WGU D488 - CYBERSECURITY ARCHITECTURE & ENGINEERING
Cybersecurity Architecture and Engineering - D488
EXAM QUESTIONS AND ANSWERS (VERIFIED AND WELL DETAILED
Study online at https://quizlet.com/_feugdw
ANSWERS) LATEST UPDATE 2025/2026
1. black swan event A risk event that is very impactful but highly unlikely event, stastically
improbable.
2. likelihood the probability that a threat will come to pass or occur
3. Impact The severity of a threat if realized.
4. Single Loss Expectan- The amount of loss in a single occurence of the risk factor.
cy (SLE)
5. Annual Rate of Occur- The amount of single occurence that happen in a year.
rence (ARO)
6. Annual Loss Expectan- Estimate of the amount of loss that occurs over a year.
cy (ALE)
ALE = SLE x ARO
7. Quantitative risk The challenge of quantitative risk as that the cost of components or
equipment is not always clear.
8. Mean Time To Recov- The average time that a device will take to recover from any failure.
ery (MTTR)
9. Mean Time Between the average length of time between failures of a product or component
Failures (MTBF)
10. List Cybersecurity 1. identity
Framework 5 core 2. Protect
functions 3. Detect
4. Respond
5. Recover
11. Residual Risk the risk that remains after management implements internal controls or
some other response to risk
, Cybersecurity Architecture and Engineering - D488
Study online at https://quizlet.com/_feugdw
12. Risk Appetite The amount of risk a company is willing to accept to achieve its goals and
objectives. To avoid undue risk, risk appetite must be in alignment with
company strategy.
13. ISO 31000 Framework - used to integrate the risk management process into their management
and operational systems
- can be adapted to an organization's specific operations and objectives
begins with an evaluation of an organization's risk contexts, including
all major factors both inside and outside the organization that affect its
objective's and operation's
14. COBIT Framework - current framework version is COBIT5
- based on the following principles:
- meeting stakeholder needs
- covering the enterprise end-to-end
- applying a single, integrated framework
- enabling a holistic approach
- separating governance from management
15. COSO Committee of Sponsoring Organizations of the Treadway Commission an
initiative of 5 private sector organizations collaborating on the develop-
ment of risk management frameworks.
16. Risk Management Life identify
cycle phases Assess
Control
Review
17. NIST Cybersecurity Identify
Framework core Protect
Detect
Respond
Recover
, Cybersecurity Architecture and Engineering - D488
Study online at https://quizlet.com/_feugdw
18. KPI (Key Performance A formal mechanism designed to measure performance of a program
Indicator) against desired goals.
19. Key risk indicators Metrics that provide an early warning of increasing levels of uncertainty in
(KRIs) a particular business area.
20. Risk Register A document in which the results of risk analysis and risk response planning
are recorded.
21. tradeoff analysis Comparing potential benefits to potential risks and determining a course
of action based on adjusting factors that contribute to each area
22. Managing people Separation of duties
risks Job rotation
Mandatory vacation
Least Privilege
Employment and Term Procedures
23. Software as a Service represents the lowest amount of responsibility for the customer as the
(SaaS) facilities, utilities, physical security, platform and applications are the re-
sponsibility of the provider
24. platform as as service Provides a selection of operating systems that can be loaded and config-
ured by the customer, the underlying infrastructure, facilities, utilities, and
physical security are the responsibility of the provider.
25. Infrastructure as a Provides the hardware hosted at the provider facility using the providers
Service (IaaS) physical security controls and utilities, such as power.
26. Vendor Lock-in When a customer is completely dependent on a vendor for products
or services because switching is either impossible or would result in
substantial complexity and costs.
, Cybersecurity Architecture and Engineering - D488
Study online at https://quizlet.com/_feugdw
27. Vendor Lock-out When a vendors product is developed in a way that makes it inoperable
with other products, the ability to integrate with other vendor products is
not a feasible option, or does not exist.
28. Vendor Viability A vendor that has a viable and in-demand product and the financial means
to remain in business on an ongoing basis.
29. Source Code Escrow Identifies that a copy of vendor developed source code is provided to a
trusted third party in case the vendor ceases to be in business
30. Support Availability Defines the steps taken to verify the type and level of support to be
provided by the vendor in support of their product or service. Often
defined by an SLA
31. meeting client re- Describes the formal measures taken to validate that the vendor's deliv-
quirements ered service or product offering aligns to established requirements
32. Incident reporting Re- Legal contracts should clearly identify the requirement for vendors to
quirements provide timely notification regarding any security incidents
33. Supply Chain Describes all of the suppliers, vendors, and partners needed to deliver a
final product.
34. Cloud Security Al- Program that demonstrates a cloud service providers adherence to key
liance (CSA) Security principles of transparency, auditing, and best practice security operations
Trust and Risk (STAR)
35. System and Organiza- Uses standards established by the American institute of Certified Public
tion Controls (SOC) Accountants (AICPA) to evaluate the policies, processes, and procedures
in place and designed to protect technology and financial operations.
36. ISO 27000 Series One of the most widely referenced and often discussed security models
• Framework for information security that states organizational security
Cybersecurity Architecture and Engineering - D488
EXAM QUESTIONS AND ANSWERS (VERIFIED AND WELL DETAILED
Study online at https://quizlet.com/_feugdw
ANSWERS) LATEST UPDATE 2025/2026
1. black swan event A risk event that is very impactful but highly unlikely event, stastically
improbable.
2. likelihood the probability that a threat will come to pass or occur
3. Impact The severity of a threat if realized.
4. Single Loss Expectan- The amount of loss in a single occurence of the risk factor.
cy (SLE)
5. Annual Rate of Occur- The amount of single occurence that happen in a year.
rence (ARO)
6. Annual Loss Expectan- Estimate of the amount of loss that occurs over a year.
cy (ALE)
ALE = SLE x ARO
7. Quantitative risk The challenge of quantitative risk as that the cost of components or
equipment is not always clear.
8. Mean Time To Recov- The average time that a device will take to recover from any failure.
ery (MTTR)
9. Mean Time Between the average length of time between failures of a product or component
Failures (MTBF)
10. List Cybersecurity 1. identity
Framework 5 core 2. Protect
functions 3. Detect
4. Respond
5. Recover
11. Residual Risk the risk that remains after management implements internal controls or
some other response to risk
, Cybersecurity Architecture and Engineering - D488
Study online at https://quizlet.com/_feugdw
12. Risk Appetite The amount of risk a company is willing to accept to achieve its goals and
objectives. To avoid undue risk, risk appetite must be in alignment with
company strategy.
13. ISO 31000 Framework - used to integrate the risk management process into their management
and operational systems
- can be adapted to an organization's specific operations and objectives
begins with an evaluation of an organization's risk contexts, including
all major factors both inside and outside the organization that affect its
objective's and operation's
14. COBIT Framework - current framework version is COBIT5
- based on the following principles:
- meeting stakeholder needs
- covering the enterprise end-to-end
- applying a single, integrated framework
- enabling a holistic approach
- separating governance from management
15. COSO Committee of Sponsoring Organizations of the Treadway Commission an
initiative of 5 private sector organizations collaborating on the develop-
ment of risk management frameworks.
16. Risk Management Life identify
cycle phases Assess
Control
Review
17. NIST Cybersecurity Identify
Framework core Protect
Detect
Respond
Recover
, Cybersecurity Architecture and Engineering - D488
Study online at https://quizlet.com/_feugdw
18. KPI (Key Performance A formal mechanism designed to measure performance of a program
Indicator) against desired goals.
19. Key risk indicators Metrics that provide an early warning of increasing levels of uncertainty in
(KRIs) a particular business area.
20. Risk Register A document in which the results of risk analysis and risk response planning
are recorded.
21. tradeoff analysis Comparing potential benefits to potential risks and determining a course
of action based on adjusting factors that contribute to each area
22. Managing people Separation of duties
risks Job rotation
Mandatory vacation
Least Privilege
Employment and Term Procedures
23. Software as a Service represents the lowest amount of responsibility for the customer as the
(SaaS) facilities, utilities, physical security, platform and applications are the re-
sponsibility of the provider
24. platform as as service Provides a selection of operating systems that can be loaded and config-
ured by the customer, the underlying infrastructure, facilities, utilities, and
physical security are the responsibility of the provider.
25. Infrastructure as a Provides the hardware hosted at the provider facility using the providers
Service (IaaS) physical security controls and utilities, such as power.
26. Vendor Lock-in When a customer is completely dependent on a vendor for products
or services because switching is either impossible or would result in
substantial complexity and costs.
, Cybersecurity Architecture and Engineering - D488
Study online at https://quizlet.com/_feugdw
27. Vendor Lock-out When a vendors product is developed in a way that makes it inoperable
with other products, the ability to integrate with other vendor products is
not a feasible option, or does not exist.
28. Vendor Viability A vendor that has a viable and in-demand product and the financial means
to remain in business on an ongoing basis.
29. Source Code Escrow Identifies that a copy of vendor developed source code is provided to a
trusted third party in case the vendor ceases to be in business
30. Support Availability Defines the steps taken to verify the type and level of support to be
provided by the vendor in support of their product or service. Often
defined by an SLA
31. meeting client re- Describes the formal measures taken to validate that the vendor's deliv-
quirements ered service or product offering aligns to established requirements
32. Incident reporting Re- Legal contracts should clearly identify the requirement for vendors to
quirements provide timely notification regarding any security incidents
33. Supply Chain Describes all of the suppliers, vendors, and partners needed to deliver a
final product.
34. Cloud Security Al- Program that demonstrates a cloud service providers adherence to key
liance (CSA) Security principles of transparency, auditing, and best practice security operations
Trust and Risk (STAR)
35. System and Organiza- Uses standards established by the American institute of Certified Public
tion Controls (SOC) Accountants (AICPA) to evaluate the policies, processes, and procedures
in place and designed to protect technology and financial operations.
36. ISO 27000 Series One of the most widely referenced and often discussed security models
• Framework for information security that states organizational security
