WGU D489 Cybersecurity Management Task 1 Exam Actual Exam 2026/2027 – Complete Exam-Style Questions with Detailed Rationales | 100% Verified – Pass Guaranteed – A+ Graded

1



WGU D489 Cybersecurity Management Task 1
Exam Actual Exam 2026/2027 – Complete Exam-
Style Questions with Detailed Rationales | 100%
Verified – Pass Guaranteed – A+ Graded
Q1: Which cybersecurity framework is structured around five core functions: Identify, Protect,
Detect, Respond, Recover?
A. ISO 27001
B. HIPAA
C. NIST Cybersecurity Framework [CORRECT]
D. PCI DSS
Correct Answer: C
Rationale: Correct because the NIST Cybersecurity Framework organizes activities into
the five core functions: Identify, Protect, Detect, Respond, and Recover.
Q2: In quantitative risk assessment, which formula is used to calculate annualized loss
expectancy (ALE)?
A. ALE = SLE × ARO
B. ALE = AV × EF
C. ALE = Single Loss Expectancy (SLE) × Annualized Rate of Occurrence (ARO)
[CORRECT]
D. ALE = Asset Value × Exposure Factor
Correct Answer: C
Rationale: Correct because ALE is calculated by multiplying the Single Loss Expectancy
(SLE) by the Annualized Rate of Occurrence (ARO), as per standard risk assessment
methodology.
Q3: Which document details the specific procedures and roles for responding to a cybersecurity
breach?
A. Security Awareness Training Manual
B. Business Continuity Plan
C. Incident Response Plan [CORRECT]
D. Risk Assessment Report
Correct Answer: C
Rationale: Correct because the Incident Response Plan specifically defines procedures,
roles, and responsibilities for handling cybersecurity incidents.
Q4: Which access control model uses a central authority to assign permissions based on user
roles?
A. Discretionary Access Control (DAC)
B. Mandatory Access Control (MAC)
C. Role-Based Access Control (RBAC) [CORRECT]
D. Rule-Based Access Control
Correct Answer: C
Rationale: Correct because RBAC assigns permissions based on user roles within an
organization, managed by a central authority.

, 2


Q5: Which compliance regulation requires organizations to notify affected individuals of a data
breach within 72 hours?
A. HIPAA
B. PCI DSS
C. GDPR [CORRECT]
D. SOX
Correct Answer: C
Rationale: Correct because the GDPR mandates data breach notification within 72 hours
of becoming aware of the breach.
Q6: What is the primary goal of a Business Continuity Plan (BCP)?
A. To restore IT systems after a disaster
B. To identify all potential risks
C. To maintain critical business functions during a disruption [CORRECT]
D. To train employees on security policies
Correct Answer: C
Rationale: Correct because the BCP focuses on ensuring critical operations continue
during and after a disruption.
Q7: Which security awareness training topic is most effective for reducing phishing attacks?
A. Password complexity
B. Incident reporting
C. Social engineering recognition [CORRECT]
D. Firewall configuration
Correct Answer: C
Rationale: Correct because recognizing social engineering tactics, such as phishing, is the
most direct defense against such attacks.
Q8: Which international standard specifies requirements for an information security management
system (ISMS)?
A. NIST CSF
B. HIPAA
C. ISO 27001 [CORRECT]
D. PCI DSS
Correct Answer: C
Rationale: Correct because ISO 27001 is the international standard for establishing,
implementing, maintaining, and continually improving an ISMS.
Q9: In risk management, what is the process of determining the level of risk an organization is
willing to accept?
A. Risk Mitigation
B. Risk Avoidance
C. Risk Acceptance [CORRECT]
D. Risk Transference
Correct Answer: C
Rationale: Correct because risk acceptance is the conscious decision to accept the potential
impact of a risk without taking further action.
Q10: Scenario: An organization experiences a ransomware attack that encrypts critical data. The
incident response team must first:
A. Restore data from backups