OA Exams

  • California, TX 70240
  • Info@gmail.com
  • Office Hours: 8:00 AM – 7:45 PM
  • web.groovymark@gmail.com
  • November 17, 2024

Question 21

Which organization is responsible for publishing security frameworks and standards to help an organization achieve security outcomes?

a) Open Web Application Security Project (OWASP)
b) Internet Assigned Numbers Authority (IANA)
c) National Institute of Standards and Technology (NIST)
d) International Organization for Standardization (ISO)

Correct Answer: c) National Institute of Standards and Technology (NIST)

Explanation: NIST publishes widely recognized security standards and frameworks that help organizations achieve secure operational practices.

Question 22

Which security process can help obtain a deep insight into events in the existing system?

a) Vulnerability
b) Logging
c) Threat agent
d) Reconnaissance

Correct Answer: b) Logging

Explanation: Logging involves recording system and network events, providing valuable insights for troubleshooting, auditing, and detecting security incidents.

Question 23

Which in-line security technology proactively examines, detects, and prevents an attacker from exploiting a vulnerability in a system?

a) Vulnerability scanner
b) Port scanner
c) Intrusion detection system (IDS)
d) Intrusion prevention system (IPS)

Correct Answer: d) Intrusion prevention system (IPS)

Explanation: An IPS not only detects but also takes proactive steps to prevent potential threats from exploiting vulnerabilities in the system.

Question 24

Which plane can have security problems such as cross-site scripting and cross-site request forgery?

a) Application
b) Data
c) Management
d) Control

Correct Answer: a) Application

Explanation: The application plane is prone to security issues like cross-site scripting (XSS) and cross-site request forgery (CSRF) due to vulnerabilities in web applications.

Question 25

Which communication protocol makes it possible for the SDN controller to interact with devices such as the switch or the router?

a) Transport Layer Security (TLS)
b) Secure Shell Protocol (SSH)
c) Secure File Transfer Protocol (SFTP)
d) OpenFlow

Correct Answer: d) OpenFlow

Explanation: OpenFlow is the standard communication protocol used in SDN to enable the controller to interact with forwarding devices like switches and routers.

Question 26

Which device prohibits virtual networks from communicating with other networks during the implementation of virtual extensible local networks (VXLANs)?

a) Hub
b) Virtual switch
c) Gateway
d) Virtual router

Correct Answer: d) Virtual router

Explanation: A virtual router isolates virtual networks from other networks, ensuring that they do not communicate during the implementation of VXLANs.

Question 27

Which term describes a network security solution that inspects packets and provides filtering as well as monitoring for virtual machines within a virtualized environment?

a) Proxy server
b) Virtual firewall
c) Physical firewall
d) Network address translation

Correct Answer: b) Virtual firewall

Explanation: A virtual firewall operates in virtualized environments, inspecting packets, applying filtering, and monitoring virtual machine traffic to enhance security.

Question 28

Which SDN microsegmentation consideration significantly reduces the available attack surface that a network presents?

a) Zero trust zones
b) Tools for supporting legacy networks
c) Fine-grained data flow and policy management
d) Leveraging cloud-based resource management and support

Correct Answer: c) Fine-grained data flow and policy management

Explanation: Microsegmentation with fine-grained data flow and policy management limits the attack surface by enforcing strict security policies for each network segment.

Question 29

Which benefit of distributed firewalls ensures that telecommuters are protected whether the tunnel is set up or not?

a) Topology independence
b) Protection from internal attacks
c) Elimination of single point of failure
d) Improved host decision-making

Correct Answer: a) Topology independence

Explanation: Distributed firewalls with topology independence protect telecommuters regardless of whether a VPN tunnel is established, offering security in various network configurations.

Question 30

Which firewall term refers to a program that deals with external devices on behalf of internal clients?

a) Network address translation
b) Dual-homed host
c) Proxy
d) Perimeter network

Correct Answer: c) Proxy

Explanation: A proxy acts as an intermediary between internal clients and external servers, handling communication and providing a layer of security.

Question 31

Which networking task would benefit from the use of network automation tools?

a) Configuring multiple wireless access points
b) Changing user privileges due to job changes
c) Creating a physical connection between devices
d) Identifying and fixing a faulty switch protocol

Correct Answer: a) Configuring multiple wireless access points

Explanation: Network automation tools streamline tasks like configuring multiple wireless access points, ensuring consistency and reducing manual effort.

Question 32

Which task can be performed by an administrator using a network’s automation software?

a) Add a firewall to the network
b) Create a network attack graph
c) Perform a penetration test
d) Design the topology of the network

Correct Answer: a) Add a firewall to the network

Explanation: Network automation software can be used to automate tasks such as adding a firewall to the network, enhancing security without manual intervention.

Question 33

Which automation tool uses logic referred to as a playbook?

a) Ansible
b) Chef
c) Puppet
d) Apstra

Correct Answer: a) Ansible

Explanation: Ansible uses playbooks written in YAML to define and automate complex tasks, making it a powerful tool for network automation.

Question 34

Which network configuration automation tool is written using C++, Clojure, and Ruby?

a) Ansible
b) Chef
c) Puppet
d) Apstra

Correct Answer: b) Chef

Explanation: Chef is a configuration management tool written in Ruby and C++, with its recipes defining system configurations in a declarative manner.

Question 35

How does software-defined networking (SDN) affect information security?

a) A single device can be configured for switching, routing, load balancing, or security monitoring.
b) Each network function is handled by a separate, isolated device.
c) With the complexity of software, carriers have little visibility into security issues.
d) Network information is now centralized on one physical device.

Correct Answer: a) A single device can be configured for switching, routing, load balancing, or security monitoring.

Explanation: SDN centralizes control, allowing a single device to manage various network functions, including security monitoring, which enhances visibility and management.

Question 36

Which model involves moving services like load balancing, firewalls, and intrusion prevention systems away from dedicated hardware into a non-physical environment?

a) Network functions virtualization (NFV)
b) Software as a service (SaaS)
c) Open systems interconnection (OSI)
d) Internet Engineering Task Force (IETF)

Correct Answer: a) Network functions virtualization (NFV)

Explanation: NFV virtualizes network functions such as firewalls and load balancers, allowing them to run on general-purpose hardware instead of dedicated appliances.

Question 37

A network utilizes virtualized environments with virtual machines running delay-sensitive applications. Which recommendation should be used to protect the virtual workload in accordance with NIST 800-125B?

a) Virtual firewalls should be deployed for traffic flow control instead of physical firewalls.
b) Two identical bastion hosts should be used instead of one primary host.
c) The logical network topology should be either a star topology or a bus topology.
d) The firewall should be reconfigured and optimized daily

Correct Answer: a) Virtual firewalls should be deployed for traffic flow control instead of physical firewalls.

Explanation: NIST 800-125B recommends deploying virtual firewalls to control traffic in virtualized environments, as they provide more flexibility and control compared to physical firewalls.

Question 38

A virtualized network uses a subnet-level virtual firewall. Which recommendation should be used to protect the virtual workload in accordance with NIST 800-125B?

a) The firewall should be integrated with a virtualization management platform.
b) The firewall should be accessible only through a standalone console.
c) The firewall should be located at the center of the network topology.
d) The firewall should be reconfigured and optimized on a daily basis.

Correct Answer: a) The firewall should be integrated with a virtualization management platform.

Explanation: NIST 800-125B suggests integrating virtual firewalls with a virtualization management platform for better control and efficiency in managing virtual environments.

Question 39

A network uses event logging for auditing purposes. How should the audit records be managed according to the recommendations in NIST 800-53?

a) Generate time stamps for audit records.
b) Store audit records for a period of 36 months.
c) Use a designated local device for audit record storage.
d) Manually inspect audit records at specified intervals.

Correct Answer: a) Generate time stamps for audit records.

Explanation: NIST 800-53 recommends generating time stamps for audit records to ensure that events can be traced accurately and provide a reliable audit trail.

Question 40

How has network functions virtualization (NFV) changed network functions?

a) It has moved network functions from stand-alone appliances to software running on any server.
b) It has moved network functions from software running on any server to stand-alone appliances.
c) It has moved network functions from the network presentation layer to the transport layer.
d) It has moved network functions from the network transport layer to the presentation layer.

Correct Answer: a) It has moved network functions from stand-alone appliances to software running on any server.

Explanation: NFV virtualizes network functions, allowing them to run on standard servers rather than specialized hardware, improving flexibility and scalability.

Complete the Captcha to view next question set.

Prev Post
WGU D415 Practice Exam Questions – Set 1 – Part 1
Next Post
WGU D415 Practice Exam Questions – Set 1 – Part 3