WGU D488 FINAL EXAM TEST BANK (LATEST
& & & & & & &
UPDATE ) CYBERSECURITY & & & & &
ARCHITECTURE AND ENGINEERING | & & & &
QUESTIONS AND ANSWERS | GRADE A | 100% & & & & & & & &
CORRECT (VERIFIED SOLUTIONS) & &
The security team recently enabled public access to a web application hosted on a
& & & & & & & & & & & & & &
server inside the corporate network. The developers of the application report that the
& & & & & & & & & & & & &
server has received several structured query language (SQL) injection attacks in the past
& & & & & & & & & & & &
& several days. The team needs to deploy a solution that will block the SQL injection
& & & & & & & & & & & & & & &
attacks. Which solution fulfills these requirements?
& & & & &
A - Virtual private network (VPN)
& & & & &
B - Security information and event management (SIEM)
& & & & & & &
C - Web application firewall (WAF)
& & & & &
D - Secure Socket Shell (SSH) :
& & & & & &
& ANSWER: C - Web application firewall (WAF) & & & & & & &
An IT security team has been notified that external contractors are using their personal
& & & & & & & & & & & & & &
laptops to gain access to the corporate network. The team needs to recommend a
& & & & & & & & & & & & & &
solution that will prevent unapproved devices from accessing the network. Which
& & & & & & & & & & &
solution fulfills these requirements?
& & &
A - Implementing a demilitarized zone (DMZ)
& & & & & &
B - Installing a hardware security module
& & & & & &
C - Implementing port security
& & & &
D - Deploying a software firewall :
& & & & & &
& ANSWER: C - Implementing port security & & & & &
,The chief technology officer for a small publishing company has been tasked with
& & & & & & & & & & & & &
improving the company's security posture. As part of a network upgrade, the company
& & & & & & & & & & & & &
has decided to implement intrusion detection, spam filtering, content filtering, and
& & & & & & & & & & &
antivirus controls. The project needs to be completed using the least amount of
& & & & & & & & & & & & &
infrastructure while meeting all requirements. Which solution fulfills these
& & & & & & & & &
requirements?
A - Deploying an anti-spam gateway
& & & & &
B - Deploying a proxy server
& & & & &
C - Deploying a unified threat management (UTM) appliance
& & & & & & & &
D - Deploying a web application firewall (WAF) :
& & & & & & & &
& ANSWER: C - Deploying a unified threat management (UTM) appliance
& & & & & & & & &
The security team plans to deploy an intrusion detection system (IDS) solution to alert
& & & & & & & & & & & & & &
engineers about inbound threats. The team already has a database of signatures that they
& & & & & & & & & & & & &
& want the IDS solution to validate. Which detection technique meets the requirements?
& & & & & & & & & & &
A - Intrusion detection
& & &
B - Deep packet inspection
& & & &
C - Signature-based detection
& & &
D - Intrusion prevention :
& & & &
& ANSWER: C - Signature-based detection & & & &
An IT organization had a security breach after deploying an update to its production
& & & & & & & & & & & & & &
web servers. The application currently goes through a manual update process a few
& & & & & & & & & & & & &
times per year. The security team needs to recommend a failback option for future
& & & & & & & & & & & & & &
deployments. Which solution fulfills these requirements?
& & & & &
A - Implementing a code scanner
& & & & &
B - Implementing code signing
& & & &
C - Implementing versioning
& & &
,D - Implementing a security requirements traceability matrix (SRTM) :
& & & & & & & & &
& ANSWER: C - Implementing versioning & & & &
A software development team is working on a new mobile application that will be used
& & & & & & & & & & & & & & &
by customers. The security team must ensure that builds of the application will be
& & & & & & & & & & & & & &
trusted by a variety of mobile devices. Which solution fulfills these requirements?
& & & & & & & & & & &
A - Code scanning
& & &
B - Regression testing
& & &
C - Code signing
& & &
D - Continuous delivery :
& & & &
& ANSWER: C - Code signing & & & &
An IT organization recently suffered a data leak incident. Management has asked the
& & & & & & & & & & & & &
security team to implement a print blocking mechanism for all documents stored on a
& & & & & & & & & & & & & &
corporate file share. Which solution fulfills these requirements?
& & & & & & &
A - Virtual desktop infrastructure (VDI)
& & & & &
B - Remote Desktop Protocol (RDP)
& & & & &
C - Digital rights management (DRM)
& & & & &
D - Watermarking :
& & &
& ANSWER: C - Digital rights management (DRM) & & & & & &
A company has recently discovered that a competitor is distributing copyrighted videos
& & & & & & & & & & & &
produced by the in-house marketing team. Management has asked the security team to
& & & & & & & & & & & & &
prevent these types of violations in the future. Which solution fulfills these
& & & & & & & & & & & &
requirements?
A - Virtual desktop infrastructure (VDI)
& & & & &
B - Secure Socket Shell (SSH)
& & & & &
C - Digital rights management (DRM)
& & & & &
, D - Remote Desktop Protocol (RDP) :
& & & & & &
& ANSWER: C - Digital rights management (DRM)
& & & & & &
A security team has been tasked with performing regular vulnerability scans for a cloud-
& & & & & & & & & & & & &
based infrastructure. How should these vulnerability scans be conducted when
& & & & & & & & & &
implementing zero trust security? & & &
A - Manually
& &
B - Annually
& &
C - Automatically
& &
D - As needed :
& & & &
& ANSWER: C - Automatically & & &
A healthcare company needs to ensure that medical researchers cannot inadvertently
& & & & & & & & & & &
share protected health information (PHI) data from medical records. What is the best
& & & & & & & & & & & & &
solution?
A - Encryption
& &
B - Metadata
& &
C - Anonymization
& &
D - Obfuscation :
& & &
& ANSWER: C - Anonymization & & &
A security team has been tasked with mitigating the risk of stolen credentials after a
& & & & & & & & & & & & & & &
recent breach. The solution must isolate the use of privileged accounts. In the future,
& & & & & & & & & & & & & &
administrators must request access to mission-critical services before they can perform
& & & & & & & & & & &
their tasks. What is the best solution?
& & & & & &
A - Identity and access management (IAM)
& & & & & &
B - Password policies
& & &
C - Privileged access management (PAM)
& & & & &
& & & & & & &
UPDATE ) CYBERSECURITY & & & & &
ARCHITECTURE AND ENGINEERING | & & & &
QUESTIONS AND ANSWERS | GRADE A | 100% & & & & & & & &
CORRECT (VERIFIED SOLUTIONS) & &
The security team recently enabled public access to a web application hosted on a
& & & & & & & & & & & & & &
server inside the corporate network. The developers of the application report that the
& & & & & & & & & & & & &
server has received several structured query language (SQL) injection attacks in the past
& & & & & & & & & & & &
& several days. The team needs to deploy a solution that will block the SQL injection
& & & & & & & & & & & & & & &
attacks. Which solution fulfills these requirements?
& & & & &
A - Virtual private network (VPN)
& & & & &
B - Security information and event management (SIEM)
& & & & & & &
C - Web application firewall (WAF)
& & & & &
D - Secure Socket Shell (SSH) :
& & & & & &
& ANSWER: C - Web application firewall (WAF) & & & & & & &
An IT security team has been notified that external contractors are using their personal
& & & & & & & & & & & & & &
laptops to gain access to the corporate network. The team needs to recommend a
& & & & & & & & & & & & & &
solution that will prevent unapproved devices from accessing the network. Which
& & & & & & & & & & &
solution fulfills these requirements?
& & &
A - Implementing a demilitarized zone (DMZ)
& & & & & &
B - Installing a hardware security module
& & & & & &
C - Implementing port security
& & & &
D - Deploying a software firewall :
& & & & & &
& ANSWER: C - Implementing port security & & & & &
,The chief technology officer for a small publishing company has been tasked with
& & & & & & & & & & & & &
improving the company's security posture. As part of a network upgrade, the company
& & & & & & & & & & & & &
has decided to implement intrusion detection, spam filtering, content filtering, and
& & & & & & & & & & &
antivirus controls. The project needs to be completed using the least amount of
& & & & & & & & & & & & &
infrastructure while meeting all requirements. Which solution fulfills these
& & & & & & & & &
requirements?
A - Deploying an anti-spam gateway
& & & & &
B - Deploying a proxy server
& & & & &
C - Deploying a unified threat management (UTM) appliance
& & & & & & & &
D - Deploying a web application firewall (WAF) :
& & & & & & & &
& ANSWER: C - Deploying a unified threat management (UTM) appliance
& & & & & & & & &
The security team plans to deploy an intrusion detection system (IDS) solution to alert
& & & & & & & & & & & & & &
engineers about inbound threats. The team already has a database of signatures that they
& & & & & & & & & & & & &
& want the IDS solution to validate. Which detection technique meets the requirements?
& & & & & & & & & & &
A - Intrusion detection
& & &
B - Deep packet inspection
& & & &
C - Signature-based detection
& & &
D - Intrusion prevention :
& & & &
& ANSWER: C - Signature-based detection & & & &
An IT organization had a security breach after deploying an update to its production
& & & & & & & & & & & & & &
web servers. The application currently goes through a manual update process a few
& & & & & & & & & & & & &
times per year. The security team needs to recommend a failback option for future
& & & & & & & & & & & & & &
deployments. Which solution fulfills these requirements?
& & & & &
A - Implementing a code scanner
& & & & &
B - Implementing code signing
& & & &
C - Implementing versioning
& & &
,D - Implementing a security requirements traceability matrix (SRTM) :
& & & & & & & & &
& ANSWER: C - Implementing versioning & & & &
A software development team is working on a new mobile application that will be used
& & & & & & & & & & & & & & &
by customers. The security team must ensure that builds of the application will be
& & & & & & & & & & & & & &
trusted by a variety of mobile devices. Which solution fulfills these requirements?
& & & & & & & & & & &
A - Code scanning
& & &
B - Regression testing
& & &
C - Code signing
& & &
D - Continuous delivery :
& & & &
& ANSWER: C - Code signing & & & &
An IT organization recently suffered a data leak incident. Management has asked the
& & & & & & & & & & & & &
security team to implement a print blocking mechanism for all documents stored on a
& & & & & & & & & & & & & &
corporate file share. Which solution fulfills these requirements?
& & & & & & &
A - Virtual desktop infrastructure (VDI)
& & & & &
B - Remote Desktop Protocol (RDP)
& & & & &
C - Digital rights management (DRM)
& & & & &
D - Watermarking :
& & &
& ANSWER: C - Digital rights management (DRM) & & & & & &
A company has recently discovered that a competitor is distributing copyrighted videos
& & & & & & & & & & & &
produced by the in-house marketing team. Management has asked the security team to
& & & & & & & & & & & & &
prevent these types of violations in the future. Which solution fulfills these
& & & & & & & & & & & &
requirements?
A - Virtual desktop infrastructure (VDI)
& & & & &
B - Secure Socket Shell (SSH)
& & & & &
C - Digital rights management (DRM)
& & & & &
, D - Remote Desktop Protocol (RDP) :
& & & & & &
& ANSWER: C - Digital rights management (DRM)
& & & & & &
A security team has been tasked with performing regular vulnerability scans for a cloud-
& & & & & & & & & & & & &
based infrastructure. How should these vulnerability scans be conducted when
& & & & & & & & & &
implementing zero trust security? & & &
A - Manually
& &
B - Annually
& &
C - Automatically
& &
D - As needed :
& & & &
& ANSWER: C - Automatically & & &
A healthcare company needs to ensure that medical researchers cannot inadvertently
& & & & & & & & & & &
share protected health information (PHI) data from medical records. What is the best
& & & & & & & & & & & & &
solution?
A - Encryption
& &
B - Metadata
& &
C - Anonymization
& &
D - Obfuscation :
& & &
& ANSWER: C - Anonymization & & &
A security team has been tasked with mitigating the risk of stolen credentials after a
& & & & & & & & & & & & & & &
recent breach. The solution must isolate the use of privileged accounts. In the future,
& & & & & & & & & & & & & &
administrators must request access to mission-critical services before they can perform
& & & & & & & & & & &
their tasks. What is the best solution?
& & & & & &
A - Identity and access management (IAM)
& & & & & &
B - Password policies
& & &
C - Privileged access management (PAM)
& & & & &
