1|Page
WGU D488 OA Final Exam Test Bank/WGU D488
Cybersecurity Architecture & Engineering Newest
2026/2027
The security team recently enabled public access to a web application
hosted on a server inside the corporate network. The developers of the
application report that the server has received several structured query
language (SQL) injection attacks in the past several days. The team
needs to deploy a solution that will block the SQL injection attacks.
Which solution fulfills these requirements?
A - Virtual private network (VPN)
B - Security information and event management (SIEM)
C - Web application firewall (WAF)
D - Secure Socket Shell (SSH) ......ANSWER......C - Web application
firewall (WAF)
An IT security team has been notified that external contractors are
using their personal laptops to gain access to the corporate network.
The team needs to recommend a solution that will prevent unapproved
devices from accessing the network. Which solution fulfills these
requirements?
A - Implementing a demilitarized zone (DMZ)
B - Installing a hardware security module
C - Implementing port security
pg. 1
,2|Page
D - Deploying a software firewall ......ANSWER......C - Implementing port
security
The chief technology officer for a small publishing company has been
tasked with improving the company's security posture. As part of a
network upgrade, the company has decided to implement intrusion
detection, spam filtering, content filtering, and antivirus controls. The
project needs to be completed using the least amount of infrastructure
while meeting all requirements. Which solution fulfills these
requirements?
A - Deploying an anti-spam gateway
B - Deploying a proxy server
C - Deploying a unified threat management (UTM) appliance
D - Deploying a web application firewall (WAF) ......ANSWER......C -
Deploying a unified threat management (UTM) appliance
The security team plans to deploy an intrusion detection system (IDS)
solution to alert engineers about inbound threats. The team already has
a database of signatures that they want the IDS solution to validate.
Which detection technique meets the requirements?
A - Intrusion detection
B - Deep packet inspection
C - Signature-based detection
D - Intrusion prevention ......ANSWER......C - Signature-based detection
pg. 2
,3|Page
An IT organization had a security breach after deploying an update to its
production web servers. The application currently goes through a
manual update process a few times per year. The security team needs
to recommend a failback option for future deployments. Which solution
fulfills these requirements?
A - Implementing a code scanner
B - Implementing code signing
C - Implementing versioning
D - Implementing a security requirements traceability matrix (SRTM)
......ANSWER......C - Implementing versioning
A software development team is working on a new mobile application
that will be used by customers. The security team must ensure that
builds of the application will be trusted by a variety of mobile devices.
Which solution fulfills these requirements?
A - Code scanning
B - Regression testing
C - Code signing
D - Continuous delivery ......ANSWER......C - Code signing
An IT organization recently suffered a data leak incident. Management
has asked the security team to implement a print blocking mechanism
for all documents stored on a corporate file share. Which solution
fulfills these requirements?
A - Virtual desktop infrastructure (VDI)
pg. 3
, 4|Page
B - Remote Desktop Protocol (RDP)
C - Digital rights management (DRM)
D - Watermarking ......ANSWER......C - Digital rights management (DRM)
A company has recently discovered that a competitor is distributing
copyrighted videos produced by the in-house marketing team.
Management has asked the security team to prevent these types of
violations in the future. Which solution fulfills these requirements?
A - Virtual desktop infrastructure (VDI)
B - Secure Socket Shell (SSH)
C - Digital rights management (DRM)
D - Remote Desktop Protocol (RDP) ......ANSWER......C - Digital rights
management (DRM)
A security team has been tasked with performing regular vulnerability
scans for a cloud-based infrastructure. How should these vulnerability
scans be conducted when implementing zero trust security?
A - Manually
B - Annually
C - Automatically
D - As needed ......ANSWER......C - Automatically
pg. 4
WGU D488 OA Final Exam Test Bank/WGU D488
Cybersecurity Architecture & Engineering Newest
2026/2027
The security team recently enabled public access to a web application
hosted on a server inside the corporate network. The developers of the
application report that the server has received several structured query
language (SQL) injection attacks in the past several days. The team
needs to deploy a solution that will block the SQL injection attacks.
Which solution fulfills these requirements?
A - Virtual private network (VPN)
B - Security information and event management (SIEM)
C - Web application firewall (WAF)
D - Secure Socket Shell (SSH) ......ANSWER......C - Web application
firewall (WAF)
An IT security team has been notified that external contractors are
using their personal laptops to gain access to the corporate network.
The team needs to recommend a solution that will prevent unapproved
devices from accessing the network. Which solution fulfills these
requirements?
A - Implementing a demilitarized zone (DMZ)
B - Installing a hardware security module
C - Implementing port security
pg. 1
,2|Page
D - Deploying a software firewall ......ANSWER......C - Implementing port
security
The chief technology officer for a small publishing company has been
tasked with improving the company's security posture. As part of a
network upgrade, the company has decided to implement intrusion
detection, spam filtering, content filtering, and antivirus controls. The
project needs to be completed using the least amount of infrastructure
while meeting all requirements. Which solution fulfills these
requirements?
A - Deploying an anti-spam gateway
B - Deploying a proxy server
C - Deploying a unified threat management (UTM) appliance
D - Deploying a web application firewall (WAF) ......ANSWER......C -
Deploying a unified threat management (UTM) appliance
The security team plans to deploy an intrusion detection system (IDS)
solution to alert engineers about inbound threats. The team already has
a database of signatures that they want the IDS solution to validate.
Which detection technique meets the requirements?
A - Intrusion detection
B - Deep packet inspection
C - Signature-based detection
D - Intrusion prevention ......ANSWER......C - Signature-based detection
pg. 2
,3|Page
An IT organization had a security breach after deploying an update to its
production web servers. The application currently goes through a
manual update process a few times per year. The security team needs
to recommend a failback option for future deployments. Which solution
fulfills these requirements?
A - Implementing a code scanner
B - Implementing code signing
C - Implementing versioning
D - Implementing a security requirements traceability matrix (SRTM)
......ANSWER......C - Implementing versioning
A software development team is working on a new mobile application
that will be used by customers. The security team must ensure that
builds of the application will be trusted by a variety of mobile devices.
Which solution fulfills these requirements?
A - Code scanning
B - Regression testing
C - Code signing
D - Continuous delivery ......ANSWER......C - Code signing
An IT organization recently suffered a data leak incident. Management
has asked the security team to implement a print blocking mechanism
for all documents stored on a corporate file share. Which solution
fulfills these requirements?
A - Virtual desktop infrastructure (VDI)
pg. 3
, 4|Page
B - Remote Desktop Protocol (RDP)
C - Digital rights management (DRM)
D - Watermarking ......ANSWER......C - Digital rights management (DRM)
A company has recently discovered that a competitor is distributing
copyrighted videos produced by the in-house marketing team.
Management has asked the security team to prevent these types of
violations in the future. Which solution fulfills these requirements?
A - Virtual desktop infrastructure (VDI)
B - Secure Socket Shell (SSH)
C - Digital rights management (DRM)
D - Remote Desktop Protocol (RDP) ......ANSWER......C - Digital rights
management (DRM)
A security team has been tasked with performing regular vulnerability
scans for a cloud-based infrastructure. How should these vulnerability
scans be conducted when implementing zero trust security?
A - Manually
B - Annually
C - Automatically
D - As needed ......ANSWER......C - Automatically
pg. 4
