WGU Network Engineering and Security Foundation Exam Network and Security Foundation Exam Questions

Answer : A

Pharming is an attack that manipulates the Domain Name System (DNS) to redirect users to fraudulent websites without their knowledge. Attackers poison DNS records or compromise routers to reroute traffic to malicious sites designed to steal information.

Brute-force attack involves password guessing, not domain manipulation.

IP address spoofing disguises a device's identity but does not alter DNS records.

Session hijacking takes over active user sessions but does not redirect websites.

Answer : C

Enhancing physical resource security ensures that servers, networking devices, and data storage facilities are protected from unauthorized physical access, theft, or tampering. This includes measures like biometric authentication, surveillance, and restricted access zones.

Using a variable network topology does not directly protect data.

Increasing wireless access point range may improve connectivity but does not enhance security.

WEP is weak and should not be used for data protection.

Answer : A

The ipconfig command in Windows provides details about a computer's network adapters, including IP addresses, subnet masks, default gateways, and DNS settings. It is particularly useful for troubleshooting connectivity issues.

traceroute (or tracert in Windows) is used to trace the path packets take to a destination.

nslookup is used for querying DNS records.

netstat provides details about active network connections and listening ports, but not adapter configurations.

Answer : B

The Transport layer (Layer 4 of the OSI model) includes the Transmission Control Protocol (TCP), which provides reliable, connection-oriented communication. TCP ensures error-checking, sequencing, and retransmission of lost packets.

Application layer deals with end-user protocols like HTTP and FTP.

Session layer manages communication sessions but not transport protocols.

Network layer focuses on IP addressing and routing, not transport mechanisms.

Answer : B

This describes a ransomware attack, which falls under denial of availability because it prevents users from accessing their data or systems until a ransom is paid. Attackers use encryption to lock files, disrupting operations.

Data modification refers to unauthorized changes to information.

Data export involves stealing data rather than disabling access.

Launch point describes an attacker's use of a compromised system to attack others.

Answer : D

Authorization is the process of granting specific access rights and permissions based on user roles. By implementing Role-Based Access Control (RBAC), organizations ensure that users only have access to resources necessary for their job functions, reducing the risk of insider threats.

Authentication verifies identity but does not control access.

Accounting logs activities but does not restrict access.

Availability ensures system uptime but is unrelated to permissions.

Answer : C

The Network or Internet layer of the TCP/IP model is responsible for addressing, routing, and delivering packets across networks. The Internet Protocol (IP) operates at this layer, ensuring that data is correctly routed from the source to the destination.

Physical or network access layer deals with hardware transmission (e.g., Ethernet, Wi-Fi).

Application layer includes end-user services (e.g., HTTP, FTP).

Transport layer manages data flow using protocols like TCP and UDP but does not handle IP addressing.