent unauthorized access

Explanation: Encryption ensures that even if data is intercepted, it cannot be read without the proper decryption key.

Question 06

What is the purpose of a VPN (Virtual Private Network)?

a) To speed up internet access
b) To create a secure connection over the internet
c) To store data in the cloud
d) To prevent phishing attacks

Correct Answer: b) To create a secure connection over the internet

Explanation: VPNs encrypt internet traffic and create a private network from a public internet connection.

Question 07

 What is “malware”?

a) Software designed to enhance computer performance
b) Malicious software intended to harm or exploit devices
c) A type of firewall
d) Data backup software

Correct Answer: b) Malicious software intended to harm or exploit devices

Explanation: Malware includes viruses, worms, Trojans, ransomware, and spyware, among others.

Question 08

What does “penetration testing” involve?

a) Regularly updating software
b) Assessing a system’s security by simulating attacks
c) Monitoring network traffic
d) Backing up data

Correct Answer: b) Assessing a system's security by simulating attacks

Explanation: Penetration testing helps identify vulnerabilities in systems before malicious actors can exploit them.

Question 09

What is the “principle of least privilege”?

a) Granting all users maximum access
b) Providing users with only the access necessary to perform their job functions
c) Limiting physical access to server rooms
d) Ensuring all data is encrypted

Correct Answer: b) Providing users with only the access necessary to perform their job functions

Explanation: This principle minimizes security risks by reducing the number of users with access to sensitive data.

Question 10

What is “social engineering”?

a) A method of encrypting data
b) Psychological manipulation of people to perform actions or divulge confidential information
c) A type of malware
d) A network segmentation technique

Correct Answer: b) Psychological manipulation of people to perform actions or divulge confidential information

Explanation: Social engineering exploits human psychology rather than technical vulnerabilities.

Question 11

What does “incident response” refer to?

a) Backing up data
b) The process of handling and managing security breaches or attacks
c) Updating software
d) Monitoring network traffic

Correct Answer: b) The process of handling and managing security breaches or attacks

Explanation: Incident response involves preparation, detection, analysis, containment, eradication, recovery, and post-incident review.

Question 12

What is “zero trust” security?

a) A network security model that assumes no user or device is trustworthy by default
b) A type of data backup method
c) A firewall configuration
d) A social engineering tactic

Correct Answer: a) A network security model that assumes no user or device is trustworthy by default

Explanation: Zero trust requires verification from everyone trying to access resources within the network.

Question 13

What is the purpose of “endpoint security”?

a) To protect servers
b) To secure endpoints such as laptops, desktops, and mobile devices from threats
c) To monitor network traffic
d) To manage user accounts

Correct Answer: b) To secure endpoints such as laptops, desktops, and mobile devices from threats

Explanation: Endpoint security ensures that all devices connected to a network are protected against security threats

Question 14

What is “vulnerability scanning”?

a) A method for backing up data
b) The process of identifying and assessing security weaknesses in systems
c) A type of malware
d) A user authentication method

Correct Answer: b) The process of identifying and assessing security weaknesses in systems

Explanation: Vulnerability scanning helps organizations discover vulnerabilities before they can be exploited by attackers.

Question 15

 What does “strong password policy” refer to?

a) A set of guidelines for creating complex passwords
b) A type of data encryption
c) A network security measure
d) A process for managing user accounts

Correct Answer: a) A set of guidelines for creating complex passwords

Explanation: A strong password policy encourages users to create passwords that are difficult to guess or crack.

Question 16

What is “ransomware”?

a) A type of antivirus software
b) Malicious software that encrypts files and demands payment for decryption
c) A data backup solution
d) A network monitoring tool

Correct Answer: b) Malicious software that encrypts files and demands payment for decryption

Explanation: Ransomware attacks can lead to significant data loss and financial costs for organizations.

Question 17

What does “security audit” mean?

a) The process of encrypting data
b) A systematic evaluation of an organization’s security policies, controls, and practices
c) A type of malware
d) A method of data backup

Correct Answer: b) A systematic evaluation of an organization's security policies, controls, and practices

Explanation: Security audits help identify areas for improvement and ensure compliance with regulations.

Question 18

What is “data breach notification”?

a) A method of encrypting data
b) The process of informing individuals about unauthorized access to their personal information
c) A data backup solution
d) A network security measure

Correct Answer: b) The process of informing individuals about unauthorized access to their personal information

Explanation: Notification is often required by law to inform affected parties of a data breach.

Question 19

What is “web application firewall” (WAF)?

a) A type of antivirus software
b) A security solution that monitors and filters HTTP traffic to and from web applications
c) A data backup solution
d) A network monitoring tool

Correct Answer: b) A security solution that monitors and filters HTTP traffic to and from web applications

Explanation: WAFs protect web applications from common attacks such as SQL injection and cross-site scripting.

Question 20

What is “network monitoring”?

a) The process of backing up data
b) The continuous observation of network traffic for unusual activity
c) A type of malware
d) A method of user authentication

Correct Answer: b) The continuous observation of network traffic for unusual activity

Explanation: Network monitoring helps detect security incidents and performance issues.

Complete the Captcha to view next question set.

Prev Post
WGU D340 Practice Exam Questions – Set 4 – Part 3
Next Post
WGU D340 Practice Exam Questions – Set 5 – Part 2