WGU Network and Security Foundation Exam Practice Test Instant Access

Question 1

A company wants to implement a cloud service to obtain access to virtual machines. The company wants to be able to choose the operating systems and configure each of the machines.

What is the type of cloud service model that fits the needs of this company?

AFunction as a Service (FaaS)

BInfrastructure as a Service (IaaS)

CPlatform as a Service (PaaS)

DSoftware as a Service (SaaS)

Answer : B

Infrastructure as a Service (IaaS) provides virtualized computing resources over the cloud, including virtual machines where users can install and configure their own operating systems and applications. It offers flexibility and scalability without requiring hardware investment. Examples include AWS EC2 and Microsoft Azure Virtual Machines.

FaaS executes small code functions without infrastructure management.

PaaS provides a managed platform but not full OS control.

SaaS offers ready-to-use applications without infrastructure control.

Question 2

An organization does not have controls in place to limit employee access to sensitive customer data.

What is a component of the CIA triad that is violated?

AConfidentiality

BIntegrity

CAvailability

DInterpretation

Answer : A

Confidentiality ensures that only authorized users have access to sensitive information. Without proper access controls, employees may be able to view or modify sensitive data without proper authorization, leading to a confidentiality breach.

Integrity involves protecting data from unauthorized modifications.

Availability ensures that systems remain operational.

Interpretation is not part of the CIA triad.

Question 3

An attacker uses a list of commonly used access credentials to attempt to gain access to an online account.

Which malicious attack strategy is represented in the scenario?

APhishing

BDictionary attack

CCredential stuffing

DSocial engineering

Answer : B

A dictionary attack is a password-cracking method that systematically tries common words, phrases, and predictable passwords (e.g., 'password123', 'admin2024') to gain access to an account. Attackers often compile large lists of weak or reused passwords.

Phishing tricks users into revealing passwords but does not systematically test multiple words.

Credential stuffing uses breached passwords rather than guessing from a list.

Social engineering manipulates users but does not rely on automated password attempts.

Question 4

An organization is evaluating its internal network. Currently, each device is connected to two adjacent devices, one on either side.

Which type of network topology is being used?

APoint-to-point

BBus

CStar

DRing

Answer : D

A Ring topology is a network setup where each device is connected to two adjacent devices, forming a circular path for data transmission. This topology ensures that data travels in a single or bidirectional loop.

Point-to-point topology refers to a direct connection between two devices without forming a larger network structure.

Bus topology has all devices connected to a single central cable, rather than forming a ring.

Star topology features a central hub or switch that connects all devices, rather than direct device-to-device links.

Question 5

A host is already set up with an operating system. An administrator wants to install a hypervisor atop the operating system to allow for setting up virtual machines.

Which hypervisor should be used?

AOpen source

BProprietary

CType 1

DType 2

Answer : D

A Type 2 hypervisor (hosted hypervisor) runs on top of an existing operating system and allows for the creation of virtual machines. Examples include VMware Workstation and Oracle VirtualBox.

Type 1 hypervisors run directly on hardware without an OS (e.g., VMware ESXi, Microsoft Hyper-V).

Open-source and proprietary describe licensing models, not hypervisor types.

Question 6

A company is developing a data protection methodology in order to improve data protection measures.

What is a strategy that should be used?

AUse a variable network topology

BIncrease wireless access point range

CEnhance physical resource security

DImplement wired equivalent privacy (WEP)

Answer : C

Enhancing physical resource security ensures that servers, networking devices, and data storage facilities are protected from unauthorized physical access, theft, or tampering. This includes measures like biometric authentication, surveillance, and restricted access zones.

Using a variable network topology does not directly protect data.

Increasing wireless access point range may improve connectivity but does not enhance security.

WEP is weak and should not be used for data protection.

Question 7

In order to reduce the risk of insider attacks, a company assigns role-based permissions to its users.

Which network security concept does this scenario address?

AAuthentication

BAccounting

CAvailability

DAuthorization

Answer : D

Authorization is the process of granting specific access rights and permissions based on user roles. By implementing Role-Based Access Control (RBAC), organizations ensure that users only have access to resources necessary for their job functions, reducing the risk of insider threats.

Authentication verifies identity but does not control access.

Accounting logs activities but does not restrict access.

Availability ensures system uptime but is unrelated to permissions.

WGU Network Engineering and Security Foundation Exam Network and Security Foundation Exam Practice Test