WGU D488 OA FINAL EXAM TEST BANK/WGU D488 CYBERSECURITY
ARCHITECTURE & ENGINEERING NEWEST 2025/2026 COMPLETE ALL 230
QUESTIONS AND CORRECT DETAILED ANSWERS |ALREADY GRADED
A+||ALREADY GRADED A+
The security team recently enabled public access to a web application hosted on a server inside the
corporate network. The developers of the application report that the server has received several
structured query language (SQL) injection attacks in the past several days. The team needs to deploy a
solution that will block the SQL injection attacks. Which solution fulfills these requirements?
A - Virtual private network (VPN)
B - Security information and event management (SIEM)
C - Web application firewall (WAF)
D - Secure Socket Shell (SSH) - (answers)C - Web application firewall (WAF)
An IT security team has been notified that external contractors are using their personal laptops to gain
access to the corporate network. The team needs to recommend a solution that will prevent
unapproved devices from accessing the network. Which solution fulfills these requirements?
A - Implementing a demilitarized zone (DMZ)
B - Installing a hardware security module
C - Implementing port security
D - Deploying a software firewall - (answers)C - Implementing port security
The chief technology officer for a small publishing company has been tasked with improving the
company's security posture. As part of a network upgrade, the company has decided to implement
intrusion detection, spam filtering, content filtering, and antivirus controls. The project needs to be
completed using the least amount of infrastructure while meeting all requirements. Which solution
fulfills these requirements?
A - Deploying an anti-spam gateway
B - Deploying a proxy server
C - Deploying a unified threat management (UTM) appliance
,D - Deploying a web application firewall (WAF) - (answers)C - Deploying a unified threat management
(UTM) appliance
The security team plans to deploy an intrusion detection system (IDS) solution to alert engineers about
inbound threats. The team already has a database of signatures that they want the IDS solution to
validate. Which detection technique meets the requirements?
A - Intrusion detection
B - Deep packet inspection
C - Signature-based detection
D - Intrusion prevention - (answers)C - Signature-based detection
An IT organization had a security breach after deploying an update to its production web servers. The
application currently goes through a manual update process a few times per year. The security team
needs to recommend a failback option for future deployments. Which solution fulfills these
requirements?
A - Implementing a code scanner
B - Implementing code signing
C - Implementing versioning
D - Implementing a security requirements traceability matrix (SRTM) - (answers)C - Implementing
versioning
A software development team is working on a new mobile application that will be used by customers.
The security team must ensure that builds of the application will be trusted by a variety of mobile
devices. Which solution fulfills these requirements?
A - Code scanning
B - Regression testing
C - Code signing
D - Continuous delivery - (answers)C - Code signing
,An IT organization recently suffered a data leak incident. Management has asked the security team to
implement a print blocking mechanism for all documents stored on a corporate file share. Which
solution fulfills these requirements?
A - Virtual desktop infrastructure (VDI)
B - Remote Desktop Protocol (RDP)
C - Digital rights management (DRM)
D - Watermarking - (answers)C - Digital rights management (DRM)
A company has recently discovered that a competitor is distributing copyrighted videos produced by the
in-house marketing team. Management has asked the security team to prevent these types of violations
in the future. Which solution fulfills these requirements?
A - Virtual desktop infrastructure (VDI)
B - Secure Socket Shell (SSH)
C - Digital rights management (DRM)
D - Remote Desktop Protocol (RDP) - (answers)C - Digital rights management (DRM)
A security team has been tasked with performing regular vulnerability scans for a cloud-based
infrastructure. How should these vulnerability scans be conducted when implementing zero trust
security?
A - Manually
B - Annually
C - Automatically
D - As needed - (answers)C - Automatically
A healthcare company needs to ensure that medical researchers cannot inadvertently share protected
health information (PHI) data from medical records. What is the best solution?
A - Encryption
B - Metadata
, C - Anonymization
D - Obfuscation - (answers)C - Anonymization
A security team has been tasked with mitigating the risk of stolen credentials after a recent breach. The
solution must isolate the use of privileged accounts. In the future, administrators must request access to
mission-critical services before they can perform their tasks. What is the best solution?
A - Identity and access management (IAM)
B - Password policies
C - Privileged access management (PAM)
D - Password complexity - (answers)C - Privileged access management (PAM)
A global manufacturing company is moving its applications to the cloud. The security team has been
tasked with hardening the access controls for a corporate web application that was recently migrated.
End users should be granted access to different features based on their locations and departments.
Which access control solution should be implemented?
A - Kerberos
B - Mandatory access control (MAC)
C - Attribute-based access control (ABAC)
D - Privileged access management (PAM) - (answers)C - Attribute-based access control (ABAC)
A team of developers is building a new corporate web application. The security team has stated that the
application must authenticate users through two separate channels of communication. Which type of
authentication method should the developers include when building the application?
A - In-band authentication
B - Kerberos
C - Out-of-band authentication
D - Challenge-Handshake Authentication Protocol (CHAP) - (answers)C - Out-of-band authentication
ARCHITECTURE & ENGINEERING NEWEST 2025/2026 COMPLETE ALL 230
QUESTIONS AND CORRECT DETAILED ANSWERS |ALREADY GRADED
A+||ALREADY GRADED A+
The security team recently enabled public access to a web application hosted on a server inside the
corporate network. The developers of the application report that the server has received several
structured query language (SQL) injection attacks in the past several days. The team needs to deploy a
solution that will block the SQL injection attacks. Which solution fulfills these requirements?
A - Virtual private network (VPN)
B - Security information and event management (SIEM)
C - Web application firewall (WAF)
D - Secure Socket Shell (SSH) - (answers)C - Web application firewall (WAF)
An IT security team has been notified that external contractors are using their personal laptops to gain
access to the corporate network. The team needs to recommend a solution that will prevent
unapproved devices from accessing the network. Which solution fulfills these requirements?
A - Implementing a demilitarized zone (DMZ)
B - Installing a hardware security module
C - Implementing port security
D - Deploying a software firewall - (answers)C - Implementing port security
The chief technology officer for a small publishing company has been tasked with improving the
company's security posture. As part of a network upgrade, the company has decided to implement
intrusion detection, spam filtering, content filtering, and antivirus controls. The project needs to be
completed using the least amount of infrastructure while meeting all requirements. Which solution
fulfills these requirements?
A - Deploying an anti-spam gateway
B - Deploying a proxy server
C - Deploying a unified threat management (UTM) appliance
,D - Deploying a web application firewall (WAF) - (answers)C - Deploying a unified threat management
(UTM) appliance
The security team plans to deploy an intrusion detection system (IDS) solution to alert engineers about
inbound threats. The team already has a database of signatures that they want the IDS solution to
validate. Which detection technique meets the requirements?
A - Intrusion detection
B - Deep packet inspection
C - Signature-based detection
D - Intrusion prevention - (answers)C - Signature-based detection
An IT organization had a security breach after deploying an update to its production web servers. The
application currently goes through a manual update process a few times per year. The security team
needs to recommend a failback option for future deployments. Which solution fulfills these
requirements?
A - Implementing a code scanner
B - Implementing code signing
C - Implementing versioning
D - Implementing a security requirements traceability matrix (SRTM) - (answers)C - Implementing
versioning
A software development team is working on a new mobile application that will be used by customers.
The security team must ensure that builds of the application will be trusted by a variety of mobile
devices. Which solution fulfills these requirements?
A - Code scanning
B - Regression testing
C - Code signing
D - Continuous delivery - (answers)C - Code signing
,An IT organization recently suffered a data leak incident. Management has asked the security team to
implement a print blocking mechanism for all documents stored on a corporate file share. Which
solution fulfills these requirements?
A - Virtual desktop infrastructure (VDI)
B - Remote Desktop Protocol (RDP)
C - Digital rights management (DRM)
D - Watermarking - (answers)C - Digital rights management (DRM)
A company has recently discovered that a competitor is distributing copyrighted videos produced by the
in-house marketing team. Management has asked the security team to prevent these types of violations
in the future. Which solution fulfills these requirements?
A - Virtual desktop infrastructure (VDI)
B - Secure Socket Shell (SSH)
C - Digital rights management (DRM)
D - Remote Desktop Protocol (RDP) - (answers)C - Digital rights management (DRM)
A security team has been tasked with performing regular vulnerability scans for a cloud-based
infrastructure. How should these vulnerability scans be conducted when implementing zero trust
security?
A - Manually
B - Annually
C - Automatically
D - As needed - (answers)C - Automatically
A healthcare company needs to ensure that medical researchers cannot inadvertently share protected
health information (PHI) data from medical records. What is the best solution?
A - Encryption
B - Metadata
, C - Anonymization
D - Obfuscation - (answers)C - Anonymization
A security team has been tasked with mitigating the risk of stolen credentials after a recent breach. The
solution must isolate the use of privileged accounts. In the future, administrators must request access to
mission-critical services before they can perform their tasks. What is the best solution?
A - Identity and access management (IAM)
B - Password policies
C - Privileged access management (PAM)
D - Password complexity - (answers)C - Privileged access management (PAM)
A global manufacturing company is moving its applications to the cloud. The security team has been
tasked with hardening the access controls for a corporate web application that was recently migrated.
End users should be granted access to different features based on their locations and departments.
Which access control solution should be implemented?
A - Kerberos
B - Mandatory access control (MAC)
C - Attribute-based access control (ABAC)
D - Privileged access management (PAM) - (answers)C - Attribute-based access control (ABAC)
A team of developers is building a new corporate web application. The security team has stated that the
application must authenticate users through two separate channels of communication. Which type of
authentication method should the developers include when building the application?
A - In-band authentication
B - Kerberos
C - Out-of-band authentication
D - Challenge-Handshake Authentication Protocol (CHAP) - (answers)C - Out-of-band authentication
