WGU D488 OBJECTIVE ASSESSMENT 1, 2 & FINAL
NEWEST 2026 PACKAGE DEAL| DIFFERENT VERSIONS
WITH COMPLETE REAL EXAM QUESTIONS AND
CORRECT VERIFIED ANSWERS/ ALREADY GRADED A |
D488 CYBERSECURITY ARCHITECTURE AND
ENGINEERING FINAL EXAM PREP (MOST RECENT!!)
1. Which enterprise security architecture framework focuses on
"why" (business context), "who," "where," "when," and
"how" across six layers?
a) TOGAF
b) SABSA
c) DoDAF
d) COBIT
Correct Answer: b) SABSA
Rationale: SABSA (Sherwood Applied Business Security
1
,Architecture) is a business-driven, risk-based framework that
organizes security architecture into six layers (contextual,
conceptual, logical, physical, component, operational) and six
attributes (why, who, where, when, what, how) .
2. A security architect needs to align IT projects with business
goals and standardize the development lifecycle. Which
framework provides the Architecture Development Method
(ADM)?
a) Zachman Framework
b) SABSA
c) TOGAF
d) NIST SP 800-53
Correct Answer: c) TOGAF
Rationale: TOGAF (The Open Group Architecture Framework)
includes the Architecture Development Method (ADM) as a step-by-
2
,step process for creating and managing enterprise architectures. It
is vendor-neutral and business-goal oriented .
3. Which Zachman Framework column addresses "How does
the system work?" from the Planner's perspective?
a) Data (What)
b) Function (How)
c) Network (Where)
d) People (Who)
Correct Answer: b) Function (How)
*Rationale: The Zachman Framework is a 6x6 matrix. The
Function column (How) represents processes and activities. From
the Planner's perspective (row 1), this asks "How does the
business operate?" — a high-level functional description .*
3
, 4. A security engineer is designing a system that must
maintain confidentiality even if physical drives are stolen.
Which control directly addresses this?
a) Access control lists
b) Full disk encryption
c) Intrusion detection system
d) Backup power supply
Correct Answer: b) Full disk encryption
Rationale: Full disk encryption (FDE) protects data at rest. If a drive
is stolen, the encrypted data remains unreadable without the
decryption key, maintaining confidentiality .
5. Which architectural principle means a security control
should not be easily bypassed or disabled?
a) Least privilege
b) Defense in depth
4
NEWEST 2026 PACKAGE DEAL| DIFFERENT VERSIONS
WITH COMPLETE REAL EXAM QUESTIONS AND
CORRECT VERIFIED ANSWERS/ ALREADY GRADED A |
D488 CYBERSECURITY ARCHITECTURE AND
ENGINEERING FINAL EXAM PREP (MOST RECENT!!)
1. Which enterprise security architecture framework focuses on
"why" (business context), "who," "where," "when," and
"how" across six layers?
a) TOGAF
b) SABSA
c) DoDAF
d) COBIT
Correct Answer: b) SABSA
Rationale: SABSA (Sherwood Applied Business Security
1
,Architecture) is a business-driven, risk-based framework that
organizes security architecture into six layers (contextual,
conceptual, logical, physical, component, operational) and six
attributes (why, who, where, when, what, how) .
2. A security architect needs to align IT projects with business
goals and standardize the development lifecycle. Which
framework provides the Architecture Development Method
(ADM)?
a) Zachman Framework
b) SABSA
c) TOGAF
d) NIST SP 800-53
Correct Answer: c) TOGAF
Rationale: TOGAF (The Open Group Architecture Framework)
includes the Architecture Development Method (ADM) as a step-by-
2
,step process for creating and managing enterprise architectures. It
is vendor-neutral and business-goal oriented .
3. Which Zachman Framework column addresses "How does
the system work?" from the Planner's perspective?
a) Data (What)
b) Function (How)
c) Network (Where)
d) People (Who)
Correct Answer: b) Function (How)
*Rationale: The Zachman Framework is a 6x6 matrix. The
Function column (How) represents processes and activities. From
the Planner's perspective (row 1), this asks "How does the
business operate?" — a high-level functional description .*
3
, 4. A security engineer is designing a system that must
maintain confidentiality even if physical drives are stolen.
Which control directly addresses this?
a) Access control lists
b) Full disk encryption
c) Intrusion detection system
d) Backup power supply
Correct Answer: b) Full disk encryption
Rationale: Full disk encryption (FDE) protects data at rest. If a drive
is stolen, the encrypted data remains unreadable without the
decryption key, maintaining confidentiality .
5. Which architectural principle means a security control
should not be easily bypassed or disabled?
a) Least privilege
b) Defense in depth
4
