Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

D488 | D488 Cybersecurity Architecture and Engineering Exam 2 | Questions with Correct Answers and Expert Explanation for Each Question | WGU

Rating
-
Sold
-
Pages
38
Grade
A+
Uploaded on
29-04-2026
Written in
2025/2026

D488 | D488 Cybersecurity Architecture and Engineering Exam 2 | Questions with Correct Answers and Expert Explanation for Each Question | WGU

Institution
Course

Content preview

D488 | D488 Cybersecurity Architecture and
Engineering Exam 2 Version 1 | Questions with
Correct Answers and Expert Explanation for Each
Question | WGU
1. Which IPsec mode encrypts both the original IP header and the data payload,

encapsulating them into a new IP packet?

A. Transport Mode


B. Authentication Header (AH)


C. Tunnel Mode


D. Passive Mode


Correct Answer: C


Expert Explanation: Tunnel mode is used to protect the entire IP packet by

encapsulating it into a new IP packet. In this mode, the original IP header is

encrypted along with the payload. This is commonly used for site-to-site VPNs

where the gateways act as the endpoints. It provides higher security compared to

transport mode, which only encrypts the payload. The new IP header added by

tunnel mode contains the addresses of the VPN gateways.


2. A stateful inspection firewall is superior to a simple packet-filtering firewall because

it:

A. Analyzes the application layer data exclusively.

,B. Operates at the Physical layer of the OSI model.


C. Only filters traffic based on source and destination IP addresses.


D. Tracks the state of active connections and makes decisions based on the context

of traffic.


Correct Answer: D


Expert Explanation: Stateful inspection firewalls maintain a table that tracks the

state of all active network connections. This allows the firewall to distinguish

between legitimate return traffic and unauthorized incoming packets. Unlike static

packet filtering, it understands if a packet is part of an existing session. This context-

aware approach significantly reduces the attack surface for external threats. It

effectively prevents many types of scanning and spoofing attacks by validating

session flow.


3. What is the primary purpose of a Demilitarized Zone (DMZ) in network

architecture?

A. To isolate public-facing services from the internal private network.


B. To provide a secure storage area for internal databases.


C. To encrypt all traffic leaving the local area network.


D. To act as a backup for the primary domain controller.

,Correct Answer: A


Expert Explanation: A DMZ acts as a buffer zone between an organization’s private

network and the untrusted internet. Public-facing services like web and email

servers are placed here to limit exposure. If a server in the DMZ is compromised, the

internal network remains protected behind another firewall. This design

implements a layered defense strategy to mitigate risk from external attacks. It

ensures that external users can only access necessary services without reaching

sensitive internal resources.


4. Which type of intrusion detection system (IDS) identifies threats by comparing

traffic patterns against a database of known attack patterns?

A. Anomaly-based IDS


B. Heuristic-based IDS


C. Signature-based IDS


D. Behavior-based IDS


Correct Answer: C


Expert Explanation: Signature-based detection relies on specific predefined

patterns or strings known as signatures. These signatures represent known

malware, exploits, or malicious activities previously identified by researchers. The

system is highly effective at catching established threats with very low false-positive

, rates. However, it is generally unable to detect zero-day attacks that do not yet have

a signature. Regular updates to the signature database are critical to maintaining the

effectiveness of this security control.


5. In the TCP three-way handshake, what is the second packet sent to initiate a

connection?

A. SYN


B. ACK


C. SYN-ACK


D. FIN


Correct Answer: C


Expert Explanation: The three-way handshake begins with a SYN packet from the

client to the server. The server responds with a SYN-ACK packet to acknowledge the

request and synchronize its own sequence number. Finally, the client sends an ACK

packet back to the server to establish the connection. This process ensures that both

parties are ready to communicate and have agreed upon initial sequence numbers.

It is a fundamental mechanism for reliable transport in the TCP/IP protocol suite.


6. Which protocol should be used for remote command-line access to ensure that all

data, including credentials, is encrypted?

A. SSH

Written for

Institution
Course

Document information

Uploaded on
April 29, 2026
Number of pages
38
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$18.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF


Also available in package deal

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
ScholarsAscend Rasmussen College
Follow You need to be logged in order to follow users or courses
Sold
372
Member since
2 year
Number of followers
39
Documents
26473
Last sold
1 day ago

3.9

66 reviews

5
34
4
11
3
10
2
1
1
10

Recently viewed by you

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions