Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

D488 | D488 Cybersecurity Architecture and Engineering Exam 4 | Questions with Correct Answers and Expert Explanation for Each Question | WGU

Rating
-
Sold
-
Pages
38
Grade
A+
Uploaded on
29-04-2026
Written in
2025/2026

D488 | D488 Cybersecurity Architecture and Engineering Exam 4 | Questions with Correct Answers and Expert Explanation for Each Question | WGU

Institution
Course

Content preview

D488 | D488 Cybersecurity Architecture and
Engineering Exam 4 Version 2 | Questions with
Correct Answers and Expert Explanation for Each
Question | WGU
1. Which component of GRC focuses on the oversight and decision-making processes

that ensure IT activities align with business goals?

A. Compliance


B. Governance


C. Risk Management


D. Auditing


Correct Answer: B


Expert Explanation: Governance provides the structure through which

organizational objectives are set and monitored. It ensures that security strategies

align with the overall business mission and risk appetite. This process involves

senior leadership making informed decisions based on accurate reporting. Without

strong governance, security initiatives often become fragmented and lose strategic

focus. It serves as the foundation for both risk management and compliance

activities.

,2. When an organization uses insurance to shift the financial impact of a potential

data breach to a third party, which risk treatment strategy is being applied?

A. Risk Acceptance


B. Risk Mitigation


C. Risk Avoidance


D. Risk Transfer


Correct Answer: D


Expert Explanation: Risk transfer involves shifting the burden of a loss to another

entity, typically an insurance provider. This strategy does not eliminate the risk but

reduces the financial liability of the organization. It is commonly used when the cost

of mitigation exceeds the potential loss. Organizations must carefully evaluate policy

terms to ensure adequate coverage is provided. This approach is a standard part of a

comprehensive risk management program.


3. According to the NIST Cybersecurity Framework, which function involves developing

and implementing appropriate activities to identify the occurrence of a cybersecurity

event?

A. Protect


B. Respond

,C. Detect


D. Recover


Correct Answer: C


Expert Explanation: The Detect function is designed to enable the timely discovery

of cybersecurity events within an environment. It includes activities such as

continuous monitoring and anomaly detection to identify threats quickly. Rapid

detection is critical for minimizing the impact of a security incident on operations.

This function provides the necessary visibility into the network and system health.

Effective detection mechanisms are essential for triggering the response and

recovery phases.


4. Which ISO standard provides a framework for establishing, implementing,

maintaining, and continually improving an Information Security Management System

(ISMS)?

A. ISO 27001


B. ISO 27002


C. ISO 31000


D. ISO 9001


Correct Answer: A

, Expert Explanation: ISO 27001 is the primary international standard for

information security management systems. It outlines a risk-based approach to

managing sensitive company information and ensuring its security. The standard

requires organizations to implement a suite of controls tailored to their specific

risks. Achieving certification demonstrates a high level of commitment to security

best practices. Continuous improvement and regular internal audits are mandatory

components of this framework.


5. What is the primary difference between a security policy and a security standard?

A. Standards are optional guidelines, while policies are legally binding

requirements.


B. Policies are high-level statements of intent, while standards are mandatory rules

for implementation.


C. Policies provide technical details, while standards focus on organizational goals.


D. Standards are set by the government, while policies are internal to the company.


Correct Answer: B


Expert Explanation: Security policies define the high-level goals and management’s

expectations for cybersecurity. Standards provide the mandatory specific

requirements or configurations needed to achieve those policy goals. While a policy

might state that passwords must be strong, a standard specifies the exact length and

Written for

Institution
Course

Document information

Uploaded on
April 29, 2026
Number of pages
38
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$17.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF


Also available in package deal

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
ScholarsAscend Rasmussen College
Follow You need to be logged in order to follow users or courses
Sold
372
Member since
2 year
Number of followers
39
Documents
26473
Last sold
1 day ago

3.9

66 reviews

5
34
4
11
3
10
2
1
1
10

Recently viewed by you

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions