2026 WGU D488 CYBERSECURITY ARCHITECTURE AND
ENGINEERING OA (ACTUAL 2025/2026) EXAM QUESTIONS
AND VERIFIED CORRECT TEST BANK 1
The security team recently enabled public access to a web application
hosted on a server inside the corporate network. The developers of the
application report that the server has received several structured query
language (SQL) injection attacks in the past several days. The team
needs to deploy a solution that will block the SQL injection attacks.
Which solution fulfills these requirements?
Web application firewall (WAF)
3 multiple choice options
An IT security team has been notified that external contractors are
using their personal laptops to gain access to the corporate network.
The team needs to recommend a solution that will prevent
unapproved devices from accessing the network.
Which solution fulfills these requirements?
Implementing port security
3 multiple choice options
,A company wants to implement a policy to reduce the risk of
unauthorized access to sensitive information.
Which policy should be implemented?
Least privilege
1 multiple choice option
* A company is developing a cybersecurity risk management program
and wants to establish metrics to measure the program's effectiveness.
What should the company consider?
Key performance indicators (KPIs)
3 multiple choice options
What are KPIs?
Key performance indicators measure a company's success and
effectiveness vs. a set of targets, objectives, or industry peers
,What are KRIs?
Key risk indicators metrics for measuring the likelihood that the
combined probability of an event and its consequences will exceed
the organization's risk appetite and have a profoundly negative impact
on an organization's ability to be successful
A manufacturing company recently conducted a cybersecurity
assessment which identified several vulnerabilities, including
unsecured wireless networks and a lack of knowledge of
cybersecurity best practices by employees.
Which risk mitigation process should the company use to address
these vulnerabilities?
Implement wireless network encryption and enforce regular employee
security training
3 multiple choice options
* A company has discovered a vulnerability in its Kubernetes
deployment that allows attackers to execute commands on the
Kubernetes cluster's nodes. The company has decided to implement
risk mitigation processes to address this vulnerability.
, Which risk mitigation process is the most effective in mitigating the
vulnerability associated with the Kubernetes deployment?
Implementing network segmentation to isolate the Kubernetes nodes
from the rest of the network
3 multiple choice options
What is Kubernetes? (may not be relevant to D488)
K8 An open source system for automating deployment, scaling, and
management of containerized applications. container-runtime
agnostic. An example: platform engineers could write an API or CLI
tool that lets developers request deployment of a container image
they've built
What is a Kubernetes cluster? (may not be relevant to D488)
A Kubernetes (K8s) cluster is a group of computing nodes, or worker
machines, that run containerized applications
An organization has recently signed a contract with a new vendor to
provide a critical service. The service will involve the vendor having
access to sensitive customer data. The organization's management is
concerned about the risks associated with using a new vendor and
wants to know the best ways to mitigate those risks.
ENGINEERING OA (ACTUAL 2025/2026) EXAM QUESTIONS
AND VERIFIED CORRECT TEST BANK 1
The security team recently enabled public access to a web application
hosted on a server inside the corporate network. The developers of the
application report that the server has received several structured query
language (SQL) injection attacks in the past several days. The team
needs to deploy a solution that will block the SQL injection attacks.
Which solution fulfills these requirements?
Web application firewall (WAF)
3 multiple choice options
An IT security team has been notified that external contractors are
using their personal laptops to gain access to the corporate network.
The team needs to recommend a solution that will prevent
unapproved devices from accessing the network.
Which solution fulfills these requirements?
Implementing port security
3 multiple choice options
,A company wants to implement a policy to reduce the risk of
unauthorized access to sensitive information.
Which policy should be implemented?
Least privilege
1 multiple choice option
* A company is developing a cybersecurity risk management program
and wants to establish metrics to measure the program's effectiveness.
What should the company consider?
Key performance indicators (KPIs)
3 multiple choice options
What are KPIs?
Key performance indicators measure a company's success and
effectiveness vs. a set of targets, objectives, or industry peers
,What are KRIs?
Key risk indicators metrics for measuring the likelihood that the
combined probability of an event and its consequences will exceed
the organization's risk appetite and have a profoundly negative impact
on an organization's ability to be successful
A manufacturing company recently conducted a cybersecurity
assessment which identified several vulnerabilities, including
unsecured wireless networks and a lack of knowledge of
cybersecurity best practices by employees.
Which risk mitigation process should the company use to address
these vulnerabilities?
Implement wireless network encryption and enforce regular employee
security training
3 multiple choice options
* A company has discovered a vulnerability in its Kubernetes
deployment that allows attackers to execute commands on the
Kubernetes cluster's nodes. The company has decided to implement
risk mitigation processes to address this vulnerability.
, Which risk mitigation process is the most effective in mitigating the
vulnerability associated with the Kubernetes deployment?
Implementing network segmentation to isolate the Kubernetes nodes
from the rest of the network
3 multiple choice options
What is Kubernetes? (may not be relevant to D488)
K8 An open source system for automating deployment, scaling, and
management of containerized applications. container-runtime
agnostic. An example: platform engineers could write an API or CLI
tool that lets developers request deployment of a container image
they've built
What is a Kubernetes cluster? (may not be relevant to D488)
A Kubernetes (K8s) cluster is a group of computing nodes, or worker
machines, that run containerized applications
An organization has recently signed a contract with a new vendor to
provide a critical service. The service will involve the vendor having
access to sensitive customer data. The organization's management is
concerned about the risks associated with using a new vendor and
wants to know the best ways to mitigate those risks.
