Pass the WGU Courses and Certificates Cybersecurity-Architecture-and-Engineering Questions and answers with ExamsMirror

The correct answer is C — Least privilege.

According to the WGU Cybersecurity Architecture and Engineering (KFO1 / D488) course material, the principle of least privilege ensures that users are granted only the minimum level of access required to perform their job functions. In this case, if the insider only had access to resources necessary for their user role, they would not have been able to access sensitive administrative information.

Password complexity (A) strengthens account security but does not prevent excessive access. Separation of duties (B) divides critical tasks but is not solely about limiting access. Job rotation (D) moves employees between roles but is not an access control measure.

Reference Extract from Study Guide:

"The principle of least privilege requires limiting user access rights to the minimum necessary to perform their tasks, reducing the risk of insider threats and unauthorized access to sensitive information."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Access Control Principles

=============================================

The second generation of computers (1956-1963) saw the introduction of transistors, which replaced vacuum tubes used in the first generation. Transistors allowed computers to be smaller, faster, more reliable, and more energy-efficient compared to their predecessors.

The statement refers to the different types of media that can be used for data backup. Backup media encompasses various storage devices and methods used to store copies of data. Examples include:

CDs and DVDs: Optical storage media used for smaller-scale backups.

Hard drives: Mechanical or solid-state drives used for local and external backups.

Cloud storage: Online services providing remote storage and access to backups.

Choosing the appropriate backup media is crucial for ensuring data availability and recovery in case of data loss.

References

David M. Kroenke and Randall J. Boyle, "Using MIS," Pearson.

Curtis Preston, "Backup & Recovery: Inexpensive Backup Solutions for Open Systems," O'Reilly Media.

Step by Step Comprehensive Detailed Explanation

A compiler is a program that translates source code written in a high-level programming language into machine code.

Definition: A compiler processes the entire source code of a program and translates it into a machine code executable.

Functionality: This process is typically done in several stages, including lexical analysis, syntax analysis, semantic analysis, optimization, and code generation.

Output: The result is an executable file that can be run on a specific operating system.

References

"Compilers: Principles, Techniques, and Tools" by Alfred V. Aho, Monica S. Lam, Ravi Sethi, and Jeffrey D. Ullman

NISTIR 7860, "C++ Coding Standards"

The correct answer is B — Asymmetric encryption.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), asymmetric encryption uses a pair of public and private keys, allowing the sender to encrypt the documents with the recipient’s public key, ensuring that only the recipient’s private key can decrypt them. This guarantees confidentiality even over an unsecured network.

Stream ciphers (A) and block ciphers (C) are types of symmetric encryption, requiring a shared secret key. Hash functions (D) provide integrity, not confidentiality.

Reference Extract from Study Guide:

"Asymmetric encryption enables secure data exchange by allowing encryption with a public key and decryption only with a corresponding private key, ensuring confidentiality over unsecured networks."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Cryptographic Methods and Key Management

=============================================

The correct answer is D — Packet capture.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488) content, packet captures (PCAP files) allow analysts to inspect individual network packets to understand traffic patterns, detect anomalies, and investigate attacks like DDoS. A packet capture provides complete network session data, enabling in-depth analysis of traffic behavior at the packet level.

Web server access logs (A) only capture web activity. Syslog messages (B) primarily record system events but not raw traffic data. Operating system event logs (C) focus on system-level actions, not network flows.

Reference Extract from Study Guide:

"Packet captures record the full network traffic and are essential for investigating network-based attacks such as DDoS incidents by analyzing traffic flows, protocols, and payloads."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Network Security Monitoring Concepts

=============================================

The correct first step in responding to a data breach, as emphasized in theWGU Cybersecurity Architecture and Engineering (KFO1 / D488)course material underIncident Responseprocedures, is tonotify affected users. This aligns with theContainment, Eradication, and Recoveryphase of theNIST Incident Response Lifecyclediscussed in the course content. Prompt notification is crucial to empower users to take immediate protective measures such as updating credentials or monitoring for identity theft.

While other actions like implementing access control policies or improving encryption are validpreventive or corrective controls, they are not theinitial response stepafter a breach is identified. Public announcements are typically handledafter internal assessmentsand legal compliance actions are underway.

Reference Extract from Study Guide:

“As soon as a breach affecting personal data is confirmed, organizations are obligated to notify impacted users in accordance with legal and ethical standards. Notification is part of the initial incident response phase and should occur immediately after verification of the breach.”

—WGU KFO1 / D488 Study Guide: Incident Handling and Response

=============================================

The correct answer is A — Risk appetite.

As per the WGU Cybersecurity Architecture and Engineering (KFO1 / D488) coursework, risk appetite defines the amount and type of risk an organization is willing to accept in pursuit of its objectives. It is a strategic-level metric used by executive leadership and boards to determine if the current level of risk exceeds what the organization is comfortable handling.

Risk evaluation plans (B) outline how risks are assessed, treatment plans (C) describe mitigation actions, and risk tolerance (D) is more operational, defining acceptable variation from the appetite but not the overall strategic limit.

Reference Extract from Study Guide:

"Risk appetite represents the amount of risk an organization is willing to pursue or retain and is established by senior leadership as part of governance activities."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Risk Management Concepts

=============================================

The goal in this scenario is tosecure the application against malware and advanced persistent threats (APTs). According to the WGU Cybersecurity Architecture and Engineering (KFO1 / D488) course materials:

Firewall policiesare critical forcontrolling accessto applications and network resources.

By implementing astrict firewall policy, you limit access to only trusted and necessary sources, greatly reducing the attack surface available to malware or APT actors.

While antivirus software (Option C) can help detect malware,APT actors often use sophisticated methodsthat bypass traditional antivirus tools.

Encryption (Option A) protectsdata confidentialitybutdoes not preventmalware or APTs from attacking the application.

Strong password policies (Option B) helpwith account securitybutdo not directly addressmalware or APT threats.

Key extract from the WGU D488 Study Guide:

"A strict firewall policy is essential for preventing unauthorized access and mitigating advanced persistent threats. Limiting exposure through segmentation, access control lists, and traffic filtering protects critical assets from external and internal threats."

The operating system (OS) is the primary software that manages all the hardware and other software on a computer. It acts as an intermediary between users and the computer hardware. The OS handles basic tasks such as controlling and allocating memory, prioritizing system requests, controlling input and output devices, facilitating networking, and managing files. Examples include Windows, macOS, and Linux.